1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
|
Require Import Bool DecidableClass Algebra Ring PArith ROmega Omega.
Section Bool.
(* Boolean formulas and their evaluations *)
Inductive formula :=
| formula_var : positive -> formula
| formula_btm : formula
| formula_top : formula
| formula_cnj : formula -> formula -> formula
| formula_dsj : formula -> formula -> formula
| formula_neg : formula -> formula
| formula_xor : formula -> formula -> formula
| formula_ifb : formula -> formula -> formula -> formula.
Fixpoint formula_eval var f := match f with
| formula_var x => list_nth x var false
| formula_btm => false
| formula_top => true
| formula_cnj fl fr => (formula_eval var fl) && (formula_eval var fr)
| formula_dsj fl fr => (formula_eval var fl) || (formula_eval var fr)
| formula_neg f => negb (formula_eval var f)
| formula_xor fl fr => xorb (formula_eval var fl) (formula_eval var fr)
| formula_ifb fc fl fr =>
if formula_eval var fc then formula_eval var fl else formula_eval var fr
end.
End Bool.
(* Translation of formulas into polynomials *)
Section Translation.
(* This is straightforward. *)
Fixpoint poly_of_formula f := match f with
| formula_var x => Poly (Cst false) x (Cst true)
| formula_btm => Cst false
| formula_top => Cst true
| formula_cnj fl fr =>
let pl := poly_of_formula fl in
let pr := poly_of_formula fr in
poly_mul pl pr
| formula_dsj fl fr =>
let pl := poly_of_formula fl in
let pr := poly_of_formula fr in
poly_add (poly_add pl pr) (poly_mul pl pr)
| formula_neg f => poly_add (Cst true) (poly_of_formula f)
| formula_xor fl fr => poly_add (poly_of_formula fl) (poly_of_formula fr)
| formula_ifb fc fl fr =>
let pc := poly_of_formula fc in
let pl := poly_of_formula fl in
let pr := poly_of_formula fr in
poly_add pr (poly_add (poly_mul pc pl) (poly_mul pc pr))
end.
Opaque poly_add.
(* Compatibility of translation wrt evaluation *)
Lemma poly_of_formula_eval_compat : forall var f,
eval var (poly_of_formula f) = formula_eval var f.
Proof.
intros var f; induction f; simpl poly_of_formula; simpl formula_eval; auto.
now simpl; match goal with [ |- ?t = ?u ] => destruct u; reflexivity end.
rewrite poly_mul_compat, IHf1, IHf2; ring.
repeat rewrite poly_add_compat.
rewrite poly_mul_compat; try_rewrite.
now match goal with [ |- ?t = ?x || ?y ] => destruct x; destruct y; reflexivity end.
rewrite poly_add_compat; try_rewrite.
now match goal with [ |- ?t = negb ?x ] => destruct x; reflexivity end.
rewrite poly_add_compat; congruence.
rewrite ?poly_add_compat, ?poly_mul_compat; try_rewrite.
match goal with
[ |- ?t = if ?b1 then ?b2 else ?b3 ] => destruct b1; destruct b2; destruct b3; reflexivity
end.
Qed.
Hint Extern 5 => change 0 with (min 0 0).
Local Hint Resolve poly_add_valid_compat poly_mul_valid_compat.
Local Hint Constructors valid.
Hint Extern 5 => zify; omega.
(* Compatibility with validity *)
Lemma poly_of_formula_valid_compat : forall f, exists n, valid n (poly_of_formula f).
Proof.
intros f; induction f; simpl.
+ exists (Pos.succ p); constructor; intuition; inversion H.
+ exists 1%positive; auto.
+ exists 1%positive; auto.
+ destruct IHf1 as [n1 Hn1]; destruct IHf2 as [n2 Hn2]; exists (Pos.max n1 n2); auto.
+ destruct IHf1 as [n1 Hn1]; destruct IHf2 as [n2 Hn2]; exists (Pos.max (Pos.max n1 n2) (Pos.max n1 n2)); auto.
+ destruct IHf as [n Hn]; exists (Pos.max 1 n); auto.
+ destruct IHf1 as [n1 Hn1]; destruct IHf2 as [n2 Hn2]; exists (Pos.max n1 n2); auto.
+ destruct IHf1 as [n1 Hn1]; destruct IHf2 as [n2 Hn2]; destruct IHf3 as [n3 Hn3]; eexists; eauto.
Qed.
(* The soundness lemma ; alas not complete! *)
Lemma poly_of_formula_sound : forall fl fr var,
poly_of_formula fl = poly_of_formula fr -> formula_eval var fl = formula_eval var fr.
Proof.
intros fl fr var Heq.
repeat rewrite <- poly_of_formula_eval_compat.
rewrite Heq; reflexivity.
Qed.
End Translation.
Section Completeness.
(* Lemma reduce_poly_of_formula_simpl : forall fl fr var,
simpl_eval (var_of_list var) (reduce (poly_of_formula fl)) = simpl_eval (var_of_list var) (reduce (poly_of_formula fr)) ->
formula_eval var fl = formula_eval var fr.
Proof.
intros fl fr var Hrw.
do 2 rewrite <- poly_of_formula_eval_compat.
destruct (poly_of_formula_valid_compat fl) as [nl Hl].
destruct (poly_of_formula_valid_compat fr) as [nr Hr].
rewrite <- (reduce_eval_compat nl (poly_of_formula fl)); [|assumption].
rewrite <- (reduce_eval_compat nr (poly_of_formula fr)); [|assumption].
do 2 rewrite <- eval_simpl_eval_compat; assumption.
Qed. *)
(* Soundness of the method ; immediate *)
Lemma reduce_poly_of_formula_sound : forall fl fr var,
reduce (poly_of_formula fl) = reduce (poly_of_formula fr) ->
formula_eval var fl = formula_eval var fr.
Proof.
intros fl fr var Heq.
repeat rewrite <- poly_of_formula_eval_compat.
destruct (poly_of_formula_valid_compat fl) as [nl Hl].
destruct (poly_of_formula_valid_compat fr) as [nr Hr].
rewrite <- (reduce_eval_compat nl (poly_of_formula fl)); auto.
rewrite <- (reduce_eval_compat nr (poly_of_formula fr)); auto.
rewrite Heq; reflexivity.
Qed.
Definition make_last {A} n (x def : A) :=
Pos.peano_rect (fun _ => list A)
(cons x nil)
(fun _ F => cons def F) n.
(* Replace the nth element of a list *)
Fixpoint list_replace l n b :=
match l with
| nil => make_last n b false
| cons a l =>
Pos.peano_rect _
(cons b l) (fun n _ => cons a (list_replace l n b)) n
end.
(** Extract a non-null witness from a polynomial *)
Existing Instance Decidable_null.
Fixpoint boolean_witness p :=
match p with
| Cst c => nil
| Poly p i q =>
if decide (null p) then
let var := boolean_witness q in
list_replace var i true
else
let var := boolean_witness p in
list_replace var i false
end.
Lemma list_nth_base : forall A (def : A) l,
list_nth 1 l def = match l with nil => def | cons x _ => x end.
Proof.
intros A def l; unfold list_nth.
rewrite Pos.peano_rect_base; reflexivity.
Qed.
Lemma list_nth_succ : forall A n (def : A) l,
list_nth (Pos.succ n) l def =
match l with nil => def | cons _ l => list_nth n l def end.
Proof.
intros A def l; unfold list_nth.
rewrite Pos.peano_rect_succ; reflexivity.
Qed.
Lemma list_nth_nil : forall A n (def : A),
list_nth n nil def = def.
Proof.
intros A n def; induction n using Pos.peano_rect.
+ rewrite list_nth_base; reflexivity.
+ rewrite list_nth_succ; reflexivity.
Qed.
Lemma make_last_nth_1 : forall A n i x def, i <> n ->
list_nth i (@make_last A n x def) def = def.
Proof.
intros A n; induction n using Pos.peano_rect; intros i x def Hd;
unfold make_last; simpl.
+ induction i using Pos.peano_case; [elim Hd; reflexivity|].
rewrite list_nth_succ, list_nth_nil; reflexivity.
+ unfold make_last; rewrite Pos.peano_rect_succ; fold (make_last n x def).
induction i using Pos.peano_case.
- rewrite list_nth_base; reflexivity.
- rewrite list_nth_succ; apply IHn; zify; omega.
Qed.
Lemma make_last_nth_2 : forall A n x def, list_nth n (@make_last A n x def) def = x.
Proof.
intros A n; induction n using Pos.peano_rect; intros x def; simpl.
+ reflexivity.
+ unfold make_last; rewrite Pos.peano_rect_succ; fold (make_last n x def).
rewrite list_nth_succ; auto.
Qed.
Lemma list_replace_nth_1 : forall var i j x, i <> j ->
list_nth i (list_replace var j x) false = list_nth i var false.
Proof.
intros var; induction var; intros i j x Hd; simpl.
+ rewrite make_last_nth_1, list_nth_nil; auto.
+ induction j using Pos.peano_rect.
- rewrite Pos.peano_rect_base.
induction i using Pos.peano_rect; [now elim Hd; auto|].
rewrite 2list_nth_succ; reflexivity.
- rewrite Pos.peano_rect_succ.
induction i using Pos.peano_rect.
{ rewrite 2list_nth_base; reflexivity. }
{ rewrite 2list_nth_succ; apply IHvar; zify; omega. }
Qed.
Lemma list_replace_nth_2 : forall var i x, list_nth i (list_replace var i x) false = x.
Proof.
intros var; induction var; intros i x; simpl.
+ now apply make_last_nth_2.
+ induction i using Pos.peano_rect.
- rewrite Pos.peano_rect_base, list_nth_base; reflexivity.
- rewrite Pos.peano_rect_succ, list_nth_succ; auto.
Qed.
(* The witness is correct only if the polynomial is linear *)
Lemma boolean_witness_nonzero : forall k p, linear k p -> ~ null p ->
eval (boolean_witness p) p = true.
Proof.
intros k p Hl Hp; induction Hl; simpl.
destruct c; [reflexivity|elim Hp; now constructor].
case_decide.
rewrite eval_null_zero; [|assumption]; rewrite list_replace_nth_2; simpl.
match goal with [ |- (if ?b then true else false) = true ] =>
assert (Hrw : b = true); [|rewrite Hrw; reflexivity]
end.
erewrite eval_suffix_compat; [now eauto| |now apply linear_valid_incl; eauto].
now intros j Hd; apply list_replace_nth_1; zify; omega.
rewrite list_replace_nth_2, xorb_false_r.
erewrite eval_suffix_compat; [now eauto| |now apply linear_valid_incl; eauto].
now intros j Hd; apply list_replace_nth_1; zify; omega.
Qed.
(* This should be better when using the [vm_compute] tactic instead of plain reflexivity. *)
Lemma reduce_poly_of_formula_sound_alt : forall var fl fr,
reduce (poly_add (poly_of_formula fl) (poly_of_formula fr)) = Cst false ->
formula_eval var fl = formula_eval var fr.
Proof.
intros var fl fr Heq.
repeat rewrite <- poly_of_formula_eval_compat.
destruct (poly_of_formula_valid_compat fl) as [nl Hl].
destruct (poly_of_formula_valid_compat fr) as [nr Hr].
rewrite <- (reduce_eval_compat nl (poly_of_formula fl)); auto.
rewrite <- (reduce_eval_compat nr (poly_of_formula fr)); auto.
rewrite <- xorb_false_l; change false with (eval var (Cst false)).
rewrite <- poly_add_compat, <- Heq.
repeat rewrite poly_add_compat.
rewrite (reduce_eval_compat nl); [|assumption].
rewrite (reduce_eval_compat (Pos.max nl nr)); [|apply poly_add_valid_compat; assumption].
rewrite (reduce_eval_compat nr); [|assumption].
rewrite poly_add_compat; ring.
Qed.
(* The completeness lemma *)
(* Lemma reduce_poly_of_formula_complete : forall fl fr,
reduce (poly_of_formula fl) <> reduce (poly_of_formula fr) ->
{var | formula_eval var fl <> formula_eval var fr}.
Proof.
intros fl fr H.
pose (p := poly_add (reduce (poly_of_formula fl)) (poly_opp (reduce (poly_of_formula fr)))).
pose (var := boolean_witness p).
exists var.
intros Hc; apply (f_equal Z_of_bool) in Hc.
assert (Hfl : linear 0 (reduce (poly_of_formula fl))).
now destruct (poly_of_formula_valid_compat fl) as [n Hn]; apply (linear_le_compat n); [|now auto]; apply linear_reduce; auto.
assert (Hfr : linear 0 (reduce (poly_of_formula fr))).
now destruct (poly_of_formula_valid_compat fr) as [n Hn]; apply (linear_le_compat n); [|now auto]; apply linear_reduce; auto.
repeat rewrite <- poly_of_formula_eval_compat in Hc.
define (decide (null p)) b Hb; destruct b; tac_decide.
now elim H; apply (null_sub_implies_eq 0 0); fold p; auto;
apply linear_valid_incl; auto.
elim (boolean_witness_nonzero 0 p); auto.
unfold p; rewrite <- (min_id 0); apply poly_add_linear_compat; try apply poly_opp_linear_compat; now auto.
unfold p at 2; rewrite poly_add_compat, poly_opp_compat.
destruct (poly_of_formula_valid_compat fl) as [nl Hnl].
destruct (poly_of_formula_valid_compat fr) as [nr Hnr].
repeat erewrite reduce_eval_compat; eauto.
fold var; rewrite Hc; ring.
Defined. *)
End Completeness.
(* Reification tactics *)
(* For reflexivity purposes, that would better be transparent *)
Global Transparent decide poly_add.
(* Ltac append_var x l k :=
match l with
| nil => constr: (k, cons x l)
| cons x _ => constr: (k, l)
| cons ?y ?l =>
let ans := append_var x l (S k) in
match ans with (?k, ?l) => constr: (k, cons y l) end
end.
Ltac build_formula t l :=
match t with
| true => constr: (formula_top, l)
| false => constr: (formula_btm, l)
| ?fl && ?fr =>
match build_formula fl l with (?tl, ?l) =>
match build_formula fr l with (?tr, ?l) =>
constr: (formula_cnj tl tr, l)
end
end
| ?fl || ?fr =>
match build_formula fl l with (?tl, ?l) =>
match build_formula fr l with (?tr, ?l) =>
constr: (formula_dsj tl tr, l)
end
end
| negb ?f =>
match build_formula f l with (?t, ?l) =>
constr: (formula_neg t, l)
end
| _ =>
let ans := append_var t l 0 in
match ans with (?k, ?l) => constr: (formula_var k, l) end
end.
(* Extract a counterexample from a polynomial and display it *)
Ltac counterexample p l :=
let var := constr: (boolean_witness p) in
let var := eval vm_compute in var in
let rec print l vl :=
match l with
| nil => idtac
| cons ?x ?l =>
match vl with
| nil =>
idtac x ":=" "false"; print l (@nil bool)
| cons ?v ?vl =>
idtac x ":=" v; print l vl
end
end
in
idtac "Counter-example:"; print l var.
Ltac btauto_reify :=
lazymatch goal with
| [ |- @eq bool ?t ?u ] =>
lazymatch build_formula t (@nil bool) with
| (?fl, ?l) =>
lazymatch build_formula u l with
| (?fr, ?l) =>
change (formula_eval l fl = formula_eval l fr)
end
end
| _ => fail "Cannot recognize a boolean equality"
end.
(* The long-awaited tactic *)
Ltac btauto :=
lazymatch goal with
| [ |- @eq bool ?t ?u ] =>
lazymatch build_formula t (@nil bool) with
| (?fl, ?l) =>
lazymatch build_formula u l with
| (?fr, ?l) =>
change (formula_eval l fl = formula_eval l fr);
apply reduce_poly_of_formula_sound_alt;
vm_compute; (reflexivity || fail "Not a tautology")
end
end
| _ => fail "Cannot recognize a boolean equality"
end. *)
|