f9dc77673b
This PR lets recursive functions defined by well-founded recursion use a different `fix` function when the termination measure is of type `Nat`. This fix-point operator use structural recursion on “fuel”, initialized by the given measure, and is thus reasonable to reduce, e.g. in `by decide` proofs. Extra provisions are in place that the fixpoint operator only starts reducing when the fuel is fully known, to prevent “accidential” defeqs when the remaining fuel for the recursive calls match the initial fuel for that recursive argument. To opt-out, the idiom `termination_by (n,0)` can be used. We still use `@[irreducible]` as the default for such recursive definitions, to avoid unexpected `defeq` lemmas. Making these functions `@[semireducible]` by default showed performance regressions in lean. When the measure is of type `Nat`, the system will accept an explicit `@[semireducible]` without the usual warning. Fixes #5234. Fixes: #11181.
79 lines
2.3 KiB
Text
79 lines
2.3 KiB
Text
set_option linter.unusedVariables false
|
||
|
||
-- works
|
||
|
||
def g' (T : Type) (ls : List T) : (Option (List T)) :=
|
||
match ls with
|
||
| _::tl =>
|
||
let res := Option.attach (g' T tl)
|
||
res.bind fun x => x.val
|
||
| [] => .none
|
||
|
||
-- doesn't
|
||
|
||
/--
|
||
error: fail to show termination for
|
||
g''
|
||
with errors
|
||
failed to infer structural recursion:
|
||
Not considering parameter T of g'':
|
||
its type is not an inductive
|
||
Not considering parameter ls of g'':
|
||
its type is an inductive datatype
|
||
List T
|
||
and the datatype parameter
|
||
T
|
||
depends on the function parameter
|
||
T
|
||
which is not fixed.
|
||
no parameters suitable for structural recursion
|
||
|
||
failed to prove termination, possible solutions:
|
||
- Use `have`-expressions to prove the remaining goals
|
||
- Use `termination_by` to specify a different well-founded relation
|
||
- Use `decreasing_by` to specify your own tactic for discharging this kind of goal
|
||
T✝ : Type
|
||
head✝ : T✝
|
||
tl : List T✝
|
||
x✝ :
|
||
(y : (T : Type) ×' List T) →
|
||
InvImage (fun x1 x2 => x1 < x2) (fun x => PSigma.casesOn x fun T ls => sizeOf ls) y ⟨T✝, head✝ :: tl⟩ →
|
||
Option (List y.1)
|
||
res : Option { x // x✝ ⟨T✝, tl⟩ ⋯ = some x } := (x✝ ⟨T✝, tl⟩ ⋯).attach
|
||
T : Type
|
||
ls : List T
|
||
⊢ sizeOf ls < 1 + sizeOf tl
|
||
-/
|
||
#guard_msgs in
|
||
def g'' (T : Type) (ls : List T) : (Option (List T)) :=
|
||
match ls with
|
||
| _::tl =>
|
||
let res := Option.attach (g'' T tl)
|
||
res.bind fun ⟨x,h⟩ => x
|
||
| [] => .none
|
||
|
||
/--
|
||
error: failed to prove termination, possible solutions:
|
||
- Use `have`-expressions to prove the remaining goals
|
||
- Use `termination_by` to specify a different well-founded relation
|
||
- Use `decreasing_by` to specify your own tactic for discharging this kind of goal
|
||
T✝ : Type
|
||
head✝ : T✝
|
||
tl : List T✝
|
||
x✝ :
|
||
(y : (T : Type) ×' List T) →
|
||
InvImage (fun x1 x2 => x1 < x2) (fun x => PSigma.casesOn x fun T ls => sizeOf ls) y ⟨T✝, head✝ :: tl⟩ →
|
||
Option (List y.1)
|
||
res : Option { x // x✝ ⟨T✝, tl⟩ ⋯ = some x } := (x✝ ⟨T✝, tl⟩ ⋯).attach
|
||
T : Type
|
||
ls : List T
|
||
⊢ sizeOf ls < 1 + sizeOf tl
|
||
-/
|
||
#guard_msgs in
|
||
def g''' (T : Type) (ls : List T) : (Option (List T)) :=
|
||
match ls with
|
||
| _::tl =>
|
||
let res := Option.attach (g''' T tl)
|
||
res.bind fun ⟨x,h⟩ => x
|
||
| [] => .none
|
||
termination_by sizeOf ls
|