/
Kleene.v
345 lines (306 loc) · 8.7 KB
/
Kleene.v
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
(********************************************************)
(********************************************************)
(**** ****)
(**** A proof of the Kleene fixed-point theorem. ****)
(**** ****)
(********************************************************)
(********************************************************)
Require Import Nat.
Require Import Omega.
(***************)
(* Definitions *)
(***************)
(*
Assumption: Let (T, leq) be a partially ordered set, or poset. A poset is
a set with a binary relation which is reflexive, transitive, and
antisymmetric.
*)
Parameter T : Set.
Parameter leq : T -> T -> Prop.
Axiom refl : forall x, leq x x.
Axiom trans : forall x y z, leq x y -> leq y z -> leq x z.
Axiom antisym : forall x y, leq x y -> leq y x -> x = y.
(*
A supremum of a subset of T is a least element of T which is greater than
or equal to every element in the subset. This is also called a join or least
upper bound.
*)
Definition supremum P x1 :=
(forall x2, P x2 -> leq x2 x1) /\
forall x3, (forall x2, P x2 -> leq x2 x3) -> leq x1 x3.
(*
A directed subset of T is a non-empty subset of T such that any two elements
in the subset have an upper bound in the subset.
*)
Definition directed P :=
(exists x1, P x1) /\
forall x1 x2, P x1 -> P x2 -> exists x3, leq x1 x3 /\ leq x2 x3 /\ P x3.
(*
Assumption: Let the partial order be directed-complete. That means every
directed subset has a supremum.
*)
Axiom directedComplete :
forall P,
directed P ->
exists x, supremum P x.
(*
Assumption: Let T have a least element called bottom. This makes our partial
order a pointed directed-complete partial order.
*)
Parameter bottom : T.
Axiom bottomLeast : forall x, leq bottom x.
(*
A monotone function is one which preserves order. We only need to consider
functions for which the domain and codomain are identical and have the same
order relation, but this need not be the case for monotone functions in
general.
*)
Definition monotone f := forall x1 x2, leq x1 x2 -> leq (f x1) (f x2).
(*
A function is Scott-continuous if it preserves suprema of directed subsets.
We only need to consider functions for which the domain and codomain are
identical and have the same order relation, but this need not be the case for
continuous functions in general.
*)
Definition continuous (f : T -> T) :=
forall P x1,
directed P ->
supremum P x1 ->
supremum (fun x2 => exists x3, P x3 /\ x2 = f x3) (f x1).
(* This function performs iterated application of a function to bottom. *)
Fixpoint approx f n :=
match n with
| 0 => bottom
| S n => f (approx f n)
end.
(*******************)
(* Helpful tactics *)
(*******************)
(*
This tactic is useful if you have a hypothesis H : P -> Q and you want to use
Q. You can just write `feed H`. A new proof obligation for P will be
generated, and then the hypothesis will be specialized to H : Q.
*)
Ltac feed H1 := let H2 := fresh "H" in
match type of H1 with
| ?T -> _ => assert (H2 : T); [ | specialize (H1 H2); clear H2 ]
end.
(*
This tactic takes a given term and adds its type to the context as a new
hypothesis.
*)
Ltac fact E := let H := fresh "H" in pose (H := E); clearbody H.
(******************)
(* Helpful lemmas *)
(******************)
(* We will need this simple lemma about pairs of natural numbers. *)
Lemma natDiff : forall n1 n2, exists n3, n1 = add n2 n3 \/ n2 = add n1 n3.
Proof.
induction n1; intros.
- exists n2; right; auto.
- specialize (IHn1 n2); destruct IHn1; destruct H.
+ exists (S x); left; rewrite H; omega.
+ destruct x.
* exists 1; left; omega.
* exists x; right; rewrite H; omega.
Qed.
(* The supremum of a subset of T, if it exists, is unique. *)
Lemma supremumUniqueness :
forall P x1 x2,
supremum P x1 ->
supremum P x2 ->
x1 = x2.
Proof.
intros.
unfold supremum in H; destruct H.
unfold supremum in H0; destruct H0.
apply H1 in H0.
apply H2 in H.
apply antisym; auto.
Qed.
(* Scott-continuity implies monotonicity. *)
Lemma continuousImpliesMonotone : forall f, continuous f -> monotone f.
Proof.
unfold continuous.
unfold monotone.
intros.
specialize (H (fun x => x = x1 \/ x = x2) x2).
feed H.
- unfold directed.
split.
+ exists x1; auto.
+ intros.
destruct H1; rewrite H1; exists x2; split; [ auto | | try apply refl | ].
* {
destruct H2; rewrite H2.
- auto.
- split.
+ apply refl.
+ right; auto.
}
* {
split.
- destruct H2; rewrite H2.
+ auto.
+ apply refl.
- right; auto.
}
- feed H.
+ unfold supremum.
split.
* {
intros.
destruct H1; rewrite H1; auto || apply refl.
}
* {
intros.
specialize (H1 x2).
feed H1; auto.
}
+ unfold supremum in H.
destruct H.
specialize (H (f x1)).
feed H.
* exists x1; auto.
* auto.
Qed.
(*
Iterated applications of a monotone function f to bottom form an ω-chain,
which means they are a totally ordered subset of T. This ω-chain is called
the ascending Kleene chain of f.
*)
Lemma omegaChain :
forall f n m,
monotone f ->
leq (approx f n) (approx f m) \/ leq (approx f m) (approx f n).
Proof.
intros.
fact (natDiff n m).
destruct H0; destruct H0.
- right.
rewrite H0; clear H0.
generalize x.
induction m; intros.
+ cbn; apply bottomLeast.
+ specialize (IHm x0); apply H in IHm.
cbn; auto.
- left.
rewrite H0; clear H0.
generalize x.
induction n; intros.
+ cbn; apply bottomLeast.
+ specialize (IHn x0); apply H in IHn.
cbn; auto.
Qed.
(* The ascending Kleene chain of f is directed. *)
Lemma kleeneChainDirected :
forall f,
monotone f ->
directed (fun x2 => exists n, x2 = approx f n).
Proof.
intros.
set (P := fun x2 : T => exists n : nat, x2 = approx f n).
unfold directed.
split.
- exists bottom; unfold P; exists 0; auto.
- intros.
unfold P in H0; destruct H0.
unfold P in H1; destruct H1.
fact (omegaChain f x x0 H).
destruct H2.
+ exists x2.
split.
* rewrite H0; rewrite H1; auto.
* {
split.
- apply refl.
- unfold P.
exists x0; auto.
}
+ exists x1.
split.
* apply refl.
* {
split.
- rewrite H0; rewrite H1; auto.
- unfold P.
exists x; auto.
}
Qed.
(**********************************)
(* The Kleene fixed-point theorem *)
(**********************************)
(*
The Kleene fixed-point theorem states that the least fixed-point of a Scott-
continuous function over a pointed directed-complete partial order exists and
is the supremum of the ascending Kleene chain.
*)
Theorem kleene :
forall f,
continuous f ->
exists x1,
supremum (fun x2 => exists n, x2 = approx f n) x1 /\
f x1 = x1 /\
(forall x2, f x2 = x2 -> leq x1 x2).
Proof.
intros.
set (P := fun x2 : T => exists n : nat, x2 = approx f n).
assert (directed P).
- apply kleeneChainDirected; apply continuousImpliesMonotone in H; auto.
- fact (directedComplete P H0); destruct H1.
exists x.
split; auto.
split.
+ unfold continuous in H.
specialize (H P x H0 H1).
set (Q := fun x2 : T => exists x3 : T, P x3 /\ x2 = f x3) in H.
assert (supremum P (f x)).
* {
unfold supremum.
split; intros.
- unfold supremum in H; destruct H.
unfold P in H2; destruct H2.
destruct x0.
+ cbn in H2; rewrite H2; apply bottomLeast.
+ assert (Q x2).
* {
unfold Q.
exists (approx f x0).
split.
- unfold P.
exists x0; auto.
- cbn in H2; auto.
}
* apply H; auto.
- unfold supremum in H; destruct H.
apply H3.
intros.
apply H2.
unfold P.
unfold Q in H4; destruct H4; destruct H4.
unfold P in H4; destruct H4.
rewrite H4 in H5.
exists (S x1).
cbn; auto.
}
* apply (supremumUniqueness P); auto.
+ intros.
assert (forall x3, P x3 -> leq x3 x2).
* {
intros.
unfold P in H3; destruct H3.
generalize dependent x3.
induction x0; intros.
- cbn in H3; rewrite H3; apply bottomLeast.
- specialize (IHx0 (approx f x0)); feed IHx0; auto.
rewrite H3; clear H3.
cbn.
rewrite <- H2.
fact (continuousImpliesMonotone f H).
apply H3; auto.
}
* {
unfold supremum in H1; destruct H1.
apply H4; auto.
}
Qed.