90% sec1

thomas-lamiaux · thomas-lamiaux · commit a98f2c51bc2e · 2025-05-01T05:22:37.000+02:00
diff --git a/src/How_to_Ltac2_contradiction.v b/src/How_to_Ltac2_contradiction.v
@@ -1,4 +1,4 @@
-(** * How to write a tactic Contracition with Ltac2
+(** * How to write a tactic Contradiction with Ltac2
 
   *** Authors
   - Thomas Lamiaux
@@ -49,101 +49,184 @@ If [contradiction] takes an argument [t] then, the type of [t] must either be:
 *)
 
 
+(* Let us start by writing a simplified first version without checking if
+the types are empty or are singleton types.
+This already require matching over goals and quoting. *)
+
 (** ** 1.  Step 1:
 
-    *** 1.1 A simplified version
+    *** 1.1 Matching the Goal
 
-    Let us start by writing a simplified first version without checking if
-    the types are empty or are singleton types.
-    This already require matching over goals and quoting.
+    To look up for a pair of hypotheses [P] and [~P], we need to match the goal.
+    There are three commands to match the goal that have different behaviour in
+    regarding backtracking. The first step is to understand which one we want to use.
 
+  - [lazy_match! goal with] that picks a branch, and stick to it.
+    It will not backtrack to pick another branch if this choice leads to a failure.
+    For instance, here, it picks the first branch which fails, hence fail.
 *)
 
-(* Ltac2 err_contradiction : exn :=
-    Tactic_failure (Some (fprintf "There are no hypothesis solvable by contradiction")). *)
+Goal False.
+  Fail lazy_match! goal with
+  | [ |- _ ] => printf "branch 1"; fail
+  | [ |- _ ] => printf "branch 2"
+  | [ |- _ ] => printf "branch 3"
+  end.
+Abort.
 
-(** To look up for a pair of hypotheses [P] and [~P], we match the goal using
-    [lazy_match! goal with].
-    The patterns are of the form [ [name_hyp1 : type, ..., name_hyp1 : type,] ]
+(** - [match! goal with] that picks the first branch that succeeds.
+      In the example, the first branch fails, it hence backtrack to its choice,
+      pick the second which this time succeeds
+*)
 
-    The name of all the variables and meta-variables must start for a small cap.
-    To match for [P] and [~P], we hence use the pattern [p : ?t, np : ~(?t)].
-    This provides us the ? of the hypotheses [p : ident] and [q : ident],
-    and with the type [t : constr].
+Goal False.
+  match! goal with
+  | [ |- _ ] => printf "branch 1"; fail
+  | [ |- _ ] => printf "branch 2"
+  | [ |- _ ] => printf "branch 3"
+  end.
+Abort.
+
+(** - [multi_match! goal with] which is more complex and subtile.
+      It picks the first branch that makes the whole tactic to succeed,
+      and not just the [match!] like [match!] does.
+      In another word, if it choose a branch that succeeds, but this leads to
+      a subsequent failure when composed with another tactic [; tac],
+      then it backtracks to pick the next branch that succeeds.
+      This until either [tac] succeeds, or all the branches have been tried in
+      which cas it fails.
+
+      To understand this better, consider the example below.
+      [multi_match!] picks the first branch that succeeds, here the second one,
+      and prints "branch 2".
+      This choice is combined with [fail] that leads to a failure.
+      It hence backtrack and picks to the next branch, and prints "branch 3".
+      This lead again to a failure, and hence backtracks.
+      There is no branches left, and hence fail.
+*)
 
-  [[
-    lazy_match! goal with
-    | [ p : ?t, q : ~(?t) |- _ ] => ???
-    | [ |- _ ] => Control.zero (Tactic_failure (Some (fprintf "There are no hypothesis solvable by contradiction")))
-    end.
-  ]]
+Goal False.
+  Fail multi_match! goal with
+  | [ |- _ ] => printf "branch 1"; fail
+  | [ |- _ ] => printf "branch 2"
+  | [ |- _ ] => printf "branch 3"
+  end;
+  fail.
+Abort.
+
+(** [lazy_match!] is the easiest command to use and to understand, as there is no
+    backtracking involved whatsoever. It is sufficient for all applications
+    where the matching choice is deterministic.
+
+    [match!] is useful as soon as matching the syntax is not enough,
+    and we need additional tests to see if we picked the good branch.
+
+    [multi_match!] can be interresting but it can be hard to predict and should
+    only be used by people that understand what is going on.
+    We have no use for it here.
+*)
 
-    To prove the goal, we want to apply [destruct [np p]].
-    This is not directly possible as [np] and [p] are idents, and not terms.
-    Consequently, what we want is to apply the term that [np] refers to
-    the the term that [p] refers to.
 
-    To get the term associated to the ident, we first use [Control.hyp : ident -> constr]
-    to get a Ltac2 ??? out of an ident. We then use [$] to go back to a Rocq term.
-    This provide us with the script:
 
-  [[
-    let p := Control.hyp p in
-    let q := Control.hyp q in
-    exact (False_rect _ ($q $p))
-  ]]
 
-  Putting it all together, this give us the following Ltac2 term:
+(**
+
+    To match the goal, all commands use patterns of form:
+
+      [[ [name_hyp1 : type_1, ..., name_hyp1 : type_k] |- to_prove  => ... ]]
+
+    The name of all the variables and meta-variables must start for a small cap.
+
+    To match for [P] and [~P], we hence use the pattern [p : ?t, np : ~(?t)].
+    This provides us the ? of the hypotheses [p : ident] and [q : ident], and
+    with the type [t : constr].
 *)
 
-Goal forall (P : Prop), P -> ~P -> 0 = 1.
+Goal forall P, P -> ~P -> False.
   intros.
   lazy_match! goal with
-  | [ p : ?t, np : ~(?t) |- _ ] =>
-        let p := Control.hyp p in
-        let np := Control.hyp np in
-        exact (False_rect _ ($np $p))
-  | [ |- _ ] => Control.zero (Tactic_failure (Some (fprintf "There are no hypothesis solvable by contradiction")))
+  | [p : ?t, np : ~(?t) |- _ ] => printf "Matching Worked!";
+                                  printf "The names of the hypotheses are %I, %I " p np
+  | [ |- _ ] => fail
   end.
+Abort.
 
 (** There are two subtilities to understand here about.
 
     1. Matching is syntactic. This means that [P -> False] will not be matched
        by the pattern [~ P], even though [~P] is convertible to [P -> False].
 *)
 
-Goal forall (P : Prop), P -> (P -> False) -> 0 = 1.
+Goal forall P, P -> (P -> False) -> False.
   intros.
   Fail lazy_match! goal with
+  | [p : ?t, np : ~(?t) |- _ ] => printf "Matching Worked!";
+                                  printf "The names of the hypotheses are %I, %I " p np
+  | [ |- _ ] => fail
+  end.
+Abort.
+
+(** 2. However, matching for meta-variables is up to conversion.
+       This can be seen by adding a trivial expension around [P]:
+*)
+
+Goal forall (P : Prop), P -> (~((fun _ => P) 0)) -> 0 = 1.
+  intros.
+  lazy_match! goal with
   | [ p : ?t, np : ~(?t) |- _ ] =>
         let p := Control.hyp p in
         let np := Control.hyp np in
         exact (False_rect _ ($np $p))
   | [ |- _ ] => Control.zero (Tactic_failure (Some (fprintf "There are no hypothesis solvable by contradiction")))
   end.
+Qed.
 
-(** 2. However, matching for meta-variables is up to conversion.
-       This can be seen by adding a trivial expension around [P]:
+(** *** 1.2 Quoting
+
+    To prove the goal, we want to apply [destruct [np p]]. This is not directly
+    possible as [np] and [p] are idents, they are not terms.
+
+    Consequently, what we want is to apply the term that [np] refers to the term
+    that [p] refers to.
+
+    To get the term associated to the ident, we first use [Control.hyp : ident
+    -> constr] to get a Ltac2 ??? out of an ident. We then use [$] to go back to
+    a Rocq term. This provide us with the script:
+
+  [[
+    let p := Control.hyp p in let q := Control.hyp q in exact (False_rect _ ($q
+    $p))
+  ]]
+
+  Putting it all together, this give us the following Ltac2 term:
 *)
 
-Goal forall (P : Prop), P -> (~((fun _ => P) 0)) -> 0 = 1.
+Goal forall (P : Prop), P -> ~P -> 0 = 1.
   intros.
   lazy_match! goal with
   | [ p : ?t, np : ~(?t) |- _ ] =>
         let p := Control.hyp p in
         let np := Control.hyp np in
         exact (False_rect _ ($np $p))
-  | [ |- _ ] => Control.zero (Tactic_failure (Some (fprintf "There are no hypothesis solvable by contradiction")))
+  | [ |- _ ] => fail
   end.
+Abort.
+
+(** 1.3 Error Messages  *)
+
+(** 1.4 Putting it all together *)
 
 (** The two other cases proceed similarly. We use:
     - [match! goal] to find the hypothesis,
     - [Control.hyp] and [$] to use the rocq term associated to the hypotheses.
 
-    In the first case, we use [ltac2:(tac)] to build a term using the tactic [constructor].
-    Note, that here, we really need to use [match] as in the absence of a check to ensure
-    [t] can be proven by [constructor 1], it may fail.
-    In which, case we want to backtrack to try the next hypothesis of the form [~t].
+    The only key difference is that for the last two cases the syntaxtic
+    match is not enough on its own to select the good hypothesis.
+    Indeed, there is no reason why matching [~(t)] would imply that [t] is a
+    singleton type, which can be proven by [constructor 1].
+    It could very well be a function type, like [~(nat -> False)].
+    Consequently, we must use [match!] rather than [lazy_match!] as
+    if the wrong [~t] is picked, we want to backtrack to try the next one.
 *)
 
 Goal ~(0 = 0) -> 0 = 1.
@@ -152,26 +235,25 @@ Goal ~(0 = 0) -> 0 = 1.
   | [ np : ~(_) |- _] =>
         let np := Control.hyp np in
         exact (False_rect _ ($np ltac2:(constructor 1)))
-  | [ |- _ ] => Control.zero (Tactic_failure (Some (fprintf "There are no hypothesis solvable by contradiction")))
+  | [ |- _ ] => fail
   end.
 Qed.
 
-(** In the second case, in the absence of a test to check if [t] is an empty type,
-    [destruct $p] could succeed without solving the goal, for instance for [t := nat].
-    We hence, link [destruct $p] with [fail] to ensure the goal is solved,
-    as if they are any remaining goal after [destruct $p], [fail] wil [fail].
-*)
-
 Goal False -> 0 = 1.
   intros.
   match! goal with
   | [ p : _ |- _] =>
         let p := Control.hyp p in
         destruct $p; fail
-  | [ |- _ ] => Control.zero (Tactic_failure (Some (fprintf "There are no hypothesis solvable by contradiction")))
+  | [ |- _ ] => fail
   end.
+Qed.
 
-(** Putting this altogether, this gives us the following tactic  *)
+(** To put it together, we must pick the match goal that backtracks the more.
+    As we have used [lazy_match!] and [match!], we must hence pick [match!].
+    This is gives us the following tactic. Let us not forget the thunk as otherwise
+    the script would  be excuted immediately, which is clearly not what we want.
+*)
 
 Ltac2 contradiction_empty_v1_ : unit -> unit :=
   fun () =>
@@ -182,17 +264,17 @@ Ltac2 contradiction_empty_v1_ : unit -> unit :=
         exact (False_rect _ ($np $p))
   | [ np : ~(_) |- _] =>
         let np := Control.hyp np in
-        exact (False_rect _ ($np ltac:(constructor)))
+        exact (False_rect _ ($np ltac:(constructor 1)))
   | [ p : _ |- _ ] =>
         let p := Control.hyp p in
         destruct $p; fail
-  | [ |- _] => let err_message := fprintf "No hypothesis is an obvious contradiction" in
-               Control.zero (Tactic_failure (Some err_message))
+  | [ |- _] => fail
   end.
 
-(** We can now define an abreviation for it and try it out *)
+(** Finally, we can define an abreviation for it to try it out *)
 
-Ltac2 Notation contradiction_empty_v1 := intros; contradiction_empty_v1_ ().
+Ltac2 Notation contradiction_empty_v1 :=
+  intros; contradiction_empty_v1_ ().
 
 Goal (1 = 0) -> ~(1 = 0) -> 0 = 1.
   contradiction_empty_v1.
