feat: add simple co-inductive predicates

[Equilibris]

Add basic implementation of co-inductive predicates using cofix points expressed as existential quantifications. This is done by first generating a Shape inductive datatype then quantifying over this. For example, if this were to be hand implemented in the context of a bisimulation it looks something like this:

import Matlib.Data.Set.Basic

structure FSM where
  S : Type
  d : S -> Set S
  A : Set S

def IsBisim (fsm : FSM) (R : fsm.S → fsm.S → Prop) : Prop :=
  ∀ s t, R s t →
    (s ∈ fsm.A ↔ t ∈ fsm.A)
    ∧ (∀ s' ∈ fsm.d s, ∃ t' ∈ fsm.d t, R s' t')
    ∧ (∀ t' ∈ fsm.d t, ∃ s' ∈ fsm.d s, R s' t')

def Bisim (fsm : FSM) : fsm.S → fsm.S → Prop :=
  fun s t => ∃ R, IsBisim fsm R ∧ R s t

(example by @alexkeizer )

This is writable if hard, rather, a new syntax is added in this PR that looks like the following:

coinductive Bisim (fsm : FSM) : fsm.S → fsm.S → Prop
  | step {s t : fsm.S} :
    (s ∈ fsm.A ↔ t ∈ fsm.A)
    → (∀ s' ∈ fsm.d s, ∃ t' ∈ fsm.d t, Bisim fsm s' t')
    → (∀ t' ∈ fsm.d t, ∃ s' ∈ fsm.d s, Bisim fsm s' t')
    → Bisim fsm s t

An example of what this yields is generated in the test coindBisim.lean.

Currently, this does only hold for co-inductive predicates (i.e. the ones that reside in Prop).

The generation of shape types is done by taking the original written syntax and simply adding another parameter with the name and signature of the entire expression. In the case of Bisim this shape looks like this:

inductive Bisim.Shape (fsm : FSM) (Bisim : (fsm : FSM) → fsm.S → fsm.S → Prop) : fsm.S → fsm.S → Prop
  | step {s t : fsm.S} :
    (s ∈ fsm.A ↔ t ∈ fsm.A)
    → (∀ s' ∈ fsm.d s, ∃ t' ∈ fsm.d t, Bisim fsm s' t')
    → (∀ t' ∈ fsm.d t, ∃ s' ∈ fsm.d s, Bisim fsm s' t')
    → Bisim.Shape fsm Bisim s t

The fixed point is then found with the same means as listed above.

---

TODOs:

• Tests
  • Base tests
  • Mutual tests
• Mutual coinductives
  • These could be added by allowing the type to contain multiple parameters as inputs which are then quantified over separately in the code
• toBinderViews alternatives
• Alternative to how quoting bracketed binders works currently
• Fixing imports

[tobiasgrosser]

Suggested change

/- #check Lean.Elab.Binders.to -/

[tobiasgrosser]

Suggested change

	we can safely coerce syntax of these categories -/
	instance : Coe (TSyntax ``bb) (TSyntax ``bracketedBinder) where coe x := ⟨x.raw⟩
	we can safely coerce syntax of these categories. -/
	instance : Coe (TSyntax ``bb) (TSyntax ``bracketedBinder) where coe x := ⟨x.raw⟩

[alexkeizer]

Mutual coinductives
These could be added by allowing the type to contain multiple parameters as inputs which are then quantified over seperately > in the code

Let's not worry about mutuals at all in this first PR

[alexkeizer]

I gave it a look over. @Equilibris it would help a lot if you did a pass and document all the various functions that you've defined

This doesn't feel ready to be PRd to core yet. I think we should look into how hard it would be to go the proper route and elaborate into Exprs

[alexkeizer]

Suggested change

	/- derivingClasses : Array Lean.Elab.DerivingClassView -/
	/- computedFields : Array Lean.Elab.Command.ComputedFieldView -/

Just remove these if we don't want to support them

[alexkeizer]

Isn't this the exact same as the already existing CtorView, do you reckon we could just reuse that struct instead of defining our own?

[Equilibris]

The reason I defined this is because the original uses Syntax instead of TSyntax at multiple places. I can change over to theirs and add casts and stuff if you'd prefer

[alexkeizer]

Suggested change

	if ctorModifiers.isPrivate && modifiers.isPrivate then
	throwError "invalid 'private' constructor in a 'private' inductive datatype"
	if ctorModifiers.isProtected && modifiers.isPrivate then
	throwError "invalid 'protected' constructor in a 'private' inductive datatype"
	if ctorModifiers.isPrivate && modifiers.isPrivate then
	throwError "invalid 'private' constructor in a 'private' coinductive predicate"
	if ctorModifiers.isProtected && modifiers.isPrivate then
	throwError "invalid 'protected' constructor in a 'private' coinductive predicate"

I assume you copied this code from somewhere, can we not reuse that?

[Equilibris]

Yes this is almost identical to the code to generate an InductiveView but the difference is TSyntax as mentioned above. Once again if its preferred to use Syntax we can just use theirs.

[alexkeizer]

docstring?

[alexkeizer]

docstring?

[alexkeizer]

This doesn't feel right. FSM is a fixed parameter to Bisim (it is given as a binder, before the :), and should not show up in the motive. That is, I would've expected this to have type
(fsm : FSM) → (fsm.S → fsm.S → Prop) → fsm.S → fsm.S → Prop

[alexkeizer]

How would you change the existential? The reason this works is because Prop is impredicative (which is a funny way of saying that Prop -> Prop is of type Prop). Once you start looking at types, you run into the issue that Type -> Type lives in Type 1, causing nasty universe bumps.

If you meant "pull in QpfTypes", sure, but that is very explicitly not something that core wants

Suggested change

	-- In theory we could make this handle types by simply changing the existential quantification but this would yield some pretty funny results
	let .node _ ``Parser.Term.prop _ := out.raw | throwErrorAt out "Expected return type to be a Prop"
	return Prod.mk view argArr
	let .node _ ``Parser.Term.prop _ := out.raw | throwErrorAt out "Expected return type to be a Prop"
	return Prod.mk view argArr

[alexkeizer]

Suggested change

	structure CoInductiveView.CtorView where
	structure CoinductiveView.CtorView where

Very minor nit, but I'd consider coinductive to be one word, and thus not capitalize the I in names

[alexkeizer]

this exists already, Ident.getId or something similar

[alexkeizer]

Manipulating Syntax like this feels rather brittle. This was fine for QpfTypes, where I number one priority was to get something that at least kind of works, but if we want to PR to core, we should strongly consider going the proper route and elaborating into Exprs

[tobiasgrosser]

Should this have a Lean-FRO copyright?