LongestCommonSublist: TimeM proof

[kuotsanhsu]

Time complexity using TimeM is proven, but TimeM is messing up my lemmas aux2_1 and cons_aux0_cons for the correctness proof lcsDP whereas my original non-monadic implementation can utilize definitional equality of List.foldr. Reviewers can start giving feedback while I work on the 2 lemmas with sorry.

[eric-wieser]

Usually we would format this as

Suggested change

	{
	sublist₁ := show [] <+ [] from .slnil
	sublist₂ := show [] <+ ys from ys.nil_sublist
	longest
	| cs, ⟨(h : cs <+ []), _⟩ =>
	show cs.length ≤ [].length from
	suffices cs = [] from this.rec Nat.le.refl
	eq_nil_of_sublist_nil h
	}
	{ sublist₁ := show [] <+ [] from .slnil
	sublist₂ := show [] <+ ys from ys.nil_sublist
	longest
	| cs, ⟨(h : cs <+ []), _⟩ =>
	show cs.length ≤ [].length from
	suffices cs = [] from this.rec Nat.le.refl
	eq_nil_of_sublist_nil h }

(and throughout)

[eric-wieser]

Suggested change

	/-- `cs` is a common sublist of the lists `xs` and `ys`. -/
	public structure CommonSublist (xs ys cs : List α) : Prop where
	/-- `IsCommonSublist xs ys xs` indicates that `cs` is a common sublist of the lists `xs` and `ys`. -/
	public structure IsCommonSublist (xs ys cs : List α) : Prop where

[eric-wieser]

You might want to put the cs argument first so that you can write cs.IsCommonSublist xs ys too

[eric-wieser]

These should be @[simp]

[eric-wieser]

Instead of doing a manual pattern match here, I think it would be better to use fun_induction, which will aso handle the x = y case split for you.

[Shreyas4991]

Also, I am pretty sure simp could handle this case, maybe with some sublist lemmas. Especially if you follow my Prop def suggestion.

[eric-wieser]

I'd suggest

Suggested change

	aux3 (x : α) : α × DP α → DPS α × DP α × DP α → TimeM ℕ (DPS α × DP α × DP α)
	| (y, xx), (dps, yy, xy) => do
	✓ let dp := dp x y xx yy xy
	return ((y, dp) :: dps, dp, xx)
	dp (x y : α) (xx yy xy : DP α) : DP α :=
	if x = y then
	⟨x :: xy.lcs, xy.length + 1, xy.length_eq.rec rfl⟩
	else
	if xx.length ≥ yy.length then xx else yy
	aux3 (x : α) : α × DP α → DPS α × DP α × DP α → TimeM ℕ (DPS α × DP α × DP α)
	| (y, xx), (dps, yy, xy) => do
	let dp ← dp x y xx yy xy
	return ((y, dp) :: dps, dp, xx)
	dp (x y : α) (xx yy xy : DP α) : TimeM (DP α) := do
	✓ if x = y then
	return ⟨x :: xy.lcs, xy.length + 1, xy.length_eq.rec rfl⟩
	else
	return if xx.length ≥ yy.length then xx else yy

[Shreyas4991]

This is my first review. I also wonder why you have this DPS structure. If you want simplicity of proofs and DP table, why not just go for a two parameter function?

[Shreyas4991]

you might want to put @[expose] public section here. This exposes all your definitions by default.

[Shreyas4991]

Explicit public is not required.

[Shreyas4991]

Also why not just

abbrev CommonSublist (xs ys cs : List α) : Prop := (cs <+ xs) ∧ (cs <+ ys)

?

[Shreyas4991]

Following my suggestion on CommonSubList, this could just be

abbrev LCS (xs ys lcs : List α) := CommonSubList xs ys lcs ∧ ∀ cs, CommonSublist xs ys cs → cs.length ≤ lcs.length

[Shreyas4991]

Also, I am pretty sure simp could handle this case, maybe with some sublist lemmas. Especially if you follow my Prop def suggestion.

[Shreyas4991]

For LCS you should really just take the list length as an input parameter. Even better, solve for a general l which denotes a prefix of the list (including the whole list if l \geq n) to an auxiliary function, and then pass List.length as the argument to this parameter in the actual function

[Shreyas4991]

why this second definition at all?

[Shreyas4991]

This entire section goes in the CslibTests folder. Please don't put tests in the main library folder.

[Shreyas4991]

The four lemmas about aux0 sound like things you will get free as equational lemmas from lean. You should probably just fun_induction wherever you use these lemmas. I could be wrong so I'll tag @eric-wieser to check. If these lemmas stay, they probably ought to be @[simp]