feat: prove that the Buchi congruence has the saturation property

Author: ctchou

Cslib/Computability/Languages/Congruences/BuchiCongruence.lean

@@ -8,6 +8,8 @@ module
 
 public import Cslib.Computability.Automata.NA.Pair
 public import Cslib.Computability.Languages.Congruences.RightCongruence
+public import Cslib.Computability.Languages.OmegaLanguage
+public import Cslib.Foundations.Data.Set.Saturation
 
 @[expose] public section
 
@@ -20,7 +22,7 @@ of ω-regular languages under complementation.
 
 namespace Cslib.Automata.NA.Buchi
 
-open Function
+open Function Set Filter ωAcceptor ωLanguage ωSequence
 
 variable {Symbol : Type*} {State : Type}
 
@@ -32,7 +34,7 @@ following two conditions hold:
 from `s` to `t` via an acceptingg states. -/
 def BuchiCongruence (na : Buchi State Symbol) : RightCongruence Symbol where
   eq.r u v :=
-    ∀ {s t}, (u ∈ na.pairLang s t ↔ v ∈ na.pairLang s t) ∧
+    ∀ s t, (u ∈ na.pairLang s t ↔ v ∈ na.pairLang s t) ∧
       (u ∈ na.pairViaLang na.accept s t ↔ v ∈ na.pairViaLang na.accept s t)
   eq.iseqv.refl := by grind
   eq.iseqv.symm := by grind
@@ -72,4 +74,128 @@ lemma buchiCongrParam_surjective : Surjective na.BuchiCongrParam := by
 theorem buchiCongruence_fin_index [Finite State] : Finite (Quotient na.BuchiCongruence.eq) :=
   Finite.of_surjective na.BuchiCongrParam buchiCongrParam_surjective
 
+/-- If `xl` and `yl` belong to the same equivalence class of `na.BuchiCongruence`
+and `xl` can move `na` from state `s` to state `t`, then so can `yl` and, furthermore,
+if `xl` makes `na` go through an accepting state of `na`, then so can `yl`. -/
+lemma buchiCongruence_transfer
+    {a : Quotient na.BuchiCongruence.eq} {xl yl : List Symbol} {s t : State}
+    (hc : xl ∈ na.BuchiCongruence.eqvCls a) (hc' : yl ∈ na.BuchiCongruence.eqvCls a)
+    (hp : xl ∈ na.pairLang s t) : ∃ sl, na.IsExecution s yl t sl ∧
+      ( xl ∈ na.pairViaLang na.accept s t → ∃ r ∈ na.accept, r ∈ sl ) := by
+  have h_eq : na.BuchiCongruence.eq xl yl := by
+    apply Quotient.exact
+    grind
+  have := h_eq s t
+  by_cases h_xl : xl ∈ na.pairViaLang na.accept s t
+  · have h_yl : yl ∈ na.pairViaLang na.accept s t := by grind
+    obtain ⟨r, _, yl1, yl2, h_yl1, h_yl2, rfl⟩ := LTS.mem_pairViaLang.mp h_yl
+    obtain ⟨sl1, h_yl1⟩ := LTS.mTr_isExecution h_yl1
+    obtain ⟨sl2, h_yl2⟩ := LTS.mTr_isExecution h_yl2
+    have := LTS.IsExecution.comp h_yl1 h_yl2
+    grind [LTS.IsExecution]
+  · have h_yl : yl ∈ na.pairLang s t := by grind
+    grind [LTS.mTr_isExecution h_yl]
+
+/-- `na.buchiFamily` is a family of ω-languages indexed by a pair of equivalence classes
+of `na.BuchiCongruence` which will turn out to saturate the ω-language accepted by `na`
+and cover all possible ω-sequences. -/
+def buchiFamily [Inhabited Symbol] (na : Buchi State Symbol) :
+    Quotient na.BuchiCongruence.eq × Quotient na.BuchiCongruence.eq → ωLanguage Symbol
+  | (a, b) => na.BuchiCongruence.eqvCls a * (na.BuchiCongruence.eqvCls b)^ω
+
+theorem mem_buchiFamily [Inhabited Symbol]
+    {xs : ωSequence Symbol} {a b : Quotient na.BuchiCongruence.eq} :
+    xs ∈ na.buchiFamily (a, b) ↔ ∃ xl, ∃ xls : ωSequence (List Symbol),
+      xl ∈ na.BuchiCongruence.eqvCls a ∧ (∀ k, xls k ∈ na.BuchiCongruence.eqvCls b - 1) ∧
+      xl ++ω xls.flatten = xs := by
+  grind [buchiFamily]
+
+-- This intermediate result is split out of the proof of `buchiCongruence_saturation` below
+-- because that proof was too big and kept exceeding the default `maxHeartbeats`.
+private lemma frequently_via_accept [Inhabited Symbol]
+    {xl : List Symbol} {xls : ωSequence (List Symbol)} {ss : ωSequence State}
+    (h_acc : ∃ᶠ (k : ℕ) in atTop, ss k ∈ na.accept) (h_exec : na.ωTr ss (xl ++ω xls.flatten))
+    (h_xls_p : ∀ (k : ℕ), (xls k).length > 0)
+    (f : ℕ → ℕ) (h_f : f = fun k => xl.length + xls.cumLen k)
+    (ts : ωSequence State) (h_ts : ts = ωSequence.mk (fun k ↦ ss (f k))) :
+    ∃ᶠ (k : ℕ) in atTop, xls k ∈ na.pairViaLang na.accept (ts k) (ts (k + 1)) := by
+  have hm : StrictMono f := by
+    intro m n h_mn
+    grind [cumLen_strictMono h_xls_p h_mn]
+  apply Frequently.mono <| frequently_in_strictMono hm h_acc
+  rintro n ⟨k, _, _⟩
+  apply LTS.mem_pairViaLang.mpr
+  use ss (f n + k), by grind
+  use (xls n).take k, (xls n).drop k
+  split_ands
+  · have := LTS.isExecution_mTr na.toLTS <|
+      LTS.ωTr_isExecution h_exec (show f n ≤ f n + k by grind)
+    suffices (xl ++ω xls.flatten).extract (f n) (f n + k) = (xls n).take k by grind
+    have : xls.flatten.extract (xls.cumLen n) (xls.cumLen n + k) = (xls n).take k := by
+      grind [extract_flatten h_xls_p n]
+    grind only [extract_apppend_right_right]
+  · have := LTS.isExecution_mTr na.toLTS <|
+      LTS.ωTr_isExecution h_exec (show f n + k ≤ f (n + 1) by grind)
+    suffices (xl ++ω xls.flatten).extract (f n + k) (f (n + 1)) = (xls n).drop k by grind
+    have : xls.flatten.extract (xls.cumLen n + k) (xls.cumLen (n + 1)) = (xls n).drop k := by
+      grind [extract_flatten h_xls_p n]
+    grind only [= cumLen_succ, extract_apppend_right_right]
+  · grind only [!List.take_append_drop]
+
+/-- `na.buchiFamily` saturates the ω-language accepted by `na`. -/
+theorem buchiCongruence_saturation [Inhabited Symbol] :
+    Saturates na.buchiFamily (language na) := by
+  rintro ⟨a, b⟩ ⟨xs, h_xs, h_lang⟩ ys h_ys
+  obtain ⟨xl, xls, h_xl_c, h_xls_c, rfl⟩ := mem_buchiFamily.mp h_xs
+  obtain ⟨yl, yls, h_yl_c, h_yls_c, rfl⟩ := mem_buchiFamily.mp h_ys
+  obtain ⟨ss, ⟨h_init, h_exec⟩, h_acc⟩ := h_lang
+  have h_xls_p (k : ℕ) : (xls k).length > 0 := by
+    grind [Language.mem_sub_one, List.ne_nil_iff_length_pos]
+  have h_yls_p (k : ℕ) : (yls k).length > 0 := by
+    grind [Language.mem_sub_one, List.ne_nil_iff_length_pos]
+  let f (k : ℕ) := xl.length + xls.cumLen k
+  let ts := ωSequence.mk (fun k ↦ ss (f k))
+  have h_xl_e : xl ∈ na.pairLang (ss 0) (ts 0) := by
+    have := LTS.ωTr_mTr h_exec (show 0 ≤ xl.length by grind)
+    grind [extract_append_zero_right, LTS.mem_pairLang]
+  have h_xls_e (k : ℕ) : (xls k) ∈ na.pairLang (ts k) (ts (k + 1)) := by
+    have := LTS.ωTr_mTr h_exec (show f k ≤ f (k + 1) by grind)
+    suffices (xl ++ω xls.flatten).extract (f k) (f (k + 1)) = xls k by grind [LTS.mem_pairLang]
+    simp (disch := grind) [extract_apppend_right_right, f]
+  have h_yl_e : yl ∈ na.pairLang (ss 0) (ts 0) := by
+    obtain ⟨sl, h_e, _⟩ := buchiCongruence_transfer h_xl_c h_yl_c h_xl_e
+    grind [LTS.mem_pairLang, LTS.isExecution_mTr (lts := na.toLTS) h_e]
+  have h_yls (k : ℕ) : ∃ sl, na.IsExecution (ts k) (yls k) (ts (k + 1)) sl ∧
+      ( (xls k) ∈ na.pairViaLang na.accept (ts k) (ts (k + 1)) → ∃ s ∈ na.accept, s ∈ sl ) := by
+    exact buchiCongruence_transfer ((h_xls_c k).left) ((h_yls_c k).left) (h_xls_e k)
+  choose sls h_yls_e h_yls_a using h_yls
+  obtain ⟨ss1, h_ss1_run, h_ss1_seg⟩ := LTS.IsExecution.flatten h_yls_e h_yls_p
+  obtain ⟨ss2, _, _, _, _⟩ := LTS.ωTr.append h_yl_e h_ss1_run (by
+    have : ss1 0 = (sls 0)[0]'(by grind) := by
+      grind [get_extract (xs := ss1) (show 0 < yls.cumLen 1 - yls.cumLen 0 by grind)]
+    have : ts 0 = (sls 0)[0]'(by grind) := by grind [LTS.IsExecution]
+    grind)
+  use ss2, by grind [Run.mk]
+  suffices ∃ᶠ (k : ℕ) in Filter.atTop, ss1 k ∈ na.accept by
+    apply (drop_frequently_iff_frequently yl.length).mp
+    grind
+  have h_acc' := frequently_via_accept h_acc h_exec h_xls_p f rfl ts rfl
+  have h_mono : StrictMono yls.cumLen := cumLen_strictMono h_yls_p
+  apply frequently_atTop.mpr
+  intro n
+  obtain ⟨m, _, s, _, h_mem⟩ := frequently_atTop.mp (Frequently.mono h_acc' h_yls_a) n
+  have : m ≤ yls.cumLen m := by grind [StrictMono.add_le_nat h_mono m 0]
+  obtain ⟨k, _, _⟩ := List.mem_iff_getElem.mp h_mem
+  use yls.cumLen m + k, by grind
+  suffices ss1 (yls.cumLen m + k) = (sls m)[k] by grind
+  by_cases k < (yls m).length
+  · have h1 : k < yls.cumLen (m + 1) - yls.cumLen m := by grind only [= cumLen_succ]
+    simp [← get_extract (xs := ss1) h1, h_ss1_seg m]
+  · obtain ⟨_, _, _, _⟩ := h_yls_e m
+    obtain ⟨_, _, _, _⟩ := h_yls_e (m + 1)
+    have := h_mono (show m + 1 < m + 2 by omega)
+    have h1 : 0 < yls.cumLen (m + 2) - yls.cumLen (m + 1) := by omega
+    have h2 := get_extract (xs := ss1) h1
+    grind only [= cumLen_succ, = get_fun, = List.getElem_take]
+
 end Cslib.Automata.NA.Buchi

Cslib/Foundations/Data/OmegaSequence/InfOcc.lean

@@ -6,9 +6,9 @@ Authors: Ching-Tsun Chou
 
 module
 
+public import Cslib.Foundations.Data.Nat.Segment
 public import Cslib.Foundations.Data.OmegaSequence.Defs
 public import Mathlib.Data.Fintype.Pigeonhole
-public import Mathlib.Order.Filter.AtTopBot.Basic
 public import Mathlib.Order.Filter.Cofinite
 
 @[expose] public section
@@ -59,6 +59,24 @@ theorem frequently_in_finite_type [Finite α] {s : Set α} {xs : ωSequence α}
     apply Frequently.mono h_inf
     grind
 
+open Nat in
+/-- If `p` is true infinitely often, then `p` is true in infinitely many segments
+of any strictly monotonic function `f`. -/
+theorem frequently_in_strictMono {p : ℕ → Prop} {f : ℕ → ℕ}
+    (hm : StrictMono f) (hf : ∃ᶠ k in atTop, p k) :
+    ∃ᶠ n in atTop, ∃ k, k < f (n + 1) - f n ∧ p (f n + k) := by
+  apply frequently_atTop.mpr
+  intro m
+  obtain ⟨k, _, _⟩ := frequently_atTop.mp hf (f m)
+  use segment f k
+  have h0 : f 0 ≤ k := by grind [StrictMono.monotone hm (show 0 ≤ m by grind)]
+  split_ands
+  · by_contra
+    have h1 : segment f k + 1 ≤ m := by grind
+    grind [(StrictMono.le_iff_le hm).mpr h1, segment_upper_bound' hm h0]
+  · use k - f (segment f k)
+    grind [segment_lower_bound' hm h0, segment_upper_bound' hm h0]
+
 end ωSequence
 
 end Cslib

Cslib/Foundations/Data/OmegaSequence/Init.lean

@@ -508,6 +508,17 @@ theorem extract_0u_extract_l {xs : ωSequence α} {n i : ℕ} :
     (xs.extract 0 n).extract i = xs.extract i n := by
   grind
 
+@[simp, scoped grind =]
+theorem take_extract {xs : ωSequence α} {m n k : ℕ} (h : k ≤ n - m) :
+    (xs.extract m n).take k = xs.extract m (m + k) := by
+  grind [extract_lu_extract_lu (xs := xs) (i := 0) h]
+
+@[simp, scoped grind =]
+theorem drop_extract {xs : ωSequence α} {m n k : ℕ} (h : k ≤ n - m) :
+    (xs.extract m n).drop k = xs.extract (m + k) n := by
+  have := extract_lu_extract_lu (xs := xs) (m := m) (n := n) (i := k) (j := n - m)
+  grind [length_extract, List.take_length]
+
 end ωSequence
 
 end Cslib

Cslib/Foundations/Semantics/LTS/Basic.lean

@@ -215,6 +215,13 @@ theorem LTS.mTr_isExecution_iff : lts.MTr s1 μs s2 ↔
     ∃ ss : List State, lts.IsExecution s1 μs s2 ss := by
   grind
 
+/-- The composition of two executions is an execution. -/
+theorem LTS.IsExecution.comp
+    {lts : LTS State Label} {s r t : State} {μs1 μs2 : List Label} {ss1 ss2 : List State}
+    (h1 : lts.IsExecution s μs1 r ss1) (h2 : lts.IsExecution r μs2 t ss2) :
+    lts.IsExecution s (μs1 ++ μs2) t (ss1 ++ ss2.drop 1) := by
+  use by grind, by grind, by grind, by grind
+
 /-- An execution can be split at any intermediate state into two executions. -/
 theorem LTS.IsExecution.split
     {lts : LTS State Label} {s t : State} {μs : List Label} {ss : List State}
@@ -317,20 +324,17 @@ def LTS.ωTr (lts : LTS State Label) (ss : ωSequence State) (μs : ωSequence L
 
 variable {lts : LTS State Label}
 
-open scoped ωSequence in
+open ωSequence
+
 /-- Any finite execution extracted from an infinite execution is valid. -/
+theorem LTS.ωTr_isExecution (h : lts.ωTr ss μs) {n m : ℕ} (hnm : n ≤ m) :
+    lts.IsExecution (ss n) (μs.extract n m) (ss m) (ss.extract n (m + 1)) := by
+  grind
+
+/-- Any multistep transition extracted from an infinite execution is valid. -/
 theorem LTS.ωTr_mTr (h : lts.ωTr ss μs) {n m : ℕ} (hnm : n ≤ m) :
     lts.MTr (ss n) (μs.extract n m) (ss m) := by
-  by_cases heq : n = m
-  case pos => grind
-  case neg =>
-    cases m
-    case zero => grind
-    case succ m =>
-      have : lts.MTr (ss n) (μs.extract n m) (ss m) := ωTr_mTr (hnm := by grind) h
-      grind [MTr.comp]
-
-open ωSequence
+  grind [LTS.ωTr_isExecution h hnm]
 
 /-- Prepends an infinite execution with a transition. -/
 theorem LTS.ωTr.cons (htr : lts.Tr s μ t) (hωtr : lts.ωTr ss μs) (hm : ss 0 = t) :