This completes the implementation of the examples in the paper
"Applications of Applicative Proof Search" (Liam O'Connor, 2016).
Unfortunately, the final example is an example of something that _can_
be expressed, but _cannot_ be model-checked by the approach in the
paper.
(Side note on `petersonsCorrect`: The paper mentions that it checks in
~3 minutes on a 2013 MacBook Pro. Assuming they mean "type-checks", this
is roughly consistent with our observations of just short of 2 minutes.
I doubt that they evaluated it, since an attempt at doing this on a
reasonably modern server (Intel Xeon Gold 5220R, 502 GB of RAM) was
killed after just over 3 hours, producing the following resource log:
Command exited with non-zero status 255
Time: 11320.46s user, 35.12s system, 3h09m46s elapsed, 99%CPU
Memory: 57644016 Kbytes RAM
)
On average across 10 runs on an Intel Core i7-8750H with 15.2GB of
available system memory (16GB installed in system), type-checking
`libs/papers/Search/GCL.idr` WITH `petersonsCorrect` takes:
* 1 minute 48.7 seconds, consuming 3.92GB of RAM
By contrast, commenting `petersonsCorrect` out results in type-checking
taking on average (same #runs, same config):
* 0 minutes 1.2 seconds, consuming 0.25GB of RAM
And good luck trying to evaluate the thing!
(This might be a good performance test at some point, but uh, we're not
there yet...)
Thanks to the debug info supplied by #2673, I was able to spot which
functions were blocking and `public import` the relevant files in
`papers/Search/Properties.idr`.
As a result the GCL file now type-checks, albeit extremely slowly!
I stopped an evaluation of `petersonsCorrect` at the REPL after 15
minutes and ~14GB of RAM consumed.
* Currying the `ops` function makes the totality checker spot that it
_is_ actually total.
* Instance arguments are heavily abused in the paper, along with
implicit `open` magic, but Idris allows no such ~~luxury~~
obfuscation, so we have to pass things explicitly.
* `decSo` is not `public export`ed, so we have to define `IsTT` by
pattern-matching (which is fine).
Currently, it gets stuck on checking `petersonsCorrect` for some,
currently unknown, reason. (And the log output is loooooong O.O)
Once again, this would not have been possible without gallais insigths.
Many thanks!
Co-authored-by: Guillaume Allais <guillaume.allais@ens-lyon.org>
Termination checking needs figuring out. There is some funky stuff going
on with the half-deciders and their constructors. Other than that, I
**think** it's nearly done. God knows how much RAM it'll take though...
