Hi Chetan,
> I'm following the videos from the workshop that Edwin Brady is giving.
Welcome to the Idris list! I'm glad to see that the videos are
spreading, so it's not just us lucky ITU students who can get the
benefit of Edwin's course!
> In the first video (
https://vimeo.com/61576198 around 1:10:10 mark), Edwin
> mentions a more correct version of elemList , one that returns Dec (Elem x
> xs).
>
> Below is a solution (it typechecks with the latest version).
> Since I'm just beginning to learn dependently typed programming (mostly on
> Coq), I wanted people's opinions on the version below.
>
> Any comments on how it could be better/shorter/cleaner are welcome.
Your code looks quite good to me. I would probably lay out some of the
longer type signatures a bit differently to make them a bit more
readable, especially in elemListContra, but this is a very minor
thing. I'd probably also write the type of elemNilContra as follows:
elemNilContra : (x : Nat) -> (Elem x []) -> _|_
The [] disambiguates fine for me, anyway.
> Some stuff I noticed,
> 1. Removing the second case in elemNilContra (the "There" branch) did not
> make isElem2 non-total. Is that expected, or an issue with the totality
> checker?
The totality checker has some issues :-) If you keep following the
lectures, you'll hear Edwin point out that it's best used as an extra
safety net rather than as something that you base all of your
soundness on. It does seem to be improving though!
On the other hand, it could be the case that the totality checker is
smarter than we think - it won't typecheck a single-case definition
elemNilContra x prf impossible
but it may be the case that a single impossible declaration is enough
for the type and totality checkers to see that the There branch can
never be type-correct, and therefore be total. In general, impossible
is just necessary to convince the totality checker that some
particular impossible case can't happen - it will eliminate many of
them on its own. I'm not familiar enough with that part of the
implementation to tell for sure what's happening.
> 2. In the beginning, I actually put the following definition of
> elemNilContra, and it typechecked. This obviously is a bug?
> elemNilContra : (x : Nat) -> (Elem x (Prelude.List.Nil)) -> _|_
> elemNilContra refl impossible
I would certainly see the acceptance of your first elemNilContra as a
bug! 'refl' clearly can't be a pattern for Nat. You can open a ticket
at
https://github.com/edwinb/Idris-dev/issues .
/David