coq

问题 I have just discovered the existence of maximal and non-maximal arguments (see https://coq.inria.fr/refman/Reference-Manual004.html#sec109). But is there some motivation to use one over the other? Is one more recent than the other? Maximal implicit arguments simply need {} to be created, whereas one has to use Arguments or Implicit Arguments to specify non-maximal ones. Does it mean that maximal implicit arguments should be preferred? 回答1: ... is there some motivation to use one over the

问题 I'm proving a simple mathematical property about subsets, for example : A subset B; which is about the fact that adding a member to set B cannot affect this relation. In the program, A and B are list of pairs. entity_IN_listPair checks if a specific pair is in a list of pair and listPairEqual checks equality of two list of pairs. I am a bit stuck how to proceed in the proof of lemma Lemma addtolistPairSUB : Require Import List. Require Import Bool. Definition entity := nat. Definition

问题 I have a lemma that is proved for Z . All the variables are bounded to be greater that or equal to zero. Q: How can one as easily and generally as possible "port" that lemma to nat , i.e. use that lemma to prove a similar lemma for nat by using the lemma for Z ? Example: Require Import ZArith. Open Scope Z. Lemma Z_lemma: forall n n0 n1 n2 n3 n4 n5 n6 : Z, n >= 0 -> n0 >= 0 -> n1 >= 0 -> n2 >= 0 -> n3 >= 0 -> n4 >= 0 -> n5 >= 0 -> n6 >= 0 -> n5 + n4 = n6 + n3 -> n1 + n0 = n2 + n -> n5 * n1 +

问题 I am having trouble with formalizing definitions of the following form: define an integer such that some property holds. Let's say that I formalized the definition of the property: Definition IsGood (x : Z) : Prop := ... Now I need a definition of the form: Definition Good : Z := ... assuming that I proved that an integer with the property exists and is unique: Lemma Lemma_GoodExistsUnique : exists! (x : Z), IsGood x. Is there an easy way of defining Good using IsGood and Lemma

问题 I'm experimenting with Coq's extraction mechanism to Haskell. I wrote a naive predicate for prime numbers in Coq, here it is: (***********) (* IMPORTS *) (***********) Require Import Coq.Arith.PeanoNat. (************) (* helper'' *) (************) Fixpoint helper' (p m n : nat) : bool := match m,n with | 0,_ => false | 1,_ => false | _,0 => false | _,1 => false | S m',S n' => (orb ((mult m n) =? p) (helper' p m' n)) end. (**********) (* helper *) (**********) Fixpoint helper (p m : nat) :

问题 Function for determining if a set is a subset of another: Fixpoint subset (s1:bag) (s2:bag) : bool := match s1 with | nil => true | h :: t => match (beq_nat (count h s1) (count h s2)) with | true => subset (remove_all h t) (remove_all h s2) | false => false end end. For clarity beq_nat determines equality of two natural numbers count counts the number of times a given natural number occurs in a set remove_all removes each instance of a given natural number from a set CoqIDE "Cannot guess

问题 I'm kind of new to Coq. I'm trying to implement a generic version of insertion sort. I'm implementing is as a module that takes a Comparator as a parameter. This Comparator implements comparison operators (such as is_eq, is_le, is_neq, etc.). In insertion sort, in order to insert, I must compare two elements in the input list, and based on the result of the comparison, insert the element into the correct location. My problem is that the implementations of the comparison operators are type ->

问题 I noticed that Coq synthesizes different induction principles on equality for Prop and Type. Does anybody have an explanation for that? Equality is defined as Inductive eq (A : Type) (x : A) : A -> Prop := eq_refl : x = x And the associated induction principle has the following type: eq_ind : forall (A : Type) (x : A) (P : A -> Prop), P x -> forall y : A, x = y -> P y Now let's define a Type pendant of eq: Inductive eqT {A:Type}(x:A):A->Type:= eqT_refl: eqT x x. The automatically generated

问题 I want to consider the following three (related?) Coq definitions. Inductive nat1: Prop := | z1 : nat1 | s1 : nat1 -> nat1. Inductive nat2 : Set := | z2 : nat2 | s2 : nat2 -> nat2. Inductive nat3 : Type := | z3 : nat3 | s3 : nat3 -> nat3. All three types give induction principles to prove a proposition holds. nat1_ind : forall P : Prop, P -> (nat1 -> P -> P) -> nat1 -> P nat2_ind : forall P : nat2 -> Prop, P z2 -> (forall n : nat2, P n -> P (s2 n)) -> forall n : nat2, P n nat3_ind : forall P

问题 I can naively construct a hierarchy of algebraic structures in Coq using type classes. I'm having some trouble finding resources on Coq's syntax and semantics for type classes. However, I believe the following is a correct implementation of semigroups, monoids and commutative monoids: Class Semigroup {A : Type} (op : A -> A -> A) : Type := { op_associative : forall x y z : A, op x (op y z) = op (op x y) z }. Class Monoid `(M : Semigroup) (id : A) : Type := { id_ident_left : forall x : A, op