coq

问题 I am trying to define (1,2,3) as a set of elements in coq. I can define it using list as (1 :: (2 :: (3 :: nil))). Is there any way to define set in coq without using list. 回答1: The are basically four possible choices to be made when defining sets in Coq depending on your constraints on the base type of the set and computation needs: If the base type doesn't have decidable equality, it is common to use: Definition Set A := A -> Prop Definition cup A B := fun x => A x /\ B x. ... basically,

问题 I was trying to prove the following simple theorem from an online course that excluded middle is irrefutable, but got stuck pretty much at step 1: Theorem excluded_middle_irrefutable: forall (P:Prop), ~~(P \/ ~ P). Proof. intros P. unfold not. intros H. Now I get: 1 subgoals P : Prop H : P \/ (P -> False) -> False ______________________________________(1/1) False If I apply H , then the goal would be P \/ ~P , which is excluded middle and can't be proven constructively. But other than apply ,

问题 Can someone please tell me the differences between Require Name . Require Import Name . Import Name ? 回答1: Require : load an external library (typically from the standard library or the user-contribs/ folder); Import : imports the names in a module. For example, if you have a function f in a module M , by doing Import M. , you will only need to type f instead of M.f ; Require Import : does both Require and Import . 来源： https://stackoverflow.com/questions/33854672/confused-by-coq-imports

问题 What I am looking for is an auto -like tactic that can prove simple equalities like: 1/2 = 2/4 So far, what I've tried manually is to use ring_simplify and field_simplify to prove equalities. Even this doesn't work out well (Coq 8.5b3). The example below works: Require Export Coq.Reals.RIneq. Local Open Scope Z_scope. Local Open Scope R_scope. Example test2: 1 = 1 / 1. Proof. field_simplify. field_simplify. reflexivity. Qed. But it was necessary to use field_simplfy twice before reflexivity .

问题 I'm trying to prove simple field properties directly from the field's axioms. After some experiments with Coq's native field support (like this one) I decided it's better to simply write down the 10 axioms and make it self contained. I encountered a difficulty when I needed to use rewrite with my own == operator which naturally did not work. I realize I have to add some axioms that my == is reflexive, symmetrical and transitive, but I wondered if that is all it takes? or maybe there is an

问题 I'm reading Mike Nahas's introductory Coq tutorial, which says: The arguments to "ex_intro" are: the predicate the witness a proof of the predicated called with the witness I looked at the definition: Inductive ex (A:Type) (P:A -> Prop) : Prop := ex_intro : forall x:A, P x -> ex (A:=A) P. and I'm having trouble parsing it. Which parts of the expression forall x:A, P x -> ex (A:=A) P correspond to those three arguments (predicate, witness, and proof)? 回答1: To understand what Mike meant, it's

问题 I am trying to define the Ackermann-Peters function in Coq, and I'm getting an error message that I don't understand. As you can see, I'm packaging the arguments a, b of Ackermann in a pair ab ; I provide an ordering defining an ordering function for the arguments. Then I use the Function form to define Ackermann itself, providing it with the ordering function for the ab argument. Require Import Recdef. Definition ack_ordering (ab1 ab2 : nat * nat) := match (ab1, ab2) with |((a1, b1), (a2, b2

问题 Does Isabelle/HOL proof assistant have any weaknesses and strengths compared to Coq? 回答1: I am mostly familiar with Coq, and do not have much experience with Isabelle/HOL, but I might be able to help a little bit. Perhaps others with more experience on Isabelle/HOL can help improve this. There are two big points of divergence between the two systems: the underlying theories and the style of interaction . I'll try to give a brief overview of the main differences in each case. Theories Both Coq

问题 I am new to dependent types and am confused about the difference between the two. It seems people usually say a type is parameterized by another type and indexed by some value . But isn't there no distinction between types and terms in a dependently typed language? Is the distinction between parameters and indices fundamental? Can you show me examples showing difference in their meanings in both programming and theorem proving? 回答1: When you see a family of types, you may wonder whether each

问题 In trying to solve (How) can I define partial coercions in Coq?, I discovered that canonical structure resolution is not interleaved with coercion insertion: Structure foo := { ty1 : Type ; ty2 : Type }. Canonical Structure default_foo ty := {| ty1 := option ty ; ty2 := ty |}. Definition Some_nat := @Some nat. Coercion Some_nat : nat >-> option. Check Some 0 : ty1 _. Check 0 : ty1 _. (* fails *) Is there a different way to invoke canonical structures or coercions such that they are