coq

问题 I was trying to go through the famous and wonderful software foundations book but I got to an example where simpl. and reflexivity. just do to much under the covers and are hindering my learning & understanding. I was going through the following theorem: Theorem plus_1_neq_0 : forall n : nat, beq_nat (n + 1) 0 = false. (* n+1 != 0 *) Proof. intros n. destruct n as [| n']. -simpl. reflexivity. -simpl. reflexivity. Qed. what I really want is something that allows me to go through step by step

问题 I am working through Software Foundations and am currently doing the exercises on Church numerals. Here is the type signature of a natural number: Definition nat := forall X : Type, (X -> X) -> X -> X. I have defined a function succ of type nat -> nat . I would now like to define an addition function like so: Definition plus (n m : nat) : nat := n nat succ m. However, I get the following error message: Error: Universe inconsistency. What does this error message actually mean? 回答1: In Coq,

问题 They seem to serve similar purposes. The one difference I've noticed so far is that while Program Fixpoint will accept a compound measure like {measure (length l1 + length l2) } , Function seems to reject this and will only allow {measure length l1} . Is Program Fixpoint strictly more powerful than Function , or are they better suited for different use cases? 回答1: This may not be a complete list, but it is what I have found so far: As you already mentioned, Program Fixpoint allows the measure

问题 Consider the following simple expression language: Inductive Exp : Set := | EConst : nat -> Exp | EVar : nat -> Exp | EFun : nat -> list Exp -> Exp. and its wellformedness predicate: Definition Env := list nat. Inductive WF (env : Env) : Exp -> Prop := | WFConst : forall n, WF env (EConst n) | WFVar : forall n, In n env -> WF env (EVar n) | WFFun : forall n es, In n env -> Forall (WF env) es -> WF env (EFun n es). which basically states that every variable and function symbols must be defined

问题 I'm quite new at Coq and trying to develop a framework based on my research. My work is quite definition-heavy and I'm having trouble encoding it because of how Coq seems to treat sets. There are Type and Set , which they call 'sorts', and I can use them to define a new set: Variable X: Type. And then there's a library encoding (sub)sets as 'Ensembles', which are functions from some Type to a Prop . In other words, they are predicates on a Type : Variable Y: Ensemble X. Ensemble s feel more

问题 I would like to be able to define the same Coq notations for different inductive definitions, and distinguish the notations based on the types of their arguments. Here is a minimal example: Inductive type : Type := | TBool : type. Inductive term1 : Type := | tvar1 : term1. Inductive term2 : Type := | tvar2 : term2. Definition context := nat -> (option type). Reserved Notation "G '⊢' t '::' T" (at level 40, t at level 59). Inductive typing1 : context -> term1 -> type -> Prop := | T_Var1 :

问题 I would like to be able to define the same Coq notations for different inductive definitions, and distinguish the notations based on the types of their arguments. Here is a minimal example: Inductive type : Type := | TBool : type. Inductive term1 : Type := | tvar1 : term1. Inductive term2 : Type := | tvar2 : term2. Definition context := nat -> (option type). Reserved Notation "G '⊢' t '::' T" (at level 40, t at level 59). Inductive typing1 : context -> term1 -> type -> Prop := | T_Var1 :

问题 When refine ing a program, I tried to end proof by inversion on a False hypothesis when the goal was a Type . Here is a reduced version of the proof I tried to do. Lemma strange1: forall T:Type, 0>0 -> T. intros T H. inversion H. (* Coq refuses inversion on 'H : 0 > 0' *) Coq complained Error: Inversion would require case analysis on sort Type which is not allowed for inductive definition le However, since I do nothing with T , it shouldn't matter, ... or ? I got rid of the T like this, and

问题 When refine ing a program, I tried to end proof by inversion on a False hypothesis when the goal was a Type . Here is a reduced version of the proof I tried to do. Lemma strange1: forall T:Type, 0>0 -> T. intros T H. inversion H. (* Coq refuses inversion on 'H : 0 > 0' *) Coq complained Error: Inversion would require case analysis on sort Type which is not allowed for inductive definition le However, since I do nothing with T , it shouldn't matter, ... or ? I got rid of the T like this, and

问题 I want to change the hypothesis H from the form below mL : Map mR : Map H : forall (k : RecType) (e : String.string), MapsTo k e (filter (is_vis_cookie l) mL) <-> MapsTo k e (filter (is_vis_cookie l) mR) ------------------------------------------------------- Goal to mL : Map mR : Map k : RecType e : String.string H : MapsTo k e (filter (is_vis_cookie l) mL) <-> MapsTo k e (filter (is_vis_cookie l) mR) ------------------------------------------------------- Goal I think, they can both solve