coq

问题 I have the following during a proof where the goal is an existential, and the target property is one of the assumptions. H : x ==> y ... ______________________________________(1/2) exists t : tm, x ==> t I know I can do exists y. apply H. to prove the current goal, but I am wondering if there is a more intelligent tactic that can use the assumption directly to prove the existential goal here, like eapply H ? Since this is one unification away, it would be nice not having to write the X part

问题 I have a general question about how to rearrange terms in Coq. For example, if we have a term m + p + n + p , humans can quickly re-arrange the terms to something like m + n + p + p (implicitly using plus_comm and plus_assoc). How do we do this efficiently in Coq? For a (silly) example, Require Import Coq.Arith.Plus. Require Import Coq.Setoids.Setoid. Theorem plus_comm_test: forall n m p: nat, m + p + (n + p) = m + n + 2 * p. Proof. intros. rewrite plus_assoc. simpl. rewrite <- plus_n_O. Now,

问题 I've managed to prove Theorem modulo_inv : forall m n : Z, rel_prime m n -> exists x : Z, (m * x == 1 [n]). Admitted. My question is how to finish the following proof (maybe using the modulo_inv theorem?): Variables m n : Z. Hypothesis co_prime : rel_prime m n. Theorem SimpleChineseRemainder : forall a b : Z, exists x : Z, (x == a [m]) /\ (x == b [n]). Here is what I tried, but I don't know whether it is correct or not. Proof. intros a b. exists ((a * n) * (n ^ (-1) mod m) + (b * m) * (m ^ (

问题 With a simple definition Inductive B := bb. Inductive C := cc. Inductive A := | mkA1 : B -> A | mkA2 : C -> A. Definition id (a: A) : A := match a with | mkA1 b => mkA1 b | mkA2 c => mkA2 c end. I try to do proofs by case analysis (destruct), something like: Theorem Foo : forall a1 a2 : A , a1 <> a2 -> id a1 <> id a2. Proof. destruct a1; destruct a2. Abort. Unsurprisingly, the current prove state contains two equivalent sub-goals: b: B c: C ______________________________________(2/4) mkA1 b <

问题 I'm modeling a program in which users can choose from different operators and functions for writing queries (i.e. formulas) for the system. For showing these operators, here I defined add and mul functions and used nat datatype, instead of my program's functions and datatypes. How should I define formula that enables me to use it in definition compute_formula . I'm a bit stuck at solving this issue. Thank you. Fixpoint add n m := match n with | 0 => m | S p => S (p + m) end where "n + m" :=

问题 I'm new to Coq. I'm having trouble defining lists, maps, and trees using units, products, and sums. I get the error message in the title. The code above the comment works fine, the code below it does not. Inductive one : Type := nil : one. Inductive sum (t0 t1 : Type) : Type := | inject_left : t0 -> sum t0 t1 | inject_right : t1 -> sum t0 t1. Inductive product (t0 t1 : Type) : Type := pair : t0 -> t1 -> product t0 t1. Definition list (t0 : Type) : Type := sum one (product t0 (list t0)).

问题 I have the following proof state: 1 subgoals U : Type X : Ensemble U Y : Ensemble U f : U -> U g : U -> U pF : proof_dom_cod U X Y f pG : proof_dom_cod U X Y g fg : f = g H : proof_dom_cod U X Y g = proof_dom_cod U X Y f ______________________________________(1/1) createarrow U X Y f pF = createarrow U X Y g pG So I want to assert (pF = pG) and then use proof irrelevance to prove that. Unfortunately, pF = pG is not valid because they have different types, even though I know the types to be

问题 The following code (which is of course not a complete proof) tries to do pattern matching on a dependent product: Record fail : Set := mkFail { i : nat ; f : forall x, x < i -> nat }. Definition failomat : forall (m : nat) (f : forall x, x < m -> nat), nat. Proof. intros. apply 0. Qed. Function fail_hard_omat fl : nat := failomat (i fl) (f fl). Definition failhard fl : fail_hard_omat fl = 0. refine ((fun fl => match fl with | mkFail 0 _ => _ | mkFail (S n) _ => _ end) fl). The error I get

问题 I'm doing a Coq proof. I have P -> Q as a hypothesis, and (P -> Q) -> (~Q -> ~P) as a lemma. How can I transform the hypothesis into ~Q -> ~P ? When I try to apply it, I just spawn new subgoals, which isn't helpful. Put another way, I wish to start with: P : Prop Q : Prop H : P -> Q and end up with P : Prop Q : Prop H : ~Q -> ~P given the lemma above - i.e. (P -> Q) -> (~Q -> ~P) . 回答1: This is not as elegant as just an apply , but you can use pose proof (lemma _ _ H) as H0 , where lemma is

问题 I am trying to make the following work: Definition gen `{A:Type} {i o: nat} (f: nat -> (option nat)) {ibound: forall (n n':nat), f n = Some n' -> n' < i} (x: svector A i) (t:nat) (ti: t < o): option A := match (f t) with | None => None | Some t' => Vnth x (ibound t t' _) end. In place of last "_" I need an evidence that "f t" is equals to "Some t'". I could not figure out how to get it from the match. Vnth is defined as: Vnth : ∀ (A : Type) (n : nat), vector A n → ∀ i : nat, i < n → A 回答1: