theorem-proving

问题 In Coq, sig is defined as Inductive sig (A:Type) (P:A -> Prop) : Type := exist : forall x:A, P x -> sig P. Which I read as "A sig P is a type, where P is a function taking an A and returning a Prop. The type is defined such that an element x of type A is of type sig P if P x holds." proj1_sig is defined as Definition proj1_sig (e:sig P) := match e with | exist _ a b => a end. I'm not sure what to make of that. Could somebody provide a more intuitive understanding? 回答1: Non-dependent pairs vs.

问题 Perhaps this is a stupid question. Here's a quote from the Hasochism paper: One approach to resolving this issue is to encode lemmas, given by parameterised equations, as Haskell functions. In general, such lemmas may be encoded as functions of type: ∀ x1 ... xn. Natty x1 → ... → Natty xn → ((l ~ r) ⇒ t) → t I thought I understood RankNTypes , but I can't make sense of the last part of this proposition. I'm reading it informally as "given a term which requires l ~ r , return that term". I'm

问题 How can I use Idris to build a function that, given a string, returns a proof that such String is hexadecimal (i.e., 0x followed by 2*N characters from 0-9 and a-f , such as "0x1a7f33b8" )? What I tried First, I've constructed the following type for hex chars: data IsNib : Char -> Type where IsNib0 : IsNib '0' IsNib1 : IsNib '1' IsNib2 : IsNib '2' IsNib3 : IsNib '3' IsNib4 : IsNib '4' IsNib5 : IsNib '5' IsNib6 : IsNib '6' IsNib7 : IsNib '7' IsNib8 : IsNib '8' IsNib9 : IsNib '9' IsNibA : IsNib

问题 Given a proof of set inclusion and its converse I'd like to be able to show that two sets are equal. For example, I know how to prove the following statement, and its converse: open set universe u variable elem_type : Type u variable A : set elem_type variable B : set elem_type def set_deMorgan_incl : A ∩ B ⊆ set.compl ((set.compl A) ∪ (set.compl B)) := sorry Given these two inclusion proofs, how do I prove set equality, i.e. def set_deMorgan_eq : A ∩ B = set.compl ((set.compl A) ∪ (set.compl

问题 I've been trying to learn to use Isabelle 2016. While in principle I like the idea of asynchronous proof checking, I don't like Isabelle/jEdit for a number of reasons, the most severe of which is that it uses too much memory (for me). It'd be great if I could use the good old Proof General with Isabelle 2016. I set the variable isa-isabelle-command to point the file bin/isabelle under the Isabelle distribution directory. When I start Isabelle using Proof General's menu, Emacs hangs, and when

问题 I'm trying to prove a simple lemma in Agda, which I think is true. If a vector has more than two elements, taking its head following taking the init is the same as taking its head immediately. I have formulated it as follows: lem-headInit : ∀{l} (xs : Vec ℕ (suc (suc l))) -> head (init xs) ≡ head xs lem-headInit (x ∷ xs) = ? Which gives me; .l : ℕ x : ℕ xs : Vec ℕ (suc .l) ------------------------------ Goal: head (init (x ∷ xs) | (initLast (x ∷ xs) | initLast xs)) ≡ x as a response. I do not

问题 I am working on a lemma that shows that the degree of a sum of monomials is always less or equal to n if the exponent of each monomial is less or equal to n . lemma degree_poly_smaller: fixes a :: "('a::comm_ring_1 poly)" and n::nat shows "degree (∑x∷nat | x ≤ n . monom (coeff a x) x) ≤ n" sorry What I have to so far is the following (please mind that I am a beginner in Isabelle): lemma degree_smaller: fixes a :: "('a::comm_ring_1 poly)" and n::nat shows "degree (∑x∷nat | x ≤ n . monom (coeff

问题 I recently started using the Isabelle theorem prover. As I want to prove another lemma, I would like to use a different notation than the one used in the lemma "det_linear_row_setsum", which can be found in the HOL library. More specifically, I would like to use the "χ i j notation" instead of "χ i". I have been trying to formulate an equivalent expression for some time, but couldn't figure it out yet. (* ORIGINAL lemma from library *) (* from HOL/Multivariate_Analysis/Determinants.thy *)

问题 Every goal that I have encountered in Isabelle so far that could be solved using arith could also be solved by presburger and vice versa, for example lemma "odd (n::nat) ⟹ Suc (2 * (n div 2)) = n" by presburger (* or arith *) What's the difference between the two solvers? Examples of goals that one can solve but the other can't would be nice. Edit: I managed to come up with a lemma proved by arith that presburger can't handle. It seems like this has something to do with real numbers: lemma

问题 I am trying to learn agda. However, I got a problem. All the tutorials which I found on agda wiki are too complex for me and cover different aspects of programming. After parallel reading of 3 tutorials on agda I was able to write simple proofs but I still don't have enough knowledge to use it for real word algorithm correctness. Can you recommend me any tutorials on the subject? Something similar to Learn Yourself a Haskell but for Agda. 回答1: When I started learning Agda about a year ago I