theorem-proving

Suppose i have the following boolean logic: Z = (A or B) and (A or C) Is it possible to use prolog possibly (maybe together with some library) to figure out why Z is false and to return the answer in the following formats: Z is false because A or (b and c) are false If i substitute some known values (or all) like (c = true) that it will say: Z is false because A is false It can tell me which rule or which part of the rule causes this problem: Z is false because A is false in (A or B) of "Z = (A or B) and (A or C)? Same questions again for when Z = true with everything in reverse. Or are these

Every goal that I have encountered in Isabelle so far that could be solved using arith could also be solved by presburger and vice versa, for example lemma "odd (n::nat) ⟹ Suc (2 * (n div 2)) = n" by presburger (* or arith *) What's the difference between the two solvers? Examples of goals that one can solve but the other can't would be nice. Edit: I managed to come up with a lemma proved by arith that presburger can't handle. It seems like this has something to do with real numbers: lemma "max i (i + 1) > (i::nat)" by arith -- ✔ lemma "max i (i + 1) > (i::nat)" by presburger -- ✔ lemma "max i

I am experimenting with Z3 where I combine the theories of arithmetic, quantifiers and equality. This does not seem to be very efficient, in fact it seems to be more efficient to replace the quantifiers with all instantiated ground instances when possible. Consider the following example, in which I have encoded the unique names axiom for a function f that takes two arguments of sort Obj and returns an interpreted sort S . This axiom states that each unique list of arguments to f returns a unique object: (declare-datatypes () ((Obj o1 o2 o3 o4 o5 o6 o7 o8))) (declare-sort S 0) (declare-fun f

In Coq, sig is defined as Inductive sig (A:Type) (P:A -> Prop) : Type := exist : forall x:A, P x -> sig P. Which I read as "A sig P is a type, where P is a function taking an A and returning a Prop. The type is defined such that an element x of type A is of type sig P if P x holds." proj1_sig is defined as Definition proj1_sig (e:sig P) := match e with | exist _ a b => a end. I'm not sure what to make of that. Could somebody provide a more intuitive understanding? Non-dependent pairs vs. sig The type is defined such that an element x of type A is of type sig P if P x holds. That is not

Perhaps this is a stupid question. Here's a quote from the Hasochism paper : One approach to resolving this issue is to encode lemmas, given by parameterised equations, as Haskell functions. In general, such lemmas may be encoded as functions of type: ∀ x1 ... xn. Natty x1 → ... → Natty xn → ((l ~ r) ⇒ t) → t I thought I understood RankNTypes , but I can't make sense of the last part of this proposition. I'm reading it informally as "given a term which requires l ~ r , return that term". I'm sure this interpretation is wrong because it seems to lead to a circularity: we don't know l ~ r until

I am writing a basic monadic parser in Idris, to get used to the syntax and differences from Haskell. I have the basics of that working just fine, but I am stuck on trying to create VerifiedSemigroup and VerifiedMonoid instances for the parser. Without further ado, here's the parser type, Semigroup, and Monoid instances, and the start of a VerifiedSemigroup instance. data ParserM a = Parser (String -> List (a, String)) parse : ParserM a -> String -> List (a, String) parse (Parser p) = p instance Semigroup (ParserM a) where p <+> q = Parser (\s => parse p s ++ parse q s) instance Monoid

is there anything like the tactic simpl for Program Fixpoint s? In particular, how can one proof the following trivial statement? Program Fixpoint bla (n:nat) {measure n} := match n with | 0 => 0 | S n' => S (bla n') end. Lemma obvious: forall n, bla n = n. induction n. reflexivity. (* I'm stuck here. For a normal fixpoint, I could for instance use simpl. rewrite IHn. reflexivity. But here, I couldn't find a tactic transforming bla (S n) to S (bla n).*) Obviously, there is no Program Fixpoint necessary for this toy example, but I'm facing the same problem in a more complicated setting where I