问题
Suppose the following particular scenario.
We have a definition of equality:
Inductive eqwal {A : Type} (x : A) : A -> Prop :=
eqw_refl : eqwal x x.
And peano nats:
Inductive nawt : Prop :=
| zewro : nawt
| sawc : nawt -> nawt.
We define addition on nats:
Fixpoint plaws (m n : nawt) : nawt :=
match m with
| zewro => n
| sawc m' => sawc (plaws m' n)
end.
And now we want to prove that zero is neutral from right wrt. summing:
Theorem neutral_r : forall n : nawt, eqwal (plaws n zewro) n.
Sadly the last line of the following proofscripts says "Error: n is used in conclusion.".
Proof.
intros.
induction n. - this is the culprit
There is not much about the error in official documentation and I am somewhat confused - why does this error occur?
Using the standard library, I can prove the theorem easily:
Theorem neutral_r : forall n : nat,
n + 0 = n.
Proof.
induction n; try reflexivity.
cbn; rewrite IHn; reflexivity.
Qed.
回答1:
The problem is that you defined nawt with sort Prop instead of Type or Set. By default, the induction principles generated for propositions do not allow us to prove anything about proofs of those propositions. Consider the default induction principle generated for nawt:
Check nawt_ind.
> nawt_ind : forall P : Prop, P -> (nawt -> P -> P) -> nawt -> P
Because nawt_ind quantifies over Prop, and not over nat -> Prop, we cannot use it to prove your goal.
The solution is to set a few options that change Coq's default behavior, as in the following script.
Inductive eqwal {A : Type} (x : A) : A -> Prop :=
eqw_refl : eqwal x x.
Unset Elimination Schemes.
Inductive nawt : Prop :=
| zewro : nawt
| sawc : nawt -> nawt.
Scheme nawt_ind := Induction for nawt Sort Prop.
Set Elimination Schemes.
Fixpoint plaws (m n : nawt) : nawt :=
match m with
| zewro => n
| sawc m' => sawc (plaws m' n)
end.
Theorem eqwal_sym {A : Type} (x y : A) : eqwal x y -> eqwal y x.
Proof. intros H. destruct H. constructor. Qed.
Theorem neutral_r : forall n : nawt, eqwal (plaws n zewro) n.
Proof.
intros. induction n as [|n IH]; simpl.
- constructor.
- apply eqwal_sym in IH. destruct IH. constructor.
Qed.
The Elimination Schemes option causes Coq to automatically generate induction principles for data types and propositions. In this script, I merely turned it off, and used the Scheme command to generate the correct induction principle for nawt. For the induction tactic to work, it is important to give this principle the name nawt_ind: this is the default name that is generated by Coq, and is the one that induction looks for when called.
That being said, I would generally advise against defining a type of natural numbers in Prop instead of Type, because Coq imposes restrictions on how you can use things that live in Prop. For instance, it is impossible to show that zewro is different from sawc zewro.
来源:https://stackoverflow.com/questions/41568683/why-is-it-impossible-to-perform-induction-on-a-term-that-is-used-in-conclusion