正如标题所示,我的问题涉及证明 Coq 中算术表达式的惰性求值的正确性和完整性。我想证明的定理共有三个:

  1. 计算只给出规范表达式作为结果

    Theorem Only_canonical_results: (forall xy: Aexp, Comp xy -> Canonical y)。

  2. 正确性:计算关系保留表达式的表示

    Theorem correct_wrt_semantics: (forall xy: Aexp, Comp xy -> IN (denotation x) (denotation y))。

  3. 每个输入都会导致一些结果。

    Theorem Comp_is_total: (forall x:Aexp, (Sigma Aexp (fun y => prod (Comp xy) (Canonical y))))。

必要的定义可以在下面附加的代码中找到。我应该明确表示我是 Coq 的新手;更有经验的用户可能会立即注意到。可以肯定的是,我所写的大部分或什至所有背景材料都可以在标准库中找到。但是,话又说回来,如果我确切地知道从标准库中导入什么来证明所需的结果,我很可能不会在这里打扰你。这就是为什么我将我目前拥有的材料提交给你,希望有热心的人可以帮助我。谢谢!

(* Sigma types *)

Inductive Sigma (A:Set)(B:A -> Set) :Set :=
  Spair: forall a:A, forall b : B a,Sigma A B.

Definition E (A:Set)(B:A -> Set)
  (C: Sigma A B -> Set)
  (c: Sigma A B)
  (d: (forall x:A, forall y:B x, 
      C (Spair A B x y))): C c :=

match c as c0 return (C c0) with
| Spair a b => d a b

Definition project1 (A:Set)(B:A -> Set)(c: Sigma A B):=
E A B (fun z => A) c (fun x y => x).

(* Binary sum type *)

Inductive sum' (A B:Set):Set := 
inl': A -> sum' A B | inr': B -> sum' A B.

Print sum'_rect.

Definition D (A B : Set)(C: sum' A B -> Set)
(c: sum' A B)
(d: (forall x:A, C (inl' A B x)))
(e: (forall y:B, C (inr' A B y))): C c :=

match c as c0 return C c0 with
| inl' x => d x
| inr' y => e y

(* Three useful finite sets *)

Inductive N_0: Set :=.

Definition R_0
  (C:N_0 -> Set)
  (c: N_0): C c :=
match c as c0 return (C c0) with

Inductive N_1: Set := zero_1:N_1.

Definition R_1 
  (C:N_1 -> Set)
  (c: N_1)
  (d_zero: C zero_1): C c :=
match c as c0 return (C c0) with
  | zero_1 => d_zero

Inductive N_2: Set := zero_2:N_2 | one_2:N_2.

Definition R_2 
  (C:N_2 -> Set)
  (c: N_2)
  (d_zero: C zero_2)
  (d_one: C one_2): C c :=
match c as c0 return (C c0) with
  | zero_2 => d_zero
  | one_2  => d_one

(* Natural numbers *)

Inductive N:Set :=
zero: N | succ : N -> N.

Print N. 

Print N_rect.

Definition R 
  (C:N -> Set)
  (d: C zero)
  (e: (forall x:N, C x -> C (succ x))):
  (forall n:N, C n) :=
fix F (n: N): C n :=
  match n as n0 return (C n0) with
  | zero => d
  | succ n0 => e n0 (F n0)

(* Boolean to truth-value converter *)

Definition Tr (c:N_2) : Set :=
match c as c0 with
  | zero_2 => N_0
  | one_2 => N_1

(* Identity type *)

Inductive I (A: Set)(x: A) : A -> Set :=
r :  I A x x.

Print I_rect.

Theorem J 
  (C: (forall x y:A, 
              forall z: I A x y, Set))
  (d: (forall x:A, C x x (r A x)))
  (a:A)(b:A)(c:I A a b): C a b c.
induction c.
apply d.

(* functions are extensional wrt
  identity types *)

Theorem I_I_extensionality (A B: Set)(f: A -> B):
(forall x y:A, I A x y -> I B (f x) (f y)).
intros x y P.
induction P.
apply r.

(* addition *)

Definition add (m n:N) : N 
 := R (fun z=> N) m (fun x y => succ y) n.

(* multiplication *)

Definition mul (m n:N) : N 
 := R (fun z=> N) zero (fun x y => add y m) n.

(* Axioms of Peano verified *)

Theorem P1a: (forall x: N, I N (add x zero) x).
intro x.
(* force use of definitional equality
  by applying reflexivity *)
apply r.

Theorem P1b: (forall x y: N, 
I N (add x (succ y)) (succ (add x y))).
apply r.

Theorem P2a: (forall x: N, I N (mul x zero) zero).
apply r.

Theorem P2b: (forall x y: N, 
I N (mul x (succ y)) (add (mul x y) x)).
apply r.

Definition pd (n: N): N :=
R (fun _=> N) zero (fun x y=> x) n.

(* alternatively
Definition pd (x: N): N :=
match x as x0 with
  | zero => zero
  | succ n0 => n0

Theorem P3: (forall x y:N, 
I N (succ x) (succ y) -> I N x y).
intros x y p.
apply (I_I_extensionality N N pd (succ x) (succ y)).
apply p.

Definition not (A:Set): Set:= (A -> N_0).

Definition isnonzero (n: N): N_2:=
R (fun _ => N_2) zero_2 (fun x y => one_2) n.

Theorem P4 : (forall x:N, 
not (I N (succ x) zero)).
intro x.
intro p.

apply (J N (fun x y z => 
    Tr (isnonzero x) -> Tr (isnonzero y))
    (fun x => (fun t => t)) (succ x) zero)
apply p.
apply zero_1.

Theorem P5 (P:N -> Set):
P zero -> (forall x:N, P x -> P (succ x))
   -> (forall x:N, P x).
intros base step n.
apply R.
apply base.
apply step.

(* I(A,-,-) is an equivalence relation *)

Lemma Ireflexive (A:Set): (forall x:A, I A x x).
intro x.
apply r.

Lemma Isymmetric (A:Set): (forall x y:A, I A x y -> I A y x).
intros x y P.
induction P.
apply r.

Lemma Itransitive (A:Set): 
(forall x y z:A, I A x y -> I A y z -> I A x z).
intros x y z P Q.
induction P.

Definition or (A B : Set):= sum' A B.

(* arithmetical expressions *)

Inductive Aexp :Set :=
  zer: Aexp
| suc: Aexp -> Aexp
| pls: Aexp -> Aexp -> Aexp.

(* denotation of an expression *)

Definition denotation: Aexp->N:=
fix F (a: Aexp): N :=
  match a as a0  with
  | zer => zero
  | suc a1 => succ (F a1)
  | pls a1 a2 => add (F a1) (F a2)

(* predicate for distinguishing
   canonical expressions *)

Definition Canonical (x:Aexp):Set :=
or (I Aexp x zer) 
   (Sigma Aexp (fun y => 
     I Aexp x (suc y))).

(* the computation relation is
  an inductively defined relation *)

Inductive Comp : Aexp -> Aexp -> Set
refrule: forall a: Aexp, 
         forall p: Canonical a, Comp a a
| zerrule: forall a b c:Aexp, 
         forall p: Comp b zer,
         forall q: Comp a c,
           Comp (pls a b) c
| sucrule: forall a b c:Aexp,
         forall p: Comp b (suc c),
           Comp (pls a b) (suc (pls a c)).

(* Computations only give canonical
   expressions as results *)

Theorem Only_canonical_results:
(forall x y: Aexp, Comp x y -> Canonical y).
(* Here is where help is needed *)
(* Correctness: the computation relation
 preserves denotation of expressions *)

Theorem correct_wrt_semantics:
(forall x y: Aexp, Comp x y -> 
I N (denotation x) (denotation y)).
(* Here is where help is need*)


(* every input leads to some result *)

Theorem Comp_is_total: (forall x:Aexp, 
(Sigma Aexp (fun y => 
   prod (Comp x y) (Canonical y)))).
 (* Proof required *)

前两个定理几乎可以盲目地证明。他们遵循对 的定义的归纳Comp。第三个需要一些思考和一些辅助定理。但是如果你想学习 Coq,你应该遵循一个教程。


  • induction 1对第一个未命名的假设进行归纳。
  • info_eauto试图通过盲目应用定理来完成目标。
  • Hint Constructors将归纳定义的构造函数添加到info_eauto可以使用的定理数据库中。
  • unfold, simpl, 并且rewrite应该是不言自明的。


Hint Constructors sum' prod Sigma I Comp.

Theorem Only_canonical_results:
(forall x y: Aexp, Comp x y -> Canonical y).
unfold Canonical, or.
induction 1.

Theorem correct_wrt_semantics:
(forall x y: Aexp, Comp x y -> 
I N (denotation x) (denotation y)).
induction 1.
  simpl. rewrite IHComp1. rewrite IHComp2. simpl. info_eauto.
  simpl. rewrite IHComp. simpl. info_eauto.

Theorem Comp_is_total: (forall x:Aexp, 
(Sigma Aexp (fun y => 
   prod (Comp x y) (Canonical y)))).
unfold Canonical, or.
induction x.
  eapply Spair. eapply pair.
    eapply refrule. unfold Canonical, or. info_eauto.
于 2013-12-20T15:11:58.577 回答