堆栈内存溢出
  简体   繁体   English

Coq:如何证明max ab <= a + b?

[英]Coq: How to prove max a b <= a+b?

 原文  2017-09-25 16:39:22       coq/ coq-tactic

问题描述

I am unable to prove the simple logic max ab <= a+b using coq's tactics. 我无法使用coq的策略证明简单的逻辑max ab <= a+b How should I go about solving it? 我应该如何解决呢? Below is the code that I worked on till now. 以下是我到目前为止一直在使用的代码。 s_le_n is proved but not mentioned here for the sake of simplicity. s_le_n已被证明,但为简单起见此处未提及。 

Theorem s_le_n: forall (a b: nat),  a <= b -> S a <= S b.
Proof. Admitted.

Theorem max_sum: forall (a b: nat), max a b <= a + b.
Proof. 
intros.
induction a.
- simpl. reflexivity.
- rewrite plus_Sn_m. induction b.
  + simpl. rewrite <- plus_n_O. reflexivity.
  + rewrite <- plus_Sn_m. simpl. apply s_le_n. rewrite IHa.

1 个解决方案

解决方案1
 2 已采纳  2017-09-25 23:37:31

Taking into account @re3el comment, we start from their "pen and paper proof": 考虑到@ re3el的评论,我们从其“笔和纸证明”开始: 

if a>b max a b = a, a < a+b; else max a b = b, b < a+b

Let's now translate that into Coq! 现在让我们将其翻译成Coq! In fact, the first thing we need to do is case on the decidability of < , this is done using the le_lt_dec ab lemma. 实际上,我们要做的第一件事是确定<的可判定性,这是使用le_lt_dec ab引理完成的。 The rest is routine: 其余的是常规的: 

Require Import Arith.

Theorem max_sum (a b: nat) : max a b <= a + b.
Proof.
case (le_lt_dec a b).
+ now rewrite <- Nat.max_r_iff; intros ->; apply le_plus_r.
+ intros ha; apply Nat.lt_le_incl, Nat.max_l_iff in ha.
  now rewrite ha; apply le_plus_l.
Qed.

However, we can improve this proof quite a bit. 但是,我们可以大大改善这一证明。 There are various candidates, a good one using the stdlib is: 有各种各样的候选人,使用stdlib的一个不错的候选人是: 

Theorem max_sum_1 (a b: nat) : max a b <= a + b.
Proof.
now rewrite Nat.max_lub_iff; split; [apply le_plus_l | apply le_plus_r].
Qed.

Using my library of choice [math-comp], you can chain the rewrites to get a more compact proof: 使用我选择的库[math-comp],可以链接重写以获得更紧凑的证明: 

From mathcomp Require Import all_ssreflect.

Theorem max_sum_2 (a b: nat) : maxn a b <= a + b.
Proof. by rewrite geq_max leq_addl leq_addr. Qed.

In fact, on the light of short proof, maybe the original lemma was not even needed in the first place. 实际上,从简短的证明来看,也许甚至根本不需要原始引理。

edit: @Jason Gross mentions another style of proof a more seasoned used would use: 编辑:@Jason Gross提到了另一种更经验丰富的证明方式: 

Proof. apply Max.max_case_strong; omega. Qed.

However, this proof involves the use of a heavyweight automation tactic, omega ; 但是,该证明涉及使用重量级自动化策略omega I strongly advise all beginners to avoid such tactics for a while, and learn how to do proofs more "manually". 我强烈建议所有初学者暂时避免使用这种策略,并学习如何更“手动”地进行证明。 In fact, using any of the SMT-enabled tactics, the original goal can be simply solved with a call to a SMT. 实际上,使用任何启用SMT的策略,只需调用SMT即可简单地解决原始目标。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在 Coq 中证明 a*b*c=a*(b*c)? - How to prove a*b*c=a*(b*c) in Coq? 如何证明 Coq 中逻辑的简化(A 和 B 隐含 A) - How to prove simplification of logic(A and B implies A) in Coq Coq:如何证明“ a = b-&gt; nat_compare ab =等式”? - Coq: How to prove “a=b -> nat_compare a b = Eq.”? 如何在coq中证明b = c if(andb b c = orb b c)? - How would I prove that b = c if (andb b c = orb b c) in coq? Coq:证明如果 (A, B) = (C, D) 那么 A = C /\\ B = D - Coq: prove that if (A, B) = (C, D) then A = C /\ B = D 证明(~A - &gt; ~B) - &gt;(~A - &gt; B) - &gt; Coq中的A. - Proving (~A -> ~B)-> (~A -> B) -> A in Coq 在Coq中a + b = 0-&gt; a = 0和b = 0 - a + b = 0 -> a = 0 and b = 0 in Coq 如何在Coq中证明证明定义 - How to prove a prove definition in Coq (A -&gt; B) /\\ (B -&gt; C) -&gt; (A -&gt; C) 在 Coq 中? - (A -> B) /\ (B -> C) -> (A -> C) in Coq? Coq-(a \\ / b \\ / c)=(((a \\ / b)\\ / c) - Coq - (a \/ b \/ c) = ((a \/ b) \/ c)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM