这是Count谓词的定义。它使用2个索引来表示开始和结束元素,“ check”谓词对“ current”元素进行计数/跳过,最后一个参数“ sum”跟踪在这些边界索引之间满足check谓词的元素的数量。
Require Import ZArith.
Open Scope Z_scope.
Inductive Count : Z -> Z -> (Z -> Prop) -> Z -> Prop :=
| Q_Nil:
forall (m n : Z),
forall (check : Z -> Prop),
(n <= m) ->
(Count m n check 0)
| Q_Hit:
forall (m n sum : Z),
forall (check : Z -> Prop),
let x := (n - 1) in
(m < n) ->
(check x) ->
(Count m x check sum) ->
(Count m n check (1 + sum))
| Q_Miss:
forall (m n sum : Z),
forall (check : Z -> Prop),
let x := (n - 1) in
(m < n) ->
~(check x) ->
(Count m x check sum) ->
(Count m n check sum).
需要证明所计数元素“ sum”的数量为非负数。
Goal
forall (m n sum : Z),
forall (check : Z -> Prop),
(Count m n check sum) -> (0 <= sum).
Proof.
显然,可以在这里应用归纳法。但是,由于和元素的Q_Hit | Q_Miss差(即Q_Hit中的+1),natlike_rec3之类的方案不适用。
这是我的证明尝试,直到应该进行归纳的步骤为止。
Proof.
Require Import Psatz.
intros m n sum check.
assert (X: n <= m \/ n > m) by lia.
destruct X as [le|gt].
+ intro.
inversion H; subst; intuition.
+ pose (p := (n - m)).
assert (PZ: p > 0). { subst p. auto with zarith. }
replace n with (m + p) in * by (subst p; auto with zarith).
1 subgoal
m, n, sum : Z
check : Z -> Prop
p := n - m : Z
gt : m + p > m
PZ : p > 0
______________________________________(1/1)
Count m (m + p) check sum -> 0 <= sum
我认为,也许well_founded_induction_type_2可以用于求和与p的关系:sum <= p。
答案 0 :(得分:2)
您可以在induction假设上使用Count(在某种程度上,这就是Inductive类型的要点)。
Proof.
intros.
induction H.
all: omega.
(* or, as a single sequence: intros; induction H; omega. *)
(* lia also works instead of omega, and should probably be preferred nowadays (Require Import Lia.) *)
Qed.