1 (**************************************************************************)
4 (* ||A|| A project by Andrea Asperti *)
6 (* ||I|| Developers: *)
7 (* ||T|| A.Asperti, C.Sacerdoti Coen, *)
8 (* ||A|| E.Tassi, S.Zacchiroli *)
10 (* \ / This file is distributed under the terms of the *)
11 (* v GNU Lesser General Public License Version 2.1 *)
13 (**************************************************************************)
16 inductive True: Prop \def
19 inductive False: Prop \def .
21 definition Not: Prop \to Prop \def
22 \lambda A. (A \to False).
24 theorem absurd : \forall A,C:Prop. A \to Not A \to C.
28 inductive And (A,B:Prop) : Prop \def
29 conj : A \to B \to (And A B).
31 theorem proj1: \forall A,B:Prop. (And A B) \to A.
32 intros. elim H. assumption.
35 theorem proj2: \forall A,B:Prop. (And A B) \to A.
36 intros. elim H. assumption.
39 inductive Or (A,B:Prop) : Prop \def
40 or_introl : A \to (Or A B)
41 | or_intror : B \to (Or A B).
43 inductive ex (A:Type) (P:A \to Prop) : Prop \def
44 ex_intro: \forall x:A. P x \to ex A P.
46 inductive ex2 (A:Type) (P,Q:A \to Prop) : Prop \def
47 ex_intro2: \forall x:A. P x \to Q x \to ex2 A P Q.
49 inductive eq (A:Type) (x:A) : A \to Prop \def
50 refl_equal : eq A x x.
52 theorem sym_eq : \forall A:Type.\forall x,y:A. eq A x y \to eq A y x.
53 intros. elim H. apply refl_equal.
56 theorem trans_eq : \forall A:Type.
57 \forall x,y,z:A. eq A x y \to eq A y z \to eq A x z.
58 intros.elim H1.assumption.
61 theorem f_equal: \forall A,B:Type.\forall f:A\to B.
62 \forall x,y:A. eq A x y \to eq B (f x) (f y).
63 intros.elim H.apply refl_equal.
66 theorem f_equal2: \forall A,B,C:Type.\forall f:A\to B \to C.
67 \forall x1,x2:A. \forall y1,y2:B.
68 eq A x1 x2\to eq B y1 y2\to eq C (f x1 y1) (f x2 y2).
69 intros.elim H1.elim H.apply refl_equal.
72 inductive nat : Set \def
76 definition pred: nat \to nat \def
77 \lambda n:nat. match n with
79 | (S u) \Rightarrow u ].
81 theorem pred_Sn : \forall n:nat.
82 (eq nat n (pred (S n))).
83 intros.apply refl_equal.
86 theorem injective_S : \forall n,m:nat.
87 (eq nat (S n) (S m)) \to (eq nat n m).
88 intros.(elim (sym_eq ? ? ? (pred_Sn n))).(elim (sym_eq ? ? ? (pred_Sn m))).
89 apply f_equal. assumption.
92 theorem not_eq_S : \forall n,m:nat.
93 Not (eq nat n m) \to Not (eq nat (S n) (S m)).
94 intros. simplify.intros.
95 apply H.apply injective_S.assumption.
98 definition not_zero : nat \to Prop \def
101 [ O \Rightarrow False
102 | (S p) \Rightarrow True ].
104 theorem O_S : \forall n:nat. Not (eq nat O (S n)).
105 intros.simplify.intros.
106 cut (not_zero O).exact Hcut.elim (sym_eq ? ? ? H).
110 theorem n_Sn : \forall n:nat. Not (eq nat n (S n)).
111 intros.elim n.apply O_S.apply not_eq_S.assumption.
115 let rec plus n m \def
118 | (S p) \Rightarrow S (plus p m) ].
120 theorem plus_n_O: \forall n:nat. eq nat n (plus n O).
121 intros.elim n.simplify.apply refl_equal.simplify.apply f_equal.assumption.
124 theorem plus_n_Sm : \forall n,m:nat. eq nat (S (plus n m)) (plus n (S m)).
125 intros.elim n.simplify.apply refl_equal.simplify.apply f_equal.assumption.
128 theorem sym_plus: \forall n,m:nat. eq nat (plus n m) (plus m n).
129 intros.elim n.simplify.apply plus_n_O.
130 simplify.elim (sym_eq ? ? ? H).apply plus_n_Sm.
134 \forall n,m,p:nat. eq nat (plus (plus n m) p) (plus n (plus m p)).
135 intros.elim n.simplify.apply refl_equal.simplify.apply f_equal.assumption.
138 let rec times n m \def
141 | (S p) \Rightarrow (plus m (times p m)) ].
143 theorem times_n_O: \forall n:nat. eq nat O (times n O).
144 intros.elim n.simplify.apply refl_equal.simplify.assumption.
148 \forall n,m:nat. eq nat (plus n (times n m)) (times n (S m)).
149 intros.elim n.simplify.apply refl_equal.
150 simplify.apply f_equal.elim H.
151 apply trans_eq ? ? (plus (plus e m) (times e m)).apply sym_eq.
152 apply assoc_plus.apply trans_eq ? ? (plus (plus m e) (times e m)).
154 apply sym_plus.apply refl_equal.apply assoc_plus.
158 \forall n,m:nat. eq nat (times n m) (times m n).
159 intros.elim n.simplify.apply times_n_O.
160 simplify.elim (sym_eq ? ? ? H).apply times_n_Sm.
163 let rec minus n m \def
169 | (S q) \Rightarrow minus p q ]].
172 \forall n:nat.\forall P:nat \to Prop.
173 P O \to (\forall m:nat. P (S m)) \to P n.
174 intros.elim n.assumption.apply H1.
177 theorem nat_double_ind :
178 \forall R:nat \to nat \to Prop.
179 (\forall n:nat. R O n) \to
180 (\forall n:nat. R (S n) O) \to
181 (\forall n,m:nat. R n m \to R (S n) (S m)) \to \forall n,m:nat. R n m.
182 intros.cut \forall m:nat.R n m.apply Hcut.elim n.apply H.
183 apply nat_case m1.apply H1.intros.apply H2. apply H3.
186 inductive bool : Set \def
190 definition notn : bool \to bool \def
193 [ true \Rightarrow false
194 | false \Rightarrow true ].
196 definition andb : bool \to bool \to bool\def
200 match b2 with [true \Rightarrow true | false \Rightarrow false]
201 | false \Rightarrow false ].
203 definition orb : bool \to bool \to bool\def
207 match b2 with [true \Rightarrow true | false \Rightarrow false]
208 | false \Rightarrow false ].
210 definition if_then_else : bool \to Prop \to Prop \to Prop \def
211 \lambda b:bool.\lambda P,Q:Prop.
214 | false \Rightarrow Q].
216 inductive le (n:nat) : nat \to Prop \def
218 | le_S : \forall m:nat. le n m \to le n (S m).
220 theorem trans_le: \forall n,m,p:nat. le n m \to le m p \to le n p.
223 apply le_S.assumption.
226 theorem le_n_S: \forall n,m:nat. le n m \to le (S n) (S m).
228 apply le_n.apply le_S.assumption.
231 theorem le_O_n : \forall n:nat. le O n.
232 intros.elim n.apply le_n.apply le_S. assumption.
235 theorem le_n_Sn : \forall n:nat. le n (S n).
236 intros. apply le_S.apply le_n.
239 theorem le_pred_n : \forall n:nat. le (pred n) n.
240 intros.elim n.simplify.apply le_n.simplify.
244 theorem not_zero_le : \forall n,m:nat. (le (S n) m ) \to not_zero m.
245 intros.elim H.exact I.exact I.
248 theorem le_Sn_O: \forall n:nat. Not (le (S n) O).
249 intros.simplify.intros.apply not_zero_le ? O H.
252 theorem le_n_O_eq : \forall n:nat. (le n O) \to (eq nat O n).
253 intros.cut (le n O) \to (eq nat O n).apply Hcut. assumption.
254 elim n.apply refl_equal.apply False_ind.apply (le_Sn_O ? H2).
257 theorem le_S_n : \forall n,m:nat. le (S n) (S m) \to le n m.
258 intros.cut le (pred (S n)) (pred (S m)).exact Hcut.
259 elim H.apply le_n.apply trans_le ? (pred x).assumption.
263 theorem le_Sn_n : \forall n:nat. Not (le (S n) n).
264 intros.elim n.apply le_Sn_O.simplify.intros.
265 cut le (S e) e.apply H.assumption.apply le_S_n.assumption.
268 theorem le_antisym : \forall n,m:nat. (le n m) \to (le m n) \to (eq nat n m).
269 intros.cut (le n m) \to (le m n) \to (eq nat n m).exact Hcut H H1.
270 apply nat_double_ind (\lambda n,m.((le n m) \to (le m n) \to eq nat n m)).
272 apply le_n_O_eq.assumption.
273 intros.whd.intros.apply sym_eq.apply le_n_O_eq.assumption.
274 intros.whd.intros.apply f_equal.apply H2.
275 apply le_S_n.assumption.
276 apply le_S_n.assumption.
284 [ O \Rightarrow false
285 | (S q) \Rightarrow leb p q]].
287 theorem le_dec: \forall n,m:nat. if_then_else (leb n m) (le n m) (Not (le n m)).
289 apply (nat_double_ind
290 (\lambda n,m:nat.if_then_else (leb n m) (le n m) (Not (le n m))) ? ? ? n m).
291 simplify.intros.apply le_O_n.
292 simplify.exact le_Sn_O.
293 intros 2.simplify.elim (leb n1 m1).
294 simplify.apply le_n_S.apply H.
295 simplify.intros.apply H.apply le_S_n.assumption.
298 inductive Z : Set \def
303 definition Z_of_nat \def
304 \lambda n. match n with
306 | (S n)\Rightarrow pos n].
310 definition neg_Z_of_nat \def
311 \lambda n. match n with
313 | (S n)\Rightarrow neg n].
319 | (pos n) \Rightarrow n
320 | (neg n) \Rightarrow n].
322 definition OZ_testb \def
325 [ OZ \Rightarrow true
326 | (pos n) \Rightarrow false
327 | (neg n) \Rightarrow false].
330 \forall z. if_then_else (OZ_testb z) (eq Z z OZ) (Not (eq Z z OZ)).
331 intros.elim z.simplify.apply refl_equal.
334 [ OZ \Rightarrow True
335 | (pos n) \Rightarrow False
336 | (neg n) \Rightarrow False].
337 apply Hcut. elim (sym_eq ? ? ? H).simplify.exact I.
340 [ OZ \Rightarrow True
341 | (pos n) \Rightarrow False
342 | (neg n) \Rightarrow False].
343 apply Hcut. elim (sym_eq ? ? ? H).simplify.exact I.
346 definition Zsucc \def
347 \lambda z. match z with
348 [ OZ \Rightarrow pos O
349 | (pos n) \Rightarrow pos (S n)
350 | (neg n) \Rightarrow
353 | (S p) \Rightarrow neg p]].
355 definition Zpred \def
356 \lambda z. match z with
357 [ OZ \Rightarrow neg O
358 | (pos n) \Rightarrow
361 | (S p) \Rightarrow pos p]
362 | (neg n) \Rightarrow neg (S n)].
364 theorem Zpred_succ: \forall z:Z. eq Z (Zpred (Zsucc z)) z.
365 intros.elim z.apply refl_equal.
366 elim e.apply refl_equal.
371 theorem Zsucc_pred: \forall z:Z. eq Z (Zsucc (Zpred z)) z.
372 intros.elim z.apply refl_equal.
374 elim e.apply refl_equal.
378 inductive compare :Set \def
383 let rec nat_compare n m: compare \def
388 | (S q) \Rightarrow LT ]
392 | (S q) \Rightarrow nat_compare p q]].
394 definition compare_invert: compare \to compare \def
399 | GT \Rightarrow LT ].
401 theorem nat_compare_invert: \forall n,m:nat.
402 eq compare (nat_compare n m) (compare_invert (nat_compare m n)).
404 apply nat_double_ind (\lambda n,m.eq compare (nat_compare n m) (compare_invert (nat_compare m n))).
405 intros.elim n1.simplify.apply refl_equal.
406 simplify.apply refl_equal.
407 intro.elim n1.simplify.apply refl_equal.
408 simplify.apply refl_equal.
409 intros.simplify.elim H.apply refl_equal.
412 let rec Zplus x y : Z \def
415 | (pos m) \Rightarrow
418 | (pos n) \Rightarrow (pos (S (plus m n)))
419 | (neg n) \Rightarrow
420 match nat_compare m n with
421 [ LT \Rightarrow (neg (pred (minus n m)))
423 | GT \Rightarrow (pos (pred (minus m n)))]]
424 | (neg m) \Rightarrow
427 | (pos n) \Rightarrow
428 match nat_compare m n with
429 [ LT \Rightarrow (pos (pred (minus n m)))
431 | GT \Rightarrow (neg (pred (minus m n)))]
432 | (neg n) \Rightarrow (neg (S (plus m n)))]].
434 theorem Zplus_z_O: \forall z:Z. eq Z (Zplus z OZ) z.
436 simplify.apply refl_equal.
437 simplify.apply refl_equal.
438 simplify.apply refl_equal.
441 theorem sym_Zplus : \forall x,y:Z. eq Z (Zplus x y) (Zplus y x).
442 intros.elim x.simplify.elim (sym_eq ? ? ? (Zplus_z_O y)).apply refl_equal.
443 elim y.simplify.reflexivity.
444 simplify.elim (sym_plus e e1).apply refl_equal.
445 simplify.elim (sym_eq ? ? ?(nat_compare_invert e e1)).
446 simplify.elim nat_compare e1 e.simplify.apply refl_equal.
447 simplify. apply refl_equal.
448 simplify. apply refl_equal.
449 elim y.simplify.reflexivity.
450 simplify.elim (sym_eq ? ? ?(nat_compare_invert e e1)).
451 simplify.elim nat_compare e1 e.simplify.apply refl_equal.
452 simplify. apply refl_equal.
453 simplify. apply refl_equal.
454 simplify.elim (sym_plus e1 e).apply refl_equal.
457 theorem Zpred_neg : \forall z:Z. eq Z (Zpred z) (Zplus (neg O) z).
459 simplify.apply refl_equal.
460 simplify.apply refl_equal.
461 elim e.simplify.apply refl_equal.
462 simplify.apply refl_equal.
465 theorem Zsucc_pos : \forall z:Z. eq Z (Zsucc z) (Zplus (pos O) z).
467 simplify.apply refl_equal.
468 elim e.simplify.apply refl_equal.
469 simplify.apply refl_equal.
470 simplify.apply refl_equal.
473 theorem Zplus_succ_pred_pp :
474 \forall n,m. eq Z (Zplus (pos n) (pos m)) (Zplus (Zsucc (pos n)) (Zpred (pos m))).
477 simplify.apply refl_equal.
478 simplify.apply refl_equal.
480 simplify.elim (plus_n_O ?).apply refl_equal.
481 simplify.elim (plus_n_Sm ? ?).apply refl_equal.
484 theorem Zplus_succ_pred_pn :
485 \forall n,m. eq Z (Zplus (pos n) (neg m)) (Zplus (Zsucc (pos n)) (Zpred (neg m))).
486 intros.apply refl_equal.
489 theorem Zplus_succ_pred_np :
490 \forall n,m. eq Z (Zplus (neg n) (pos m)) (Zplus (Zsucc (neg n)) (Zpred (pos m))).
493 simplify.apply refl_equal.
494 simplify.apply refl_equal.
496 simplify.apply refl_equal.
497 simplify.apply refl_equal.
500 theorem Zplus_succ_pred_nn:
501 \forall n,m. eq Z (Zplus (neg n) (neg m)) (Zplus (Zsucc (neg n)) (Zpred (neg m))).
504 simplify.apply refl_equal.
505 simplify.apply refl_equal.
507 simplify.elim (plus_n_Sm ? ?).apply refl_equal.
508 simplify.elim (sym_eq ? ? ? (plus_n_Sm ? ?)).apply refl_equal.
511 theorem Zplus_succ_pred:
512 \forall x,y. eq Z (Zplus x y) (Zplus (Zsucc x) (Zpred y)).
515 simplify.apply refl_equal.
516 simplify.apply refl_equal.
517 elim (Zsucc_pos ?).elim (sym_eq ? ? ? (Zsucc_pred ?)).apply refl_equal.
518 elim y.elim sym_Zplus ? ?.elim sym_Zplus (Zpred OZ) ?.
519 elim (Zpred_neg ?).elim (sym_eq ? ? ? (Zpred_succ ?)).
520 simplify.apply refl_equal.
521 apply Zplus_succ_pred_nn.
522 apply Zplus_succ_pred_np.
523 elim y.simplify.apply refl_equal.
524 apply Zplus_succ_pred_pn.
525 apply Zplus_succ_pred_pp.
528 theorem Zsucc_plus_pp :
529 \forall n,m. eq Z (Zplus (Zsucc (pos n)) (pos m)) (Zsucc (Zplus (pos n) (pos m))).
530 intros.apply refl_equal.
533 theorem Zsucc_plus_pn :
534 \forall n,m. eq Z (Zplus (Zsucc (pos n)) (neg m)) (Zsucc (Zplus (pos n) (neg m))).
537 (\lambda n,m. eq Z (Zplus (Zsucc (pos n)) (neg m)) (Zsucc (Zplus (pos n) (neg m)))).intro.
539 simplify. apply refl_equal.
540 elim e.simplify. apply refl_equal.
541 simplify. apply refl_equal.
543 simplify. apply refl_equal.
544 simplify.apply refl_equal.
546 elim (Zplus_succ_pred_pn ? m1).
547 elim H.apply refl_equal.
550 theorem Zsucc_plus_nn :
551 \forall n,m. eq Z (Zplus (Zsucc (neg n)) (neg m)) (Zsucc (Zplus (neg n) (neg m))).
554 (\lambda n,m. eq Z (Zplus (Zsucc (neg n)) (neg m)) (Zsucc (Zplus (neg n) (neg m)))).intro.
556 simplify. apply refl_equal.
557 elim e.simplify. apply refl_equal.
558 simplify. apply refl_equal.
560 simplify. apply refl_equal.
561 simplify.apply refl_equal.
563 elim (Zplus_succ_pred_nn ? m1).
567 theorem Zsucc_plus_np :
568 \forall n,m. eq Z (Zplus (Zsucc (neg n)) (pos m)) (Zsucc (Zplus (neg n) (pos m))).
571 (\lambda n,m. eq Z (Zplus (Zsucc (neg n)) (pos m)) (Zsucc (Zplus (neg n) (pos m)))).
573 simplify. apply refl_equal.
574 elim e.simplify. apply refl_equal.
575 simplify. apply refl_equal.
577 simplify. apply refl_equal.
578 simplify.apply refl_equal.
581 elim (Zplus_succ_pred_np ? (S m1)).
586 theorem Zsucc_plus : \forall x,y:Z. eq Z (Zplus (Zsucc x) y) (Zsucc (Zplus x y)).
587 intros.elim x.elim y.
588 simplify. apply refl_equal.
589 elim (Zsucc_pos ?).apply refl_equal.
590 simplify.apply refl_equal.
591 elim y.elim sym_Zplus ? ?.elim sym_Zplus OZ ?.simplify.apply refl_equal.
595 elim (sym_Zplus OZ ?).apply refl_equal.
600 theorem Zpred_plus : \forall x,y:Z. eq Z (Zplus (Zpred x) y) (Zpred (Zplus x y)).
602 cut eq Z (Zpred (Zplus x y)) (Zpred (Zplus (Zsucc (Zpred x)) y)).
603 elim (sym_eq ? ? ? Hcut).
604 elim (sym_eq ? ? ? (Zsucc_plus ? ?)).
605 elim (sym_eq ? ? ? (Zpred_succ ?)).
607 elim (sym_eq ? ? ? (Zsucc_pred ?)).
611 theorem assoc_Zplus :
612 \forall x,y,z:Z. eq Z (Zplus x (Zplus y z)) (Zplus (Zplus x y) z).
613 intros.elim x.simplify.apply refl_equal.
614 elim e.elim (Zpred_neg (Zplus y z)).
616 elim (Zpred_plus ? ?).
618 elim (sym_eq ? ? ? (Zpred_plus (neg e1) ?)).
619 elim (sym_eq ? ? ? (Zpred_plus (neg e1) ?)).
620 elim (sym_eq ? ? ? (Zpred_plus (Zplus (neg e1) y) ?)).
621 apply f_equal.assumption.
622 elim e.elim (Zsucc_pos ?).
624 apply (sym_eq ? ? ? (Zsucc_plus ? ?)) .
625 elim (sym_eq ? ? ? (Zsucc_plus (pos e1) ?)).
626 elim (sym_eq ? ? ? (Zsucc_plus (pos e1) ?)).
627 elim (sym_eq ? ? ? (Zsucc_plus (Zplus (pos e1) y) ?)).
628 apply f_equal.assumption.