X-Git-Url: http://matita.cs.unibo.it/gitweb/?a=blobdiff_plain;f=helm%2Fsoftware%2Fmatita%2Ftests%2Fdecl.ma;h=569a2f8ffa12cf96d24d095c7062c294b26f7ec0;hb=5649890273cf8e660bba744e84ce5fee1e5efe69;hp=e2035d182a11bc87a7bc308e5b4ab18a52ff9cd7;hpb=bd277786d78d49594b3ada1c3c9c28cba5dc03b9;p=helm.git diff --git a/helm/software/matita/tests/decl.ma b/helm/software/matita/tests/decl.ma index e2035d182..569a2f8ff 100644 --- a/helm/software/matita/tests/decl.ma +++ b/helm/software/matita/tests/decl.ma @@ -12,7 +12,7 @@ (* *) (**************************************************************************) -set "baseuri" "cic:/matita/test/decl". + include "nat/times.ma". include "nat/orders.ma". @@ -72,16 +72,49 @@ theorem easy2: ∀n,m. n * m = O → n = O ∨ m = O. ] qed. +theorem easy15: ∀n,m. n * m = O → n = O ∨ m = O. + assume n: nat. + assume m: nat. + (* base case *) + by _ we proved (O = O) (trivial). + by _ we proved (O = O ∨ m = O) (trivial2). + by _ we proved (O*m=O → O=O ∨ m=O) (base_case). + (* inductive case *) + we need to prove + (∀n1. (n1 * m = O → n1 = O ∨ m = O) → (S n1) * m = O → (S n1) = O ∨ m = O) + (inductive_case). + assume n1: nat. + suppose (n1 * m = O → n1 = O ∨ m = O) (inductive_hyp). + (* base case *) + by _ we proved (S n1 = O ∨ O = O) (pre_base_case2). + by _ we proved (S n1*O = O → S n1 = O ∨ O = O) (base_case2). + (* inductive case *) + we need to prove + (∀m1. (S n1 * m1 = O → S n1 = O ∨ m1 = O) → + (S n1 * S m1 = O → S n1 = O ∨ S m1 = O)) (inductive_hyp2). + assume m1: nat. + suppose (S n1 * m1 = O → S n1 = O ∨ m1 = O) (useless). + suppose (S n1 * S m1 = O) (absurd_hyp). + simplify in absurd_hyp. + by _ we proved (O = S (m1+n1*S m1)) (absurd_hyp'). + (* BUG: automation failure *) + by (not_eq_O_S ? absurd_hyp') we proved False (the_absurd). + (* BUG: automation failure *) + by (False_ind ? the_absurd) + done. + (* the induction *) + by (nat_ind (λm.S n1 * m = O → S n1 = O ∨ m = O) base_case2 inductive_hyp2 m) + done. + (* the induction *) + by (nat_ind (λn.n*m=O → n=O ∨ m=O) base_case inductive_case n) +done. +qed. theorem easy3: ∀A:Prop. (A ∧ ∃n:nat.n ≠ n) → True. assume P: Prop. suppose (P ∧ ∃m:nat.m ≠ m) (H). by H we have P (H1) and (∃x:nat.x≠x) (H2). - (*BUG: by H2 let q:nat such that (q ≠ q) (Ineq). - *) - (* the next line is wrong, but for the moment it does the job *) - by H2 let q:nat such that False (Ineq). by I done. qed. @@ -92,8 +125,78 @@ assume p:nat. suppose (n=m) (H). suppose (S m = S p) (K). suppose (n = S p) (L). -obtain (S n) = (S m) by (eq_f ? ? ? ? ? H). +conclude (S n) = (S m) by H. = (S p) by K. - = n by (sym_eq ? ? ? L) + = n by L +done. +qed. + +theorem easy45: ∀n,m,p. n = m → S m = S p → n = S p → S n = n. +assume n: nat. +assume m:nat. +assume p:nat. +suppose (n=m) (H). +suppose (S m = S p) (K). +suppose (n = S p) (L). +conclude (S n) = (S m). + = (S p). + = n done. qed. + +theorem easy5: ∀n:nat. n*O=O. +assume n: nat. +(* Bug here: False should be n*0=0 *) +we proceed by induction on n to prove False. + case O. + the thesis becomes (O*O=O). + by (refl_eq ? O) done. + case S (m:nat). + by induction hypothesis we know (m*O=O) (I). + the thesis becomes (S m * O = O). + (* Bug here: missing that is equivalent to *) + simplify. + by I done. +qed. + +inductive tree : Type ≝ + Empty: tree + | Node: tree → tree → tree. + +let rec size t ≝ + match t with + [ Empty ⇒ O + | (Node t1 t2) ⇒ S ((size t1) + (size t2)) + ]. + +theorem easy6: ∀t. O ≮ O → O < size t → t ≠ Empty. + assume t: tree. + suppose (O ≮ O) (trivial). + (*Bug here: False should be something else *) + we proceed by induction on t to prove False. + case Empty. + the thesis becomes (O < size Empty → Empty ≠ Empty). + suppose (O < size Empty) (absurd) + that is equivalent to (O < O). + (* Here the "natural" language is not natural at all *) + we proceed by induction on (trivial absurd) to prove False. + (*Bug here: this is what we want + case Node (t1:tree) (t2:tree). + by induction hypothesis we know (O < size t1 → t1 ≠ Empty) (Ht1). + by induction hypothesis we know (O < size t2 → t2 ≠ Empty) (Ht2). *) + (*This is the best we can do right now*) + case Node. + assume t1: tree. + by induction hypothesis we know (O < size t1 → t1 ≠ Empty) (Ht1). + assume t2: tree. + by induction hypothesis we know (O < size t2 → t2 ≠ Empty) (Ht2). + suppose (O < size (Node t1 t2)) (useless). + we need to prove (Node t1 t2 ≠ Empty) (final) + or equivalently (Node t1 t2 = Empty → False). + suppose (Node t1 t2 = Empty) (absurd). + (* Discriminate should really generate a theorem to be useful with + declarative tactics *) + destruct absurd. + by final + done. +qed.