我对自然数有相同的定义:
Fixpoint equal_nat (n m : nat) : bool :=
match n, m with
| O, O => true
| O, S _ => false
| S _, O => false
| S n1, S n2 => equal_nat n1 n2
end.
(这几乎是标准定义)
我试图证明以下命题:
Proposition equal_nat_correct :
forall a b : nat, a = b <-> equal_nat a b = true.
我可以做证明的前半部分,而不是另一部分...你能给我一个提示吗?以下是我到目前为止所做的事情:
Proof.
intros.
split.
(* => *)
destruct a.
destruct b.
reflexivity.
discriminate.
intros. destruct H. simpl.
induction a. reflexivity.
simpl. assumption.
(* <= *)
(* ? *)
Qed.
感谢。
修改:
这是完整的证据(但可能不是最佳的):
Proposition equal_nat_correct :
forall a b : nat, a = b <-> equal_nat a b = true.
Proof.
split.
(* => *)
revert b.
induction a as [ | a hi]; intros [ | b ]; simpl in *; intuition.
discriminate.
discriminate.
(* <= *)
revert b.
induction a.
intros.
induction b.
reflexivity.
discriminate.
intros [ | b]; simpl in *; intuition.
discriminate.
Qed.
答案 0 :(得分:2)
这两半的想法是induction,但在执行之前你必须要小心你的上下文。在您的特定情况下,您不应该立即引入b。以下是我上半场的表现:
intros.
split.
revert b. (* puts b back into the goal, so that it is generalized correctly by induction *)
induction a as [ | a hi ]. (* this just gives explicit names to the term newly created by induction *)
intro [ | b ]. (* this is equalivalent to intro b. destruct b as [ | b ]. *)
intros; simpl; reflexivity.
intros; discriminate.
intro [ | b ].
intros; discriminate.
intros h; injection h; intros h2.
simpl; apply hi; assumption
简短版本将是:
intros.
split.
revert b.
induction a as [ | a hi]; intros [ | b ]; simpl in *; intuition.
discriminate.
discriminate.
遵循相同的模式(不要忘记在目标中概括b),你应该可以进行证明的后半部分。