coq-club AT inria.fr
Subject: The Coq mailing list
List archive
- From: Matt Quinn <matt AT mattjquinn.com>
- To: "Coq-Club Club" <coq-club AT inria.fr>
- Subject: [Coq-Club] Proof Involving Arith in Both Z and Nat
- Date: Fri, 30 Nov 2018 22:11:40 -0800
- Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=matt AT mattjquinn.com; spf=Pass smtp.mailfrom=matt AT mattjquinn.com; spf=Pass smtp.helo=postmaster AT wout2-smtp.messagingengine.com
- Ironport-phdr: 9a23:XE3jixZJVJPL3nHu0Jbiooz/LSx+4OfEezUN459isYplN5qZoMm/bnLW6fgltlLVR4KTs6sC17KG9fi4EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCa+bL9oMBm6sRjau9ULj4dlNqs/0AbCrGFSe+RRy2NoJFaTkAj568yt4pNt8Dletuw4+cJYXqr0Y6o3TbpDDDQ7KG81/9HktQPCTQSU+HQRVHgdnwdSDAjE6BH6WYrxsjf/u+Fg1iSWIdH6QLYpUjm58axlVAHnhzsGNz4h8WHYlMpwjL5AoBm8oxBz2pPYbJ2JOPZ7eK7WYNEUSndbXstJVCJPAp2yYIQAAeUdOuhWoZTzqkASrRa8HwSgGPnixiNKi3LwwKY00/4hEQbD3AE4GNwBqmjUrMnoP6kJTOC1za/IzTPeZP5R3Dfy8pTIcgw6rPGJR71wbdbRyUs2FwPYj1WQr4rlMymJ2eQKtmiW9uxtXv+shW4/swx8ozeiyt0xhoTGhI8Z0E3I+Tt3zYovO9G1SEh2asO+HpRKrSGVLY52T9siQ252vCY6zaULuJC8fCgX1JQr2QfTa+eCc4iU+hLvTuORLiljhHJ+Yr2/iBey8U6vyuLiUMm031dKrixbndXWqn8N0BnT5tCGSvt74EihxS6C2gHc5+1ePEw5mqjWJ4Q8zrIumJcfq1rPEy/ulEXzlqCWd0Ek+uay6+TgZ7XrvpqcOJVoigHiKakun9awAfgkMggMRmib5OW81Lvl/UHjXLpKifg2nrHDsJ/GPcQburK5AwhN34k/7Ba/Fi6q38gcnXkaN11IYwmHjojsO1HWOv/0F/a/g1K2kDdq3f/KJLPhAo+eZkTExf3Keq84wEpBwkIYyc1VrdoAAbYYZfn3R0XZtdrCDxZ/PRbikMj9D9Ao84oCRSq2H66fNuuGtFaU+soqKvWQZpYIuTD7bfMi4qi93jcChVYBcPzxjtMsY3eiE6Ejeh3BOCu+spI6CW4P+zEGYqnvgVyGXyRUYi/sDac1+i05EZ+nC4GFTYeo0uXYgHWLW6ZOb2UDMWiiVG/yftzaCfIFdD6QO9JglDpCXr+kGdd4iEOe8TTiwr8iFdL6vy0VsZW4jopq4PDPz1Qp8CBsScGQyHqEQGBykW4OSD4w0eZ0pkkvk1o=
Hello all,
I would appreciate some advice on a proof I'm stuck on involving both
naturals and integers. I have defined this Record with t and r represented in
Z:
Record netstate := NetState {t : Z; r : Z; c1 : channel; c2 : channel}.
And I can successfully prove this lemma stating that t and r are always >= 0
in the context of a simple evaluation relation:
Definition safety1 (st' : netstate) : Prop := st'.(t) >= 0 /\ st'.(r) >= 0.
Lemma safety1_holds: forall st st' : netstate, (netEvalR st st') -> safety1
st'.
However, when I attempt to prove another lemma stating that t, r, and the
length of both channels always sums to 10:
Definition safety2 (st' : netstate) : Prop :=
List.length st'.(c1) + List.length st'.(c2) + st'.(t) + st'.(r) = 10.
Lemma safety2_holds : forall st st' : netstate, (netEvalR st st') -> safety2
st'.
I of course cannot proceed because list lengths are naturals, while t and r
are in Z.
I can prove safety2_holds if I represent t and r as nat instead of Z, but I
want to keep them in Z. What then is the best way to proceed? Should I use
Z.of_nat on the list lengths or Z.to_nat on variables t and r? I've played
with both paths but don't see a clear way forward through the subsequent
match case destructions. Or is there some corollary I should set up given
that I've already proven that t and r are always effectively natural
themselves?
Matt
- [Coq-Club] Proof Involving Arith in Both Z and Nat, Matt Quinn, 12/01/2018
- RE: [Coq-Club] Proof Involving Arith in Both Z and Nat, Soegtrop, Michael, 12/01/2018
- Re: [Coq-Club] Proof Involving Arith in Both Z and Nat, Matt Quinn, 12/02/2018
- RE: [Coq-Club] Proof Involving Arith in Both Z and Nat, Soegtrop, Michael, 12/01/2018
Archive powered by MHonArc 2.6.18.