Skip to Content.
Sympa Menu

coq-club - [Coq-Club] Functions and equations

coq-club AT inria.fr

Subject: The Coq mailing list

List archive

[Coq-Club] Functions and equations


Chronological Thread 
    < Chronological >      < Thread >
  • From: Sylvain Salvati <sylvain.salvati AT univ-lille.fr>
  • To: coq-club <coq-club AT inria.fr>
  • Subject: [Coq-Club] Functions and equations
  • Date: Thu, 02 Feb 2023 22:32:40 +0100
  • Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=sylvain.salvati AT univ-lille.fr; spf=Pass smtp.mailfrom=sylvain.salvati AT univ-lille.fr; spf=None smtp.helo=postmaster AT smtp-out-2.univ-lille.fr
  • Ironport-sdr: 63dc2ed3_r/sI6RrUwkfgIGVZPZf+yolMNbWoLBqkVVrtf3O1nmRrFCG muKMXTZ2FPpHH7EAmdpdUC5CZcJhglhQizsat2g==
Dear Coq-Club,

I have been trying the Equations module to define and prove simple
algorithms. When defining division by substraction, I have stumbled into
a difficulty (see code below). While with a definition based on
Function, the statement to prove termination uses the assumption that a
<? b = false, it is not the case with the Equation based definition. It
is a pity as it is then impossible to prove termination. I am wondering
whether there is some way to have Equations behave similarly to
Function.

Cheers,

S.



Require Import Arith FunInd Recdef.
From Equations Require Import Equations.

Function division (a b: nat) (p: 0 < b) {measure id a}: (nat*nat) :=
if a <? b
then (0,a)
else
let (q,r) := division (a - b) b p in
(S q,r).
Proof.
intros a b p_pos eq_test.
apply Nat.sub_lt ; trivial.
now rewrite Nat.ltb_ge in eq_test.
Defined.


Equations division (a b : nat) (p: 0 < b) : (nat*nat)%type by wf a lt :=
division a b p with a <? b => {
| true => (0,a)
| false => let (q,r) := division (a - b) b p in
(S q,r)
}.
Next Obligation.

Archive powered by MHonArc 2.6.19+.

Top of Page