Built with Alectryon, running Coq+SerAPI v8.10.0+0.7.0. Coq sources are in this panel; goals and messages will appear in the other. Bubbles () indicate interactive fragments: hover for details, tap to reveal contents. Use Ctrl+↑ Ctrl+↓ to navigate, Ctrl+🖱️ to focus.
(************************************************************************) (* * The Coq Proof Assistant / The Coq Development Team *) (* v * INRIA, CNRS and contributors - Copyright 1999-2018 *) (* <O___,, * (see CREDITS file for the list of authors) *) (* \VV/ **************************************************************) (* // * This file is distributed under the terms of the *) (* * GNU Lesser General Public License Version 2.1 *) (* * (see LICENSE file for the text of the license) *) (************************************************************************) Require Import Setoid Morphisms Basics Equalities Orders. Set Implicit Arguments.
This tactic is designed to solve systems of (in)equations
involving eq, lt, le and ¬eq on some type. This tactic is
domain-agnostic; it will only use equivalence+order axioms, and
not analyze elements of the domain. Hypothesis or goal of the form
¬lt or ¬le are initially turned into le and lt, other
parts of the goal are ignored. This initial preparation of the
goal is the only moment where totality is used. In particular,
the core of the tactic only proceeds by saturation of transitivity
and similar properties, and does not perform case splitting.
The tactic will fail if it doesn't solve the goal.
An abstract vision of the predicates. This allows a one-line
statement for interesting transitivity properties: for instance
trans_ord OLE OLE = OLE will imply later
le x y → le y z → le x z.
Inductive ord : Set := OEQ | OLT | OLE. Definition trans_ord o o' := match o, o' with | OEQ, _ => o' | _, OEQ => o | OLE, OLE => OLE | _, _ => OLT end. Local Infix "+" := trans_ord.
The tactic requirements : a total order
- an equivalence eq,
- a strict order lt total and compatible with eq,
- a larger order le synonym for lt∨eq.
Module Type IsTotalOrder (O:EqLtLe) :=
IsEq O <+ IsStrOrder O <+ LeIsLtEq O <+ LtIsTotal O.Module OrderFacts (Import O:EqLtLe)(P:IsTotalOrder O). Include EqLtLeNotation O.
Reflexivity rules
forall x : t, x == xreflexivity. Qed.forall x : t, x == xforall x : t, x <= xintros; rewrite P.le_lteq; right; reflexivity. Qed.forall x : t, x <= xforall x : t, ~ x < xforall x : t, ~ x < xapply StrictOrder_Irreflexive. Qed.x:t~ x < x
Symmetry rules
forall x y : t, x == y -> y == xauto with *. Qed.forall x y : t, x == y -> y == xforall x y : t, x <= y -> y <= x -> x == yforall x y : t, x <= y -> y <= x -> x == yx, y:tx < y \/ x == y -> y < x \/ y == x -> x == yelim (StrictOrder_Irreflexive x); transitivity y; auto. Qed.x, y:tH1:x < yH:y < xx == yforall x y : t, x ~= y -> y ~= xauto using eq_sym. Qed.forall x y : t, x ~= y -> y ~= x
Transitivity rules : first, a generic formulation, then instances
Ltac subst_eqns := match goal with | H : _==_ |- _ => (rewrite H || rewrite <- H); clear H; subst_eqns | _ => idtac end. Definition interp_ord o := match o with OEQ => O.eq | OLT => O.lt | OLE => O.le end. Local Notation "#" := interp_ord.forall (o o' : ord) (x y z : t), # o x y -> # o' y z -> # (o + o') x zdestruct o, o'; simpl; intros x y z; rewrite ?P.le_lteq; intuition auto; subst_eqns; eauto using (StrictOrder_Transitive x y z) with *. Qed. Definition eq_trans x y z : x==y -> y==z -> x==z := @trans OEQ OEQ x y z. Definition le_trans x y z : x<=y -> y<=z -> x<=z := @trans OLE OLE x y z. Definition lt_trans x y z : x<y -> y<z -> x<z := @trans OLT OLT x y z. Definition le_lt_trans x y z : x<=y -> y<z -> x<z := @trans OLE OLT x y z. Definition lt_le_trans x y z : x<y -> y<=z -> x<z := @trans OLT OLE x y z. Definition eq_lt x y z : x==y -> y<z -> x<z := @trans OEQ OLT x y z. Definition lt_eq x y z : x<y -> y==z -> x<z := @trans OLT OEQ x y z. Definition eq_le x y z : x==y -> y<=z -> x<=z := @trans OEQ OLE x y z. Definition le_eq x y z : x<=y -> y==z -> x<=z := @trans OLE OEQ x y z.forall (o o' : ord) (x y z : t), # o x y -> # o' y z -> # (o + o') x zforall x y z : t, x == y -> y ~= z -> x ~= zeauto using eq_trans, eq_sym. Qed.forall x y z : t, x == y -> y ~= z -> x ~= zforall x y z : t, x ~= y -> y == z -> x ~= zeauto using eq_trans, eq_sym. Qed.forall x y z : t, x ~= y -> y == z -> x ~= z
(double) negation rules
forall x y : t, ~ x ~= y -> x == yforall x y : t, ~ x ~= y -> x == ydestruct (P.lt_total x y) as [H'|[H'|H']]; auto; destruct H; intro H; rewrite H in H'; eapply lt_irrefl; eauto. Qed.x, y:tH:~ x ~= yx == yforall x y : t, ~ y <= x -> x < yforall x y : t, ~ y <= x -> x < yx, y:tH:~ y <= xx < yx, y:tH:~ y <= xH0:x == y \/ y < xx < yx, y:tH0:x == y \/ y < xy <= xintuition. Qed.x, y:tH0:x == y \/ y < xy < x \/ y == xforall x y : t, ~ y < x -> x <= yforall x y : t, ~ y < x -> x <= yx, y:tH:~ y < xx <= ygeneralize (P.lt_total x y); intuition. Qed.x, y:tH:~ y < xx < y \/ x == yforall x y : t, x <= y -> x ~= y -> x < yauto using not_ge_lt, le_antisym. Qed. End OrderFacts.forall x y : t, x <= y -> x ~= y -> x < y
Module MakeOrderTac (Import O:EqLtLe)(P:IsTotalOrder O). Include OrderFacts O P. Include EqLtLeNotation O.
order_eq : replace x by y in all (in)equations hyps thanks
to equality EQ (where eq has been hidden in order to avoid
self-rewriting), then discard EQ.
Ltac order_rewr x eqn := (* NB: we could use the real rewrite here, but proofs would be uglier. *) let rewr H t := generalize t; clear H; intro H in match goal with | H : x == _ |- _ => rewr H (eq_trans (eq_sym eqn) H); order_rewr x eqn | H : _ == x |- _ => rewr H (eq_trans H eqn); order_rewr x eqn | H : ~x == _ |- _ => rewr H (eq_neq (eq_sym eqn) H); order_rewr x eqn | H : ~_ == x |- _ => rewr H (neq_eq H eqn); order_rewr x eqn | H : x < _ |- _ => rewr H (eq_lt (eq_sym eqn) H); order_rewr x eqn | H : _ < x |- _ => rewr H (lt_eq H eqn); order_rewr x eqn | H : x <= _ |- _ => rewr H (eq_le (eq_sym eqn) H); order_rewr x eqn | H : _ <= x |- _ => rewr H (le_eq H eqn); order_rewr x eqn | _ => clear eqn end. Ltac order_eq x y eqn := match x with | y => clear eqn | _ => change (interp_ord OEQ x y) in eqn; order_rewr x eqn end.
Goal preparation : We turn all negative hyps into positive ones
and try to prove False from the inverse of the current goal.
These steps require totality of our order. After this preparation,
order only deals with the context, and tries to prove False.
Hypotheses of the form A → False are also folded in ¬A
for convenience (i.e. cope with the mess left by intuition).
Ltac order_prepare :=
match goal with
| H : ?A -> False |- _ => change (~A) in H; order_prepare
| H : ~(?R ?x ?y) |- _ =>
match R with
| eq => fail 1 (* if already using [eq], we leave it this ways *)
| _ => (change (~x==y) in H ||
apply not_gt_le in H ||
apply not_ge_lt in H ||
clear H || fail 1); order_prepare
end
| H : ?R ?x ?y |- _ =>
match R with
| eq => fail 1
| lt => fail 1
| le => fail 1
| _ => (change (x==y) in H ||
change (x<y) in H ||
change (x<=y) in H ||
clear H || fail 1); order_prepare
end
| |- ~ _ => intro; order_prepare
| |- _ ?x ?x =>
exact (eq_refl x) || exact (le_refl x) || exfalso
| _ =>
(apply not_neq_eq; intro) ||
(apply not_ge_lt; intro) ||
(apply not_gt_le; intro) || exfalso
end.
We now try to prove False from the various < ≤ == != hypothesis
Ltac order_loop :=
match goal with
(* First, successful situations *)
| H : ?x < ?x |- _ => exact (lt_irrefl H)
| H : ~ ?x == ?x |- _ => exact (H (eq_refl x))
(* Second, useless hyps *)
| H : ?x <= ?x |- _ => clear H; order_loop
(* Third, we eliminate equalities *)
| H : ?x == ?y |- _ => order_eq x y H; order_loop
(* Simultaneous le and ge is eq *)
| H1 : ?x <= ?y, H2 : ?y <= ?x |- _ =>
generalize (le_antisym H1 H2); clear H1 H2; intro; order_loop
(* Simultaneous le and ~eq is lt *)
| H1: ?x <= ?y, H2: ~ ?x == ?y |- _ =>
generalize (le_neq_lt H1 H2); clear H1 H2; intro; order_loop
| H1: ?x <= ?y, H2: ~ ?y == ?x |- _ =>
generalize (le_neq_lt H1 (neq_sym H2)); clear H1 H2; intro; order_loop
(* Transitivity of lt and le *)
| H1 : ?x < ?y, H2 : ?y < ?z |- _ =>
match goal with
| H : x < z |- _ => fail 1
| _ => generalize (lt_trans H1 H2); intro; order_loop
end
| H1 : ?x <= ?y, H2 : ?y < ?z |- _ =>
match goal with
| H : x < z |- _ => fail 1
| _ => generalize (le_lt_trans H1 H2); intro; order_loop
end
| H1 : ?x < ?y, H2 : ?y <= ?z |- _ =>
match goal with
| H : x < z |- _ => fail 1
| _ => generalize (lt_le_trans H1 H2); intro; order_loop
end
| H1 : ?x <= ?y, H2 : ?y <= ?z |- _ =>
match goal with
| H : x <= z |- _ => fail 1
| _ => generalize (le_trans H1 H2); intro; order_loop
end
| _ => idtac
end.
The complete tactic.
Ltac order := intros; order_prepare; order_loop; fail "Order tactic unsuccessful". End MakeOrderTac. Module OTF_to_OrderTac (OTF:OrderedTypeFull). Module TO := OTF_to_TotalOrder OTF. Include !MakeOrderTac OTF TO. End OTF_to_OrderTac. Module OT_to_OrderTac (OT:OrderedType). Module OTF := OT_to_Full OT. Include !OTF_to_OrderTac OTF. End OT_to_OrderTac.