(** *** Exercise coq_tree_01 *)

Exercise coq_tree_01

 (** Let us define binary tree of natural numbers. Such a tree is either a leaf, or an internal node with some natural number and two subtrees. *)
Let us define binary tree of natural numbers. Such a tree is either a leaf, or an internal node with some natural number and two subtrees.
Inductive nat_tree : Set := | leaf : nat_tree | node : nat_tree -> nat -> nat_tree -> nat_tree.nat_tree is defined nat_tree_rect is defined nat_tree_ind is defined nat_tree_rec is defined

Inductive nat_tree : Set :=
  | leaf : nat_tree
  | node : nat_tree -> nat -> nat_tree -> nat_tree.
(** Now let us define the 'In n T' predicate that returns a proposition indicating whether a tree 'T' contains a natural number 'n' *)
Now let us define the 'In n T' predicate that returns a proposition indicating whether a tree 'T' contains a natural number 'n'
Fixpoint In (n : nat) (T : nat_tree) {struct T} : Prop := match T with | leaf => False | node l v r => In n l \/ v = n \/ In n r end.In is recursively defined (decreasing on 2nd argument)

Fixpoint In (n : nat) (T : nat_tree) {struct T} : Prop :=
  match T with
  | leaf => False
  | node l v r => In n l \/ v = n \/ In n r
  end.
(** Now let us prove that if an element 'n' belongs to the tree with "root" b and "leaf" a then 'n' either equals 'a' or 'b'. *)

Now let us prove that if an element 'n' belongs to the tree with "root" b and "leaf" a then 'n' either equals 'a' or 'b'.
Lemma tree2_In : forall n a b, In n (node (node leaf a leaf) b leaf) -> n = a \/ n = b.1 subgoal ============================ forall n a b : nat, In n (node (node leaf a leaf) b leaf) -> n = a \/ n = b

Lemma tree2_In : forall n a b,
  In n (node (node leaf a leaf) b leaf) ->
  n = a \/ n = b.
Proof.


Proof.
(** Here is the ultra short proof script: [Note that these script are often constructed after having first constructed a longer one!] *)
Here is the ultra short proof script: Note that these script are often constructed after having first constructed a longer one!
intros n a b [[H1 | [H2 | H3]] | [H4 |H5]]; try contradiction;auto.Proof completed.

intros n a b [[H1 | [H2 | H3]] | [H4 |H5]]; try contradiction;auto.
(** Some comments: - ; composes two tactics T1;T2 means that T2 is applied to _all_ subgoals that are generated by T1 - "try T" tries tactic "T1" on the goal and does nothing if "T1" fails this is different from just "T1", because T1 may fail, but "try T1" never fails - "auto" solves quite a few goals by itself. - "intros [[H1 | [H2 | H3]] | [H4 |H5]]" does an intro _and_ a destruct Basically: if the goal is forall "h:A, B" and "A" is an inductive type with two constructors, -- you can type "intros h; elim h; intro H1 " etc (later: "intro H2") -- you can type "intros h; destruct h as [H1 | H2]" etc -- you can type "intros [H1 | H2]" The latter is what I am doing here, taking full advantage of the unfolded shape of "In n (node (node leaf a leaf) b leaf)". - The clue of the exercise is a bit hidden in my script, because "intros" does the unfolding of the definition of In (and the computation) by itself *)
Some comments:
  • ; composes two tactics T1;T2 means that T2 is applied to _all_ subgoals that are generated by T1
  • "try T" tries tactic "T1" on the goal and does nothing if "T1" fails this is different from just "T1", because T1 may fail, but "try T1" never fails
  • "auto" solves quite a few goals by itself.
  • "intros [H1 | [H2 | H3]] | [H4 |H5]" does an intro _and_ a destruct Basically: if the goal is forall "h:A, B" and "A" is an inductive type with two constructors,
    • you can type "intros h; elim h; intro H1 " etc (later: "intro H2")
    • you can type "intros h; destruct h as H1 | H2" etc
    • you can type "intros H1 | H2" The latter is what I am doing here, taking full advantage of the unfolded shape of "In n (node (node leaf a leaf) b leaf)".
  • The clue of the exercise is a bit hidden in my script, because "intros" does the unfolding of the definition of In (and the computation) by itself
Qed.tree2_In is defined

Qed.
Lemma tree2_In' : forall n a b, In n (node (node leaf a leaf) b leaf) -> n = a \/ n = b.1 subgoal ============================ forall n a b : nat, In n (node (node leaf a leaf) b leaf) -> n = a \/ n = b

Lemma tree2_In' : forall n a b,
  In n (node (node leaf a leaf) b leaf) ->
  n = a \/ n = b.
Proof.


Proof.
(** Here is the longer proof script that I had first created *)
Here is the longer proof script that I had first created
intros n a b H.1 subgoal n : nat a : nat b : nat H : In n (node (node leaf a leaf) b leaf) ============================ n = a \/ n = b

intros n a b H.
simpl in H.1 subgoal n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False ============================ n = a \/ n = b

simpl in H.
(** This unfolds the definition of In and therefore computes the normal form of the type of H *)
This unfolds the definition of In and therefore computes the normal form of the type of H
elim H.2 subgoals n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False ============================ False \/ a = n \/ False -> n = a \/ n = b subgoal 2 is: b = n \/ False -> n = a \/ n = b

elim H.
intro H1.2 subgoals n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False H1 : False \/ a = n \/ False ============================ n = a \/ n = b subgoal 2 is: b = n \/ False -> n = a \/ n = b

intro H1.
elim H1.3 subgoals n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False H1 : False \/ a = n \/ False ============================ False -> n = a \/ n = b subgoal 2 is: a = n \/ False -> n = a \/ n = b subgoal 3 is: b = n \/ False -> n = a \/ n = b

elim H1.
intro H2.3 subgoals n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False H1 : False \/ a = n \/ False H2 : False ============================ n = a \/ n = b subgoal 2 is: a = n \/ False -> n = a \/ n = b subgoal 3 is: b = n \/ False -> n = a \/ n = b

intro H2.
contradiction.2 subgoals n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False H1 : False \/ a = n \/ False ============================ a = n \/ False -> n = a \/ n = b subgoal 2 is: b = n \/ False -> n = a \/ n = b

contradiction.
intro H3.2 subgoals n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False H1 : False \/ a = n \/ False H3 : a = n \/ False ============================ n = a \/ n = b subgoal 2 is: b = n \/ False -> n = a \/ n = b

intro H3.
elim H3.3 subgoals n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False H1 : False \/ a = n \/ False H3 : a = n \/ False ============================ a = n -> n = a \/ n = b subgoal 2 is: False -> n = a \/ n = b subgoal 3 is: b = n \/ False -> n = a \/ n = b

elim H3.
intro H4; left; symmetry; assumption.2 subgoals n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False H1 : False \/ a = n \/ False H3 : a = n \/ False ============================ False -> n = a \/ n = b subgoal 2 is: b = n \/ False -> n = a \/ n = b

intro H4; left; symmetry; assumption.
intro H5;contradiction.1 subgoal n : nat a : nat b : nat H : (False \/ a = n \/ False) \/ b = n \/ False ============================ b = n \/ False -> n = a \/ n = b

intro H5;contradiction.
(** Now I am glueing things together a bit: *)
Now I am glueing things together a bit:
intro H6; elim H6; try contradiction; try (right; symmetry; assumption).Proof completed.

intro H6; elim H6; try contradiction; try (right; symmetry; assumption).
Qed.tree2_In' is defined

Qed.