证明`对于所有x x x Y，水下（x:：x）Y->；水下xs ys`in Coq

我有以下定义

Inductive subseq : list nat -> list nat -> Prop :=
| empty_subseq : subseq [] []
| add_right : forall y xs ys, subseq xs ys -> subseq xs (y::ys)
| add_both : forall x y xs ys, subseq xs ys -> subseq (x::xs) (y::ys)
.

利用这个，我想证明下面的引理

Lemma del_l_preserves_subseq : forall x xs ys, subseq (x :: xs) ys -> subseq xs ys.

因此，我尝试通过执行

析构函数H

来查看

subseq（x:：xs）ys

的证明

Proof.
  intros. induction H.

为什么第一个子目标要求我证明

subseq xs[]

？

destruct

策略难道不应该知道证明不能是

empty\u subseq

的形式，因为类型包含

x:：xs

而不是

[]

一般来说，我如何证明我试图证明的引理

析构函数策略不应该知道证明不能是empty_subseq形式，因为该类型包含x:：xs而不是[]吗

事实上，

destruct

并不知道那么多。它只是将

x:：xs

和

xs

替换为

[]

和

[]

在

空的情况下。特别是，这经常导致上下文中的信息丢失。更好的选择：


使用
inversion
而不是
destruct

使用
记住
确保
subseq
的两个类型索引都是
析构函数
之前的变量。（
记住（x：：xs）在H中是xxs。
）这种更明确的目标管理也适用于
归纳法

李耀的回答实际上很有用。这是引理的一个证明

Lemma del_l_preserves_subseq : forall x xs ys, subseq (x :: xs) ys -> subseq xs ys.
Proof.
  intros x xs ys.
  induction ys as [|y ys'].
  - intros. inversion H. (* Inversion will detect that no constructor matches the type of H *)
  - intros. inversion H. (* Inversion will automatically discharge the first case *)
    + (* When [subseq (x :: xs) ys'] holds *)
      apply IHys' in H2. now apply add_right.
    + (* When [subseq xs ys'] holds *)
      now apply add_right.
Qed

Lemma del_l_preserves_subseq : forall x xs ys, subseq (x :: xs) ys -> subseq xs ys.
Proof.
  intros x xs ys.
  induction ys as [|y ys'].
  - intros. inversion H. (* Inversion will detect that no constructor matches the type of H *)
  - intros. inversion H. (* Inversion will automatically discharge the first case *)
    + (* When [subseq (x :: xs) ys'] holds *)
      apply IHys' in H2. now apply add_right.
    + (* When [subseq xs ys'] holds *)
      now apply add_right.
Qed