2 subgoals
x, y : nat
H : x + 0 = y + 0
but after that I don't know how to to get rid of 0 in H.
It's true that on paper you would simply conclude because x + 0 = x. Well, in Coq you have to prove it because addition is left-biased (it computes by looking up its first argument).
I would suggest proving first that
forall n, n + 0 = n
I would go with something like this:
Theorem ex9: forall x y n, x + n = y + n -> x = y.
Proof.
intros.
induction n as [| n' IH].
- rewrite add_0_r in H. (* replace x + 0 with x *)
rewrite add_0_r in H. (* replace y + 0 with y *)
assumption.
- apply IH. (* replace x=y with x+n' = y+n' *)
rewrite <- plus_n_Sm in H. (* replace x + S n' with S (x + n') *)
rewrite <- plus_n_Sm in H. (* replace y + S n' with S (y + n') *)
apply S_injective in H. (* drop both S constructors *)
assumption.
Qed.
Related
Theorem add_0_r : forall n:nat, n + 0 = n.
Proof.
intros n. induction n as [| n' IHn'].
- (* n = 0 *) reflexivity.
- (* n = S n' *) simpl. rewrite -> IHn'. reflexivity. Qed.
Theorem plus_n_Sm : forall n m : nat,
S (n + m) = n + (S m).
Proof.
intros n m. induction m as [| m' IHn']. rewrite -> add_0_r. rewrite <- sum.
The last tactic rewirte <- sum does not work. This is the goal:
n: ℕ
-------------
S(n) = n + 1
I don't know how to rewrite n+1 as S(n). I think that n+1 is just a notation for S(n), right?
If you look at the definition of + as follows, you can see that it is defined by induction on its first argument:
Locate "+". (* to obtain the name Nat.add *)
Print Nat.add.
(*
Nat.add =
fix add (n m : nat) {struct n} : nat :=
match n with
| 0 => m
| S p => S (add p m)
end
: nat -> nat -> nat
*)
As a result 1 + n is indeed convertible to S n (you can see that using Eval cbn in 1 + ?[n].) but not n + 1 (if you unfold Nat.add. you will obtain a pattern match stuck on the variable n).
For your proof, that specific definition of + means that you might reconsider your approach and try to do your proof by induction on n rather than m (paying attention to have the right induction hypothesis).
If you are using the nat type from the standard library, then n+1 is not a notation for S n, but a notation for the function Nat.add. In that case n+1 is not apparently equal to S n. You need to prove it by an induction on n.
By the way, if you are using Nat.nat, you need to use induction on n rather than m. Because Nat.add is defined by a match on the first argument. In this case, your first subgoal of the induction can be proved simply by reflexivity. (Coq is able to simplify S (0 + m) and 0 + S m, but not S (n + 0) and n + 1).
Was able to prove with the following:
Theorem plus_n_Sm : forall n m : nat,
S (n + m) = n + (S m).
Proof.
intros n m. induction n as [| n' IHn'].
- simpl. reflexivity.
- simpl. rewrite -> IHn'. reflexivity.
Qed.
I have the odd number definition as below:
Definition Odd n := exists k, n = 2*k+1.
And I have an oddb define that whether a number is odd or not.
Fixpoint oddb (n : nat) { struct n } : bool :=
match n with
| 0 => false
| 1 => true
| S (S n) => oddb n
end.
I am trying to prove if a number is the successor of a double of nat; then it is a odd number.
Theorem question_1c:
forall n, Odd n -> (oddb n = true).
Proof.
unfold Odd. intros. inversion H.
rewrite H0. simpl. induction x.
- simpl. reflexivity.
- Admitted.
I stuck on the second goal.. it showed that I need to prove Sx.. and the hypothesis I have from now seems like not helpful...
1 subgoal
n : nat
H : exists k : nat, n = 2 * k + 1
x : nat
H0 : n = 2 * S x + 1
IHx : n = 2 * x + 1 -> oddb (x + (x + 0) + 1) = true
______________________________________(1/1)
oddb (S x + (S x + 0) + 1) = true
Can anyone help me?? tHnak you
Standard induction let you jump from n to n+1. Here with your odd function
you need to jump from n to n+2. So what is needed is a stronger induction. One way to do this is to prove:
Theorem question_1c:
forall n m, m <= n -> Odd m -> (oddb m = true).
by standard induction on n (but for all m smaller)
If I define multiplication like this (drugi_c), how do I prove e.g. X*0=0?
(How to prove something by the definition?)
Fixpoint drugi_c(x y: nat): nat:=
match x, y with
| _, O => O
| O, _ => O
| S O, _ => y
| _,S O => x
| S x', S y' => plus y (drugi_c x' y)
end.
Notation "x * y" := (drugi_c x y) (at level 40, left associativity).
Whenever I use "simpl." in proofs instead of 0 = 0, i get the definition in result.
Lemma neka2 x:
x * 0 = 0.
Proof.
induction x.
-simpl. reflexivity.
-simpl. (*right here*)
Abort.
Result after the last simpl.
1 subgoal
x : nat
IHx : x * 0 = 0
______________________________________(1/1)
match x with
| 0 | _ => 0
end = 0
What to write after that last simpl. to finish the proof?
Your goal has a pattern match on x, but no matter what value x is it will return 0. To force this to simplify, you can destruct x.
Note that you never use the inductive hypothesis here, so you could have done destruct x at the beginning instead of induction x.
Here is what i end up getting:
Lemma neka2 x:
x * 0 = 0.
Proof.
destruct x.
-simpl. reflexivity.
-simpl. (**)
Abort.
Result:
1 subgoal
x : nat
______________________________________(1/1)
x * 0 = 0
I guess you have to prove it with induction because same thing happens when I try to destruct x with predefined mult as well.
Here is x*0=0 proof but with predefined mult:
Theorem mult_0_r : forall n:nat,
n * 0 = 0.
Proof.
intros n.
induction n as [|n'].
Case "n = 0".
simpl.
reflexivity.
Case "n = S n'".
simpl.
rewrite -> IHn'.
reflexivity.
Qed.
As #user138737 pointed out, you don't need induction. It is sufficient to explore three cases : x = 0, x = 1 and x = S (S x')). The shortest proof I can come with is thus the following.
destruct x as [| [|] ]; reflexivity.
I want to write a function that calculate count of true values of p 0 .. p t in a nat->prop function.
Section count_sc.
Variable p:nat->Prop.
Hypothesis p_dec:forall x:nat , {p x} + { ~ p x }.
Fixpoint count (x : nat) :=
match x with
| 0 => if p_dec(0) then 1 else 0
| S y => if p_dec(x) then 1+count y else count y
end.
End count_sc.
Definition fret (x:nat) := False.
Check count.
Axiom fret_dec : forall x : nat , { fret x } + { ~ fret x }.
Theorem hello_decide : forall x : nat , count fret fret_dec x = 0.
Proof.
intros.
induction x.
unfold count.
replace (fret_dec 0) with false.
Qed.
Before the replace tactic i should proof some goal like this:
(if fret_dec 0 then 1 else 0) = 0
Coq dose not automaticly compute the value of the if statement. and if i try to replace the fret_dec with it's value, i will get this error:
Error: Terms do not have convertible types.
How i can write count function that i can unfold and use it in theorems?
You have declared fret_dec as an axiom. But that means it does not have a definition, or implementation in other words. Thus, Coq cannot compute with it.
You can still prove your theorem like so, using the destruct tactic:
Theorem hello_decide : forall x : nat , count fret fret_dec x = 0.
Proof.
induction x as [| x IH].
- unfold count. destruct (fret_dec 0) as [contra | _].
+ contradiction.
+ reflexivity.
- simpl. rewrite IH. destruct (fret_dec (S x)) as [contra | _].
+ contradiction.
+ reflexivity.
Qed.
But, in this case it is really easy to provide such a decision procedure instead of postulating it. And this simplifies the proof a lot:
Definition fret_dec' (x : nat) : { fret x } + { ~ fret x }.
Proof. right. intros contra. contradiction. Defined.
Theorem hello_decide' : forall x : nat , count fret fret_dec' x = 0.
Proof.
induction x as [|x IH]; simpl.
- reflexivity.
- exact IH.
Qed.
I am not sure whether I am using the right words in the question title, so here is the code:
Lemma In_map_iff :
forall (A B : Type) (f : A -> B) (l : list A) (y : B),
In y (map f l) <->
exists x, f x = y /\ In x l.
Proof.
intros A B f l y.
split.
- intros.
induction l.
+ intros. inversion H.
+ exists x.
simpl.
simpl in H.
destruct H.
* split.
{ apply H. }
{ left. reflexivity. }
* split.
A : Type
B : Type
f : A -> B
x : A
l : list A
y : B
H : In y (map f l)
IHl : In y (map f l) -> exists x : A, f x = y /\ In x l
============================
f x = y
Basically, there is not much to go on with this proof, I can only really use induction on l and after substituting for x in the goal I get the above form. If IHl had a forall instead of exists maybe I could substitute something there, but I am not sure at all what to do here.
I've been stuck on this one for a while now, but unlike the other problems where that has happened, I could not find the solution online for this one. This is a problem as I am going through the book on my own, so have nobody to ask except in places like SO.
I'd appreciate a few hints. Thank you.
Lemma In_map_iff :
forall (A B : Type) (f : A -> B) (l : list A) (y : B),
In y (map f l) <->
exists x, f x = y /\ In x l.
Proof.
intros A B f l y.
split.
- intros.
induction l.
+ intros. inversion H.
+ simpl.
simpl in H.
destruct H.
* exists x.
split.
{ apply H. }
{ left. reflexivity. }
* destruct IHl.
-- apply H.
-- exists x0.
destruct H0.
++ split.
** apply H0.
** right. apply H1.
- intros.
inversion H.
induction l.
+ intros.
inversion H.
inversion H1.
inversion H3.
+ simpl.
right.
apply IHl.
* inversion H.
inversion H0.
inversion H2.
exists x.
split.
-- reflexivity.
-- destruct H3.
A : Type
B : Type
f : A -> B
x0 : A
l : list A
y : B
H : exists x : A, f x = y /\ In x (x0 :: l)
x : A
H0 : f x = y /\ In x (x0 :: l)
IHl : (exists x : A, f x = y /\ In x l) ->
f x = y /\ In x l -> In y (map f l)
x1 : A
H1 : f x1 = y /\ In x1 (x0 :: l)
H2 : f x = y
H3 : x0 = x
H4 : f x = y
============================
In x l
I managed to do one case, but am now stuck in the other. To be honest, since I've already spent 5 hours on a problem that should need like 15 minutes, I am starting to think that maybe I should consider genetic programming at this point.
H can be true on two different ways, try destruct H. From that, the proof follows easily I think, but be careful on the order you destruct H and instantiate the existential thou.
Here is a proof that has the same structure as would have a pen-and-paper proof (at least the first -> part). When you see <tactic>... it means ; intuition (because of Proof with intuition. declaration), i.e. apply the intuition tactic to all the subgoals generated by <tactic>. intuition enables us not to do tedious logical deductions and can be replaced by a sequence of apply and rewrite tactics, utilizing some logical lemmas.
As #ejgallego pointed out the key here is that while proving you can destruct existential hypotheses and get inhabitants of some types out of them. Which is crucial when trying to prove existential goals.
Require Import Coq.Lists.List.
Lemma some_SF_lemma :
forall (A B : Type) (f : A -> B) (l : list A) (y : B),
In y (map f l) <->
exists x, f x = y /\ In x l.
Proof with intuition.
intros A B f l y. split; intro H.
- (* -> *)
induction l as [ | h l'].
+ (* l = [] *)
contradiction.
+ (* l = h :: l' *)
destruct H.
* exists h...
* destruct (IHl' H) as [x H'].
exists x...
- (* <- *)
admit.
Admitted.