Casting from a to b then b to a is identity? - coq

Given the definition:
Definition cast (a b:Type) (p:a = b) (x:a) : b :=
match p with
| eq_refl _ => x
end.
I was hoping that the following lemma would be provable:
Lemma cast_cast_is_id : forall (a b:Type) (x:a) (p:a = b) (q:b = a),
cast b a q (cast a b p x) = x.
However, I do not seem to be able to carry out a proof for this. I can destruct p successfully, but cannot destruct q after that. Replacing the lemma's statement with eq_sym p instead of arbitrary q does not help me either it seems.
I fear I have unwittingly stumbled into some subtle point of HoTT.
Can anyone prove this lemma or is it known to be unprovable without further axioms?

I am not completely sure, but it seems to me that what you are trying to prove is no different from forall a (p:a=a), p = eq_refl. If so, you cannot prove it in Coq, unless you know something about a, e.g., decidable equality. In that case, you can use the results on UIP (unicity of identity proofs) from the standard library.

Related

How do I prove an existential goal that asks for a certain function in Coq?

Completely new to coq here.
I know about the exists tactic to prove an existential goal, but in this case it wants a function mapping from two sets. What is the syntax for demonstrating such a function?
And if there is no such function how would I disprove this? (I would suppose through a contradiction, but then how would I pose a contradictory hypothesis?)
Context: Trying to work out the proof that all surjective functions have a right inverse.
1 subgoal
A, B : Set
f : A → B
H : ∀ b : B, ∃ a : A, f a = b
______________________________________(1/1)
∃ g : B → A, ∀ b : B, f (g b) = b
Of course, whether or not a function g exists depends on accepting axiom of choice, so where does that come into coq?
I did find this solution:
https://gist.github.com/pedrominicz/0d9004b82713d9244b762eb250b9c808
and the associated reddit post
https://www.reddit.com/r/logic/comments/fxjypn/what_is_not_constructive_in_this_proof/
But I didn't understand it/didn't work for me.
So, what I want to know is:
How do you specify axiom of choice in coq (to prove/disprove this)?
In general, how would I construct a function to provide witness to an existential goal? (I also want to show that all injective functions have a left inverse)
There are several variants of the axiom of choice in the Coq type theory. You can look at the Coq.Logic.ChoiceFacts module for a reasonably comprehensive list of the various formulations and their relative power.
As far as I can tell, your example is equivalent to the axiom of functional choice. One elegant way to phrase and assume it is the following.
Axiom functional_choice : forall (A : Type) (B : A -> Type),
(forall x : A, inhabited (B x)) -> inhabited (forall x : A, B x).
The inhabited type is an inductive box that hides the computational content of a proof in Type into a Prop value that can only be inspected to produce more Prop values. In particular, This axiom is pretty innocuous from the point of view of computation since it only produces values in Prop. There are much more violently non-computational examples of choice like global choice which can be stated as:
Axiom global_choice : forall (A : Type), inhabited A -> A.
This one allows to extract computational content out of thin air.
Here is an answer that is a complete script (tested with coq 8.13.2). Coq by default does not have the axiom of choice loaded, so you need to say explicitly that you are going to work with it.
Require Import ClassicalChoice.
Lemma question (A B : Set) (f : A -> B) :
(forall b, exists a, f a = b) -> exists g, forall b, f (g b) = b.
Proof.
intros H.
apply (choice (fun y x => f x = y)).
exact H.
Qed.

Induction proofs on MSets

I'm trying to use MSet library in a Coq development and I need a map function, which is absent from the library, but can be implemented using fold, as usual.
In the following gist, I've put a simplification of what I'm working on, full of axioms, just to get straight to the point.
My problem is to prove a property of the following map function:
Definition map (f : Exp -> Exp) s
:= MSet.fold (fun a ac => MSet.add (f a) ac) MSet.empty s.
Which uses fold from Coq MSet library. The property that I want to show is:
Lemma map_lemma : forall s f e, In e (map f s) -> exists e', In e' s /\ e = f e'.
Proof.
induction s using set_induction ; intros ; try fsetdec.
Which is intended to show that if an element e in the set map f s, then exists another element e' in s, s.t. e = f e'. My difficulty is to prove the inductive case, since the induction hypothesis produced by set_induction does not seems useful at all.
Could someone provide me any clues on how should I proceed?
First, I think there is a problem in your definition of smap. You must swap MSet.empty and s, otherwise you can prove:
Lemma snap_trivial : forall f s, smap f s= s.
Proof.
intros. reflexivity.
Qed.
With the right definition, you can use the fold_rec lemma that is adapted to this kind of goal.

Proof irrelevance in COQ

I am thinking about proof irrelevance in COQ.
One provable statement says:
If equality of a type is decidable then there can be only one proof for the equality statement, namely reflexivity.
I wonder if its possible to construct types with more than one equality proof in COQ. Therefore I ask if the following construct is consistent?
(*it is known that f=g is undecidable in COQ *)
Definition f(n:nat) := n.
Definition g(n:nat) := n+0.
Axiom p1: f=g.
Axiom p2: f=g.
Axiom nonirrelevance:p1<>p2.
What me puzzles here is the fact that by introducing p1 I made the equality f=g decidable and therefore it should only have one proof! What is my error in reasoning here?
Is that all a pure COQ behaviour or is it similar in HOTT?
I think you're confusing several things.
The provable statement you are speaking of can be found in https://coq.inria.fr/library/Coq.Logic.Eqdep_dec.html and is
Theorem eq_proofs_unicity A (eq_dec : forall x y : A, x = y \/ x <> y) (x : A) :
forall (y:A) (p1 p2:x = y), p1 = p2.
Now what is quite interesting is the type of eq_dec. First of all, it doesn't even really ask for equality to be decidable, it just asks for it to be true or false which is way less stronger than {x = y} + {x <> y}
Then notice that it doesn't ask this just for the x and y to prove the equality irrevelance of, it ask this property for all functions.
So you would need to prove your contradiction that forall (f g : nat -> nat), f = g \/ f <> g which you cannot. p1 is just a proof that f = g \/ f <> g for your specific f and g.
Notice though that if you could, it would just mean that there is no way to build a system in which you can compare functions and yet have multiple ways which are provably different to check them.
Finally, for P to be undecidable only means that there is no constructible functions over {P} + {~P} yet, it doesn't mean that adding one as an axiom leads to a contradiction. Just adding that in case it wasn't clear.

How to prove functions equal, knowing their bodies are equal?

How can we prove the following?:
Lemma forfun: forall (A B : nat->nat), (forall x:nat, A x = B x) ->
(fun x => A x) = (fun x => B x).
Proof.
The principle you want is known as functional extensionality; in its most general form, it says
Axiom fun_ext : forall (A B : Type) (f g : A -> B),
(forall x : A, f x = g x) -> f = g.
Unfortunately, in spite of being useful, this principle is independent of Coq's base logic, which means that it is not possible to prove it or refute it. However, Coq's logic was designed so that it would be safe to assume this principle as an axiom in the theory, and Coq's standard library already has that principle defined so that you can use it.

Generalizing existential variables in Coq

I'm trying to prove P ?x, where P : A -> Prop and ?x : A is an existential variable. I can prove forall a:A, P a, so I need to generalize P ?x to forall a:A, P a.
If ?x was an instantiated variable, x, I could simply use generalize x to produce forall x:A, P x. When I try generalize ?x, however, Coq returns a syntax error.
Is this possible? I've checked and Coq does not seem to provide an intuitive way to generalize statements about existential variables.
Any help would be greatly appreciated.
P ?x is not equivalent to forall x, P x, nor even implied by it. To prove P ?x, you need to find some a such that P a holds. With your hypothesis, it suffices to find some a : A. In other words, you need to prove that the domain is not empty (or more precisely, you need to prove the existence of an element in the domain).
Here, if you have some a : A, you can use instantiate (1 := A). Silly example:
Parameter A : Set.
Parameter P : A -> Prop.
Goal (forall a, P a) -> A -> exists x, P x.
Proof.
intros H a. eexists. instantiate (1 := a). apply H.
Qed.