I am reading the Coq (8.5p1) reference manual,
introduction via (p1 & ... & pn) is a shortcut for introduction via
(p1,(...,(...,pn)...)); it expects the hypothesis to be a sequence of
right-associative binary inductive constructors such as conj or
ex_intro; for instance, an hypothesis with type A/(exists x, B/\C/\D)
can be introduced via pattern (a & x & b & c & d);
Trying to test this out, I did:
Goal forall A B C D: Prop, A/\(exists x:nat, B/\C/\D) -> D.
intros (a & x & b & c & d).
But Coq is telling me:
Error: Not an inductive product.
And I got the same error for a few other variants, such as one without the -> D.
Can some one please explain what's the correct usage (in a hopefully useful example)?
Since your goal starts with forall A B C D: Prop, you need to introduce A B C D first:
intros A B C D (a & x & b & c & d).
I think this syntax was introduced to get rid of nested square brackets, which can be used to destructure during the introduction phase. Compare the following two proofs:
Goal forall A B C D: Prop,
A /\ (exists x:nat, B /\ C /\ D) -> D.
intros A B C D (_ & _ & _ & _ & d). assumption. Qed.
Goal forall A B C D: Prop,
A /\ (exists x:nat, B /\ C /\ D) -> D.
intros A B C D [_ [_ [_ [_ d]]]]. assumption. Qed.
I think the first one is easier on eyes.
Related
I’ve a relation C that takes three parameters. It represents an operation of my theory. So C(a, b, c) represents a = b # c, however I didn’t (succeed to) define this operator in Coq, so I use only the relation C. I want this relation to be associative: (d # e) # f = d # (e # f). And I have to express it with C. I thought of two axioms, but I don’t know which one is best (if they’re are both correct).
Parameter Entity: Set.
Parameter C : Entity -> Entity -> Entity -> Prop.
Axiom asso1 : forall a c d e,
((exists b, C a b c /\ C b d e) <-> (exists f, C a d f /\ C f e c)).
Axiom asso2 : forall s t u a b c d,
(C a s t -> C b a u -> C d s c -> C c t u -> b = d).
What do you think about it?
Both axioms are equivalent if you also know that C is a functional relation (i.e., it represents a function): every input pair maps to a unique output.
(* A functional relation is one that is total and deterministic in the following sense: *)
Axiom total_C : forall a b, exists c, C c a b.
Axiom deterministic_C : forall a b c c', C c a b -> C c' a b -> c = c'.
In some cases it is easier to instantiate the one existential term before another. In this contrived example, I wish to set c = 3 first, and from that choose, say a = 1 and b = 2.
Lemma three_nats : exists (a : nat) (b : nat) (c : nat),
a + b = c.
Proof.
eexists.
eexists.
exists 3.
(* Now what? *)
Is there a way to use just the simple exists 3 on c first?
You can use that it is enough to prove that there exists c,b,a such that a+b=c.
enough (exists c a b, a + b = c).
Now you have two goals. First, that
exists c a b, a + b = c -> exists a b c, a + b = c.
and second, that
exists c a b, a + b = c.
Btw, you can finish off the first part of the proof quickly with firstorder like this:
enough (exists c a b, a + b = c) by firstorder.
Or if you don't want to repeat the goal, just apply this lemma:
Lemma ex_swap {A B C} {P:A->B->C->Prop}:
(exists c a b, P a b c) -> exists a b c, P a b c.
Proof. firstorder. Qed.
Given the definition:
Definition cast (a b:Type) (p:a = b) (x:a) : b :=
match p with
| eq_refl _ => x
end.
I was hoping that the following lemma would be provable:
Lemma cast_cast_is_id : forall (a b:Type) (x:a) (p:a = b) (q:b = a),
cast b a q (cast a b p x) = x.
However, I do not seem to be able to carry out a proof for this. I can destruct p successfully, but cannot destruct q after that. Replacing the lemma's statement with eq_sym p instead of arbitrary q does not help me either it seems.
I fear I have unwittingly stumbled into some subtle point of HoTT.
Can anyone prove this lemma or is it known to be unprovable without further axioms?
I am not completely sure, but it seems to me that what you are trying to prove is no different from forall a (p:a=a), p = eq_refl. If so, you cannot prove it in Coq, unless you know something about a, e.g., decidable equality. In that case, you can use the results on UIP (unicity of identity proofs) from the standard library.
As the title asks, I wish for an example where:
Section Question:
Definition A: Prop := <whatever you like>.
Definition B:Prop := <whatever you like>.
Definition/Inductive/Fixpoint P: Prop -> Type := <whatever you like>.
Theorem AEquivB: A <-> B.
Proof. <supply proof here>. Qed.
(* Question 1. can we pick a P, A, B to prove this? *)
Theorem PA_not_equals_Pb: P A <> P B.
Proof. <supply proof here>. Qed.
(* Question 1.5. can we pick a P, A, B to prove this? *)
Theorem PA_not_equiv_PB: ~(P A <-> P B)
Proof. <supply proof here>. Qed.
In general, I am interested to understand whether "proof equivalence" is "good enough" to be used as "equality" in a sense, or whether there are situations where we can have P A, and A <-> B, but not P B.
It is consistent with Coq that forall A B : Prop, (A <-> B) -> A = B. (That is, you can add this as an axiom and the theory won't collapse.) This axiom is called propositional extensionality. As A = B quickly gives forall P : Prop -> Prop, P A <-> P B, there are no terms P, A, B such that (A <-> B) /\ ~(P A <-> P B), since this would contradict the axiom, but we know it is consistent. Similarly, we also quickly get P A = P B, which means we cannot also get P A <> P B. Note that even though such P, A, B that violate propositional extensionality do not exist, we still cannot prove propositional extensionality. Coq simply doesn't have the strength to talk about itself like that (which is good, since that means you can customize it), which is why propositional extensionality needs to be added as an axiom if you want it.
When proving in Coq, it's nice to be able to prove one little piece at a time, and have Coq help keep track of the obligations.
Theorem ModusPonens: forall (A B : Prop), ((A -> B) /\ A) -> B.
Proof.
intros A B [H1 H2].
apply H1.
At this point I can see the proof state to know what is required to finish the proof:
context
H2: B
------
goal: B
But when writing Gallina, do we have to solve the whole thing in one bang, or make lots of little helper functions? I'd love to be able to put use a question mark to ask Coq what it's looking for:
Definition ModusPonens' := fun (A B : Prop) (H : (A -> B) /\ A) =>
match H with
| conj H1 H2 => H1 {?} (* hole of type B *)
end.
It really seems like Coq should be able to do this, because I can even put ltac in there and Coq will find what it needs:
Definition ModusPonens' := fun (A B : Prop) (H : (A -> B) /\ A) =>
match H with
| conj H1 H2 => H1 ltac:(assumption)
end.
If Coq is smart enough to finish writing the definition for me, it's probably smart enough to tell me what I need to write in order to finish the function myself, at least in simple cases like this.
So how do I do this? Does Coq have this kind of feature?
You can use refine for this. You can write underscores which will turn into obligations for you to solve later.
Definition ModusPonens: forall (A B : Prop), ((A -> B) /\ A) -> B.
refine (fun A B H =>
match H with
| conj H1 H2 => H1 _ (* hole of type A *)
end).
Now your goal is to provide an A. This can be discharged with exact H2. Defined.
Use an underscore
Definition ModusPonens' := fun (A B : Prop) (H : (A -> B) /\ A) =>
match H with
| conj H1 H2 => H1 _ (* hole of type A *)
end.
(*
Error: Cannot infer this placeholder of type
"A" in environment:
A, B : Prop
H : (A -> B) /\ A
H1 : A -> B
H2 : A
*)
or use Program
Require Import Program.
Obligation Tactic := idtac. (* By default Program tries to be smart and solve simple obligations automatically. This commands disables it. *)
Program Definition ModusPonens' := fun (A B : Prop) (H : (A -> B) /\ A) =>
match H with
| conj H1 H2 => H1 _ (* hole of type A *)
end.
Next Obligation. intros. (* See the type of the hole *)