I'm trying to prove P ?x, where P : A -> Prop and ?x : A is an existential variable. I can prove forall a:A, P a, so I need to generalize P ?x to forall a:A, P a.
If ?x was an instantiated variable, x, I could simply use generalize x to produce forall x:A, P x. When I try generalize ?x, however, Coq returns a syntax error.
Is this possible? I've checked and Coq does not seem to provide an intuitive way to generalize statements about existential variables.
Any help would be greatly appreciated.
P ?x is not equivalent to forall x, P x, nor even implied by it. To prove P ?x, you need to find some a such that P a holds. With your hypothesis, it suffices to find some a : A. In other words, you need to prove that the domain is not empty (or more precisely, you need to prove the existence of an element in the domain).
Here, if you have some a : A, you can use instantiate (1 := A). Silly example:
Parameter A : Set.
Parameter P : A -> Prop.
Goal (forall a, P a) -> A -> exists x, P x.
Proof.
intros H a. eexists. instantiate (1 := a). apply H.
Qed.
Related
Completely new to coq here.
I know about the exists tactic to prove an existential goal, but in this case it wants a function mapping from two sets. What is the syntax for demonstrating such a function?
And if there is no such function how would I disprove this? (I would suppose through a contradiction, but then how would I pose a contradictory hypothesis?)
Context: Trying to work out the proof that all surjective functions have a right inverse.
1 subgoal
A, B : Set
f : A → B
H : ∀ b : B, ∃ a : A, f a = b
______________________________________(1/1)
∃ g : B → A, ∀ b : B, f (g b) = b
Of course, whether or not a function g exists depends on accepting axiom of choice, so where does that come into coq?
I did find this solution:
https://gist.github.com/pedrominicz/0d9004b82713d9244b762eb250b9c808
and the associated reddit post
https://www.reddit.com/r/logic/comments/fxjypn/what_is_not_constructive_in_this_proof/
But I didn't understand it/didn't work for me.
So, what I want to know is:
How do you specify axiom of choice in coq (to prove/disprove this)?
In general, how would I construct a function to provide witness to an existential goal? (I also want to show that all injective functions have a left inverse)
There are several variants of the axiom of choice in the Coq type theory. You can look at the Coq.Logic.ChoiceFacts module for a reasonably comprehensive list of the various formulations and their relative power.
As far as I can tell, your example is equivalent to the axiom of functional choice. One elegant way to phrase and assume it is the following.
Axiom functional_choice : forall (A : Type) (B : A -> Type),
(forall x : A, inhabited (B x)) -> inhabited (forall x : A, B x).
The inhabited type is an inductive box that hides the computational content of a proof in Type into a Prop value that can only be inspected to produce more Prop values. In particular, This axiom is pretty innocuous from the point of view of computation since it only produces values in Prop. There are much more violently non-computational examples of choice like global choice which can be stated as:
Axiom global_choice : forall (A : Type), inhabited A -> A.
This one allows to extract computational content out of thin air.
Here is an answer that is a complete script (tested with coq 8.13.2). Coq by default does not have the axiom of choice loaded, so you need to say explicitly that you are going to work with it.
Require Import ClassicalChoice.
Lemma question (A B : Set) (f : A -> B) :
(forall b, exists a, f a = b) -> exists g, forall b, f (g b) = b.
Proof.
intros H.
apply (choice (fun y x => f x = y)).
exact H.
Qed.
Given the definition:
Definition cast (a b:Type) (p:a = b) (x:a) : b :=
match p with
| eq_refl _ => x
end.
I was hoping that the following lemma would be provable:
Lemma cast_cast_is_id : forall (a b:Type) (x:a) (p:a = b) (q:b = a),
cast b a q (cast a b p x) = x.
However, I do not seem to be able to carry out a proof for this. I can destruct p successfully, but cannot destruct q after that. Replacing the lemma's statement with eq_sym p instead of arbitrary q does not help me either it seems.
I fear I have unwittingly stumbled into some subtle point of HoTT.
Can anyone prove this lemma or is it known to be unprovable without further axioms?
I am not completely sure, but it seems to me that what you are trying to prove is no different from forall a (p:a=a), p = eq_refl. If so, you cannot prove it in Coq, unless you know something about a, e.g., decidable equality. In that case, you can use the results on UIP (unicity of identity proofs) from the standard library.
As the title asks, I wish for an example where:
Section Question:
Definition A: Prop := <whatever you like>.
Definition B:Prop := <whatever you like>.
Definition/Inductive/Fixpoint P: Prop -> Type := <whatever you like>.
Theorem AEquivB: A <-> B.
Proof. <supply proof here>. Qed.
(* Question 1. can we pick a P, A, B to prove this? *)
Theorem PA_not_equals_Pb: P A <> P B.
Proof. <supply proof here>. Qed.
(* Question 1.5. can we pick a P, A, B to prove this? *)
Theorem PA_not_equiv_PB: ~(P A <-> P B)
Proof. <supply proof here>. Qed.
In general, I am interested to understand whether "proof equivalence" is "good enough" to be used as "equality" in a sense, or whether there are situations where we can have P A, and A <-> B, but not P B.
It is consistent with Coq that forall A B : Prop, (A <-> B) -> A = B. (That is, you can add this as an axiom and the theory won't collapse.) This axiom is called propositional extensionality. As A = B quickly gives forall P : Prop -> Prop, P A <-> P B, there are no terms P, A, B such that (A <-> B) /\ ~(P A <-> P B), since this would contradict the axiom, but we know it is consistent. Similarly, we also quickly get P A = P B, which means we cannot also get P A <> P B. Note that even though such P, A, B that violate propositional extensionality do not exist, we still cannot prove propositional extensionality. Coq simply doesn't have the strength to talk about itself like that (which is good, since that means you can customize it), which is why propositional extensionality needs to be added as an axiom if you want it.
I wanted to see a few hands on examples of Coq proofs of the form:
\exists A(x1,...,xn)
essentially where the Goal had an existential quantifier. I was having issues manipulating the goal in meaningful ways to make progress in my proof and wanted to see a few examples of common tactics to manipulate.
What are some good existential quantifiers examples in Coq to prove?
My specific example I had:
Theorem Big_Small_ForwardImpl :
forall (P : Program) (S' : State),
(BigStepR (B_PgmConf P) (B_StateConf S')) -> (ConfigEquivR (S_PgmConf P) (S_BlkConf EmptyBlk S')).
Proof.
intros.
induction P.
unfold ConfigEquivR.
refine (ex_intro _ _ _) .
my context and goals was:
1 subgoal
l : list string
s : Statement
S' : State
H : BigStepR (B_PgmConf (Pgm l s)) (B_StateConf S')
______________________________________(1/1)
exists N : nat, NSmallSteps N (S_PgmConf (Pgm l s)) (S_BlkConf EmptyBlk S')
but then changed to:
1 subgoal
l : list string
s : Statement
S' : State
H : BigStepR (B_PgmConf (Pgm l s)) (B_StateConf S')
______________________________________(1/1)
NSmallSteps ?Goal (S_PgmConf (Pgm l s)) (S_BlkConf EmptyBlk S')
after using the refine (ex_intro _ _ _) tactic. Since I am not sure what is going on I was hoping some simpler examples could show me how to manipulate existential quantifiers in my Coq goal.
helpful comment:
The ?Goal was introduced by Coq as a placeholder for some N that will have to be deduced later in the proof.
The following example is based on the code provided in this answer.
Suppose we have a type T and a binary relation R on elements of type T. For the purpose of this example, we can define those as follows.
Variable T : Type.
Variable R : T -> T -> Prop.
Let us prove the following simple theorem.
Theorem test : forall x y, R x y -> exists t, R x t.
Here is a possible solution.
Proof.
intros. exists y. apply H.
Qed.
Instead of explicitly specifying that y is the element we are looking for, we can rely on Coq's powerful automatic proof mechanisms in order to automatically deduce which variable satisfies R x t:
Proof.
intros.
eexists. (* Introduce a temporary placeholder of the form ?t *)
apply H. (* Coq can deduce from the hypothesis H that ?t must be y *)
Qed.
There exist numerous tactics that make ise of the same automated deduction mechanisms, such as eexists, eapply, eauto, etc.
Note that their names often correspond to usual tactics prefixed with an e.
I'm trying to use MSet library in a Coq development and I need a map function, which is absent from the library, but can be implemented using fold, as usual.
In the following gist, I've put a simplification of what I'm working on, full of axioms, just to get straight to the point.
My problem is to prove a property of the following map function:
Definition map (f : Exp -> Exp) s
:= MSet.fold (fun a ac => MSet.add (f a) ac) MSet.empty s.
Which uses fold from Coq MSet library. The property that I want to show is:
Lemma map_lemma : forall s f e, In e (map f s) -> exists e', In e' s /\ e = f e'.
Proof.
induction s using set_induction ; intros ; try fsetdec.
Which is intended to show that if an element e in the set map f s, then exists another element e' in s, s.t. e = f e'. My difficulty is to prove the inductive case, since the induction hypothesis produced by set_induction does not seems useful at all.
Could someone provide me any clues on how should I proceed?
First, I think there is a problem in your definition of smap. You must swap MSet.empty and s, otherwise you can prove:
Lemma snap_trivial : forall f s, smap f s= s.
Proof.
intros. reflexivity.
Qed.
With the right definition, you can use the fold_rec lemma that is adapted to this kind of goal.