How to proof in Coq statements about given sets

Question

How does one proof statements like the following one in COQ.

Require Import Vector.
Import VectorNotations.
Require Import Fin.

Definition v:=[1;2;3;4;5;6;7;8].
Lemma L: forall (x: Fin.t 8), (nth v x) > 0.

Or, let's say you have a given list of numbers and you want to proof that no number appears twice in that list.

Maybe one has to write an algorithm with the Lemma as its type. But I have no clue how to do this.

BTW, its not a homework exercise.

This is easy to prove (in Coq, or by hand) because it's just a particular list. Is your ultimate goal to prove things about a list generated by something else? In that case, you'll need to prove things about the code/function/procedure that generates the list. That's where it gets interesting. — Robin Green, Dec 21 '15 at 10:05
Proving "by hand" is not possible if the list gets to complicated. For instance, think about having a COQ model which needs a large 1000x1000 matrix as parameter. And it must be assured that the matrix has full rank. Assume that you need the full rank property for proofs of properties of your model. Of course one could check each individual instance of the model with a computer algebra system and add the "full rank " property as an axiom to the model. But that's a bit odd ... — Cryptostasis, Dec 21 '15 at 11:37
I think the problem is that COQ has some limitations with induction of dependent types. The site http://homes.cs.washington.edu/~jrw12/dep-destruct.html tries to explain it, but I have some difficulties to follow their arguments. — Cryptostasis, Dec 21 '15 at 11:46

score 2 · Answer 1 · answered Dec 21 '15 at 13:08

Here is a quick-and-dirty proof:

Proof.
Require Import Program.
dependent destruction x.
auto.
dependent destruction x.
compute.
auto.
dependent destruction x.
compute.
auto.
dependent destruction x.
compute.
auto.
dependent destruction x.
compute.
auto.
dependent destruction x.
compute.
auto 10.
dependent destruction x.
compute.
auto 10.
dependent destruction x.
compute.
auto 10.
dependent destruction x.
Qed.

We use the dependent destruction tactic from the Program module. This relies on the JMeq axiom, but that shouldn't be a problem.

You can use `repeat` to shrink it down to `repeat dependent destruction x; compute; auto 10.`. — gallais, Dec 21 '15 at 15:38

ejgallego · Answer 2 · 2016-02-26T00:48:07.500

Let me suggest a solution using the math-comp library:

From mathcomp Require Import ssreflect ssrfun ssrbool eqtype ssrnat seq.
From mathcomp Require Import fintype tuple.

Definition v := [tuple of [:: 1;2;3;4;5;6;7;8]].

Lemma L : forall x, tnth v x > 0.
Proof. exact/all_tnthP. Qed.

The all_tnthP lemma will replace your predicate by its computable version, which in turn will make Coq check that all the elements in the tuple are greater than 0, concluding the proof.

How to proof in Coq statements about given sets

2 Answers2