I would like to prove that subtraction does not commute in Coq but I am stuck. I believe the that the statement I would like to prove in Coq would be written forall a b : nat, a <> b -> a - b <> b - a
Here is what I have for the proof so far.
Theorem subtraction_does_not_commute :
forall a b : nat, a <> b -> a - b <> b - a.
Proof.
intros a b C.
unfold not; intro H.
apply C.
I think I could use C : a <> b to contradict the goal a = b.
One way to solve this is to use induction on a. However, if you start your proof with
intros a b C; induction a.
you will get stuck because the context will have the following hypotheses:
C : S a <> b
IHa : a <> b -> a - b <> b - a
You won't be able to use the induction hypothesis IHa because one cannot infer the premise of IHa (a <> b) from S a <> b: e.g. 1 <> 0 doesn't imply 0 <> 0.
But we can make the induction hypothesis stronger by not introducing the variables into the context prematurely:
Require Import Coq.Arith.Arith.
Lemma subtraction_does_not_commute :
forall a b : nat, a <> b -> a - b <> b - a.
Proof.
induction a; intros b C.
- now rewrite Nat.sub_0_r.
- destruct b.
+ trivial.
+ repeat rewrite Nat.sub_succ. auto.
Qed.
Or, alternatively, using the omega tactic, we get a one-line proof:
Require Import Omega.
Lemma subtraction_does_not_commute :
forall a b : nat, a <> b -> a - b <> b - a.
Proof. intros; omega. Qed.
