1

I have defined a function, which finds the greatest value from the natural number list and move this value to head position of the list. I am sure, all the elements in the list are less or equal to the value at head location. Then I defined index_value function,to find value in the list at any index.For clarification [4,7,11,9,11] list become [11,7,9,11].I have a problem in proving the following lemma. Plz guide me.

 ` Require Import Coq.Arith.PeanoNat.
   Require Import Lia.
   Fixpoint index_value (index: nat) (l: list nat) : nat :=
   match l with
         | nil => 0
         | cons h t => match (Nat.eqb index 0) with
         | true => h
         | false => index_value (index - 1) t
        end
          end.

Theorem head_value : forall ( n':nat) (l:list nat),
 (index_value 0 l)<= n'.
 Proof.
 Admitted.
 Theorem index_value1:forall (n s2:nat) (l:list nat),
 index_value  (S s2) (n :: l) <=
  index_value  0 (n :: l) \/
 index_value  (S s2) (n :: l) > 0.
 Proof.
  intros. simpl in *. left . induction s2. simpl. 
   appply head_value . simpl in *.  auto with arith.`
rosi javi
  • 35
  • 4

1 Answers1

2

I think your statements do not quite mean what you think they mean. The first one is contradictory, and the second one is trivial: you do not need the definition of index_value at all:

Require Import Coq.Arith.PeanoNat.
Require Import Lia.
Require Import Coq.Lists.List.

Import ListNotations.

Fixpoint index_value (index: nat) (l: list nat) : nat :=
  match l with
  | nil => 0
  | cons h t => match (Nat.eqb index 0) with
                | true => h
                | false => index_value (index - 1) t
                end
  end.

Theorem not_head_value :
  ~ forall ( n':nat) (l:list nat),
                             (index_value 0 l)<= n'.
Proof.
  intros contra.
  specialize (contra 0 (1 :: nil)).
  simpl in *. lia.
Qed.

Theorem index_value1:forall (n s2:nat) (l:list nat),
    index_value  (S s2) (n :: l) <=
    index_value  0 (n :: l) \/
    index_value  (S s2) (n :: l) > 0.
Proof. intros n s2 l. lia. Qed.
Arthur Azevedo De Amorim
  • 23,012
  • 3
  • 33
  • 39
  • If we split index_value1 into left or right and then apply lia,then it does not work. Proof. intros n s2 l.left. lia. Would you like to explain the reason? – rosi javi May 29 '20 at 17:13
  • @rosijavi Whether the left or right hand side is the one that holds depends on the value of the variables. For instance, you can prove `forall n, n = 0 \/ n > 0`, but you can't prove `forall n, n = 0` or `forall n, n > 0`. – Arthur Azevedo De Amorim May 31 '20 at 00:54
  • Thanks for explaination.I have another lemma regarding to above function,that is Theorem index_value_0 :forall (n:nat)(l:list nat), (length l =? 0) = false -> (length l - length l =? 0) =false -> (index_value 0 l =? 0) = true. value at the index 0 is zero.As no element in the list is zero and list is non empty. Therefore to prove this lemma ,we are proving false =true.How to close this lemma by saying this condition cannot happen in present constraints. – rosi javi Jun 30 '20 at 07:25
  • If we have false statement in hypothesis ,then we can prove any thing.I want to prove these two goals Theorem index_val_0:forall (l:list nat), (length l =? 0) = false -> (length l - length l=?0)=false-> (index_value(length l - length l-1) l =? 0) = true. Proof. intros. induction(length l- length l). destruct l. inversion H. simpl in *. inversion H0. simpl in *. rewrite (Nat.sub_0_r) . Theorem index_val_Sn:forall (l:list nat), (length l =? 0) = false -> (length l - length l=?0)=false-> (index_value(length l - length l-1) l =? S n) = true. – rosi javi Jul 05 '20 at 17:44