I am learning Coq and trying to prove "A \/ False -> A" but I am not sure what am I doing wrong.
I tried the following code:
Goal forall A False : Prop, A \/ False -> A.
Proof.
intros A False H.
destruct H as [HP | HQ].
apply HP.
exfalso.
apply HQ.
And expected to establish the premise for exfalso by applying the assumption HQ but it did not work and I got the following message: "Unable to unify "False" with "Logic.False"."
What am I missing?
In your statement you quantify over a proposition that you name False. There is a clash with the False that is defined in Logic. So in your environment you have two False your proposition and the one in Logic and they differ.
The statement you want to prove is equivalent to forall A B : Prop, A \/ B -> A
Related
I want to prove ~~(P \/ ~P) in Coq, which sounds somehow trivial... However I do not know where to go since there is not any single hypothesis.
I have written the following code which is not working, since it is giving the following exception [ltac_use_default] expected after [tactic] (in [tactic_command]).
Parameter P: Prop.
Section r20.
Lemma regra1: ~~(P \/ ~P).
Proof.
intro.
- cut P.
- cut ~P
Qed.
End r20.
It is little tricky one. Here is one way to prove it.
Parameter P : Prop.
Section r20.
Lemma regra1: ~~(P \/ ~P).
Proof.
unfold not. intros H1.
apply H1. right.
intros H2.
apply H1. left.
exact H2.
Qed.
End r20.
I know excluded middle is impossible in the logic of construction. However, I am stuck when I try to show it in Coq.
Theorem em: forall P : Prop, ~P \/ P -> False.
My approach is:
intros P H.
unfold not in H.
intuition.
The system says following:
2 subgoals
P : Prop
H0 : P -> False
______________________________________(1/2)
False
______________________________________(2/2)
False
How should I proceed?
Thanks
What you are trying to construct is not the negation of LEM, which would say "there exists some P such that EM doesn't hold", but the claim that says that no proposition is decidable, which of course leads to a trivial inconsistency:
Axiom not_lem : forall (P : Prop), ~ (P \/ ~ P).
Goal False.
now apply (not_lem True); left.
No need to use the fancy double-negation lemma; as this is obviously inconsistent [imagine it would hold!]
The "classical" negation of LEM is indeed:
Axiom not_lem : exists (P : Prop), ~ (P \/ ~ P).
and it is not provable [otherwise EM wouldn't be admissible], but you can assume it safely; however it won't be of much utility for you.
One cannot refute the law of excluded middle (LEM) in Coq.
Let's suppose you proved your refutation of LEM. We model this kind of situation by postulating it as an axiom:
Axiom not_lem : forall (P : Prop), ~ (P \/ ~ P).
But then we also have a weaker version (double-negated) of LEM:
Lemma not_not_lem (P : Prop) :
~ ~ (P \/ ~ P).
Proof.
intros nlem. apply nlem.
right. intros p. apply nlem.
left. exact p.
Qed.
These two facts together would make Coq's logic inconsistent:
Lemma Coq_would_be_inconsistent :
False.
Proof.
apply (not_not_lem True).
apply not_lem.
Qed.
I'm coming from mathoverflow, but I don't have permission to comment on #Anton Trunov's answer. I think his answer is unjust, or at least incomplete: he hides the following "folklore":
Coq + Impredicative Set + Weak Excluded-middle -> False
This folklore is a variation of the following facts:
proof irrelevance + large elimination -> false
And Coq + Impredicative Set is canonical, soundness, strong normalization, So it is consistent.
Coq + Impredicative Set is the old version of Coq. I think this at least shows that the defense of the LEM based on double negative translation is not that convincing.
If you want to get information about the solutions, you can get it from here https://github.com/FStarLang/FStar/issues/360
On the other hand, you may be interested in the story of how Coq-HoTT+UA went against LEM∞...
=====================================================
Ok, let's have some solutions.
use command-line flag -impredicative-set, or the install old version(<8.0) of coq.
excluded-middle -> proof-irrelevance
proof-irrelevance -> False
Or you can work with standard coq + coq-hott.
install coq-hott
Univalence + Global Excluded-middle (LEM∞) -> False
It is not recommended that you directly click on the code in question without grasping the specific concept.
I skipped a lot about meta-theoretic implementations, such as Univalence not being computable in Coq-HoTT but only in Agda-CuTT, such as the consistency proof for Coq+Impredicative Set/Coq-HoTT.
However, metatheoretical considerations are important. If we just want to get an Anti-LEM model and don't care about metatheory, then we can use "Boolean-valued forcing" in coq to wreak havoc on things that only LEM can introduce, such as "every function about real set is continuous", Dedekind infinite...
But this answer ends there.
For some reason, my Coq file will not compile. I am using CoqIDE on Windows 10. When I use the Compile->Compile buffer tool, I get
On the other hand, when I use the Compile->Make tool, I get
The entire code for the file is given in the picture. It is also included below. Is there something it is missing? I looked high and low for some explanation of what was going on. All I found was this ominous statement from the Coq GitHub page:
"It is far from an easy task to compile Coq on Windows. Do not attempt unless you are a real Windows guru. If you need to work with non-released versions of Coq, or if you simply want to make your life easier, you may consider installing Coq into a virtualized Linux, as described below."
Module No1.
(*We first give the axioms of Principia
for the propositional calculus in *1.*)
Axiom MP1_1 : forall P Q : Prop,
(P -> Q)->P -> Q. (*Modus ponens*)
(*I did not bother with *1.11, which is
MP for propositions containing variables.*)
Axiom Taut1_2 : forall P : Prop,
P \/ P-> P. (*Tautology*)
Axiom Add1_3 : forall P Q : Prop,
Q -> Q \/ P. (*Addition*)
Axiom Perm1_4 : forall P Q : Prop,
P \/ Q -> Q \/ P. (*Permutation*)
Axiom Assoc1_5 : forall P Q R : Prop,
P \/ (Q \/ R) -> (P \/ Q) \/ R.
Axiom Sum1_6: forall P Q R : Prop,
(Q -> R) -> (Q \/ R -> P \/ R).
(*These are all the propositional axioms
of Principia Mathematica.*)
End No1.
Compiling a Coq program is verifying the proof. Often the compiled proof is never "run" like most other languages, it is just checked if it compiles, and it seems like your code does compile.
The message you found on Github is talking about compiling the Coq binaries, not a Coq source file like you are doing.
I've been stuck on a particular predicate logic problem (using Coq) for a long time. I've solved 30-40 predicate logic problems already but with this one I just can't figure it out.
This is the problem:
~all x, (P(x) / (Q(x) -> T(x))) -> ~all x, T(x).
Or in box form
Can anyone send me in the right direction? Thanks!
Edit:
This is the coq code for the problem:
Variables P Q T : D -> Prop.
Theorem pred_015 : ~all x, (P(x) \/ (Q(x) -> T(x))) -> ~all x, T(x).
Proof.
imp_i H.
Qed.
It looks to me like your are using some very old version of Coq.
After adding a missing declaration for D, and replacing all with forall, we get a statement that does not look provable.
However, if I had a set of parentheses, I get a goal that is now provable. See the following code:
Variable D : Set.
Variables P Q T : D -> Prop.
Theorem pred_015 : (~forall x, (P(x) \/ (Q(x) -> T(x)))) -> ~forall x, T(x).
Proof.
Now, I don't think I should be giving the solution to this here, in public, but it's quite easy if you remember that ~H is defined as H -> False.
I haven't been able to understand what the resolution rule is in propositional logic. Does resolution simply state some rules by which a sentence can be expanded and written in another form?
Following is a simple resolution algorithm for propositional logic. The function returns the set of all possible clauses obtained by resolving it's 2 input. I can't understand the working of the algorithm, could someone explain it to me?
function PL-RESOLUTION(KB,α) returns true or false
inputs: KB, the knowledge base, a sentence α in propositional logic, the query, a
sentence in propositional logic
clauses <--- the set of clauses in the CNF representation of KB ∧ ¬α
new <--- {}
loop do
for each Ci, Cj in clauses do
resolvents <----- PL-RESOLVE(Ci, Cj)
if resolvents contains the empty clause then return true
new <--- new ∪ resolvents
if new ⊆ clauses then return false
clauses <---- clauses ∪ new
It's a whole topic of discussion but I'll try to explain you one simple example.
Input of your algorithm is KB - set of rules to perform resolution. It easy to understand that as set of facts like:
Apple is red
If smth is red Then this smth is sweet
We introduce two predicates R(x) - (x is red) and S(x) - (x is sweet). Than we can written our facts in formal language:
R('apple')
R(X) -> S(X)
We can substitute 2nd fact as ¬R v S to be eligible for resolution rule.
Caluclating resolvents step in your programs delete two opposite facts:
Examples: 1) a & ¬a -> empty. 2) a('b') & ¬a(x) v s(x) -> S('b')
Note that in second example variable x substituted with actual value 'b'.
The goal of our program to determine if sentence apple is sweet is true. We write this sentence also in formal language as S('apple') and ask it in inverted state. Then formal definition of problem is:
CLAUSE1 = R('apple')
CLAUSE2 = ¬R(X) v S(X)
Goal? = ¬S('apple')
Algorithm works as follows:
Take clause c1 and c2
calculate resolvents for c1 and c2 gives new clause c3 = S('apple')
calculate resolvents for c3 and goal gives us empty set.
That means our sentence is true. If you can't get empty set with such resolutions that means sentence is false (but for most cases in practical applications it's a lack of KB facts).
Consider clauses X and Y, with X = {a, x1, x2, ..., xm} and Y = {~a, y1, y2, ..., yn}, where a is a variable, ~a is its negation, and the xi and yi are literals (i.e., possibly-negated variables).
The interpretation of X is the proposition (a \/ x1 \/ x2 \/ ... \/ xm) -- that is, at least one of a or one of the xi must be true, assuming X is true. Likewise for Y.
We assume that X and Y are true.
We also know that (a \/ ~a) is always true, regardless of the value of a.
If ~a is true, then a is false, so ~a /\ X => {x1, x2, ..., xm}.
If a is true, then ~a is false. In this case a /\ Y => {y1, y2, ..., yn}.
We know, therefore, that {x1, x2, ..., xm, y1, y2, ..., yn} must be true, assuming X and Y are true. Observe that the new clause does not refer to variable a.
This kind of deduction is known as resolution.
How does this work in a resolution based theorem prover? Simple: we use proof by contradiction. That is, we start by turning our "facts" into clauses and add the clauses corresponding to the negation of our "goal". Then, if we can eventually resolve to the empty clause, {}, we will have reached a contradiction since the empty clause is equivalent to falsity. Because the facts are given, this means that our negated goal must be wrong, hence the (unnegated) goal must be true.
resolution is a procedure used in proving that argument which are expressible in predicate logic are correct
resolution lead to refute theorem proving technique for sentences in propositional logic.
resolution provides proof by refutation. i.e. to show that it is valid,resolution attempts to show that the negation of the statement produces a contradiction with a known statement
algorithm:
1). convert all the propositions of axioms to clause form
2). negate propositions & convert result to clause form
3)resolve them
4)if the resolvent is the empty clause, then contradiction has been found