coq

Implementing vector addition in some of the dependently typed languages (such as Idris) is fairly straightforward. As per the example on Wikipedia : import Data.Vect %default total pairAdd : Num a => Vect n a -> Vect n a -> Vect n a pairAdd Nil Nil = Nil pairAdd (x :: xs) (y :: ys) = x + y :: pairAdd xs ys (Note how Idris' totality checker automatically infers that addition of Nil and non- Nil vectors is a logical impossibility.) I am trying to implement the equivalent functionality in Coq, using a custom vector implementation, albeit very similar to the one provided in the official Coq

In Coq I can define a Church encoding for lists of length n: Definition listn (A : Type) : nat -> Type := fun m => forall (X : nat -> Type), X 0 -> (forall m, A -> X m -> X (S m)) -> X m. Definition niln (A : Type) : listn A 0 := fun X n c => n. Definition consn (A : Type) (m : nat) (a : A) (l : listn A m) : listn A (S m) := fun X n c => c m a (l X n c). Is the type system of Haskell (including its extensions) strong enough to accommodate such definitions? If yes, how? Sure it is: {-# LANGUAGE RankNTypes #-} {-# LANGUAGE KindSignatures #-} {-# LANGUAGE DataKinds #-} {-# LANGUAGE GADTs #-}

I'm building a recursive function that does a match on a list l . In the cons branch I need to use the information that l = cons a l' in order to prove that the recursive function terminates. However, when I use match l the information gets lost. How can I use match to keep the information? Here is the function ( drop and drop_lemma_le are given at the end, for readability): Fixpoint picksome (l:list nat) (H : Acc lt (length l)) {struct H}: list nat. refine ( match l with nil => nil | cons a l' => cons a (picksome (drop a l') _) end ). apply H. assert (l = cons a l') by admit. (* here is where

Adding Axioms to COQ often makes proofs easier but also introduces some side effects. For instance, by using the classical axiom one leaves the intuitionistic realm and proofs are no longer computable. My question is, what is the downside of using the functional extensionality axiom? Arthur Azevedo De Amorim For me, the drawbacks of using functional extensionality are more or less the same as using any other axiom in Coq: it increases the complexity of the system and how much we need to trust. Although in theory we understand fairly well the logical consequences of working with these well

I am having trouble with formalizing definitions of the following form: define an integer such that some property holds. Let's say that I formalized the definition of the property: Definition IsGood (x : Z) : Prop := ... Now I need a definition of the form: Definition Good : Z := ... assuming that I proved that an integer with the property exists and is unique: Lemma Lemma_GoodExistsUnique : exists! (x : Z), IsGood x. Is there an easy way of defining Good using IsGood and Lemma_GoodExistsUnique ? Since, the property is defined on integer numbers, it seems that no additional axioms should be

I'm experimenting with Coq's extraction mechanism to Haskell. I wrote a naive predicate for prime numbers in Coq, here it is: (***********) (* IMPORTS *) (***********) Require Import Coq.Arith.PeanoNat. (************) (* helper'' *) (************) Fixpoint helper' (p m n : nat) : bool := match m,n with | 0,_ => false | 1,_ => false | _,0 => false | _,1 => false | S m',S n' => (orb ((mult m n) =? p) (helper' p m' n)) end. (**********) (* helper *) (**********) Fixpoint helper (p m : nat) : bool := match m with | 0 => false | S m' => (orb ((mult m m) =? p) (orb (helper' p m' m) (helper p m')))

I'm trying to understand what is the role of proofs in Coq extractions. I have the following example of floor integer division by two taken from here . For my first try I used the Admitted keyword: (*********************) (* div_2_even_number *) (*********************) Definition div_2_even_number: forall n, (Nat.Even n) -> {p:nat | n=p+p}. Proof. Admitted. (*************) (* test_even *) (*************) Definition test_even: forall n, {Nat.Even n}+{Nat.Even (pred n)}. Proof. Admitted. (********************) (* div_2_any_number *) (********************) Definition div_2_any_number (n:nat): {p

I am working through Software Foundations and am currently doing the exercises on Church numerals. Here is the type signature of a natural number: Definition nat := forall X : Type, (X -> X) -> X -> X. I have defined a function succ of type nat -> nat . I would now like to define an addition function like so: Definition plus (n m : nat) : nat := n nat succ m. However, I get the following error message: Error: Universe inconsistency. What does this error message actually mean? In Coq, everything has a type. Type is no exception: if you ask Coq with the Check command, it will tell you that its

OCaml's Hindley-Milner type system does not allow for impredicative polymorphism (à la System-F), except through a somewhat recent extension for record types. The same applies to F#. It however is sometimes desirable to translate programs written with impredicative polymorphism (e.g. Coq) into such languages. The solution for Coq's extractor to OCaml is to (sparingly) use Obj.magic , which is a kind of universal unsafe cast. This works because in OCaml's runtime system, all values have the same size regardless of their type (32 or 64 bits depending on architecture) the more sophisticated type