coq

I have an Inductive Set built with three constructors: Inductive MF : Set := | D : MF | cn : MF -> MF -> MF | dn : Z -> MF -> MF. I would like to somehow define a new inductive set B, such that B is a subset of MF containing just the elements obtained from D and dn. Furthermore, everything in B should be interpreted as type MF if needed. I tried defining first B and then MF as follows: Inductive B : Set := | D : B | dn : Z -> B -> B. Inductive MF : Set := | m : B -> MF | cn : MF -> MF -> MF | Dn : Z -> MF -> MF. Axiom m_inj : forall (a b : B), m a = m b -> a = b. Coercion m : B >-> MF. Axiom

I'm reading Mike Nahas's introductory Coq tutorial , which says: The arguments to "ex_intro" are: the predicate the witness a proof of the predicated called with the witness I looked at the definition : Inductive ex (A:Type) (P:A -> Prop) : Prop := ex_intro : forall x:A, P x -> ex (A:=A) P. and I'm having trouble parsing it. Which parts of the expression forall x:A, P x -> ex (A:=A) P correspond to those three arguments (predicate, witness, and proof)? To understand what Mike meant, it's better to launch the Coq interpreter and query for the type of ex_intro : Check ex_intro. You should then

How can I in coq, prove that a function f that accepts a bool true|false and returns a bool true|false (shown below), when applied twice to a single bool true|false would always return that same value true|false : (f:bool -> bool) For example the function f can only do 4 things, lets call the input of the function b : Always return true Always return false Return b (i.e. returns true if b is true vice versa) Return not b (i.e. returns false if b is true and vice vera) So if the function always returns true: f (f bool) = f true = true and if the function always return false we would get: f (f

When refine ing a program, I tried to end proof by inversion on a False hypothesis when the goal was a Type . Here is a reduced version of the proof I tried to do. Lemma strange1: forall T:Type, 0>0 -> T. intros T H. inversion H. (* Coq refuses inversion on 'H : 0 > 0' *) Coq complained Error: Inversion would require case analysis on sort Type which is not allowed for inductive definition le However, since I do nothing with T , it shouldn't matter, ... or ? I got rid of the T like this, and the proof went through: Lemma ex_falso: forall T:Type, False -> T. inversion 1. Qed. Lemma strange2:

I’d like to define the following function using Program Fixpoint or Function in Coq: Require Import Coq.Lists.List. Import ListNotations. Require Import Coq.Program.Wf. Require Import Recdef. Inductive Tree := Node : nat -> list Tree -> Tree. Fixpoint height (t : Tree) : nat := match t with | Node x ts => S (fold_right Nat.max 0 (map height ts)) end. Program Fixpoint mapTree (f : nat -> nat) (t : Tree) {measure (height t)} : Tree := match t with Node x ts => Node (f x) (map (fun t => mapTree f t) ts) end. Next Obligation. Unfortunately, at this point I have a proof obligation height t < height

How to call proof assistant Coq from external software? Does Coq have some API? Is Coq command line interface rich enough to pass arguments in file and receive response in file? I am interested in Java or C++ bridges. This is legitimate question. Coq is not the usual business software from which one can expect the developer friendly API. I had similary question about Isabelle/HOL and it was legitimate question with non-trivial answer. As of today, there are three ways to interact with Coq, ordered from more effort to less power: The OCaml API: This is what Coq plugins do, however, some parts