Upload
others
View
26
Download
0
Embed Size (px)
Citation preview
Predicate Logic
Xinyu Feng
University of Science and Technology of China (USTC)
11/20/2013
Xinyu Feng Predicate Logic
Overview
Predicate logic over integer expressions:a language of logical assertions, for example
∀x . x + 0 = x
Why discuss predicate logic?
It is an example of a simple language
It has simple denotational semantics
We will use it later in program specifications
Xinyu Feng Predicate Logic
Abstract Syntax
(intexp) e ::= 0 | 1 | . . .| x| −e | e+e | e-e | . . .
(assert) p,q ::= true | false| e=e | e < e | e < e | . . .| ¬p | p ∧ p | p ∨ p| p ⇒ p | p ⇔ p| ∀x .p | ∃x .p
Xinyu Feng Predicate Logic
Resolving Notational Ambiguity
Using parentheses: (∀x . (((x + 0) + 0) = x))
Using precedence and associativity: ∀x . x + 0 + 0 = x
arithmetic operators (∗ / . . . ) with the usual precedencerelational operators(= =<≤ . . . )
¬∧∨⇒⇔
The body of a quantified term extends to a delimiter.
Xinyu Feng Predicate Logic
Carriers and Constructors
Carriers (or Syntactic Categories): sets of abstract phrases(e.g. intexp, assert)
Constructors: specify abstract grammar productions
(intexp)e ::= 0 −→ c0 ∈ intexp(intexp)e ::= x −→ cvar ∈ var → intexp(intexp)e ::= e+e −→ c+ ∈ intexp × intexp → intexp
Note: Independent of the concrete pattern of the production:
(intexp)e ::=plus (e, e′) −→ c+ ∈ intexp × intexp → intexp
Constructors must be injective and have disjoint ranges
Carriers must be either predefined or their elements mustbe constructable in finitely many constructor applications
Xinyu Feng Predicate Logic
Inductive Structure of Carrier Sets
With these properties of constructors and carriers, carriers canbe defined inductively:
intexp(0) def= {}
intexp(j+1) def= {c0} ∪ {c+ (e0,e1) | e0,e1 ∈ intexpj} ∪ {. . . }
assert(0) def= {}
assert(j+1) def= {ctrue,cfalse}def= ∪{c=(e0,e1) | e0,e1 ∈ intexp}def= ∪{c¬ p | p ∈ assert(j)}def= ∪{c∧(p,q) | p,q ∈ assert(j)}
intexp def=
∞⋃j=0
intexp(j)
assert def=
∞⋃j=0
assert(j)
Xinyu Feng Predicate Logic
Denotational Semantics
The meaning of a term e ∈ intexp is �e�intexp, i.e. the function�−�intexp maps intexp objects to their meanings.
What is the set of meanings?
The meaning of �5 + 37�intexp of the term “5 + 37” (i.e.c+ (c5,c37) is the integer 42.
However, the term “x + 37” contains the free variable x , so themeaning of an intexp e in general cannot be an integer . . .
Xinyu Feng Predicate Logic
Environments or States
To give meanings to “x + 37”, we need an environment (alsocalled variable assignment or state):
σ ∈ Σdef= var → Z
which gives meanings to free variables.
The meaning of a term (intexp or assert) is a function from thestates to Z or B.
�−�intexp ∈ intexp → Σ → Z�−�assert ∈ assert → Σ → B
If σ = {(x ,3), (y ,4)}, then �x + 5�intexp σ = 8,�∃z. x < z ∧ z < y�assert σ = false
Xinyu Feng Predicate Logic
Direct Semantics Equations for Predicate Logic
�0�intexp σdef= 0
�x� σdef= σ x
�e0+e1�intexp σdef= (�e0�intexp σ)+(�e1�intexp σ)
�true�assert σdef= true
�e0=e1�assert σdef= (�e0�intexp σ)=(�e1�intexp σ)
�¬p�assert σdef= ¬(�p�assert σ)
�p ∧ q�assert σdef= (�p�assert σ)∧(�q�assert σ)
�∀x .p�assert σdef= ∀n ∈ Z. �p�assert (σ{x � n})
Xinyu Feng Predicate Logic
Example: The Meaning of a Term
�∀x . x+0=x�assert σ
Xinyu Feng Predicate Logic
Properties of the Semantics Equations
They are Syntax Directed (Homomorphic):exactly one equation for each constructor
results expressed using semantics (meanings) of subterms(arguments of constructors) only.
⇒ they have exactly one solutions (proof by induction onthe structure of terms)
They define compositional semantic functions(depending only on the meanings of subterms)
⇒ “equivalent” terms can be substituted.
Xinyu Feng Predicate Logic
Validity of Assertions
p holds/is true in σ ⇐⇒ �p�assert σ = true σ satisfies p
p is valid ⇐⇒ ∀σ ∈ Σ.p holds in σ
p is unsatisfiable ⇐⇒ ∀σ ∈ Σ. �p�assert σ = false⇐⇒ ¬p is valid
p is stronger than q ⇐⇒ ∀σ ∈ Σ. q holds in σ if p holds in σ⇐⇒ p ⇒ q is valid
p and q are equivalent ⇐⇒ p is stronger than q andq is stronger than p
Xinyu Feng Predicate Logic
Inference Rules
Axioms and Rules
� p� p0,� p1, · · · � pn−1
� p
They are all schemas.
Judgments � pWe also use � p to mean there exists a proof or derivationof � p following the axioms and rules.
Xinyu Feng Predicate Logic
Inference Rules – Examples
� x + 0 = x(xPlusZero)
� e0 = e1 ⇒ e1 = e0(SymmObjEq)
� p � p ⇒ q� q
(ModusPonens)
� p� ∀x .p
(Generalization)
Xinyu Feng Predicate Logic
Formal Proofs
A set of inference rules define a Logical Theory �.
A Formal Proof in a logical theory: a sequence of instantiationsof axioms and inference rules, where a premise of each ruleoccur as conclusions of another rule earlier in the sequence.
Example:
1. � x + 0 = x (xPlusZero)
2. � x + 0 = x ⇒ x = x + 0 (SymmObjEq)
3. � x = x + 0 (ModusPonens,1,2)
4. � ∀x . x = x + 0 (Generalization,3)
Xinyu Feng Predicate Logic
Tree Representation (Derivation Trees)
� x + 0 = x(xPZ) � x + 0 = x ⇒ x = x + 0
(Symm)
� x = x + 0(MP)
� ∀x . x = x + 0(Gen)
Xinyu Feng Predicate Logic
Sequent Style Rules
Γ,p � p,Δ(id)
Γ � p,ΔΓ,¬p � Δ
(negL)Γ,p � Δ
Γ � ¬p,Δ(negR)
Γ,p,q � Δ
Γ,p ∧ q � Δ(conjL)
Γ � p,Δ Γ � q,ΔΓ � p ∧ q,Δ
(conjR)
Γ,p � Δ Γ,q � Δ
Γ,p ∨ q � Δ(disjL)
Γ � p,q,ΔΓ � p ∨ q,Δ
(disjR)
Γ � p,Δ Γ,q � Δ
Γ,p ⇒ q � Δ(impL)
Γ,p � q,ΔΓ � p ⇒ q,Δ
(impR)
Xinyu Feng Predicate Logic
Sequent Style Rules (cont’d)
Γ,p(x) � Δ
Γ,∀x .p(x) � Δ(alL)
Γ � p(z),ΔΓ � ∀x .p(x),Δ
(alR)
Γ,p(z) � Δ
Γ,∃x .p(x) � Δ(exL)
Γ � p(x),ΔΓ � ∃x .p(x),Δ
(exR)
Xinyu Feng Predicate Logic
Soundness of a Logical Theory
An inference rule is sound if in every instance of the rulethe conclusion is valid if all the premises are.
A logical theory � is sound if all the inference rules in it aresound.
If � is sound and there is a formal proof of � p, then p isvalid.
Object vs. Meta implication:
� p ⇒ ∀x .p unsound� p
� ∀x .p sound.
Xinyu Feng Predicate Logic
Completeness of a Logical Theory
A logical theory � is complete if for every valid assertion p thereis a formal proof of � p.
A logical theory � is axiomatizable if there exist a finite set ofinference rules from which formal proofs of assertions in � canbe constructed.
No first-order theory of arithmetic is axiomatizable andcomplete (Gödel’s incompleteness theorem).
Xinyu Feng Predicate Logic
Variable Binding
∀x .∃y . x < y ∧ ∃x . x > y
Binder and scope
Bound and free occurrences of variables
α-renaming and substitution similar to λ-calculus
Xinyu Feng Predicate Logic
Only Assignment of Free Variables Matters
Coincidence Theorem:If σ x = σ′ x for all x ∈ fv(p), then �p�θ σ = �p�θ σ
′
(θ ∈ {intexp,assert} and p ∈ θ).
Proof: By induction over the structure of p.
Induction Hypothesis: The statement of the theorem holdsover all phrases of depth less than that of p.
Base cases:p = 0: �p�intexp σ = 0 = �p�intexp σ
′.p = x : �p�intexp σ = σ x = σ′ x = �p�intexp σ
′, since fv(x) = {x}.
Xinyu Feng Predicate Logic
Proof of Coincidence Theorem (cont’d)
Coincidence Theorem:If σ x = σ′ x for all x ∈ fv(p), then �p�θ σ = �p�θ σ
′
Inductive cases:p = e0 + e1: By IH, �ei�intexp σ = �ei�intexp σ
′ for i ∈ {0,1}.So �e�intexp σ = �e0�intexp σ + �e1�intexp σ
= �e0�intexp σ′ + �e1�intexp σ
′ = �e�intexp σ′
p = ∀x .q:σ z = σ′ z, for all z ∈ fv(p) = fv(q)− {x}So σ{x � n} z = σ′{x � n} z, for all n ∈ Z and z ∈ fv(q).By IH, �q�assert σ{x � n} = �q�assert σ
′{x � n}, for all n ∈ Z.Therefore(∀n ∈ Z. �q�assert σ{x � n}) = (∀n ∈ Z. �q�assert σ
′{x � n})That is �p�assert σ = �p�assert σ
′.
Xinyu Feng Predicate Logic
Substitution
−/δ ∈ intexp → intexp−/δ ∈ assert → assert
}where δ ∈ var → intexp
0/δ = 0
(-e)/δ = -(e/δ)
(e0+e1)/δ = (e0/δ)+(e1/δ)
. . .
x/δ = δ x
(p ∧ q)/δ = (p/δ) ∧ (q/δ)
(∀x .p)/δ = ∀x ′. (p/δ{x � x ′})where x ′ ∈ ⋃
z∈fv(∀x. p)fv(δ z)
Examples:
(x < 0 ∧ ∃x . x ≤ y)/{(x , y + 1)} = y + 1 < 0 ∧ ∃x . x ≤ y
(x < 0 ∧ ∃x . x ≤ y)/{(y , x + 1)} = x < 0 ∧ ∃z. z ≤ x + 1
Xinyu Feng Predicate Logic
Substitution Theorems
Substitution Theorem:If σ′ = �−�intexp σ ◦ δ (i.e. σ′ = λx ∈ var. �δ x�intexp σ),then �p�assert σ
′ = �p/δ�assert σ
Finite Substitution Theorem: Letδ = {(x0,e0), . . . , (xn−1,en−1)}, andσ′ = σ
{x0 � �e0�intexp σ, . . . , xn−1 � �en−1�intexp σ
}, then
�p�assert σ′ = �p/δ�assert σ.
Xinyu Feng Predicate Logic
Acknowledgments
Slides follow Chapter 1 of Reynolds, and are taken from ZhongShao’s lecture notes on Formal Semantics.
Xinyu Feng Predicate Logic