CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter p. 1/27

Similar documents
CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Sections p.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 11 p. 1/38

An Athena tutorial. Konstantine Arkoudas

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Section 17.1

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Section 17.2

An Evolution of Mathematical Tools

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 12

CSC 501 Semantics of Programming Languages

Overview. CS389L: Automated Logical Reasoning. Lecture 6: First Order Logic Syntax and Semantics. Constants in First-Order Logic.

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Part I Logic programming paradigm

SOFTWARE ENGINEERING DESIGN I

Higher-Order Logic. Specification and Verification with Higher-Order Logic

Typed Lambda Calculus

LOGIC AND DISCRETE MATHEMATICS

15-819M: Data, Code, Decisions

Polymorphic lambda calculus Princ. of Progr. Languages (and Extended ) The University of Birmingham. c Uday Reddy

Goals: Define the syntax of a simple imperative language Define a semantics using natural deduction 1

This is already grossly inconvenient in present formalisms. Why do we want to make this convenient? GENERAL GOALS

HOL DEFINING HIGHER ORDER LOGIC LAST TIME ON HOL CONTENT. Slide 3. Slide 1. Slide 4. Slide 2 WHAT IS HIGHER ORDER LOGIC? 2 LAST TIME ON HOL 1

Programming Languages Third Edition

Finite Model Generation for Isabelle/HOL Using a SAT Solver

Automated Reasoning. Natural Deduction in First-Order Logic

type classes & locales

n n Try tutorial on front page to get started! n spring13/ n Stack Overflow!

Z Notation. June 21, 2018

Lecture 5: Predicate Calculus. ffl Predicate Logic ffl The Language ffl Semantics: Structures

Proving Theorems with Athena

CSC Discrete Math I, Spring Sets

Type Checking and Type Inference

An Introduction to Programming and Proving in Agda (incomplete draft)

3.4 Deduction and Evaluation: Tools Conditional-Equational Logic

Built-in Module BOOL. Lecture Note 01a

Functional programming with Common Lisp

SML A F unctional Functional Language Language Lecture 19

Typed Lambda Calculus for Syntacticians

CS Bootcamp Boolean Logic Autumn 2015 A B A B T T T T F F F T F F F F T T T T F T F T T F F F

Module 6. Knowledge Representation and Logic (First Order Logic) Version 2 CSE IIT, Kharagpur

Lecture 19: Functions, Types and Data Structures in Haskell

Introduction to Prolog

Propositional Logic. Andreas Klappenecker

Foundations of AI. 9. Predicate Logic. Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution

RSL Reference Manual

Lecture 5. Logic I. Statement Logic

Lists. Michael P. Fourman. February 2, 2010

Propositional Logic Formal Syntax and Semantics. Computability and Logic

Summary of Course Coverage

Lecture 4. First order logic is a formal notation for mathematics which involves:

CS 512, Spring 2017: Take-Home End-of-Term Examination

F28PL1 Programming Languages. Lecture 11: Standard ML 1

Situation Calculus and YAGI

Typed First-order Logic

Lecture 1: Conjunctive Queries

Formal Predicate Calculus. Michael Meyling

Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley. Chapter 6 Outline. Unary Relational Operations: SELECT and

1.3. Conditional expressions To express case distinctions like

Axiomatic Specification. Al-Said, Apcar, Jerejian

Lambda Calculus and Type Inference

STABILITY AND PARADOX IN ALGORITHMIC LOGIC

Note that in this definition, n + m denotes the syntactic expression with three symbols n, +, and m, not to the number that is the sum of n and m.

Induction and Semantics in Dafny

Typed Scheme: Scheme with Static Types

Introductory logic and sets for Computer scientists

ITCS 6150 Intelligent Systems. Lecture 13 First-Order Logic Chapter 8

l A family of logic based KR formalisms l Distinguished by: l Decidable fragments of FOL l Closely related to Propositional Modal & Dynamic Logics

Discrete Mathematics Lecture 4. Harper Langston New York University

Semantics and Pragmatics of NLP Propositional Logic, Predicates and Functions

9/19/12. Why Study Discrete Math? What is discrete? Sets (Rosen, Chapter 2) can be described by discrete math TOPICS

Overloading, Type Classes, and Algebraic Datatypes

Propositional Logic. Part I

Propositional Calculus: Boolean Functions and Expressions. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson

COP4020 Programming Languages. Functional Programming Prof. Robert van Engelen

K Reference Card. Complete example

Inductive Data Types

Inductive Definitions, continued

Going beyond propositional logic

Reasoning About Set Comprehensions

Data types for mcrl2

1. true / false By a compiler we mean a program that translates to code that will run natively on some machine.

Haskell Overview II (2A) Young Won Lim 8/9/16

CSL105: Discrete Mathematical Structures. Ragesh Jaiswal, CSE, IIT Delhi

Review Material: First Order Logic (FOL)

Towards a Logical Reconstruction of Relational Database Theory

CSE 20 DISCRETE MATH. Fall

[Ch 6] Set Theory. 1. Basic Concepts and Definitions. 400 lecture note #4. 1) Basics

COMP 181. Agenda. Midterm topics. Today: type checking. Purpose of types. Type errors. Type checking

Software Engineering Lecture Notes

CSE 20 DISCRETE MATH. Winter

Notes for Chapter 12 Logic Programming. The AI War Basic Concepts of Logic Programming Prolog Review questions

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Semantic Characterizations of XPath

UMBC CMSC 331 Final Exam

The design of a programming language for provably correct programs: success and failure

Typed Racket: Racket with Static Types

the Common Algebraic Specification Language

Softwaretechnik. Lecture 03: Types and Type Soundness. Peter Thiemann. University of Freiburg, Germany SS 2008

arxiv: v2 [cs.ai] 18 Sep 2013

Recursion and Induction: Haskell; Primitive Data Types; Writing Function Definitions

1 Introduction. 3 Syntax

CS 6110 S11 Lecture 25 Typed λ-calculus 6 April 2011

Transcription:

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 1/27 CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 Instructor: Carlos Varela Rensselaer Polytechnic Institute Spring 2018

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 2/27 Introduction to Athena Goal: to become familiar with Athena language interacting with Athena domains and function symbols terms sentences definitions assumption bases datatypes polymorphism meta-identifiers expressions and deductions

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 3/27 Athena Athena is a language for expressing proofs and computations. it is higher-order, i.e., procedures are first-class values (can be passed or returned). it is dynamically typed, i.e., type checking at run-time. it has cells and vectors for state update. it uses lists, which are heterogeneous (arbitrary types for values). similarly to the λ-calculus, uses procedure calls for flow control.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 4/27 Athena s Fundamental Data Values Athena s fundamental data values are terms and sentences. A term is a symbolic structure, essentially a tree whose every node contains either a function symbol or a variable. For example: 3 + 5, x/2, 78, etc. Joe, Joe s father,... Terms denote individual objects in some domain of interest. A sentence is essentially a formula of first-order logic: either an atomic formula, or a Boolean combination of formulas, or a quantification. Sentences express propositions about domains of interest. They serve as the conclusion of proofs.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 5/27 Athena s Fundamental Syntactic Categories Athena s fundamental syntactic categories are deductions and expressions. A phrase F is either an expression or a deduction. E := (Expressions, for computing) D := (Deductions, for proving) (1) F := E D (Phrases) Deductions, if successful, can only produce one type of value: a sentence, e.g., all prime numbers greater than 2 are odd. Guaranteed to be logical consequence of assumptions at evaluation time.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 6/27 Athena s Phrase Evaluation Athena evaluates phrases to produce values. A phrase F is evaluated as follows: Evaluation Input: Phrase F (w.r.t. given ρ, β, σ, γ) Output: Value V ρ β σ γ a lexical environment an assumption base a store a symbol set

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 7/27 Interacting with Athena Athena can be used either in batch mode or interactively. Typing load file.ath at the input prompt will process file.ath sequentially. The.ath extension can be omitted. The file can also be given as a command line argument to Athena. ;; will signal end of input in multiple-line entry in interactive mode.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 8/27 Domains and function symbols A domain is simply a set of objects that we want to talk about. We can introduce one with the domain keyword. For example, > domain Person New domain Person introduced. Multiple domains can be introduced with the domains keyword: domains Element, Set Domains are sorts. Function symbols denote operations on sorts, e.g.: > declare father: [ Person] - > Person New symbol father declared. [Person] -> Person is the signature of father.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 9/27 Function symbols Multiple function symbols with same signature can be declared separated by commas: declare union, intersection : [ Set Set ] - > Set declare father, mother: [ Person] - > Person A function symbol of arity zero is called a constant symbol, or simply a constant. > declare joe : Person New symbol joe declared. > declare null : Set New symbol null declared. Function symbols are first-class data values. They are not procedures.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 10/27 Function symbols Multiple constant symbols of the same sort can be introduced by separating them with commas: declare peter, tom, ann, mary : Person declare e, e1, e2: Element declare S, S1, S2: Set true and false are constants of the built-in sort Boolean. The two numeric domains Int (integers) and Real (reals) are also built-in. A function symbol whose range is Boolean is also called a relation (or predicate) symbol, or just predicate for short. Some examples: declare in: [ Element Set ] - > Boolean declare male, female: [ Person] - > Boolean declare siblings : [ Person Person] - > Boolean declare subset: [ Set Set ] - > Boolean

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 11/27 Procedures An Athena procedure is a lambda abstraction written by users to compute, e.g.: define ( fact n) := check { ( less? n 1) => 1 else => ( times n ( fact ( minus n 1))) } where less?, times, and minus are primitive procedures: > ( less? 7 8) Term : true > ( times 2 3) Term : 6 > ( minus 5 1) Term : 4

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 12/27 Terms A term is a syntactic object that represents an element of some sort. The simplest term is a constant symbol: > joe Term : joe We can ask Athena to print the sort of this (or any other) term: > ( println ( sort-of joe )) Person Unit : () Athena knows that joe denotes an individual in the domain Person.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 13/27 Terms A variable is also a term. The following are all legal variables:?x:person?s25:set?foo-bar:int?b_1:boolean?@sd%&:real Constant symbols and variables are primitive or simple terms, with no internal structure.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 14/27 Terms More complex terms can be formed by applying a function symbol f to n given terms t 1 t n, where n is the arity of f. Some examples of complex terms: (father joe) (father (father joe)) (in e S) (union null S2) (male (father joe)) (subset null (union?x null))

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 15/27 Terms root and children primitive procedures return the root symbol of an application and its children (as a list of terms, ordered from left to right). For example: define t := ( father ( mother joe )) > ( root t) Symbol: father > ( children t) List : [( mother joe )]

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 16/27 Lists A list of n 0 values V 1 V n can be formed simply by enclosing the values inside square brackets: [V 1 V n ]. For instance: > [ tom ann ] List : [tom ann ] > [] List : [] > [ tom [ peter mary] ann ] List : [tom [ peter mary ] ann ] Lists are heteregeneous, i.e., they may contain elements of different types.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 17/27 Some operations on lists Some operations on lists are add, head, tail, length, rev, and join. > ( add 1 [2 3]) List : [1 2 3] > ( head [1 2 3]) Term : 1 > ( tail [1 2 3]) List : [2 3] > ( rev [1 2 3]) List : [3 2 1] > ( length [1 2 3]) Term : 3 > ( join [1 2] [ a b] [3]) List : [1 2 a b 3]

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 18/27 Sort checking and inference Athena checks for correctness of sorts in complex terms: > ( father true ) standard input :1:2: Error : Unable to infer a sort for the term :( father true) ( Failed to unify the sorts Boolean and Person.) It also performs Hindley-Milner-style sort inference. For instance: > (in?x?s) Term : (in?x: Element?S: Set ) Notice that only terms have sorts. But terms are only one type of Athena value. Other types include: sentences, lists, procedures, methods, the unit value, and more.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 19/27 Infix form and precedence Infix form is allowed in Athena, for example: (e in S) (null union S2) (male father joe) (null subset?x union null) Athena always prints output terms in full prefix form, as so-called s-expressions : > ( null union?s) Term : ( union null?s: Set ) By default, every predicate is given a precedence of 100, while other binary or unary function symbols are given a precedence of 110.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 20/27 Sentences the bread and butter of Athena every successful proof derives a sentence. There are three kinds: Atomic sentences Boolean combinations Quantified sentences

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 21/27 Atomic Sentences Atomic sentences, or just atoms. These are simply terms of sort Boolean. Examples are: (siblings peter (father joe)) (subset?s1 (union?s1?s2))

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 22/27 Boolean Combinations Obtained from other sentences through one of the five sentential constructors not, and, or, if, and iff, or their synonyms, as shown in the following table. Constructor Synonym Prefix mode Infix mode Interpretation not (not p) ( p) Negation and & (and p q) (p & q) Conjunction or (or p q) (p q) Disjunction if ==> (if p q) (p ==> q) Conditional iff <==> (iff p q) (p <==> q) Biconditional

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 23/27 Quantified Sentences A quantified sentence is of the form (Q x:s. p) where Q is a quantifier, x:s is a variable of sort S, and p is a sentence. Quantifier Prefix Infix Interpretation forall (forall x:s p) (forall x:s. p) p holds for every x:s exists (exists x:s p) (exists x:s. p) p holds for some x:s Examples are: (forall?x.?x =/= father?x) (forall?s1?s2.?s1 =?S2 <==>?S1 subset?s2 &?S2 subset?s1)

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 24/27 Definitions Definitions let us give a name to a value and then subsequently refer to the value by that name. Top-level directive define s syntax form is: define I := F where I is any identifier and F is a phrase denoting the value that we want to define. > define p := ( forall?s.?s subset?s) Sentence p defined. > (p & p) Sentence : ( and ( forall? s: Set ( subset?s:set?s:set )) ( forall?s: Set ( subset?s:set?s:set )))

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 25/27 Assumption bases At all times Athena maintains a global set of sentences called the assumption base. We can think of the elements of the assumption base as our premises sentences that we regard (at least provisionally) as true. Initially the system starts with a small assumption base. Every time an axiom is postulated or a theorem is proved at the top level, the corresponding sentence is inserted into the assumption base.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 26/27 Datatypes A datatype is a special kind of domain. It is special in that it is inductively generated, i.e., every element of the domain can be built up in a finite number of steps by applying constructors of the datatype. A datatype D is specified by giving its name, possibly followed by some sort parameters, and then a nonempty sequence of constructor profiles separated by the symbol. A constructor profile without selectors is of the form (c S 1 S n ), consisting of the name of the constructor, c, along with n sorts S 1 S n, where S i is the sort of the i th argument of c.

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 27/27 Datatype examples Boolean is a pre-defined datatype that has two constant constructors, true and false. datatype Boolean := true false The intended effect of this datatype definition could be approximated in terms of mechanisms with which we are already familiar as follows: domain Boolean declare true, false : Boolean assert ( true =/= false ) assert ( forall? b: Boolean.? b = true?b = false ) These are free-generation axioms: the first is known as no-confusion, and the second is known as no-junk in universal algebra.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback