CIS 194: Homework 8. Due Wednesday, 8 April. Propositional Logic. Implication

Similar documents
Introduction to dependent types in Coq

An Introduction to Programming and Proving in Agda (incomplete draft)

Natural Numbers. We will use natural numbers to illustrate several ideas that will apply to Haskell data types in general.

STABILITY AND PARADOX IN ALGORITHMIC LOGIC

The three faces of homotopy type theory. Type theory and category theory. Minicourse plan. Typing judgments. Michael Shulman.

Programming with Universes, Generically

GADTs. GADTs in Haskell

Programming Languages Third Edition

Induction in Coq. Nate Foster Spring 2018

Proofs are Programs. Prof. Clarkson Fall Today s music: Proof by Paul Simon

The Truth about Types. Bartosz Milewski

Lecture 5. Logic I. Statement Logic

CS 456 (Fall 2018) Scribe Notes: 2

To prove something about all Boolean expressions, we will need the following induction principle: Axiom 7.1 (Induction over Boolean expressions):

CIS 194: Homework 3. Due Wednesday, February 11, Interpreters. Meet SImPL

Logical Verification Course Notes. Femke van Raamsdonk Vrije Universiteit Amsterdam

Coq in a Hurry. Yves Bertot

HOL DEFINING HIGHER ORDER LOGIC LAST TIME ON HOL CONTENT. Slide 3. Slide 1. Slide 4. Slide 2 WHAT IS HIGHER ORDER LOGIC? 2 LAST TIME ON HOL 1

[Ch 6] Set Theory. 1. Basic Concepts and Definitions. 400 lecture note #4. 1) Basics

(a) (4 pts) Prove that if a and b are rational, then ab is rational. Since a and b are rational they can be written as the ratio of integers a 1

Formal Methods of Software Design, Eric Hehner, segment 1 page 1 out of 5

6.080 / Great Ideas in Theoretical Computer Science Spring 2008

Basic Foundations of Isabelle/HOL

Expr_annotated.v. Expr_annotated.v. Printed by Zach Tatlock

Types Summer School Gothenburg Sweden August Dogma oftype Theory. Everything has a type

Induction and Semantics in Dafny

Lecture 8: Summary of Haskell course + Type Level Programming

Universes. Universes for Data. Peter Morris. University of Nottingham. November 12, 2009

AXIOMS OF AN IMPERATIVE LANGUAGE PARTIAL CORRECTNESS WEAK AND STRONG CONDITIONS. THE AXIOM FOR nop

Univalent fibrations in type theory and topology

Equations: a tool for dependent pattern-matching

3.4 Deduction and Evaluation: Tools Conditional-Equational Logic

A NEW PROOF-ASSISTANT THAT REVISITS HOMOTOPY TYPE THEORY THE THEORETICAL FOUNDATIONS OF COQ USING NICOLAS TABAREAU

CSC Discrete Math I, Spring Sets

To prove something about all Boolean expressions, we will need the following induction principle: Axiom 7.1 (Induction over Boolean expressions):

1. Chapter 1, # 1: Prove that for all sets A, B, C, the formula

Definition: A context-free grammar (CFG) is a 4- tuple. variables = nonterminals, terminals, rules = productions,,

Logic and Proof course Solutions to exercises from chapter 6

Handout 9: Imperative Programs and State

Mathematics for Computer Scientists 2 (G52MC2)

Sets. {1, 2, 3, Calvin}.

CIS 500: Software Foundations

Topic 1: What is HoTT and why?

Programming in Omega Part 1. Tim Sheard Portland State University

CIS 500: Software Foundations

CIS 500 Software Foundations. Midterm I. (Standard and advanced versions together) October 1, 2013 Answer key

A CRASH COURSE IN SEMANTICS

Certified Programming with Dependent Types

Chapter 3. Set Theory. 3.1 What is a Set?

c constructor P, Q terms used as propositions G, H hypotheses scope identifier for a notation scope M, module identifiers t, u arbitrary terms

Coq quick reference. Category Example Description. Inductive type with instances defined by constructors, including y of type Y. Inductive X : Univ :=

Software Engineering Lecture Notes

MoreIntro_annotated.v. MoreIntro_annotated.v. Printed by Zach Tatlock. Oct 04, 16 21:55 Page 1/10

IA014: Advanced Functional Programming

To illustrate what is intended the following are three write ups by students. Diagonalization

Discrete Mathematics Lecture 4. Harper Langston New York University

Summary of Course Coverage

Now that we have keys defined for the maps, we can start talking about maps. The first of these are Total Maps. Total Maps are defined as follows:

Proving Theorems with Athena

Provably Correct Software

Coq projects for type theory 2018

Homework 1 CS 1050 A Due:

Dependent Types and Irrelevance

Programming Languages Fall 2014

CPSC 121: Models of Computation. Module 6: Rewriting predicate logic statements

CSC 501 Semantics of Programming Languages

Introduction to Homotopy Type Theory

Mathematics for Computer Scientists 2 (G52MC2)

Classical logic, truth tables. Types, Propositions and Problems. Heyting. Brouwer. Conjunction A B A & B T T T T F F F T F F F F.

Announcements. CS243: Discrete Structures. Strong Induction and Recursively Defined Structures. Review. Example (review) Example (review), cont.

On Agda JAIST/AIST WS CVS/AIST Yoshiki Kinoshita, Yoriyuki Yamagata. Agenda

Lists. Michael P. Fourman. February 2, 2010

CS 3512, Spring Instructor: Doug Dunham. Textbook: James L. Hein, Discrete Structures, Logic, and Computability, 3rd Ed. Jones and Barlett, 2010

The set consisting of all natural numbers that are in A and are in B is the set f1; 3; 5g;

Inductive Definitions, continued

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 11 p. 1/38

Coq Summer School, Session 9 : Dependent programs with logical parts. Pierre Letouzey

2.2 Set Operations. Introduction DEFINITION 1. EXAMPLE 1 The union of the sets {1, 3, 5} and {1, 2, 3} is the set {1, 2, 3, 5}; that is, EXAMPLE 2

FUZZY BOOLEAN ALGEBRAS AND LUKASIEWICZ LOGIC. Angel Garrido

4 Programming with Types

GADTs. Wouter Swierstra. Advanced functional programming - Lecture 7. Faculty of Science Information and Computing Sciences

Inductive data types

2. CONNECTIVITY Connectivity

CS40-S13: Functional Completeness

λ calculus is inconsistent

CPS 102: Discrete Mathematics. Quiz 3 Date: Wednesday November 30, Instructor: Bruce Maggs NAME: Prob # Score. Total 60

Reductions and Satisfiability

Section 2.4: Arguments with Quantified Statements

CSE 20 DISCRETE MATH. Winter

LASER 2011 Summerschool Elba Island, Italy Basics of COQ

Typed Lambda Calculus

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter p. 1/27

Syntax of Eiffel: a Brief Overview

Representability of Homotopy Groups in Type Theory

LOGIC AND DISCRETE MATHEMATICS

An experiment with variable binding, denotational semantics, and logical relations in Coq. Adam Chlipala University of California, Berkeley

Commands, and Queries, and Features. Syntax of Eiffel: a Brief Overview. Escape Sequences. Naming Conventions

CSE 20 DISCRETE MATH. Fall

III SEMESTER B. A. PHILOSOPHY PHL3B04 - SYMBOLIC LOGIC AND INFORMATICS QUESTION BANK FOR INTERNAL ASSESSMENT. Multiple Choice Questions

Synthesis of distributed mobile programs using monadic types in Coq

Transcription:

CIS 194: Homework 8 Due Wednesday, 8 April Propositional Logic In this section, you will prove some theorems in Propositional Logic, using the Haskell compiler to verify your proofs. The Curry-Howard isomorphism states that types are equivalent to theorems and programs are equivalent to proofs. There is no need to run your code or even write test cases; once your code type checks, the proof will be accepted! Implication We will begin by defining some logical connectives. The first logical connective is implication. Luckily, implication is already built in to the Haskell type system in the form of arrow types. The type p -> q is equivalent to the logical statement P Q. We can now prove a very simple theorem called Modus Ponens. Modus Ponens states that if P implies Q and P is true, then Q is true. It is often written as: P Q P Q We can write this down in Haskell as well: Figure 1: Modus Ponens modus_ponens :: (p -> q) -> p -> q modus_ponens pq p = pq p

cis 194: homework 8 2 Notice that the type of modus_ponens is identical to the Prelude function ($). We can therefore simplify the proof 1 : modus_ponens :: (p -> q) -> p -> q modus_ponens = ($) 1 This is a very interesting observation. The logical theorem Modus Ponens is exactly equivalent to function application! Disjunction The disjunction (also known as or ) of the propositions P and Q is often written as P Q. In Haskell, we will define disjunction as follows: -- Logical Disjunction data p \/ q = Left p Right q The disjunction has two constructors, Left and Right. The Left constructor takes in something of type p and the Right constuctor takes in something of type q. This means that a proposition of type p \/ q can be either a p or a q where p and q are themselves propositions. This type is actually identical to Haskell s Either, but we redefine it here with a nicer syntax. Conjunction Now let s take a look at conjunctions ( and ). In logic, the conjunction of P and Q is written as P Q. In Haskell it is written as: -- Logical Conjunction data p /\ q = Conj p q Unlike disjunction, conjunction only has one constructor. This is because there is only one way to have a conjunction proposition; both p and q must be true. This type is equivalent to Haskell s tuple. Figure 2: Schoolhouse Rock made an episode about conjunctions which featured the phrase Conjunction junction, what s your function? Little did they know that conjunctions are implemented as a data type, not a function. Bottom and Logical Negation In order for a logic to be consistent, there must be some proposition that is not provable. This is usually written as (pronounced bottom). In our Haskell formulation of propositional logic, we will call it False and define it as follows. data False False is a datatype that has no constructors. This means that the type False in uninhabited; it is not provable since there is no way to write a program of type False. Now that we have a notion of False, we can define the logical connective not (written as P):

cis 194: homework 8 3 type Not p = p -> False The Not type is really just an alias for p -> False. In other words, if p were true, then False would also be true. Now, let s prove another theorem, Modus Tollens. Modus Tollens states that if P imples Q and Q is not true, then P is not true. In logic, it is written as: P Q Q P Now, let s look at the Haskell version of Modus Tollens: Figure 3: Modus Tollens modus_tollens :: (p -> q) -> Not q -> Not p modus_tollens pq not_q = not_q. pq This is a bit more involved than the proof of Modus Ponens above. Recall that Not p is really just a handy syntax for p -> False. This means that the proof of Modus Tollens should be a function that takes in an inhabitant of the proposition p and derives a contradiction from it. This is not too hard to do since we assume that p implies q and q implies False. If and Only If We define one last logical connective: if and only if. If and only if is also known as as the biconditional connective since it is equivalent to P Q and Q P. If and only if is usually written as P Q. In Haskell we use the following syntax: type p <-> q = (p -> q) /\ (q -> p) Figure 4: The Law of Excluded Middle as explained by the great logician, Calvin Axioms and Examples Although Haskell s type system is very powerful, it is not quite good enough to prove everything that we will need. For this reason, we will need some axioms, or propositions that we assume without proof. We will use admit to denote that we take a proposotion to be true. In order to get this to typecheck, we define admit as follows:

cis 194: homework 8 4 admit :: assumption admit = admit admit is simply an infinite loop, but it can have any type! This is the same way that undefined is written in the Haskell Prelude. We can now write down the Law of Excluded Middle: P P Figure 5: Law of Excluded Middle This states that some proposition P is either true or it is false. Haskell s type system cannot prove this, so we leave it as an admitted axiom: excluded_middle :: p \/ Not p excluded_middle = admit A few more propositions are defined in HW08.hs. Try to understand them before beginning the exercises. In particular, there is a fully annotated proof of the Material Implication Theorem. (P Q) ( P Q) Figure 6: Material Implication This theorem states that implication can be equivalently written as a disjunction. Exercise 1 In this exercise you will prove Disjunctive Syllogism. In logic, we can write this theorem as follows: P Q P Q Basically, it states that if one of P or Q is true, but we know that P is false, then Q must be true. The proof is relatively straighforward; you should do case analysis on the proposition P Q. In the left case, you can derive a contradiction and in the right case, you simply know that Q is true. Figure 7: Disjunctive Syllogism disjunctive_syllogism :: (p \/ q) -> Not p -> q Exercise 2 Prove the Composition Theorem: (P Q) (P R) P Q R The proof of this theorem is again by case analysis on the disjunction hypothesis. The left case in the hypothesis corresponds to the Figure 8: Composition

cis 194: homework 8 5 left case in the conclusion and the right case in the hypothesis corresponds to the right case in the conclusion. Exercise 3 Prove the Transposition Theorem: (P Q) ( Q P) Figure 9: Transposition The proof of Transposition has two parts; the forward direction and the backwards direction. In the forward direction, you are essentially proving: P Q Q P This is identical to a theorem that we already proved! The backwards direction takes a bit more work Q P P Q Figure 10: Forward Direction of Transposition Figure 11: Backward Direction of Transposition This can be proven using an application of Modus Tollens, but with a slight catch. You will have to get P into the form P before you can use Modus Tollens and then you will have to remove the double negation at the end. transposition :: (p -> q) <-> (Not q -> Not p) Exercise 4 Prove one of De Morgan s Laws (P Q) ( P Q) Figure 12: De Morgan s Law Again, you will have to prove the forward and backward directions. Recall that P is defined as P and you can construct a proposition of type P Q with either a P or a Q. de_morgan :: Not (p \/ q) <-> (Not p /\ Not q) Natural Numbers The natural numbers, often denoted as the set N = {0, 1, 2,...}, are simply the non-negative integers. In class we defined natural numbers and used them to encode the length of a vector in its type. In

cis 194: homework 8 6 this way, we promoted the data type Nat to be a kind and the constructors S and O were promoted to types. This is great for encoding numbers at the type-level, however we would also like to encode numerical values at the expression-level. In particular, we want numbers whose types are equivalent to their values. We can achieve this using the following Generalized Algebraic Data Type: data Forall n where Zero :: Forall O Succ :: Forall n -> Forall (S n) This is similar to the GADT that we defined for vectors, except that Succ (the equivalent of Cons) does not take in a value, only a size. We name this type Forall because it is notationally convenient in proofs, however for all intents and purposes, a value of type Forall n is a number. Before we can write down some proofs, we also need to define a notion of equality. Equality is defined using a GADT: data (n :: Nat) == (m :: Nat) where Refl :: n == n This defines equality for two types, n and m, of kind Nat. Notice that there is only one constructor and it has type n == n. This is because the only way for two Nats to be equal is if they are the same. In other words, the equality relation is reflexive. We also define the less than relation as a GADT with two constructors: Figure 13: Portrait of the Proof General. The Proof General verifies proofs written in several langauages including Coq, LEGO, and Isabelle. Unfortunately, he does not work in Haskell. data n < m where LT_Base :: O < S n LT_Rec :: n < m -> S n < S m Less than is defined inductively. The base case states that zero is less than any number that is the successor of some other number. The recursive case is constructed using a witness that n is less than m and produces a proof that the successor of n is less than the successor of m. Before you start doing the exercises in this section, read through the annotated proof of the Not Equal implies Greater Than or Less Than theorem. This theorem states that: n N, m N, n = m (n < m n > m) and in Haskell it is written as: neq_gt_lt :: Forall n -> Forall m -> n /= m -> (n < m) \/ (n > m)

cis 194: homework 8 7 The reason why we need the Forall type is shown here. We have to do induction on n and m in order to complete the proof. Since the number Forall n has the same type-level numerical value as the n that shows up elsewhere in the theorem, this gives us a way to manipulate the value of the type at the expression level. In particular, it allows us to specify the values of n and m in recursive calls. Exercise 5 Notice how the theorem O + n == n is trivial to prove whereas n + O == n requires an inductive proof. The reason for this is that O + n == n follows directly from the definition of the addition type family. Look at the proof of n_plus_0. The conclusion comes after a case match where we match Refl and then return Refl. This seems silly, why couldn t we skip the match and just return n_plus_0 n? The reason is that the two Refl proof objects have different types, however the Haskell compiler needs to see that the result of the recursive call is a Refl before it can verify that the type of the returned Refl is correct. Your task is to prove a similar theorem. The structure of this proof is almost identical to n_plus_0. add_zero :: Forall n -> O + n == n + O Exercise 6 Now, prove the property that n, n < n + 1. This theorem also has a straightforward proof by induction on n. n_lt_sn :: Forall n -> n < S n Exercise 7 The last two exercises will use new relations for even an odd numbers. Similar to the less than relation, these relations are defined inductively. The even relation states that zero is even, and if n is even, then S (S n) is even. The odd relation is the same except that it has a base case on 1 instead of 0. Provided for you is a proof that the successor of an even number is odd. Unlike the previous proofs that were done by induction on n, this proof is by induction on the even judgement. Your job is to prove that the successor of an odd number is even. odd_plus_one :: Odd n -> Even (S n) Exercise 8 Finally, prove that for any number n, n + n is even. This theorem requires a proof by induction on n. You may find the succ_sum lemma helpful! double_even :: Forall n -> Even (n + n)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback