Computability and Logic Place: Store Auditorium, IT-Huset - - PowerPoint PPT Presentation

1 dBerLog 2007

Computability and Logic dBerLog

Q1 2007

2 dBerLog 2007

dBerLog - Lectures

• Time:

Tuesday 11 - 14, from August 27 to October 12

• Place:

Store Auditorium, IT-Huset

• Lecturer

– Mogens Nielsen IT-parken, Ada 216 mn

• Course secretary

– Lene Kjeldsteen IT-parken, Ada 127 lenekj

• Course administrator

– Doina Bucur IT-parken, Turing 227 doina

3 dBerLog 2007

dBerLog - Tutoring: STARTING SEPTEMBER 3

• Group 1

Monday 8-11 Shannon 159

– Rune Thorbek, Turing 215 thorbek

• Group DA1

Thursday 8-11 Shannon 159

– Jakob Truelsen, ?? u040819

• Group DA2

Wednesday 12-15 Shannon 164

– Allan Jørgensen, Turing 124 jallan

• Group DA3

Thursday 8-11 Shannon 164

– Rune Thorbek, Turing 215 thorbek

• Group DA4

Thursday 8-11 Shannon 156

– Allan Jørgensen, Turing 124 jallan

4 dBerLog 2007

dBerLog - Course material

• John Martin: Introduction to Languages and the Theory
• f Computation

– McGraw Hill, 3rd edition

• John Kelly: The Essence of Logic

– Prentice Hall

• Mogens Nielsen: Limitations of Program Verification

– Course Notes

5 dBerLog 2007

www.daimi.au.dk/dBerLog

• News
• About this class
• Weekly schedules

– incl. exercises, handouts, slides etc

• Assignments
• Students
• Final Exam
• Newsgroup:

daimi.dBerLog

6 dBerLog 2007

dBerLog - Exam

• Oral exam
• Compulsory home works

– 2 compulsory written home work assignments must all be handed in and accepted by the tutor - deadlines etc. will be made clear during the course

7 dBerLog 2007

dBerLog - Contents

The course introduces

• universal models for computation, including Turing

machines

• characterizations of computable and semi-computable

problem classes, including presentations of a number of unsolvable problems, diagonalization, and reduction

• introduction to propositional logic, predicate logic, and

program logic, logical proof systems with applications (program verification)

• Gödel’s completeness and incompleteness theorems

8 dBerLog 2007

dBerLog - Goals

• The goals of this course are to give the student the

following capabilities

– to be familiar with the basic terminology for computability and logic – to describe basic computability classes and fundamental logics – to describe basic properties of computability classes and logics – to explain constructive/algorithmic approaches to computability classes and logics – to analyse and to prove properties of computability classes and logics

9 dBerLog 2007

dBerLog - Goals

• The goals of this course are to give the student the following

capabilities

– to be familiar with the basic terminology for computability

• problems as formal languages and operations on these, decidability, Turing machines

– to describe basic computability classes and their properties

• recursive and recursively enumerable languages, closure and decidability properties,

from intuition and examples to formal notation and definitions

– to explain algorithmic approaches to properties of computability classes

• constructive arguments for closure and decidability properties, problem reductions

– to analyse and to prove properties properties of computability classes

• diagonalization, reduction

10 dBerLog 2007

dBerLog - Goals

• The goals of this course are to give the student the following

capabilities

– to be familiar with the basic terminology for logic

• truth, satisfaction, validity, syntax, semantics

– to describe fundamental logics and their properties

• propositional logic, truth tables, predicate logic, interpretations and valuations,

program logics, proof systems

– to explain algorithmic approaches to properties of logics

• decidability, normal forms, proof systems and their proofs, from examples to formal

definitions

– to analyse and to prove properties properties of logics

• soundness and completeness, existence and non-existence of proof systems, Gödel’s

theorems

11 dBerLog 2007

dBerLog contents

Programme/ Algorithm/ Device Input Output

12 dBerLog 2007

dBerLog contents

Model of Computation Input Yes, No

13 dBerLog 2007

dBerLog contents

Model of Computation x ∈ Σ* x ∈ L?

14 dBerLog 2007

Problem = Language

• f: Σ* → {Yes, No}, a problem over Σ
• L ⊆ Σ*, a formal language over Σ
• We consider only formal languages and well-defined

problems

15 dBerLog 2007

Problems

• Given a text - is its LIX value greater than 10?
• Given a text - is it a syntactically correct Java program?
• Given a graph - is it connected?
• Given a configuration in chess - is it winning for white?
• Given a text - is it a semantically correct Java program?
• Given a text - is it syntactically correct Danish?
• Given a text - is it art?

16 dBerLog 2007

dBerLog - main results

• Only a tiny fraction of formally well-defined problems can be

solved computationally!

• Concrete and important (in computing practice) problems can

provably not be solved computationally!

• Only a tiny fraction of math/logic may be formalized!
• Concrete and important (in computing practice) logics can

provably not be formalized!

17 dBerLog 2007

Context Freee Grammar for expressions

• G = ({E, I}, {1,2,+,∗,(,)}, P, S)

P: E → I | E + E | E ∗ E | (E) I → 1 | 2 | I1 | I2

18 dBerLog 2007

Ambiguity - example

E E E E E E E E E E I I I I I I + ∗ ∗ + 2 1 2 2 1 2

19 dBerLog 2007

Program correctness

Algoritme: Euklid (m, n) Inputbetingelse: m, n ≥ 1 Outputkrav: r = sfd(m, n) Metode: {m, n ≥ 1} p ← m; q ← n; I ={sfd(p, q) = sfd(m, n)} while p ≠ q do if p > q then p ← p - q else q ← q - p; r ← p {r = sfd (m, n)}

20 dBerLog 2007

Program incorrectness

Algoritme: Euklid (m, n) Inputbetingelse: m, n ≥ 1 Outputkrav: r = sfd(m, n) Metode: {m, n ≥ 1} p ← m; q ← n; I ={sfd(p, q) = sfd(m, n)} while p ≠ q do if p > q then p ← p - q else q ← q - p; r ← q {r = sfd (m, n)}

21 dBerLog 2007

Program termination

{x > 1} while x ≠ 1 do if even (x) then x := x div 2 else x:= 3 × x + 1

22 dBerLog 2007

Problems for Context Free Grammars

• Given a Context-free Grammar G over alphabet Σ

is it unambiguous? is L(G) = Ø? is L(G) = Σ*?

23 dBerLog 2007

Plans for the 7 weeks

• Model of Computation: Turing Machines
• Computability
• Non computable problems
• Propositional Logic
• Predicate Logic
• Program Logic - Gödel’s theorems
• Summary - Exam

24 dBerLog 2007

dBerLog - ”Popular” Literature

• Gödel, Escher, Bach

– Douglas R. Hofstadter - 1980

• The Emperor’s New Mind

– Roger Penrose - 1989

• Mærk Verden

– Tor Nørretranders - 1991

• Computers Ltd.: What They Really Cannot Do

– David Harel - 2000

25 dBerLog 2007

Models of Computation

• Models of computation

– DFA (the regular languages) – PDA (the context free languages) – ?? (any computable language)

• Turing machines is considered as a fundamental model for

computation

– any language that can be accepted by a a Turing machine can be accepted by any modern programming language (Java, Beta...) – AND VICE VERSA!

26 dBerLog 2007

Plan

• Terminology - describe

– Turing machines – Computing functions with TMs – Robustness of TM definitions - extensions

• Explain

– A universal TM

[Martin, Chapter 9]

29 dBerLog 2007

Turing machines - formally

• T = (Q, Σ, Γ, q0, δ)

– Q is a finite set of states

• NOT containing two special halt states: ha, hr

Σ a finite set of input symbols Γ is a finite set of tape symbols, Σ ⊆ Γ

• NOT containing the special blank symbol: ∆

– q0 ∈ Q is the initial state

δ is the transition function - a partial function:

∀δ: Q x (Γ ∪{∆}) → (Q ∪{ha, hr}) x (Γ ∪{∆}) x {R,L,S}

30 dBerLog 2007

Configurations of a Turing machine

• A configuration is a global state (snapshot) of a Turing

machine consisting of

– the state – the content of the tape: finitely many non-blank symbols – the current position

• Formally:

– an element of the form (q, xay) ∈ Q × (Γ*ΓΓ*)

31 dBerLog 2007

The step function

• (q, xay) — (r, zbw) defined in the obvious way
• Example: configuration = (q,aab∆∆bb)

If δ(q, b) = (r, a, R) then

– (q, abb∆∆bb) — (r, aba∆∆bb)

If δ(q, b) = (r, b, L) then

– (q, abb∆∆bb) — (r, abb∆∆bb)

If δ(q, b) = (r, a, S) then

– (q, abb∆∆bb) — (r, aba∆∆bb)

32 dBerLog 2007

The Language of a Turing machine

• (q0, ∆x) is the start configuration with input x ∈ Σ*
• x ∈ Σ * is accepted iff

– (q0, ∆x) —* (ha, yaz) for some a ∈ (Γ∪{∆}) & y, z ∈ (Γ∪{∆})*

• L(T) = { x ∈ Σ * | x is accepted by T}

33 dBerLog 2007

The Language of a Turing machine

• Types of non-accepting runs from (q0, ∆x) :

– eventually enters hr – crashing (1) - machine in a non-halt state, but no outgoing transition; convention: the machine then enters hr – crashing (2) - head at the leftmost tape square, and step function tells machine to go left; convention: the machine then enters hr – infinite loop - the machine never enters ha or hr

34 dBerLog 2007

Example of languages accepted by Turing machines

• { ww | w ∈{a,b}* }
• {anbnan | n > 0 }
• { {a, b}n | n prime }
• { w | w ∈{a,b}* and reverse(w) = w} (palindromes)

35 dBerLog 2007

A Turing Machine accepting?

1 5 2 6 3 4 ha

∆/∆,R a/∆,R b/∆,R ∆/∆,R a/a,R b/b,R a/a,R b/b,R ∆/∆,L ∆/∆,L a/∆,L b/∆,L a/a,L b/b,L ∆/∆,R ∆/∆,R ∆/∆,R

36 dBerLog 2007

Computing a function Σ* -> Σ*

• T = (Q, Σ, Γ, q0, δ) is said to compute the partial function f:

Σ* -> Σ* iff

– for all x∈ Σ*, s.t. f(x) is defined: (q0, ∆x) —* (ha, ∆f(x)) – for all x∈ Σ*, s.t. f(x) is undefined: T does not accept x

37 dBerLog 2007

Computing a function N -> N

• T = (Q, {1}, Γ, q0, δ) is said to compute the partial function

f: N -> N iff

– for all n, s.t. f(n) is defined: (q0, ∆1n) —* (ha, ∆1f(n)) – for all n. s.t. f(n) is undefined: T does not accept 1n

38 dBerLog 2007

A Turing Macgine computing?

ha 4 3 2 1

∆/ ∆, R 1/1, R ∆/∆, L 1/∆, L ∆/∆, S ∆/1, L 1/∆, L ∆/ ∆, R

39 dBerLog 2007

Extensions

The basic Turing machine may be extended in many ways:

• two-way infinite
• multiple tapes
• non-determinism
• ...

None of these extensions extends the essential power of the Turing machine: they all can be simulated by a standard Turing machine!

40 dBerLog 2007

Multiple tape TMs

• Separate head for each tape
• Input (and output) on tape 1
• Every transition makes a step for each tape

(Formally defined in [Martin]) Theorem A language is accepted by a 2-tape TM iff it is accepted by a 1-tape TM

41 dBerLog 2007

Multiple tapes - simulation

∆ a a b c a b ∆ ∆ ∆ ∆ c c a ∆ ∆ ∆ ∆ ∆ a a a’ a b b ∆ ∆ c c c’ # ∆ ∆ ∆ ∆ p q (p,q)

42 dBerLog 2007

Copying a string 1

∆ a a b ∆ ∆ ∆ ∆ ∆ ∆ ∆ ∆ ∆ ∆ ∆ ∆ ∆ ∆ q0 p0

43 dBerLog 2007

Copying a string 2

∆ a a b # ∆ ∆ ∆ ∆ ∆ a ∆ b a ∆ ∆ ∆ ∆ q p

44 dBerLog 2007

Copying a string 3

∆ a a b # ∆ ∆ ∆ ∆ ∆ a ∆ b a ∆ ∆ ∆ ∆ q p’

45 dBerLog 2007

Copying a string 4

∆ a a b # a a b ∆ ∆ a ∆ b a ∆ ∆ ∆ ∆ r p’’

46 dBerLog 2007

Nondeterministic Turing Machines

• Generalize transition function (like FA -> NFA)
• Accept a string if some run leads to accept

(Formally defined in [Martin]) Theorem A language is accepted by a nondeterministic TM iff it is accepted by a deterministic TM

47 dBerLog 2007

Nondeterministic TMs - simulation

Simulating a NTM T1 by a (deterministic) TM T2, try all possible runs, searching for an accepting one Use a 3-tape TM:

– tape 1: contains original input string (never changed) – tape 2: encoding of the current run – tape 3: working tape (corresponds to T1’s tape)

(Details in [Martin])

48 dBerLog 2007

The Universal Turing Machine

• Theorem

There exists a TM U which inputs: a Turing machine T and an input x to T such that U accepts (T, x) iff T accepts x

49 dBerLog 2007

Encoding of (T, x) in alphabet {0, 1}

• Assume states of T: {q1, q2,…., qm}
• Assume alphabet of T: {a1, a2,…., an}
• s(∆) = 0 s(ai) = 0i+1
• s(ha) = 0 s(hr) = 00 s(qi) = 0i+2
• s(S) = 0 s(L) = 00 s(R) = 000

50 dBerLog 2007

Encoding of (T, x) in alphabet {0, 1}

• Each move m: δ(p, a) = (q, b, D) encoded by

e(m) = s(p) 1 s(a) 1 s(q) 1 s(b) 1 s(D) 1

• Turing machine T with moves {m1, m2,..,mk}encoded by

e(T) = 1 s(q0) 1 e(m1) 1 e(m2) 1…. e(mk) 1

• Input x = a1a2….al encoded by

e(x) = 1 s(a1) 1 s(a2) 1….s(al) 1

51 dBerLog 2007

TM for palindromes

1 5 2 6 3 4 ha

∆/∆,R a/∆,R b/∆,R ∆/∆,R a/a,R b/b,R a/a,R b/b,R ∆/∆,L ∆/∆,L a/∆,L b/∆,R a/a,L b/b,L ∆/∆,R ∆/∆,R ∆/∆,R

52 dBerLog 2007

The Universal Turing Machine

• Theorem

There exists a TM U with input alphabet Σ = {0, 1} such that U accepts e(T)e(x) ∈ {0, 1}* iff T accepts x

53 dBerLog 2007

Constructing a Universal Turing machine

• Use a 3-tape TM:

– tape 1: initially contains input string e(T)e(x) – tape 2: working tape (corresponds to T’s tape) – tape 3: encoding of current state of T

54 dBerLog 2007

The Universal TM - initial moves

∆ e(T) e(x=a1..al) ∆ ∆ ∆ s(q0) e(m1)1e(m2)1…1e(mk) 1s(a1)1…s(al)1 initially computes to

55 dBerLog 2007

The Universal TM - simulating moves

∆ ∆ ∆ s(p) e(m1)1e(m2)1…1e(mk) 1s(a1)1…1s(b)1)……s(am)1 ∆ ∆ ∆ s(q) e(m1)1e(m2)1…1e(mk) 1s(a1)1…1s(ai)1……s(am)1 δ(q, ai) = (p, b, S) computes to

56 dBerLog 2007

Summary

• Terminology - describe

– Turing machines – Computing functions with TMs – Robustness of TM definitions - extensions

• Explain

– A universal TM

Turing Machine simulator: http://ironphoenix.org/tril/tm [Martin, Chapter 9]

57 dBerLog 2007

Tutorials

• Familiarity with terminology

– Martin 9.2

• use http://ironphoenix.org/tril/tm to check your solution

– Martin 9.11 – Martin 9.35

• Describe computability classes

– Martin 9.5 – Martin 9.6(b), 9.15 (a, b)

• notice the language from 9.6(b) is non context-free - for these exercises use again a one-tape

TM and use http://ironphoenix.org/tril/tm to check your solution

– Martin 9.18 and 9.19

• for these exercises you are encouraged to use multitape TMs
• Describe properties of computability classes

– Martin 9.33

• see the use of non-determinism (informal arguments only)

2 dBerLog 2007

Non-accepting runs of a Turing machine

• Four types of non-accepting runs from (q0, ∆x) :

– eventually enters hr – crashing (1) - machine in a non-halt state, but no outgoing transition; convention: the machine then enters hr – crashing (2) - head at the leftmost tape square, and step function tells machine to go left; convention: the machine then enters hr – infinite loop - the machine never enters ha or hr

3 dBerLog 2007

Program for today

• Describe fundamental computational classes
• Describe and analyze their properties

– supplement with intuition

• Prove the existence of non-computable problems

– diagonalization

• Prove concrete problems to be non-computable

– reduction – supplement formally

4 dBerLog 2007

Two new language classes

• Definition 10.1

A language L ⊆ Σ* is said to be recursively enumerable (semi-decidable) iff it is accepted by some Turing machine

• Lemma

A language L ⊆ Σ* is recursively enumerable iff it is accepted by a Turing machine, s.t.

– if x ∈L then (q0, ∆x) —* (ha, yaz) for some a ∈ (Γ∪{∆}) & y, z ∈ (Γ∪{∆})* – if x ∉ L then (q0, ∆x) —* loops

5 dBerLog 2007

Two new language classes

• Definition 10.1

A language L ⊆ Σ* is said to be recursive (decidable) iff there is a Turing machine computing its (total) characteristic function χL : Σ* -> {0, 1} where χL(x) = 1 if x ∈ L χL(x) = 0 if x ∉ L

• Lemma

A language L ⊆ Σ* is recursive iff it is accepted by some total Turing machine, i.e.

– if x ∈L then (q0, ∆x) —* (ha, yaz) for some a ∈ (Γ∪{∆}) & y, z ∈ (Γ∪{∆})* – if x ∉ L then (q0, ∆x) —* (hr, yaz) for some a ∈ (Γ∪{∆}) & y, z ∈ (Γ∪{∆})*

6 dBerLog 2007

Some results

• Theorem 10.1

Every recursive language is recursively enumerable

• Theorem 10.3

The class of recursively enumerable languages is closed under union and intersection [Martin] - so is the class of recursive languages (Exercise!)

7 dBerLog 2007

Some more results

• Theorem 10.4

The class of recursive languages is closed under complement

• Theorem 10.5

If L and its complement L’ are both recursively enumerable, then L is recursive

8 dBerLog 2007

Enumerating a language

• Definition 10.2

A language L ⊆ Σ* is said to be enumerated by a k-tape TM T iff

– the tape head on the first tape never moves left, and no nonblank symbol printed is subsequently modified – the tape contents of tape 1 always has the form x1#x2#…#xn#y, where x1, x2, …, xn ∈ L – any x ∈ L eventually appears on tape 1 between #’s

9 dBerLog 2007

Enumerating a language

• Theorem 10.6

A language L ⊆ Σ* is enumerated by a TM iff it is recursively enumerable

10 dBerLog 2007

Enumerating a language

∆ ∆ x1#x2#…#xn#....... computes to

11 dBerLog 2007

Enumerating a language

• Theorem 10.6

A language L ⊆ Σ* is enumerated by a TM iff it is recursively enumerable

• Definition The canonical ordering of Σ* is “first by length, secondly

by lexicographic order” - example Σ = {a, b}: ∆, a, b, aa, ab, ba, bb, aaa,…, bbb, aaaa, aaab, ……

• Theorem 10.6

A language L ⊆ Σ* is enumerated in canonical order by a TM iff it is recursive (Exercise!)

12 dBerLog 2007

Countable sets

• Definition 10.6

A set is said to be countably infinite iff there is a bijection from N to S. A set is said to be countable iff it is either finite or countably infinite

• Lemma 10.2

Every subset of a countable set is countable (Exercise!)

13 dBerLog 2007

Countable sets

• Theorem 10.13

If for all natural numbers i ≥ 0, Si is a countable set, then ∪i ≥ 0 Si is countable.

• Examples of countable sets

– N - the natural numbers – N×N - pairs of natural numbers – Z - the integers Σ* - the set of all finite strings over a finite alphabet Σ – Any L ⊆ Σ*

14 dBerLog 2007

Uncountable sets

• Theorem 10.14

The set of reals [0, 1) = {x∈R  0 x < 1} is an uncountable set ≤

• Theorem 10.15

If S is a countably infinite set, then 2S (the set of all subsets of S) is uncountable

15 dBerLog 2007

Uncountable sets

• Theorem 10.15 (cntd.)

For any nonempty alphabet Σ, the set of languages over Σ is uncountable

• Theorem

For any nonempty alphabet Σ, the set of recursively enumerable languages over Σ is countable

• Corollary 10.1

For any nonempty alphabet Σ, the set of languages over Σ which are NOT recursively enumerable is uncountable!

16 dBerLog 2007

A specific language which is not recursively enumerable

• Definition 11.1

NSA = {w ∈ {0, 1}*  w = e(T) for some TM T, and w ∉ L(T)} SA = {w ∈ {0, 1}*  w = e(T) for some TM T, and w ∈ L(T)}

• Theorem 11.1

NSA is NOT recursively enumerable

• Theorem 11.2

SA IS recursively enumerable, but NOT recursive

17 dBerLog 2007

Encoding of (T, x) in alphabet {0, 1}

• Assume states of T: {q1, q2,…., qm}
• Asume alphabet of T: {a1, a2,…., an}
• s(∆) = 0 s(ai) = 0i+1
• s(ha) = 0 s(hr) = 00 s(qi) = 0i+2
• s(S) = 0 s(L) = 00 s(R) = 000

18 dBerLog 2007

Encoding of (T, x) in alphabet {0, 1}

• Each move m: δ(p, a) = (q, b, D) encoded by

e(m) = s(p) 1 s(a) 1 s(q) 1 s(b) 1 s(D) 1

• Turing machine T with moves {m1, m2,..,mk}encoded by

e(T) = 1 s(q0) 1 e(m1) 1 e(m2) 1…. e(mk) 1

• Input x = a1a2….al encoded by

e(x) = 1 s(a1) 1 s(a2) 1….s(al) 1

19 dBerLog 2007

A specific language which is not recursively enumerable

• Definition 11.1

NSA = {w ∈ {0, 1}*  w = e(T) for some TM T, and w ∉ L(T)} SA = {w ∈ {0, 1}*  w = e(T) for some TM T, and w ∈ L(T)}

• Theorem 11.1

NSA is NOT recursively enumerable

• Theorem 11.2

SA IS recursively enumerable, but NOT recursive Proof: NSA = SA’ \ {w ∈ {0, 1}*w not on the form e(T) for some TM T}

20 dBerLog 2007

Decision Problems

• Definition Decision Problem (Martin)

A decision problem P is a mapping from over a set of problem instances, I, to {yes, no} Definition Reasonable encoding e is a reasonable encoding of P iff

– e is a one-to-one mapping from instances to strings over some alphabet Σ – an instance I can be decoded from e(I) (algorithmically!) – one can check (algorithmically!) whether a string x ∈ Σ* represents an instance

21 dBerLog 2007

Decision Problems

• Definition 11.2

If e is a reasonable encoding of a decision problem P over the alphabet Σ, then P is said to be solvable (or decidable) iff Y(P) = {e(I)  I is a yes-instance of P} ⊆ Σ* is recursive

22 dBerLog 2007

Decision problems examples

• Instances: A text T

Problem: is T a syntactically correct Java program? SOLVABLE!

• Instances: A graph G
• Problem: is G connected? SOLVABLE!
• Instances: A chess configuration C
• Problem: Is C winning for white? SOLVABLE!
• Instances: A syntactically correct Java program J and an input i

Problem: Does J halt when run on input i?

23 dBerLog 2007

Decision Problems

• Observation

The encoding e of Turing machines over {0, 1} from the construction of the Universal Turing machine is reasonable

• Definition Self-accepting problem

Instances: Turing Machines T (with encoding e) Problem: Does T accept e(T)?

• Theorem 11.3

Self-accepting is unsolvable

24 dBerLog 2007

An interesting unsolvable problem

• Definition Accepts

Instances: A Turing Machine T and a string w Problem: is w ∈ L(T)?

• Theorem 11.4

Accepts is unsolvable!

25 dBerLog 2007

Reduction

• Definition 11.3

Given two decision problems P1 and P2, P1 is said to be reducible to P2 (P1 P ≤

2)

iff there is an algorithm F, translating instances of P1 to instances of P2, such that for every instance I1 of P1, the answers to I1 and F(I1) are the same

26 dBerLog 2007

Reduction

• Definition 11.3a

Given two languages L1 ⊆ Σ1* and L2 ⊆ Σ2*, L1 is said to be reducible to L2 (L1 L ≤

2) iff

there is a Turing computable function f: Σ1* -> Σ2*, such that for every instance x ∈ Σ1*, x ∈ L1 iff f(x) ∈ L2

27 dBerLog 2007

Reduction

• Theorem 11.4

Given two languages L1 ⊆ Σ1* and L2 ⊆ Σ2*, such that L1 L ≤

2

• if L2 is recursive, then so is L1
• if L2 is recursively enumerable, then so is L1 (Exercise!)
• if L1 is not recursive, then neither is L2
• if L1 is not recursively enumerable, then neither is L2

28 dBerLog 2007

Reduction - applications

• Theorem 11.5

Acc = {e(T)e(w) | w ∈ L(T) } is not recursive Proof: Show SA Acc ≤

• Theorem 11.6

Halts = {e(T)e(w) | T halts on input w} is not recursive Proof: Show Acc Halts ≤

29 dBerLog 2007

Reduction - applications

• Theorem 11.5

Acc = {e(T)e(w) | w ∈ L(T) } is not recursive Proof: Show SA Acc ≤

• Theorem 11.6

Halts = {e(T)e(w) | T halts on input w} is not recursive Proof: Show Acc Halts ≤

30 dBerLog 2007

Reduction: SA Acc ≤

• Assume you had TM accepting Acc

e(T)e(w) Y N w ∈ L(T) w ∉ L(T)

Acc

31 dBerLog 2007

Reduction: SA Acc ≤

• Construct TM accepting SA

e(T)e(e(T)) Y N e(T) ∈ L(T) e(T) ∉ L(T)

Acc

SA e(T) e(T) ∈ SA e(T) ∉ SA Y N

32 dBerLog 2007

Reduction: Acc Halts ≤

• Assume you had TM accepting Halts

e(T)e(w) Y N T⇓w T⇑w

Halts

33 dBerLog 2007

Reduction: Acc Halts ≤

• Construct TM accepting Acc

e(T’)e(w) Y N T’⇓w T’⇑w

Halts

Acc e(T)e(w) w ∈ L(T) w ∉ L(T) Y N Where T’ is T with all crashes and hr replaced with divergence

34 dBerLog 2007

Program for today

• Describe fundamental computational classes
• Describe and analyze their properties
• Prove the existence of non-computable problems

– diagonalization

• Prove concrete problems to be non-computable

– reduction

35 dBerLog 2007

Exercises in [Martin]

• Describe properties of computability classes

– 10.1: show closure properties of R – 10.3: RE closed under infinite union? – 10.5: show that R is the same as “TM canonical enumeration” – 10.35: RE closed under Kleene *

• Describe countability properties

– 10.24: show that countability is closed under subsets – 10.27: L uncountable, M countable -> L\M uncountable – 10.29: alternative proof of countability of RE – 10.31 (b,d,e,h): (un)countable sets?

• Describe properties of non-computable problems

– 10.33: uncountably many “difficult” languages!

• Analyze properties of non-computability

– 10.39: Non-existence of virus-tester!!

36 dBerLog 2007

Competition

• Construct a (deterministic) Turing Machine with

– three states – a tape which is infinite “both ways” – tape-alphabet {1}

such that when started on a blank tape, the Turing Machine halts and prints as many 1’s as possible

• Do the same for four states
• Test your solution on the TM simulator from last week

1 dBerLog 2007

Programme

• Prove non-decidable properties of TMs

– Reduction technique

• Describe non-decidable properties of other universal

formalisms

– Chomsky grammars – Java

• Prove non-decidable properties of non-universal

formalisms

– Games – Context-free grammars

2 dBerLog 2007

Reduction - applications

• Theorem 11.7

Acc-Λ = {e(T) | Λ ∈ L(T) } is not recursive Proof: Show Acc Acc- ≤ Λ

• Theorem

Let TU denote the universal Turing Machine, then Uni-Acc = {e(w) | w ∈ L(TU) } is not recursive Proof: Show Acc Uni-Acc ≤

3 dBerLog 2007

Reduction - applications

• Theorem 11.8

AccSome = {e(T) | L(T) is nonempty} is not recursive Proof: Show Acc-Λ AccSome ≤ AccEver = {e(T) | L(T)’ is empty} is not recursive Proof: Show Acc-Λ AccEver ≤ Subset = {e(T1)e(T2) | L(T1) ⊆ L(T2)} is not recursive Proof: Show Acc-Ever Subset ≤

4 dBerLog 2007

Rice’s Theorem - definition

• Definition

A property of languages is said to be nontrivial iff it is satisfied by some but not all recursively enumerable languages

5 dBerLog 2007

Nontrivial language properties

∀ Λ ∈ L

• L = Ø
• L = Σ*
• L is finite
• L is regular
• All strings in L have even length

6 dBerLog 2007

Rice’s Theorem

• Theorem 11.9

Let R be any nontrivial property of languages, then PR = {e(T) | L(T) has property R} is not recursive! Proof: Show Acc-Λ P ≤

R

7 dBerLog 2007

Reduction: Acc-Λ P ≤

R

• Assume you had TM accepting PR

e(T) Y N L(T) sat R L(T) viol R

PR

8 dBerLog 2007

Reduction: Acc-Λ P ≤

R

• Construct TM accepting Acc-Λ

e(T’) Y N L(T’) sat R L(T’) viol R

PR Acc-Λ

e(T)

Λ ∈ L(T) Λ ∉ L(T)

Y N Assume Ø viol R. Then TR exists s.t. L(TR) sat R Construct T’ s.t. if Λ ∉ L(T) then L(T’)=Ø else L(T’)= L(TR)

9 dBerLog 2007

Programme

• Prove non-decidable properties of TMs

– Reduction technique

• Describe non-decidable properties of other universal

formalisms

– Chomsky grammars – Java

• Prove non-decidable properties of non-universal

formalisms

– Context-free grammars

10 dBerLog 2007

Harel diagonalization

P Assume halting problem solvable in JAVA prog in FINE if prog(in)↓ LOOP if prog(in)↑

11 dBerLog 2007

Harel diagonalization

P Construct program Q FINE LOOP prog COPY prog prog Q LOOP

12 dBerLog 2007

Harel diagonalization

P Run Q with input Q FINE LOOP Q COPY Q Q Q LOOP

13 dBerLog 2007

Busy Beaver

• Definition

BB(n):= the maximal number of 1’s printed by a Turing machine starting with n 1s on the tape and with n states

• Exercise

BB is not computable!

14 dBerLog 2007

Chomsky grammars

• A Chomsky grammar is a tuple

G = (V, Σ, S, P), where V and Σ are finite disjoint sets of variables and terminals resp. S is the start variable, an element of V P is a set of productions of the form

Type 3: A → a or A → aB, where A, B ∈ V and a ∈ Σ Type 2: A → β, where A ∈ V and β ∈ (V∪ Σ )* Type 0: α → β, where α ∈ (V∪ Σ )*V (V∪ Σ )* and β ∈ (V∪ Σ )*

15 dBerLog 2007

Chomsky type 0 languages

• Given a Chomsky type 0 grammar G = (V, Σ, S, P), define

if α → β ∈ P, then for all α’, α’’, β’, β’’ ∈ (V∪ Σ )* α’ α α’’ ⇒ β’ β β’’ L(G) = {w ∈ Σ *  S ⇒* w}

16 dBerLog 2007

Chomsky type 0 example

• Let G = (V, Σ, S, P), where

V = {S, A, B, C} Σ = {a, b, c} P: S → FT T → ABCT T → ABC BA → AB CA → AC CB → BC FA → a aA → aa aB → ab bB → bb bC → bc cC → cc

L(G) = {aibici  i > 0}

17 dBerLog 2007

Turing and Chomsky

• Theorems 10.8 and 10.9

For any language L ⊆ Σ*, L is generated by a Chomsky type 0 grammar iff (constructively!!) L is accepted by a Turing machine

• Corollary

All nontrivial properties of languages for Chomsky type 0 grammars are undecidable!

18 dBerLog 2007

Programme

• Prove non-decidable properties of TMs

– Reduction technique

• Describe non-decidable properties of other universal

formalisms

– Chomsky grammars – Java

• Prove non-decidable properties of non-universal

formalisms

– Games – Context-free grammars

19 dBerLog 2007

Post’s correspondence problem - example

• List A:

List B:

α1 = b β1 = bbb α2 = babbb β2 = ba α3 = ba β3 = a

Does there exist a sequence of indices i1, i2,..., im ∈ {1,2,3} such that αi1 αi2...... αim = βi1 βi2...... βim

20 dBerLog 2007

Post’s correspondence problem - example

• List A:

List B:

α1 = b β1 = bbb α2 = babbb β2 = ba α3 = ba β3 = a

Solution?

21 dBerLog 2007

Post’s correspondence problem - example

• List A:

List B:

α1 = b β1 = bbb α2 = babbb β2 = ba α3 = ba β3 = a

Solution? YES: 2 1 1 3 α2 α1 α1 α3 = babbbbbba = β2 β1 β1 β3

22 dBerLog 2007

Post’s correspondence problem - example

• List A:

List B:

α1 = ba β1 = bab α2 = abb β2 = bb α3 = bab β3 = abb

Solution?

23 dBerLog 2007

Post’s correspondence problem - example

• List A:

List B:

α1 = ba β1 = bab α2 = abb β2 = bb α3 = bab β3 = abb

Solution? NO!

24 dBerLog 2007

Post’s correspondence problem - formally

• Given two finite lists of strings over some alphabet Γ

List A: α1, α2,.., αk List B: β1, β2,...., βk

• Does there exist a sequence of indices

i1, i2,...,im ∈ {1,2,..,k} such that αi1 αi2...... αim = βi1 βi2...... βim ?

25 dBerLog 2007

Modified Post’s correspondence problem

• Given two finite lists of strings over some alphabet Γ

List A: α1, α2,.., αk List B: β1, β2,...., βk

• Does there exist a sequence of indices

i2, i3,...,im ∈ {1,2,..,k} such that α1 αi2...... αim = β1 βi2...... βim ?

26 dBerLog 2007

Post’s correspondence problem

• Theorem

Post’s correspondence problem is undecidable!

27 dBerLog 2007

Post’s correspondence problem - reductions

Reduction I Reduction II Acc MPCP PCP

28 dBerLog 2007

Modified Post’s correspondence problem

• Theorem 11.11

Modified Post’s correspondence problem is undecidable!

29 dBerLog 2007

Reduction I

• Given Turing machine T and input w,

construct algoritmically MPCPT,w such that T accepts w iff MPCPT,w has a solution

30 dBerLog 2007

A Turing Machine

p r q 0/X,R 1/Y, L p010 |- Xq10 |- rXY0........ # p010 # Xq10 # rXY0 #........

31 dBerLog 2007

Reduction I

• Given T = (Q, Σ, Π, δ, q0,) and w ∈ Σ*

(assume w.l.g. that T has no Stay-moves!)

• Alphabet of MPCPT,w

Γ := (Q ∪ {ha, hr}) ∪ (Π ∪ {∆}) ∪ {#}

32 dBerLog 2007

Reduction I - lists of MPCPT,w

• List A:

List B:

α1 = # β1 = #q0∆w#

33 dBerLog 2007

Reduction I - lists of MPCPT,w

• List A:

List B:

α1 = # β1 = #q0∆w# αd = X βd = X for all X ∈ Γ αq,X = qX βq,X = Yp if δ(q,X) = (p, Y, R) αq,X = ZqX βq,X = pZY if δ(q,X) = (p, Y, L) αq,B = q# βq,B = Yp# if δ(q, ∆) = (p, Y, R) αq,B = Zq# βq,B = pZY#if δ(q, ∆) = (p, Y, L)

34 dBerLog 2007

Reduction I - lists of MPCPT,w

• List A:

List B:

α1 = # β1 = #q0∆w# αd = X βd = X for all X ∈ Γ αq,X = qX βq,X = Yp if δ(q,X) = (p, Y, R) αq,X = ZqX βq,X = pZY if δ(q,X) = (p, Y, L) αq,B = q# βq,B = Yp# if δ(q, ∆) = (p, Y, R) αq,B = Zq# βq,B = pZY#if δ(q, ∆) = (p, Y, L) αa1 = XhaY βa1 = ha for all X,Y ∈ Γ αa2 = Xha βa2 = ha for all X,Y ∈ Γ αa3 = haY βa3 = ha for all X,Y ∈ Γ

35 dBerLog 2007

Reduction I - lists of MPCPT,w

• List A:

List B:

α1 = # β1 = #q0∆w# αd = X βd = X for all X ∈ Γ αq,X = qX βq,X = Yp if δ(q,X) = (p, Y, R) αq,X = ZqX βq,X = pZY if δ(q,X) = (p, Y, L) αq,B = q# βq,B = Yp# if δ(q, ∆) = (p, Y, R) αq,B = Zq# βq,B = pZY#if δ(q, ∆) = (p, Y, L) αa1 = XhaY βa1 = ha for all X,Y ∈ Γ αa2 = Xha βa2 = ha for all X,Y ∈ Γ αa3 = haY βa3 = ha for all X,Y ∈ Γ αs = ha## βs = #

36 dBerLog 2007

Reduction II

• Given MPCP over alphabet Γ
• Construct PCP over alphabet Γ’ such that

MPCP has solution iff PCP has solution

37 dBerLog 2007

Definitions

ir, il: Γ * → (Γ ∪ {#})* ir(ε) = ε ir(ax) = a# • ir(x) a∈ Γ, x ∈ Γ* il(ε) = ε il(ax) = #a • il(x) a∈ Γ, x ∈ Γ* Examples: ir(bob) = b#o#b# il(bob) = #b#o#b

38 dBerLog 2007

Reduction II

• Given MPCP with k lists over alphabet Γ

A : α1, α2,.... αk B : β1, β2,..... βk

• Construct PCP with k+2 lists over Γ ∪ {#, $}

A’: B’: α’0 = #ir(α1) β’0 = il(β1) α’i = ir(α1) β’i = il(βi) for i = 1,2,..k α’k+1 = $ β’k+1 = #$

39 dBerLog 2007

Context-free Grammar for expressions

• G = ({E, I}, {1,2,+,∗,(,)}, P, S)

P: E → I | E + E | E ∗ E | (E) I → 1 | 2

40 dBerLog 2007

Ambiguity - example

E E E E E E E E E E I I I I I I + ∗ ∗ + 2 1 2 2 1 2

41 dBerLog 2007

Ambiguity - definition

• A grammar G is said to be ambiguous iff

some string in L(G) has two different derivation trees

42 dBerLog 2007

Unambiguous grammar for expressions

E → T | E + T T → F | T ∗ F F → I | (E) I → 1 | 2 | I1 | I2 E ⇒G E+T ⇒G T+T ⇒G T ∗ F+T ⇒G F∗F+T ⇒G I∗F+T ⇒G 2∗F+T ⇒G 2∗I+T ⇒G 2∗1+T ⇒G 2∗1+F ⇒G 2∗1+I ⇒G 2∗1+2

43 dBerLog 2007

Inherently ambiguous context-free language

• L = {anbncmdm | n,m 1}

≥ ∪ {anbmcmdn | n,m 1} ≥

• (Ambiguous) grammar for L:

S → AB | C A → aAb | ab B → cBd | cd C → aCd | aDb D → bCd | bc

44 dBerLog 2007

Ambiguity problem for CFG’s

• Given a context free grammar G = (V, Σ, P, S)

Is G ambiguous?

• Theorem 11.13

Ambiguity problem for CFG’s is undecidable!

45 dBerLog 2007

Ambiguity problem for CFG’s - reduction

Reduction PCP GPCP Construct context-free grammar GPCP such that PCP has solution iff GPCP is ambiguous

46 dBerLog 2007

Reduction

• Given PCP with lists A,B of k strings over alphabet Γ
• Construct GPCP = ({S, A, B}, ∆ ∪ {1,2,..k}, P, S), where

S → AB A → α1A1  α2A2..  αkAk  α11  α22 ..  αkk B → β1B1  β2B2 ..  βkBk  β11  β22 .. βkk

47 dBerLog 2007

Undecidable problems for CFG’s

• Given two context-free grammars G1, G2 over alphabet Σ
• Is L(G1) ∩ L(G2) = Ø? (Theorem 11.12)
• Is L(G1) = Σ* (Theorem 11.15 - without proof!)
• Is L(G1) = L(G2) ? (Exercise - use 11.15!)
• Is L(G1) regular?

48 dBerLog 2007

Programme

• Prove non-decidable properties of TMs

– Reduction technique

• Describe non-decidable properties of other universal

formalisms

– Chomsky grammars – Java

• Prove non-decidable properties of non-universal

formalisms

– Games – Context-free grammars

49 dBerLog 2007

Exercises

• Describe (un)decidability

– 11.3 Reduction theorem for RE – 11.5 Fermat’s last theorem – 11.15 A non-trivial problem solvable for TMs – 11.18 Example of PCP

• Explain algorithmic approaches to computability

– 11.9 A TM reduction – 11.13 Unsolvable problems for C-programs – 11.19 PCP unsolvable for binary alphabets – 11.20 PCP solvable for unary alphabets – 11.21 Unsolvable problems for CFG (hint: use Thm 11.15) – Show that the Busy Beaver (slide 13) function is non-computable

1 dBerLog 2007

Todays programme: Propositional Logic

• Familiarity with basic terminology of logics

– Syntax, logical connectives – Semantics: models, truth, validity, logical consequence – Proof systems: deductions, deductive consequence, theorems – Soundness and completeness

• Describe propositional logic and some of its basic properties

– Semantics: truth tables – Axiomatic proof system AL and its deductions – Soundness and completeness of AL

2 dBerLog 2007

Program Fac

y := 1; z := 0; while ¬(z = x) do z := z + 1; y := y ∗ z

3 dBerLog 2007

Program Specification

{ x > 0} y := 1; z := 0; while ¬(z = x) do z := z + 1; y := y ∗ z { y = x! }

4 dBerLog 2007

Program Verification

{ x > 0} y := 1; z := 0; { y = z! } 1 = 0! while ¬ (z = x) do { y = z! ∧ ¬(x =z) } z := z + 1; { y×z = z! } y := y ∗ z { y = z! } { y = x! } ∀ x,y,z. ( (y = z! ∧ ¬ ¬(z = x) ) → (y = x!) )

5 dBerLog 2007

Predicate Logic

• Sten kan ikke flyve og morlille kan ikke flyve

ergo er morlille en sten!

• ∀x. (St(x) → ¬ Fl(x)), ¬Fl(morlille)

|= St(morlille)

• Fugle kan flyve og piphans er en fugl

ergo kan piphans flyve! ∀ ∀x. (Bi(x) → Fl(x)), Bi(piphans) |= Fl(piphans)

6 dBerLog 2007

Propositional Logic

• Hvis det er tirsdag er der dBerLog undervisning, og der er

dBerLog undervisning ergo det er tirsdag!

• Tir → dBL, dBL |= Tir
• Hvis det er tirsdag er der dBerLog undervisning, og der ikke

dBerLog undervisning ergo det er ikke tirsdag!

• Tir → dBL, ¬ dBL |= ¬ Tir

7 dBerLog 2007

Propositional Logic - syntax

• Propositional variables

p, q, r, ....

• Propositional formulas

A ::= F | T | p | q | r |... ¬ A | A ∨ A | A ∧ A | A → A

8 dBerLog 2007

Propositional logic - semantics, example

∧ ¬ ∨ p ¬ p q

9 dBerLog 2007

Propositional logic - semantics, example

∧ ¬ ∨ p T ¬ p T q F

10 dBerLog 2007

Propositional logic - semantics, example

∧ ¬ F ∨ p T ¬ T p T q F

11 dBerLog 2007

Propositional logic - semantics, example

∧ ¬ F ∨ T p T ¬ T p T q F

12 dBerLog 2007

Propositional logic - semantics, example

∧ F ¬ F ∨ T p T ¬ T p T q F

13 dBerLog 2007

Propositional logic - semantics, example

∧ T ¬ T ∨ T p F ¬ T p F q F

14 dBerLog 2007

Propositional logic - semantics, example

∧ F ¬ T ∨ F p F ¬ F p F T T

15 dBerLog 2007

Propositional Logic - semantics, formally

• Semantics of a variable is a value from {T, F}
• Semantics of a formula over p1, p2,.., pn is a function

((p1 → {T, F})×... × ((pn → {T, F})) → {T, F} defined by the following truth tables

16 dBerLog 2007

Propositional logic - truth tables ∨, ∧

A B A ∨ B T T T T F T F T T F F F A B A ∧ B T T T T F F F T F F F F

17 dBerLog 2007

Propositional logic - truth tables →, ¬

A B A → B T T T T F F F T T F F T A ¬A T F F T T T F F

18 dBerLog 2007

Propositional logic - semantics, example

p q ¬p∧(¬ q∨p) T T F T F F F T F F F T

19 dBerLog 2007

Logical Circuits - building blocks

A B A ∨ B A ∧ B A B ¬ A A

20 dBerLog 2007

Logical Circuits - example

B A

21 dBerLog 2007

Semantic consequence and tautology - definitions

• A1... An |= B (B is a logical consequence of A1,... An)

iff B evaluates to T whenever A1, A2,... An evaluate to T Examples p∨q, ¬p |= q p, p→q |= p∧q

• A is said to be valid (or a tautology) iff |= A

Examples |= p ∨ ¬p |= (p→q) ∨ p

22 dBerLog 2007

Logical equivalence

• Definition

Two formulae A and B are said to be logically equivalent, A ≡ B, iff they define the same truth table Examples A ≡ ¬ ¬ A A ∧ B ≡ ¬ (¬ A ∨ ¬ B)

23 dBerLog 2007

Expressibility

• Exercise

All truth tables can be expressed in propositional logic

• Theorem

All truth tables can be expressed by the operators ¬ and → Proof A ∨ B ≡ (¬ A) → B A ∧ B ≡ ¬ (¬ A ∨ ¬ B)

24 dBerLog 2007

Expressibility

• Exercise: all truth tables can be expressed in propositional

logic

• Theorem

All truth tables can be expressed by the operator | (Sheffer stroke / nand-gate) defined by the following truth table

A B A | B T T F T F T F T T F F T

25 dBerLog 2007

Todays programme: Propositional Logic

• Familiarity with basic terminology of logics

– Syntax, logical connectives – Semantics: models, truth, validity, logical consequence – Proof systems: deductions, deductive consequence, theorems – Soundness and completeness

• Describe propositional logic and some of its basic properties

– Semantics: truth tables – Axiomatic proof system AL and its deductions – Soundness and completeness of AL

26 dBerLog 2007

Axiomatic Proof System - definition

• A set of well formed formulae (A, B ,.. ∈ ) wff
• A set of axioms Ax ⊆ wff
• A set of deduction rules:

A1, A2, ……, An (premises)

B

(consequence)

27 dBerLog 2007

Axiomatic Proof System AL for Propositional Logic

• A set of well formed formulae (A, B ,.. ∈ ) wff

– well formed formulae of propositional logic over ¬ and →

• A set of axioms Ax ⊆ wff

– Ax1 A → ( B → A) – Ax2 (A → ( B → C)) → ((A → B) → (A → C)) – Ax3 (¬A → ¬ B) → (B → A)

• A set of deduction rules:

– Modus ponens MP: A, A → B B

28 dBerLog 2007

AL deduction - example

• 1. A → ((B → A) → A)

Ax1

• 2. (A→((B→A)→A)) → ((A→(B→A))→(A→A)) Ax2
• 3. (A→(B→A))→(A→A)

MP 1, 2

• 4. A → (B → A)

Ax1

• 5. A → A

MP 3, 4

29 dBerLog 2007

Axiomatic Proof System - Deduction

• A deduction is a sequence of well formed formulae

A1, A2, …., An such that for all i, n ≥ i ≥ 1, either: (a) Ai is an axiom instance or (b) Ai is a hypothesis (from a set of formulae H) (c) Ai is derived by an deduction rule using formulae Aj where j < i as premises

• An is a deductive consequence of H, H |- An

where H is the set of hypotheses used in the deduction

• A is a theorem iff Ø |- A (notation: |- A )

30 dBerLog 2007

AL deduction - example TI

• 1. B → C

Hyp

• 2. (B→C) → ( A → (B→C)

Ax1

• 3. A →(B→C)

MP 1, 2

• 4. A → (B → C) → (A→B) → (A→C)

Ax2

• 5. (A→B) → (A→C)

MP 3, 4

• 6. A → B

Hyp

• 7. A → C

MP 5, 6 Conclude: {A → B, B → C} |- A → C

31 dBerLog 2007

Meta theorems

4.1 |- A → A 4.2 |- ¬ A → (A → B) 4.5 |- (B → C) → ((A → B} → (A → C)) (TI) 4.8 |- ¬¬A → A 4.9 |- (¬ A → A) → A 4.10 |- A → (¬ B → ¬ (A → B) 4.17 |- (B → A) → ((¬ B → A) → A)

32 dBerLog 2007

Deduction Theorem for AL

• Theorem 4.6

If H ∪{A} |- B then H |- A → B

• Theorem 4.7

If H |- A → B then H ∪{A} |- B

33 dBerLog 2007

Todays programme: Propositional Logic

• Familiarity with basic terminology of logics

– Syntax, logical connectives – Semantics: models, truth, validity, logical consequence – Proof systems: deductions, deductive consequence, theorems – Soundness and completeness

• Describe propositional logic and some of its basic properties

– Semantics: truth tables – Axiomatic proof system AL and its deductions – Soundness and completeness of AL

34 dBerLog 2007

Proofs and semantics - fundamental definitions

• An axiomatic proof system for |- is said to be

sound for |= iff for all formulae A: if |- A then |= A

• An axiomatic proof system for |- is said to be

complete for |= iff for all formulae A: if |= A then |- A

• An axiomatic proof system for |- is said to be consistent iff

for all formulae A it is not the case that ( |- A and |- ¬A)

35 dBerLog 2007

• Prop. Logic - soundness and completeness
• Theorem

The axiomatic proof system AL for propositional logic is sound and complete!

36 dBerLog 2007

Soundness proof

• Theorem 4.11

For all wff’s A, if |- A then |= A

• Proof: Induction in lengths of proofs

Induction hypothesis: M(k) = for all proofs of |- A with a proof of length ≤ k, it is the case that |= A

37 dBerLog 2007

Completeness proof I

• Theorem 4.19

For all wff’s A, if |= A then |- A

• Lemma I

Let A be a formula with atoms {p1, p2,..pn}. Let l be a line in A’s truth table, and let pi, be pi if the entry of pi in line l is T,

• therwise pi is ¬pi. Then

p1, p2,.., pn |- A is provable if the entry for A in line l is T p1, p2,.., pn |- ¬A is provable if the entry for A in line l is F

38 dBerLog 2007

Meta theorems

4.1 |- A → A 4.2 |- ¬ A → (A → B) 4.5 |- (B → C) → ((A → B} → (A → C)) (TI) 4.8 |- ¬¬A → A 4.9 |- (¬ A → A) → A 4.10 |- A → (¬ B → ¬ (A → B) 4.17 |- (B → A) → ((¬ B → A) → A)

39 dBerLog 2007

Completeness proof II

• Theorem 4.19

For all wff’s A, if |= A then |- A

• Lemma II

Let A be a valid formula with atoms {p1, p2,..pn}. From the two deductive consequences from Lemma I p1, p2,..,pn-1, pn |- A p1, p2,..,pn-1, ¬ pn |- A we can construct the deductive consequence p1, p2,.., pn-1 |- A

40 dBerLog 2007

Deduction Theorem for AL

• Theorem 4.6

If H ∪{A} |- B then H |- A → B

• Theorem 4.7

If H |- A → B then H ∪{A} |- B

41 dBerLog 2007

Meta theorems

4.1 |- A → A 4.2 |- ¬ A → (A → B) 4.5 |- (B → C) → ((A → B} → (A → C)) (TI) 4.8 |- ¬¬A → A 4.9 |- (¬ A → A) → A 4.10 |- A → (¬ B → ¬ (A → B) 4.17 |- (B → A) → ((¬ B → A) → A)

42 dBerLog 2007

Validity in propositional logic

• Validity problem for propositional logic:

Given a propositional logic formula A, is A valid, i.e. |= A?

• Theorem

The validity problem for popositional logic is decidable

• Proof

Easy - construct truth table!

• Corollary:

The set of valid formulas in propositional logic is recursive

43 dBerLog 2007

Exercises

• Describe the semantics of propositional logic

– Kelly page 14: 1.10 (i)-(ii): expressibility of nor and nand – Kelly page 25: 1 (i)-(v), 2, 5 (i)-(ii), 6, 7: truth tables

• Describe and construct deductions in AL

– Kelly page 92-93: 2 (i)-(ii), 3 (iv)-(v)

• Analyze proof of completeness of AL

– Kelly page 90: 4.11

44 dBerLog 2007

dBerLog exam 2007

• Oral exam
• 20 minutes - without preparation time
• Grading (12-scale)
• Internal examiners
• Two questions:

– Computability – Logic

45 dBerLog 2007

dBerLog Compulsory Assignments 2007

• Write manuscripts for a 15 minutes exam presentation for

each of the two exam questions: Computability and Logic

• 2-3 pages each
• dBerLog curriculum follows from dBerLog home page -

Weekly Schedules (will appear under Final Exam later)

• First assignment: Computability
• Hand in to your tutor no later than Wednesday September

26!

46 dBerLog 2007

dBerLog Compulsory Assignments 2007

• Your assignment contains at least:

– an outline of the presentation – brief argumentation for choices made – indications of levels in the dBerLog learning taxonomy:

• to be familiar with the basic terminology for computability and logic
• to describe basic computability classes and fundamental logics
• to describe basic properties of computability classes and logics
• to explain constructive/algorithmic approaches to computability classes and

logics

• to analyse and to prove properties of computability classes and logics

47 dBerLog 2007

Next week: Predicate Logic

• Sten kan ikke flyve og morlille kan ikke flyve

ergo er morlille en sten!

• ∀x. (St(x) → ¬ Fl(x)), ¬Fl(morlille)

|= St(morlille)

• Fugle kan flyve og piphans er en fugl

ergo kan piphans flyve! ∀ ∀x. (Bi(x) → Fl(x)), Bi(piphans) |= Fl(piphans)

48 dBerLog 2007

Prolog

Predicate logic ∀x. (Bi(x) → Fl(x)), Bi(piphans) |= Fl(piphans) Prolog Fl(X) :- Bi(X). Bi (piphans). FL(piphans)?

1 dBerLog 2007

Todays programme: Predicate Logic and Program Verification

• Familiarity with basic concepts/results of predicate logic

– Syntax: variables, quantification, scope – Semantics: interpretations, valuations, satisfaction truth, validity – Axiomatic proof system FOPL – Gödels completeness theorem for predicate logic

• Describe the use of predicate logic in program verification

– Syntax: program specifications, Hoare triples – Semantics: partial and total correctness – Proof system: Hoare proof rules

2 dBerLog 2007

Predicate Logic

• Sten kan ikke flyve og morlille kan ikke flyve

ergo er morlille en sten!

• (∀x. (S(x) → ¬ F(x))) ∧ ¬F(morlille)) |= S(morlille)
• Fugle kan flyve og piphans er en fugl

ergo kan piphans flyve!

• (∀x. (B(x) → F(x))) ∧ B(piphans)) |= F(piphans)

3 dBerLog 2007

Predicate Logic

Female(girl). Floats(duck). Sameweigth(girl, duck). Witch(X) :- Burns(X). Burns(X) :- Wooden(X). Wooden(X) :- Floats(X). Floats(X) :- Sameweight(X, Y), Floats(Y). Witch(girl)?

4 dBerLog 2007

Predicate Logic

Female(girl), Floats(duck), Sameweigth(girl, duck), ∀x Witch(x) ← Burns(x), ∀x Burns(x) ← Wooden(x), ∀x Wooden(x) ← Floats(x), ∀ x,y (Floats(x) ← Sameweight(x, y) ∧ Floats(y))

|= ?

Witch(girl)

5 dBerLog 2007

Predicate Logic - syntax examples

• Constants:

girl, duck

• Predicate symbols P: Female, Floats,.... with arity 1

Sameweight with arity 2

6 dBerLog 2007

Predicate Logic for Natural Numbers

∀ ∀x. Even(x) → Even(succ(succ(x))) ∀ ∀x. ∀y. (Even(x) ∧ y = x+2) → Even(y) ∀ ∀x. x + 0 = x

• (A(0) ∧ (∀x. A(x) → A(x+1)) → ∀x. A(x)

7 dBerLog 2007

Predicate Logic - syntax examples

• Constants:

girl, duck

• Predicate symbols P: Female, Floats,.... with arity 1

Sameweight with arity 2

• Constants

0,1,2,...

• Function symbols F:

+, × both with arity 2

• Predicate symbols P: = with arity 2

8 dBerLog 2007

Predicate Logic - syntax

• Variables x,y,z,...
• Constants C: c1, c2,....
• Function symbols F: f,g,h... each with some arity n>0
• Terms

t ::= c | x | f(t1, t2,..tn)

9 dBerLog 2007

Predicate Logic - first order language, wwf’s

• Predicate symbols P: P, Q, R each with some arity n 0

≥

• Well formed formulae wff:

Φ ::= P(t1, t2, .., tn) | ¬ Φ | Φ ∨ Φ | Φ ∧ Φ | Φ → Φ | ∀ x Φ | ∃ x Φ

10 dBerLog 2007

Predicate Logic - Interpretations

• An interpretation I for a first order predicate logic language

consists of D, a domain of concrete values for each constant cI an element of D for each f ∈ F with arity n, a function fI: Dn → D for each P ∈ P with arity n, a subset PI ⊆ Dn

11 dBerLog 2007

Predicate Logic - interpretations example

• D:
• bjects from the real world

girl: the girl in question duck: the duck on the scales Female: those objects which are female Sameweight: those pairs of objects with the same weight I |= ¬Wooden(girl) ∧ ¬Witch(duck) I |= ∃ x Female(x) since I |= Female(girl)

12 dBerLog 2007

Predicate Logic

Female(girl), Floats(duck), Sameweigth(girl, duck), ∀x Witch(x) ← Burns(x), ∀x Burns(x) ← Wooden(x), ∀x Wooden(x) ← Floats(x), ∀ x,y (Floats(x) ← Sameweight(x, y) ∧ Floats(y))

|= ?

Witch(girl)

13 dBerLog 2007

Predicate Logic - interpretations example

• D:

Natural numbers, N 0,1,..: the numbers zero, one,... +, × : sum and mutiplication on N =: equality on N I |= ∀x. x + 0 = x I |= ∀ x ∃ y (y = x+1) I |= x + 1 = y?

14 dBerLog 2007

Predicate Logic - valuations

• A valuation v in an interpretation I of a first order language

is a function from the terms of L to the domain D of I such that v(c) = cI for all constants v(x) ∈ D for all variables x for each f ∈ F with arity n, v(f(t1,..,tn)) = fI(v(t1),..,v(tn))

• That is essentially a ”look-up table”

v: free variables → D

15 dBerLog 2007

Predicate logic - free and bound variables

• (∀x (P(x) ∧ Q(x)) → (P(x) → Q(y))

→ →

P Q x y

∀ x ∧

P Q x x free bound

16 dBerLog 2007

Predicate logic - free and bound variables

• (∀x (P(x) ∧ Q(x)) → (P(x) → Q(y))

→ →

P Q x y

∀ x ∧

P Q x x Scope of

17 dBerLog 2007

Predicate Logic - satisfaction (semantics)

• Given an interpretation, I, for a first order language, a

valuation v, and a formula A, v satisfies A

• I |=v A

iff if A = P(t1, t2,.., tn) then (v(t1), v(t2),.., v(tn)) ∈ PI if A = ∀ x B then I |=v[x←d] B for all d ∈ D if A = ∃ x B then I |=v[x←d] B for some d ∈ D if A = ¬ B, B ∨ C, B ∧ C, B → C then ”as in propositional logic”

18 dBerLog 2007

Predicate Logic - interpretations examples

D: natural numbers 0, 1, 2,... +, ×: adition and multiplication =: equality I |=v ∃ y (y = x+1) ?

19 dBerLog 2007

Predicate Logic - interpretations examples

D: natural numbers 0, 1, 2,... +, ×: adition and multiplication =: equality I |=[0/x] ∃ y (y = x+1) I |=[0/x] ∃ y (x = y+1)

20 dBerLog 2007

Predicate Logic - interpretations examples

• D:

integers ...-2, -1, 0, 1, 2,... +, ×: adition and multiplication =: equality I |=[0/x] ∃ y (y = x+1) I |=[0/x] ∃ y (x = y+1)

21 dBerLog 2007

Predicate Logic -Truth and Validity

• A wwf A is true in an interpretation I iff every valuation in

I satisfies A, notation: I |= A

• A wwf A is false in an interpretation I iff no valuation in I

satisfies A

• A wwf A of a first order language L is (logically) valid iff

it is true in every interpretation of L, notation: |= A

• A wwf A of a first order language L is (logically)

contradictory iff it is false in every interpretation of L

22 dBerLog 2007

Predicate Logic - interpretations examples

D: natural numbers 0, 1, 2,... +, ×: adition and multiplication =: equality I |= ∀x ∃ y (y = x+1) I |= ∀x ∃ y (x = y+1) since I |=[0/x] ∃ y (x = y+1) |= ∀x ∃ y (x = y+1) - follows from above! |= ∀x ∃ y (y = x+1) - why?

23 dBerLog 2007

Predicate Logic - quiz

Truth in N: True False Valid Contr.

• 1. x+1 = y
• 2. ∀x (x = x+1)
• 3. ∀x ∀y (x+y = y+x)
• 4. ∃ x (P(x) ∧¬ P(x))
• 5. (∃ x ¬ P(x)) →

(¬ ∀x P(x))

24 dBerLog 2007

Predicate Logic - quiz

Truth in N: True False Valid Contr.

• 1. x+1 = y
• 2. ∀x (x = x+1)

√

• 3. ∀x ∀y (x+y = y+x)

√

• 4. ∃ x (P(x) ∧¬ P(x))

√ √

• 5. (∃ x ¬ P(x)) →

(¬ ∀x P(x)) √ √

25 dBerLog 2007

Predicate Logic -Truth and Validity

• Following Kelly we include the following predicate

constants in our syntax for predicate logic:

• _|_ standing for the always false predicate, i.e. the

predicate which is false in every interpretation

∀  | standing for the always true predicate, i.e. the

predicate which is true in every interpretation

26 dBerLog 2007

Todays programme: Predicate Logic and Program Verification

• Familiarity with basic concepts/results of predicate logic

– Syntax: variables, quantification, scope – Semantics: interpretations, valuations, satisfaction truth, validity – Axiomatic proof system FOPL – Gödels completeness theorem for predicate logic

• Describe the use of predicate logic in program verification

– Syntax: program specifications, Hoare triples – Semantics: partial and total correctness – Proof system: Hoare proof rules

27 dBerLog 2007

Predicate logic - axiomatic proof system

• Axioms:

– Ax1 A → ( B → A) – Ax2 (A → ( B → C)) → ((A → B) → (A → C)) – Ax3 (¬A → ¬ B) → (B → A)

• Deduction rules: A, A → B

– Modus ponens MP B

28 dBerLog 2007

Predicate logic - axiomatic proof system

• Axioms:

– Ax1 A → ( B → A) – Ax2 (A → ( B → C)) → ((A → B) → (A → C)) – Ax3 (¬A → ¬ B) → (B → A) – Ax4 (∀x) A(x) → A(t/x) where t is free for x in A! – Ax5 (∀x) (A → B) → (A → (∀x) B) no free occ’s of x in A!

• Deduction rules: A, A → B

– Modus ponens MP B

29 dBerLog 2007

Predicate logic - substitution

A[t/x] notation for ”A with all free occurrences of x substituted by t”

• Examples

((∀x (P(x) ∧ Q(x)) → (P(x) → Q(y))) [f(y)/x] = (∀x (P(x) ∧ Q(x)) → (P(f(y)) → Q(y)) ((∀y (P(y) ∧ Q(x)) → (P(y) → Q(x))) [f(y)/x] = ??

30 dBerLog 2007

Predicate logic - substitution

• A[t/x] is only defined if ”t is free for x in A”:

no free occurrence of x in A occurs within the scope of ∀y or ∃y for any variable y occurring in t

• For all t,x,A, - t can always be made free for x in A

by a suitable renaming of bindings ∀y, ∃y in A

• Example

((∀y (P(y) ∧ Q(x)) → (P(y) → Q(x))) [f(y)/x] = (∀z (P(z) ∧ Q(f(y))) → (P(y) → Q(f(y)))

31 dBerLog 2007

Predicate logic - axiomatic proof system

• Axioms:

– Ax1 A → ( B → A) – Ax2 (A → ( B → C)) → ((A → B) → (A → C)) – Ax3 (¬A → ¬ B) → (B → A) – Ax4 (∀x) A(x) → A(t) where t is free for x in A! – Ax5 (∀x) (A → B) → (A → (∀x) B) no free occ’s of x in A!

• Inference rules: A, A → B

– Modus ponens MP B – Generalisation G A (∀x) A

32 dBerLog 2007

Example of proof

• Assume that y does not occur in A(x)

Prove (∀x) A(x) → (∀y) A(y) 1. (∀x) A(x) Hyp

• 2. (∀x) A(x) → A(y)

Ax4 (y free for x in A) 3. A(y) MP 1,2 4. (∀y) A(y) G

33 dBerLog 2007

• Pred. Logic - soundness and completeness
• Gödel’s Completeness Theorem

Our set of proof rules (the 3 axioms and MP from propositional logic plus the 2 extra axioms and G) is sound and complete for predicate logic!

• Proof

Look for Gödel’s proof!

34 dBerLog 2007

Validity for predicate logic

• Validity problem for predicate logic:

Given a first order predicate logic formula A, is A valid, i.e. |= A?

• Theorem

The validity problem for predicate logic is unsolvable Proof: can be shown by a reduction from PCP

• Corollary

The set of valid formulas in predicate logic is recursively enumerable, but not recursive Proof: ??

35 dBerLog 2007

Validity for predicate logic

• Validity problem for predicate logic:

Given a first order predicate logic formula A, is A valid, i.e. |= A?

• Theorem

The validity problem for predicate logic is unsolvable Proof: can be shown by a reduction from PCP

• Corollary

The set of valid formulas in predicate logic is recursively enumerable, but not recursive Proof: Gödel’s completeness theorem

36 dBerLog 2007

Todays programme: Predicate Logic and Program Verification

• Familiarity with basic concepts/results of predicate logic

– Syntax: variables, quantification, scope – Semantics: interpretations, valuations, satisfaction truth, validity – Axiomatic proof system FOPL – Gödels completeness theorem for predicate logic

• Describe the use of predicate logic in program verification

– Syntax: program specifications, Hoare triples – Semantics: partial and total correctness – Proof system: Hoare proof rules

37 dBerLog 2007

Programming language PLN - syntax

• Constants:

natural numbers: 0, 1, 2,.. boolean constants: true, false

• Con ::= 0, 1, 2, ...
• Var::= x, y, z, ...
• E::= Con | Var | E + E | E ∗ E | (E)
• B::= true | false | ¬B | B ∧ B | B∨ B | E = E | (B)
• C::= x := E | C ; C | if B then C else C | while B do C

38 dBerLog 2007

PLN example C = Fac

y := 1; z := 0; while ¬ (z = x) do z := z + 1 y := y ∗ z

39 dBerLog 2007

PLN semantics

• A PLN state associates natural numbers to program

variables: States: Var → N

• The operational semantics of PLN defines the semantics of

a program C as a PARTIAL function Sem[C]: States → States where Sem[C](s) = s’ if C when started in state s terminates in state s’ undefined

• therwise

40 dBerLog 2007

PLN semantics, example C = Fac

y := 1; z := 0; while ¬ (z = x) do z := z + 1 y := y ∗ z Sem[Fac](x = 4, y = 0, z = 0,...) = (x= 4, y = 24, z = 4,...)

41 dBerLog 2007

PLN specifications syntax

• A correctnes specification of a program C is a Hoare triple
• f the form

{ φ } C { ψ } where φ (precondition) and ψ (postcondition) are first order predicate logic formulae over variables (including PLN program variables) and constants/functions/predicates interpreted in the model of natural numbers.

42 dBerLog 2007

Hoare triples - for Fac

y := 1; z := 0; while ¬ (z = x) do z := z + 1 y := y ∗ z

• |=par { | } Fac {y = x!}
• |=par {x>5} Fac {z=x}
• |=tot { | } Fac {y = x!}

43 dBerLog 2007

Pre/postcondition interpretation

• Let N be the predicate logic interpretation of natural

numbers with a (yet unspecified) vocabulary of constants, functions and predicates - all interpreted ”in the standard way”.

• Note that PLN states are nothing but predicate logic

valuations!

44 dBerLog 2007

Hoare triples - semantics

• { φ } C { ψ } is said to be satisfied under partial correctness

|=par { φ } C { ψ } iff for all states s, if N |=s φ, and Sem[C](s) is defined and equal to s’ then N |=s’ ψ

• { φ } C { ψ } is said to be satisfied under total correctness

|=tot { φ } C { ψ } iff for all states s, if N |=s φ, then Sem[C](s) is defined, and if Sem[C](s) = s’ then N |=s’ ψ

45 dBerLog 2007

Hoare proof rules := and ;

{ψ [E/x]} x := E {ψ} Ass-axiom {φ} C1 {η} {η} C2 {ψ} {φ} C1 ; C2 {ψ} Comp-rule

46 dBerLog 2007

Hoare proof rules if and while

{φ} if B then C1 else C2 {ψ} If-rule {ψ ∧ B} C {ψ} {ψ} while B do C {ψ ∧ ¬B} While-rule {φ ∧ B} C1 {ψ} {φ ∧ ¬B} C2 {ψ}

47 dBerLog 2007

A proof of Euclid’s gcd algorithm

{ m = m0 ≥ 1 ∧ n = n0 ≥ 1 } while ¬ (m = n) do if m > n then m:=m-n else n:= n-m; r:= m { r = gcd(m0, n0) }

48 dBerLog 2007

A proof of Euclid’s gcd algorithm

{ m = m0 ≥ 1 ∧ n = n0 ≥ 1 } while ¬ (m = n) do if m > n then m:=m-n else n:= n-m; {η} r:= m { r = gcd(m0, n0) }

49 dBerLog 2007

A proof of Euclid’s gcd algorithm

{ m = m0 ≥ 1 ∧ n = n0 ≥ 1 } while ¬ (m = n) do if m > n then m:=m-n else n:= n-m; {m = gcd(m0, n0) } r:= m { r = gcd(m0, n0) }

{m = gcd(m0, n0)} r := m {r = gcd(m0, n0) } Ass-axiom

50 dBerLog 2007

A proof of Euclid’s gcd algorithm

{ m = m0 ≥ 1 ∧ n = n0 ≥ 1 } while ¬ (m = n) do { gcd(m,n) = gcd(m0, n0) } if m > n then m:=m-n else n:= n-m; {m = gcd(m0, n0) } r:= m { r = gcd(m0, n0) }

51 dBerLog 2007

A proof of Euclid’s gcd algorithm

{ m = m0 ≥ 1 ∧ n = n0 ≥ 1 } while ¬ (m = n) do { gcd(m,n) = gcd(m0, n0) } if m > n then m:=m-n else n:= n-m; {m = gcd(m0, n0) } r:= m { r = gcd(m0, n0) }

{gcd(m,n) = gcd(m0, n0) ∧ ¬ (m = n) } if m > n then m:=m-n else n:= n-m;

{gcd(m,n) = gcd(m0, n0) }

{gcd(m,n) = gcd(m0, n0) } while ... {gcd(m,n) = gcd(m0, n0) ∧ ¬ ¬(m = n) } While-rule

52 dBerLog 2007

Hoare proof rules - implied

{φ’} C {ψ’} Impl-rule |- N φ’ → φ {φ} C {ψ} |- N ψ→ ψ’ NOTE We assume here that we have some underlying extension of the proof system for predicate logic, in which we prove formulae of the form φ’ → φ which are true in N - the interpretation of natural numbers!!!!

53 dBerLog 2007

A proof of Euclid’s gcd algorithm

{ m = m0 ≥ 1 ∧ n = n0 ≥ 1 } while ¬ (m = n) do { gcd(m,n) = gcd(m0, n0) } if m > n then m:=m-n else n:= n-m; {m = gcd(m0, n0) } r:= m { r = gcd(m0, n0) }

Proof obligations Comp rule: |-N m = m0 ≥ 1 ∧ n = n0 ≥ 1

• > gcd(m,n) = gcd(m0,n0)

|-N gcd(m,n)= gcd(m0,n0) ∧¬¬(m=n)

• > m = gcd(m0, n0)

54 dBerLog 2007

Proofs using Hoare rules

• Notation:

|-par { φ } C { ψ } iff { φ } C { ψ } has a proof using the Hoare rules and rules for |-N!!

• Are the Hoare rules sound and complete, i.e

|-par { φ } C { ψ } iff |=par { φ } C { ψ } ???

55 dBerLog 2007

Todays programme: Predicate Logic and Program Verification

• Familiarity with basic concepts/results of predicate logic

– Syntax: variables, quantification, scope – Semantics: interpretations, valuations, satisfaction truth, validity – Axiomatic proof system FOPL – Gödels completeness theorem for predicate logic

• Describe the use of predicate logic in program verification

– Syntax: program specifications, Hoare triples – Semantics: partial and total correctness – Proof system: Hoare proof rules

56 dBerLog 2007

Exercises

• Describe the semantics of predicate logic

– Kelly page 123 6.7 (scope rules) – Kelly page 130 6.9 (expressiveness – Kelly page 136 6.12 (satisfaction) – Kelly page 138 6.19 (satisfiability, truth, validity)

• Describe and construct deductions in FOPL

– Kelly page 160 7.1 (i) (ii)

• Describe and construct deductions for Hoare triples

– LimProVer page 10 Exercise 1

1 dBerLog 2007

Todays programme: Limitations of Program Verification

• To prove fundamental limitations of formalization

– Program correctness – Gödels incompleteness theorem

• To analyze and discuss the consequences

2 dBerLog 2007

Programming language PLN - syntax

• Constants:

natural numbers: 0, 1, 2,.. boolean constants: true, false

• Con ::= 0, 1, 2, ...
• Var::= x, y, z, ...
• E::= Con | Var | E + E | E ∗ E | (E)
• B::= true | false | ¬B | B ∧ B | B∨ B | E = E | (B)
• C::= x := E | C ; C | if B then C else C | while B do C

3 dBerLog 2007

PLN specifications syntax

• A correctnes specification of a program C is a Hoare triple
• f the form

{ φ } C { ψ } where φ (precondition) and ψ (postcondition) are first order predicate logic formulae over variables (including PLN program variables) and constants/functions/predicates interpreted in the model of natural numbers.

4 dBerLog 2007

Hoare triples - for Fac

y := 1; z := 0; while ¬ (z = x) do z := z + 1 y := y ∗ z

• |=par {x>5} Fac {z=x}
• |=par { | } Fac {y = x!}

5 dBerLog 2007

Hoare triples - semantics

• { φ } C { ψ } is said to be satisfied under partial correctness

|=par { φ } C { ψ } iff for all states s, if N |=s φ, and Sem[C](s) is defined and equal to s’ then N |=s’ ψ

• { φ } C { ψ } is said to be satisfied under total correctness

|=tot { φ } C { ψ } iff for all states s, if N |=s φ, then Sem[C](s) is defined, and if Sem[C](s) = s’ then N |=s’ ψ

6 dBerLog 2007

Incompleteness theorem for Hoare triples

• Theorem

There does not exist any sound and complete proof system for PLN partial correctness specifications in the form of Hoare triples!

7 dBerLog 2007

Proof system - definition

• Given a logical language with formulae Φ.
• A proof system for Φ consists of an alphabet Σ (for writing

proofs) and a set of rules, such that for all π in Σ* and formula Φ, it is decidable whether π is a proof of Φ

8 dBerLog 2007

Proof system - property

• Theorem

For any proof system, the set of provable formulae is recursively enumerable

9 dBerLog 2007

Incompleteness theorem for Hoare triples

• Theorem

There does not exist any sound and complete proof system for PLN partial correctness specifications in the form of Hoare triples!

• Proof

SHOW: the set of triples par {φ} C {ψ} is NOT recursively enumerable!

10 dBerLog 2007

Post’s correspondence problem - example

• List A:

List B:

α1 = b β1 = bbb α2 = babbb β2 = ba α3 = ba β3 = a

Solution? YES: 2 1 1 3 α2 α1 α1 α3 = babbb b b ba = babbbbbba β2 β1 β1 β3 = ba bbb bbb a = babbbbbba

11 dBerLog 2007

Post’s Correspondence Problem PCP

• PCP instance over alphabet Σ:

A = {w1, w2,.., wk} B = {x1, x2,.., xk} where wi and xi are strings over Σ

• A,B solution:

i0 i1… il-1 ∈ {1, 2, .., k}+ such that wi0 wi1..wil-1 = xi0 xi1..xil-1

12 dBerLog 2007

Post’s Correspondence Problem PCP

• Theorem

The complement of PCP (i.e. the set of PCP instances with no solutions) is not recursively enumerable

13 dBerLog 2007

Incompleteness theorem for Hoare triples

Lemma The set of triples par {φ} C {ψ} is NOT recursively enumerable! Proof:Reduction from the complement of PCP Given: An instance of PCP, A,B Construct: {φA,B} CA,B {ψA,B} such that A,B has NO solution iff par {φA,B} CA,B {ψA,B}

14 dBerLog 2007

Reduction PCP A,B -> CA,B (over strings!)

Given: PCP: A = {w1, w2,..wk} B = {x1, x2,...xk} CA,B: let in = i0i1..ile-1 {1,2,..,k}* w := ; x := ; j:= le; while j > 0 do {in=i0..il-1∧ w=wij.. wil-1∧ x=xij.. xil-1} j:= j-1; w := wij • w; x := xij • x; if w = x the skip else loop

15 dBerLog 2007

Representation of strings as numbers

• Given a base number b > 1
• For all v = i0i1...in-1 ∈ {0, 1, ..., b-1}* of length n

the b-ary representation of v, numb(v) is defined as numb(v) = numb(i0i1...in-1) = i0∗b0 + i1∗b1 + ... + in-1∗bn-1 = i0 + b∗ numb(i1...in-1)

• numb: {0, 1, ..., b-1}* → N

16 dBerLog 2007

Representation of strings as numbers

num2 (1001) = 1∗20 + 0∗21 + 0∗22 + 1∗23 = nine num3 (102) = 1∗30 + 0∗31 + 2∗32 = nineteen

17 dBerLog 2007

Representation of strings as numbers

• Given a base number b > 1
• For any n ∈ N, let

repb(n) = Λ if n = 0 rem(n,b) • repb(div(n,b)) if n > 0 where n = rem(n,b) + b∗div(n,b) and 0 rem(n,b) < b ≤

• repb: N → {Λ} ∪ {0, 1, ..., b-1}*{1, ..., b-1}
• repb: N → Nb (notation)

18 dBerLog 2007

Representation of strings as numbers

num2 (1001) = 1∗20 + 0∗21 + 0∗22 + 1∗23 = nine num3 (102) = 1∗30 + 0∗31 + 2∗32 = nineteen rep2(six) = 0 • rep2(three) = 0 • (1 • rep2(one)) = 0 • (1 • 1) = 011 rep3(eleven) = 2 • rep3(three) = 2 • (0 • rep3(one)) = 2 • (0 • 1) = 201

19 dBerLog 2007

Representation of strings as numbers

• Propositions

For all b>1 For all n ∈ N, numb ( repb(n) ) = n For all w ∈ Nb, repb ( numb(w) )= w i.e. numb and repb are bijections between N and Nb!

20 dBerLog 2007

Representation of strings as numbers

• Propositions

For all n, i ∈ N, 0 i < ≤ repb(n) the (unique) i’th digit in repb(n) is: rem(div(n, bi), b) For all v, w ∈ Nb numb(vw ) = numb(v) + numb(w) ∗ b|v|

• Question

Can the operations above be computed in PLN?

21 dBerLog 2007

PLN macros

• ”x := monus (m, n)”

where monus (m, n) = m - n, if m > n 0,

• therwise

can be computed in PLN by: x:= 0; y:= 0; while ¬(y = m ∨ y = n) do y := y+1; while ¬(y = m) do y := y+1; x := x+1

22 dBerLog 2007

PLN macros

• ”m ≤ n”

can be computed in PLN by: monus (m, n) = 0

• ”m > n”

can be computed in PLN by: ¬(monus (m, n) = 0)

23 dBerLog 2007

PLN macros

• ”d := div(m, n)” (integer division of m by n, where n ≠ 0)
• ”r := rem(m,n)” (remainder of int.div. of m by n, n≠ 0)
• (m = d∗n + r, where 0 r < n)

≤ can be computed in PLN by d:= 0; while ((d + 1)∗n m) do d := d + 1; ≤ r:= monus (m, d ∗n)

24 dBerLog 2007

PLN macros

• ”x := m ↑ n” (”m to the power n”)

can be computed in PLN by x := 1; y := 0; while ¬(y = n) do x := x∗m; y := y+1

25 dBerLog 2007

Incompleteness theorem for Hoare triples

Given: PCP over Σ: A = {w1, w2,..wk} B = {x1, x2,...xk} where Σ = {1, 2,..,Σ} Construct: φA,B = ψA,B = and CA,B such that PCP has NO solution iff par {} CA,B {} (i.e. iff CA,B diverges for all initial states)

26 dBerLog 2007

Reduction PCP A,B -> CA,B (over strings!)

Given: PCP: A = {w1, w2,..wk} B = {x1, x2,...xk} CA,B: let in = i0i1..ile-1 {1,2,..,k}* w := ; x := ; j:= le; while j > 0 do {in=i0..il-1∧ w=wij.. wil-1∧ x=xij.. xil-1} j:= j-1; w := wij • w; x := xij • x; if w = x the skip else loop

27 dBerLog 2007

Reduction PCP A,B -> CA,B - intuition

• Given a number in (input)

– Convert in to a string of small numbers repb(in) – View this string as a potential solution to PCP A,B – Construct (the numb-versions of) the corresponding concatenation

• f A- and B-strings

– Check for equality of these numbers

• If equal: terminate, if not: loop!
• Claim: this algorithm terminates for some input iff A,B has

a solution!

28 dBerLog 2007

Reduction PCP A,B -> CA,B

• Given PCP A = {w1, w2,..wk} B = {x1, x2,...xk}
• ver Σ = {1, 2,..,Σ} !!!!
• Compute base number b = max{k,Σ} +1

and constants numb(wi) and numb(xi), wiand xi

29 dBerLog 2007

PLN shorthand notation

• ”skip”

shorthand for ”y := y”

• ”loop”

shorthand for ”while true do skip”

30 dBerLog 2007

Reduction PCP A,B -> CA,B

Given: PCP: A = {w1, w2,..wk} B = {x1, x2,...xk} CA,B: if in=0 then loop; j:= 1; while div(in,bj) > 0 do j:= j+1; w := 0; x := 0; while j > 0 do

{repb(in)=i0..ile-1∧w=numb(wij.. wile-1)∧ x=numb(xij.. xile-1)}

j:= j-1; i := rem( div(in, bj), b); if i = 1 then w := numb(w1) + w∗(b↑|w1|); x := numb(x1) + x∗(b↑|x1|) else ........ if i = k then w := numb(wk) + w∗(b↑|wk|); x := numb(xk) + x∗(b↑|xk|) else loop if w = x the skip else loop

31 dBerLog 2007

Reduction PCP A,B -> CA,B

Example: PCP: A = {12, 2} B = {1, 22} CA,B: ??

32 dBerLog 2007

Reduction PCP A,B -> CA,B

Example: PCP: A = {12, 2} B = {1, 22} CA,B: if in=0 then loop; j:= 1; while div(in,bj) > 0 do j:= j+1; w := 0; x := 0; while j > 0 do j:= j-1; i := rem( div(in, 3j), 3); if i = 1 then w := 7 + w∗(3↑2 ); x := 1 + x∗(3↑1 ) else if i = 2 then w := 2 + w∗(3↑1 ); x := 8 + x∗(3↑2 ) else loop if w = x the skip else loop

33 dBerLog 2007

Incompleteness theorem for Hoare triples

• Claim:

A,B has solution iff CA,B terminates for some input

34 dBerLog 2007

Todays programme: Limitations of Program Verification

• To prove fundamental limitations of formalization

– Program correctness – Gödels incompleteness theorem

• To analyze and discuss the consequences

35 dBerLog 2007

Hoare proof rules if and while

{φ} if B then C1 else C2 {ψ} If-rule {ψ ∧ B} C {ψ} {ψ} while B do C {ψ ∧ ¬B} While-rule {φ ∧ B} C1 {ψ} {φ ∧ ¬B} C2 {ψ}

36 dBerLog 2007

A proof of Euclid’s gcd algorithm

{ m = m0 ≥ 1 ∧ n = n0 ≥ 1 } while ¬ (m = n) do { gcd(m,n) = gcd(m0, n0) } if m > n then m:=m-n else n:= n-m; {m = gcd(m0, n0) } r:= m { r = gcd(m0, n0) }

{gcd(m,n) = gcd(m0, n0) ∧ ¬ (m = n) } if m > n then m:=m-n else n:= n-m;

{gcd(m,n) = gcd(m0, n0) }

{gcd(m,n) = gcd(m0, n0) } while ... {gcd(m,n) = gcd(m0, n0) ∧ ¬ ¬(m = n) } While-rule

37 dBerLog 2007

A proof of Euclid’s gcd algorithm

{ m = m0 ≥ 1 ∧ n = n0 ≥ 1 } while ¬ (m = n) do { gcd(m,n) = gcd(m0, n0) } if m > n then m:=m-n else n:= n-m; {m = gcd(m0, n0) } r:= m { r = gcd(m0, n0) }

Proof obligations Comp rule: |-N m = m0 ≥ 1 ∧ n = n0 ≥ 1

• > gcd(m,n) = gcd(m0,n0)

|-N gcd(m,n)= gcd(m0,n0) ∧¬¬(m=n)

• > m = gcd(m0, n0)

38 dBerLog 2007

Hoare proof rules - implied

{φ’} C {ψ’} Impl-rule |- N φ’ → φ {φ} C {ψ} |- N ψ→ ψ’ NOTE We assume here that we have some underlying extension of the proof system for predicate logic, in which we prove formulae of the form φ’ → φ valid for N - the model of natural numbers!!!!

39 dBerLog 2007

A simple N vocabulary

• Let N↑ be the predicate logic interpretation with

– natural numbers as the univers of values, – constants 0,1 – function symbols +, ×, and ↑ – predicate symbol =

all interpreted ”as usual”

40 dBerLog 2007

Peano proof rules

∀n. ¬(n = n+1) ∀m ∀n. (m+1 = n+1) → (m = n) ∀n. n+0 = n ∀m ∀n. m+(n+1) = (m+n) + 1 ∀n. n∗0 = 0 ∀m ∀n. m∗(n+1) = (m∗n) + m ∀n. n↑0 = 1 ∀m ∀n. m↑(n+1) = (m↑n) ∗ m ϕ(0) ∀n. (ϕ(n) → ϕ(n+1)) ∀n. ϕ(n)

41 dBerLog 2007

Incompleteness of Peano axioms

∀ ∀n. ( (¬ (n = 0) ) → ∃ m (n = m+1) ) can NOT be shown in Peano’s proof system

42 dBerLog 2007

Gödel’s incompleteness theorem

• There does not exist any sound and complete proof system

for the model of natural numbers N↑ with constant 0,1, function symbols +, ∗, ↑, and predicate symbol =

• Proof

SHOW: The set {φ | N↑ φ} is NOT recursively enumerable!

43 dBerLog 2007

Gödel’s incompleteness theorem

Lemma: The set {φ | N↑ φ} is NOT recursively enumerable! Proof: reduction from the complement of PCP Given: An instance of PCP: A,B Construct: φA,B such that A,B has NO solution iff N↑ φA,B

44 dBerLog 2007

Gödel’s incompleteness theorem

Given: PCP over Σ: A = {w1, w2,..wk} B = {x1, x2,...xk} compute b > max{k, |Σ|} + 1 max = max{|wi|, |xi| | 1 i k } ≤ ≤ and for 1 i k: ≤ ≤ numb(wi) |wi | numb(xi) |xi |

45 dBerLog 2007

Reduction PCP A,B -> ψA,B

Given: PCP: A = {w1, w2,..wk} B = {x1, x2,...xk} ψA,B : ∃ le. ∃ m. (le ≥ l) ∧ (m ≥ le∗max) ∧ ∃ w, x. FIRST(m,w,x) ∧ NEXT (le,m,w,x) ∧ LAST (le,m,w,x)

46 dBerLog 2007

N↑ expressiveness

• ”m ≥ n”

may be expressed as ”∃ a. (m = n + a)”

• ”m > n”

may be expressed as ”(m ≥ n ∧ ¬(m = n))”

47 dBerLog 2007

Operations on strings in arithmetic

• Assume n = numb(i0i1...ij............)

div(n, bj) = numb(ijij+1,.......) rem(n, bj) = numb(i0i1, ...ij-1) sel(n, j, k) = rem( div(n,bj),bk) = numb(ij, ij+1...ij+k-1)

48 dBerLog 2007

N↑ expressiveness

• ”div(m, n) = d” (d is integer division of m by n)

may be expressed as ” ∃ r. (m = n∗ d + r ∧ r < n)”

• ”rem(m, n) = r” (r is remainder of int. division of m by n)

may be expressed as ”m = n∗ div(m, n) + r ”

• ”selb(m, j, k)” (the number repesented by the k digits

starting from digit j in repb(m)0* may be expressed as ” selb(m, j, k) = rem( div(m, b↑j), b↑k) )”

49 dBerLog 2007

Reduction PCP A,B -> ψA,B

Given: PCP: A = {w1, w2,..wk} B = {x1, x2,...xk} ψA,B : ∃ le. ∃ m. (le ≥ l) ∧ (m ≥ le∗max) ∧ ∃ w, x. FIRST(m,w,x) ∧ NEXT (le,m,w,x) ∧ LAST (le,m,w,x) FIRST(m,w,x) : selb(w, 0, m) = 0 ∧ selb(x, 0, m) = 0

50 dBerLog 2007

Reduction PCP A,B -> ψA,B

Given: PCP: A = {w1, w2,..wk} B = {x1, x2,...xk} ψA,B : ∃ le. ∃ m. (le ≥ l) ∧ (m ≥ le∗max) ∧ ∃ w, x. FIRST(m,w,x) ∧ NEXT (le,m,w,x) ∧ LAST (le,m,w,x) FIRST(m,w,x) : selb(w, 0, m) = 0 ∧ selb(x, 0, m) = 0 LAST(le,m,w,x): selb(w, m*le, m) = selb(x, m*le, m)

51 dBerLog 2007

Reduction PCP A,B -> ψA,B

Given: PCP: A = {w1, w2,..wk} B = {x1, x2,...xk} NEXT: ∀j. ((0 j ≤ ∧ j<le) → ∃i. (1 i ≤ ∧ i ≤ k ∧ MATCH(m,w,x,j,i) MATCH(m,w,x,j,i): (i=1 → selb(w, (j+1)∗m, m) = numb(w1) + selb(w, j∗m, m) ∗b|w1| ∧ selb(x, (j+1)∗m, m) = numb(x1) + selb(x, j∗m, m) ∗b|x1| ) ∧ ....... (i=k → selb(w, (j+1)∗m, m) = numb(wk) + selb(w, j∗m, m) ∗b|wk| ∧ selb(x, (j+1)∗m, m) = numb(xk) + selb(x, j∗m, m )∗b|xk| )

52 dBerLog 2007

Reduction PCP A,B -> ψA,B

Given: PCP: A = {w1, w2,..wk} B = {x1, x2,...xk} CLAIM: A,B has NO solution iff N↑ φA,B (= ¬ψA,B)

i.e

A,B HAS a solution iff N↑ ψA,B

53 dBerLog 2007

Todays programme: Limitations of Program Verification

• To prove fundamental limitations of formalization

– Program correctness – Gödels incompleteness theorem

• To analyze and discuss the consequences

54 dBerLog 2007

Exercises

• All exercises in the following referring to the note

Limitations of Program Verification [LiProVer07]

• Describe representations of numbers

– [LiProVer07] 2 (p 16), 3, 4 (p 17) : understanding number representations – [LiProVer07] 9 (p 23): understanding selection predicate

• Prove limitations of formalization

– [LiProVer07] 5, 6, 8 (p 21): understanding the reduction to Hoare specifications – [LiProVer07] 10 (p 27): understanding the reduction to predicate logic over the natural numbers

55 dBerLog 2007

dBerLog Compulsory Assignments 2007

• Write manuscripts for a 15 minutes exam presentation for

each of the two exam questions: Computability and Logic

• 2-3 pages each
• dBerLog curriculum follows from dBerLog home page -

Weekly Schedules (and Final Exam)

• Second assignment: Logic
• Hand in to your tutor no later than Wednesday October 10!

OBS: HARD DEADLINE!!!!!