Transcript Lecture 1

Computing Fundamentals 1
Lecture 1
Lecturer: Patrick Browne
http://www.comp.dit.ie/pbrowne/
Room K308
Based on Chapter 1.
A Logical approach to Discrete Math
By David Gries and Fred B. Schneider
Group inverse
Equational Reasoning
• Given the equations
1.
2.
3.
4.
0+x = x
x+0 = x
(-x)+x = 0
(x+y)+z = x +(y+z)
• prove that (-(-a)) = a for any a.
Equational Reasoning: Human
Proof
Given the equations
1. 0+X = X
2. X+0 = X
3. (-X)+X = 0
4. (X+Y)+Z = X +(Y+Z)
Prove that -(-a) = a for any a.
i) (-(-a)) = -(-a)+0 by -1
ii)
= -(-a)+[(-a)+a] by -3
iii)
= [-(-a)+(-a)]+a by -4
iv)
= [0] + a by +3
v)
= a
by +1
Is this the minimal set of rules needed for our proof
Square brackets [] indicates substitution
Human Equational Reasoning
=\= Equational Logic
• Equational logic is a formalization of informal human
equational reasoning. Broadly, this formalization
provides a machine equivalent to human equational
reasoning. But in detail there are technical
differences between human & machine reasoning.
• The substitution in proof step ii) in the previous slide
needed to be made explicit in the mechanical
equational logic proof on the next slide. Whereas in
the other steps the substitutions are automatic.
• https://www.youtube.com/watch?v=gzp6m9a2woI
Equational Logic: CafeOBJ
Proof
Given the equations
mod MY-NAT {
[ Nat ]
op -_ : Nat -> Nat
op 0 : -> Nat
op _+_ : Nat Nat -> Nat
vars X Y Z : Nat
eq [1] : 0 + X = X .
eq [2] : X + 0 = X .
eq [3] : (- X) + X = 0 .
eq [4] : ( X + Y )+ Z = X +( Y + Z) .
}
Prove that -(-a) = a for any a.
open MY-NAT .
-- An arbitrary constant a
op a : -> Nat . L->R reduction
red - ( - a) == a . gives false
start - ( - a) .
apply -. at term .
result ((- (- a)) + 0) : Nat
apply -.3 with X=a within term
result ((- (- a)) + ((- a) + a)) : Nat
apply -.4 at term .
result (((- (- a)) + (- a)) + a) : Nat
apply .3 at (1) .
result (0) + a : Nat
apply .1 at term .
result a : Nat
Equational logic
• State is a list of variables with associated
values.
• Evaluation of an expression E in a state is
performed by replacing all variables in E by their
values in the state and then computing the value
of the resulting expression. For example:
–
–
–
–
Expression x – y + 2
State (x,5),(y,6)
Gives 5 – 6 + 2
Evaluates to 1
• An expression may consists of constants,
variable, operations and brackets.
Equational logic
• Theories in mathematical logic are defined by
their axioms and inference rules (e.g. equational
logic).
• An axiom is a distinguished expression that
cannot be proved or disproved. We accept it as
being obviously true.
• An inference rule is a valid argument which
permits the substitution of expressions in the
steps of a formal proof.
• A theorem is either an axiom or an expression,
that using the inference rules, is proved equal to
an axiom or a previously proved theorem.
Valid Argument
• We call an argument valid when the conclusion is entailed by, or
logically follows from, the premises. Validity is a property of the
argument's form. It doesn't matter what the premises and the
conclusion actually say. It just matters whether the argument has the
right form. So, in particular, a valid argument need not have true
premises, nor need it have a true conclusion. The following is a valid
argument:
•
All cats are reptiles.
•
Bugs Bunny is a cat.
•
So Bugs Bunny is a reptile.
• Neither of the premises of this argument is true. Nor is the
conclusion. But the premises are of such a form that if they were
both true, then the conclusion would also have to be true. Hence the
argument is valid.
• Arguments are not true or false they are valid or invalid
http://www.jimpryor.net/teaching/vocab/validity.html
Not valid
https://www.youtube.com/watch?v=bWL0BGlvmqg
A sound argument is a valid argument where all the
premises are true
https://www.youtube.com/watch?v=bWL0BGlvmqg
Textual Substitution
• Let E and R be expressions and let x be a
variable then
•
E[x := R]
• denotes an expression that is the same as E but
with all occurrences of variable x replaced by R.
• Textual substitution only replaces variables not
expressions, but the variables can be replaced
by expressions. The symbol ‘:=‘ indicates
substitution (LHS replaced by RHS).
• Textual substitution has a higher precedence
than any other operator.
• https://www.youtube.com/watch?v=gzp6m9a2woI
Inference Rule
The inference rule provides a mechanism for
deriving "truths" or theorems. A theorem is an
expression that is true in all states. The inference
rule is written as follows:
(Expression or list of Expressions)
E
R
premise/hypothesis
conclusion
if true
then also true
Inference Rule Substitution
• Textual substitution can be considered as inference rule,
which provides a syntactic mechanism for deriving ‘truths’,
or theorems. Theorems correspond to expressions that
are true in all states. An inference rule consists of a list of
expressions, called its premises or hypotheses, above a
line and an expression, called its conclusion, below the
line. It asserts that if the premises are theorems, then the
conclusion is a theorem. The inference rule called
substitution uses an expression E , a list of variables v ,
and a corresponding list of expressions F (next slide).
Inference Rule Substitution
• Inference Rule Substitution (IRS) uses an
expression E, a list of variables v and a
corresponding list of expressions F:
E
• (1.1) Substitution:
E[v : F ]
• This rule asserts that if expression E holds in all
states then so does E with all occurrences of the
variable v replaced with corresponding
expression F. The symbol ‘:=‘ indicates
substitution (LHS replaced by RHS)..
Inference Rule Substitution(1.1)
E
E[v := F]
premise/hypothesis
conclusion
if true
then also true
expression E , a list of variables v, and a corresponding list of
expressions F
This rule asserts that if expression E is a
theorem, then so is E with all occurrences of
the variables of v replaced by the
corresponding expressions of F.
Inference Rule Substitution
• If we know x + y = y + x in all states,
then IRS allows us to conclude that b + 3
= 3 + b.
List of variable
x y  yx
( x  y  y  x)[ x, y : b,3]
• After substitution
x y yx
( b  3  3  b)
Replacement expressions
Inference Rule Substitution
E is (2•x)/2 = x
Use inference rule substitution to form the inference rule
2•x/2 = x
(2•x/2 = x)[x := j+5]
after substitution
2•x/2 = x
2•(j+5)/2 = j+5
Equality
• At the syntactic or symbol level the RHS and
LHS of 2•x/2=x are not equal. However, their
values are equal.
• One way equality can be characterised in terms
of expression evaluation:
• Evaluation of the expression X = Y in a state
yields the value true if expressions X and Y
have the same value and yields false if they
have different values.
• Definition: iff is used as an abbreviation for
“If and only if”; b iff c holds provided (i) b
holds if c holds and (ii) c holds if b holds.
Equality
• Another way of looking at equality is to use
laws that allow us to show expressions are
equal without evaluating them.
• A collection of such laws can be regarded
as a definition of equality, provided that
two expressions have the same value in
all states if and only if (iff) one
expression can be translated into the other
according to these laws of equality.
Four laws for Equality
• Reflexivity: x = x
• Symmetry: (x=y) = (y=x)
• Transitivity:
• Leibniz:
X  Y,Y  Z
X Z
XY
E[z: X] E[z: Y]
Leibniz inference rule: if X = Y is true in all states, then so is E[z := X] = E[z := Y].
Leibniz Inference Rule
XY
E[z: X] E[z: Y]
• Two expressions are equal in all states iff replacing
one by the other in any expression E does not change
the value of E (in any state).
• Leibniz inference rule tells us that if X = Y is true in all
states, then so is E[z := X] = E[z := Y].
Leibniz
XY
E[z: X] E[z: Y]
• The variable z is used in the conclusion because textual
substitution is defined for the replacement of a variable
but not for the replacement of an expression. In one
copy of E, z is replace by X, and in the other copy it is
replace by Y. This use of the variable z allows
replacement of an instance of z in E by either X or Y,
while still preserving the same value of E
Leibniz (See lab 2)
• Assume b+3 = c+5 holds in all states.
• We can conclude that adding d to both sides
Y
d+b+3=d+c+5 holds by: E[z: X]X  E[z
: Y]
X: b+3
Y: c+5
E: d+z
z : z
b 3  c 5
(d  z)[z: b  3](d  z)[z: c  5]
After substitution
b 3  c5
d (b  3) d (c  5)
https://www.youtube.com/watch?v=TvxnQRzZYYs
Semantics of variables, equality &
Identity
Variables in Python & CafeOBJ
Equal
Identical (Python is)
x
 y
99999
x
99999
=
y
99999
>>> x
>>> y
>>> x
True
>>> x
False
>>> x
>>> x
True
= 99999
= 99999
== y
X:Nat
is y
= y
is y
0, 1, 2 , 3 , …. 
Variables in some programming
language
Some points: CafeOBJ variables do not match the above (left)
conventional view of variables. In CafeOBJ a variable is constrained to
range over a particular sort or kind (a domain). A variable is not
considered equal to a particular element in the domain.
In contrast to programming languages real world objects are unique, so
we may need different concepts of equality and identity for real world
objects than computational objects.
Functions
• Function application can be defined in
terms of textual substitution. Let g.x:E
define a function g, where E is an
expression e.g. z+1. Then function
application (or evaluation) of g.x is
defined in general by: g.x = E[z:=x]
Python
A specific example:
>>> def g(z):
g.z = z + 1 : Definition
g.3 = 3 + 1 : x=3 substituted for z
4 Result
return z + 1
>>> g (3)
4
Functions
• Below are definitions of the factorial
function in CafeOBJ and Python.
mod! FACTORIAL {
protecting (NAT)
op fact : Nat -> NzNat
var n : Nat
eq fact(n) = if (n == 0) then 1 else (n * fact(sd(n,1))) fi .
}
def fact(n):
if n == 0:
return 1
else:
return n *
fact(n-1)
https://www.youtube.com/watch?v=6_LsROvbiuE
Fibonacci Function in Python
and CafeOBJ
Function Name Formal parameter
def fib(n):
if n == 0:
return 0
elif n == 1:
return 1
else:
return fib(n-1) + fib(n-2)
fib(14)
CafeOBJ
mod* FIB {
pr(NAT)
op fib : Nat -> Nat
var N : Nat
eq fib(0) = 0 .
eq fib(1) = 1 .
ceq fib(N) =
fib(p(N)) + fib(p(p(N)))
if N > 1 .}
Start CafeOBJ @ cmd. prompt
in fib.cafe
open FIB .
red fib(14) .
Actual argument
Functions
Python function definition
def g(z) :
return (z + 1)
Function application
g(6)
• Function application can be defined in
terms of textual substitution. Let
g.z: Expression
• Define a function g, then function
application g.X is defined in general by:
g.X = E[z := X]
In this case:
g.6 = E[z := 6] (6 is substituted for z)
Functions
• This close correspondence between
function application and textual
substitution suggests that Liebniz links
equality and function application:
XY
g.X  g.Y
In computing and mathematics
there is a lot of notation!
Notation 2
Notation 3
Notation 1
Notation 4
Reasoning with Leibniz’s rule
• Leibniz allows the substitution of equals
for equals in an expression without
changing the value of that expression. We
can demonstrate that two expressions are
Explanation of proof step
equal as follows:
E[z:=X]
Expressions
= <X=Y>
Variables
E[z:=Y]
2 Notations for Leibniz’s rule
• Leibniz says: Two expressions are equal in all
states iff replacing one by the other in any
expression E does not change the value of E (in
any state).
Premise
E[z:=X]
<X=Y>
= <X=Y>
E[z:=X]=E[z:=Y]
E[z:=Y]
Conclusion
• The first and third lines on the left are the equal
expressions of the conclusion in Leibniz.
• In notation on left the middle line is the premise.
Reasoning with Leibniz’s rule
• Recall John and Mary’s apples:
[eq1] m = 2 * j and
[eq2] m/2 = 2 * (j – 1)
• Using Leibniz:
[eq2] m/2 = 2 * (j – 1)
= <using [eq1] m = 2 * j equation in terms of j>
[eq3] (2*j)/2 = 2 * (j – 1)
• From arithmetic, the following holds in every state:
2*x/2 = x
• Continuing from above:
2*j/2 = 2 * (j – 1)
= < 2*j/2 = j , can put j on LHS>
j = 2*(j – 1)
Reasoning with Leibniz’s rule
• Solve the following for j:
j = 2*(j – 1)
• giving:
j = (2 * j) – 2
j = 2
The file apples.cafe shows how to solve for J.
• We can reduce equations to value (or answer), or
at least to their simplest possible form (SPF).
• An example of SPF
J = Y * (J – 1)
J = Y * J – Y * 1
J = Y * J - Y
• Without additional information we can go no further.
The assignment statement
• In a procedural programming language (e.g.
Python) the execution assignment statement
looks like:
(1.10) x := E (x becomes E)
• Where x is a variable and E is an expression.
This does not say that x is mathematically equal
to E. Also, it is not a test for equality. The
assignment statement in some programming
languages uses the same symbol as used for
textual substitution (i.e. :=), but is usually used to
store values.
The assignment statement
• A Hoare Triple is of the form {P}S{Q} where P is a
precondition, Q is a post-condition and S is a statement.
• Example of a procedural language + pre/post condition
• {x=?}
x := x+1 {x > 0}
• {x=0}
x := x+1 {x > 0}
• is VALID iff execution of x:=x+1 in any state where
x=0 results in a state where x>0.
• This provides a logical scaffolding or logical framework
for procedural programs (e.g. written in C). The
framework is added to the program, the program does
not include the logical framework.
•
https://www.youtube.com/watch?v=x8STZUBe0HA
The assignment statement in a
procedural programming language.
• (1.12) Definition of Program Assignment
• {R[x:= E]} x:= E {R}.
This is substitution
This is program assignment
• This allows us to compute the pre-condition from
the post-condition and assignment.
• Suppose we want to use the assignment
x:=x+1 and we want a post condition of x>4.
Then R is x>4 so the pre-condition is
(x>4)[x:=x+1] which after substitution gives
x+1>4 or x>3.
This is substitution
The assignment statement in a
procedural programming language.
Working through the last example in detail:
{R[x:=E]} x:=E {R} : General form
{?} x:=x+1 {x>4} : This case
• R is x>4,
• Assignment/substitution is x:=x+1
• pre-condition is {R[x:=E]}
x>4[x:= x+1] substitution gives
x+1 > 4 or x > 3.
Substitution examples
Perform the following textual substitutions.
• a + b  a[a := d + 3]
• Solution: a+b(d+3)
• Using brackets we get
• (a + b  a)[a := d + 3]
• Solution: (d+3)+b(d+3)
Substitution examples
• Substituting two variables.
• x + 2  y[x,y := y,x]
• (x + 2  y)[x := y][y := x]
• Textual substitution is left associative.
• E[x := R][y := Q] is
• (E[x := R])[y := Q]
The assignment statement in a procedural
programming language
Finding preconditions:
• {precondition} y:=y+4 { x + y > 10}
• x+(y+4)>10 simplifies to x+y>6
• {precondition} a:=a+b { a = b }
• (a+b)=b simplifies to a=0.
• {precondition} x:=x+1 { x = y - 1 }
• {x + 1 = y – 1} or { x = y-2}
Precondition Examples(*)
{precondition} x:=x+7 { x + y > 20}
Solution: {(x+7)+y>20} simplifies to {x+y>13}
{precondition} y:=x+y { x = y }
Solution: x = (x+y) simplifies to y=0.
{precondition} a:=a+1 { a = y - 1 }
Solution: {a + 1 = y – 1} or { a = y - 2}
Leibniz substitution in CafeOBJ
eq [axiom]
•
•
•
•
•
=
Y
(b + 3) = (c + 5) .
General substitution
In Leibniz terms:
X = Y implies E[z := X] = E[z := Y]
Actual substitution
E = d + z,
E[z := (b + 3)] = E[z := (c + 5)],
The following reduction should give true.
red d +
•
:
X
(b + 3) == d + (c + 5) .
A Logical Approach to Discrete Math by David Gries, David, Fred Schneider, page 12
Substitutions in CafeOBJ
module SIMPLE-NAT {
[Zero NzNat < Nat ]
op 0 : -> Zero
op s : Nat -> NzNat
op _+_ : Nat Nat -> Nat
vars N N' : Nat
eq [eq1] : 0 + N = N .
eq [eq2] : s(N) + N’ = s(N + N’) .
}
• Substitutions can be used for proofs. Evaluate
expressions from CafeOBJ manual, see notes below.
SIMPLE-NAT1
Here is a graphical
representation of
SIMPLE-NAT. Note
the sets and the
operations.
module SIMPLE-NAT {
[Zero NzNat < Nat ]
op 0 : -> Zero
op s : Nat -> NzNat
op _+_ : Nat Nat -> Nat
vars N N' : Nat
eq [eq1] : 0 + N = N .
eq [eq2] : s(N) + N’ = s(N + N’) .
}