automatedprogramverificationandtesting …mfredrik/15414/lectures/05-fol.pdf ·...
TRANSCRIPT
![Page 1: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/1.jpg)
Automated Program Verification and Testing15414/15614 Fall 2016Lecture 5:First-Order Logic
Matt [email protected]
October 17, 2016
Matt Fredrikson FOL 1 / 33
![Page 2: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/2.jpg)
Motivation
Propositional logic is limited
How could we express the following?
▶ All cats have more days than dogs.▶ The length of one side of a triangle is less than the sum of the
lengths of the other two sides.
First-order logic gives us ways of talking about:▶ Infinite sets of objects▶ Functions and relations over objects▶ Quantified statements over objects
Matt Fredrikson FOL 2 / 33
![Page 3: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/3.jpg)
First-Order Logic: Syntax
Logical Symbols:▶ Propositional connectives: ∧,∨,¬,→,↔▶ Variables: v, y, z, x1, x2, . . .
▶ Quantifiers: ∃, ∀Non-logical symbols (parameters):
▶ Constant symbols: c1, c2, . . .▶ Function symbols: g, h, f, f1, f2, . . .▶ Predicate symbols: r, q, p, p1, p2, . . .
Matt Fredrikson FOL 3 / 33
![Page 4: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/4.jpg)
First-Order Logic: Syntax
Predicate and function symbols are associated with an arity
Natural number that describes # of arguments
Examples:▶ =: arity 2▶ f(a, b, c): arity 3▶ Constants: can be seen as 0-arity functions▶ Propositional variables: can be seen as 0-arity predicates
Matt Fredrikson FOL 4 / 33
![Page 5: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/5.jpg)
First-Order Logic: Terms
Terms in FOL evaluate to values other than truth values▶ People▶ Strings▶ 64-bit integers
Terms are expressions that name objects
▶ Constants are terms▶ Variables are terms▶ For each function symbol f of arity n,
f(t1, . . . , tn)is a term if t1, . . . , tn are terms.
Matt Fredrikson FOL 5 / 33
![Page 6: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/6.jpg)
First-Order Logic: Atoms
Atoms in FOL evaluate to either true or false
These generalize propositional assertions▶ ⊥, ⊤ are atoms▶ Nullary predicates p, q, . . . are atoms▶ For each predicate symbol p of arity n,
p(t1, . . . , tn)is an atom is t1, . . . , tn are atoms
As before, a literal is an atom or its negation
Matt Fredrikson FOL 6 / 33
![Page 7: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/7.jpg)
First-Order Logic: Formulas
A first-order formula is:▶ A literal▶ The application of ¬,∧,∨,→,↔ to a formula▶ The application of a quantifier to a formula
There are two quantifiers:▶ ∀x.F [x]: “For all x, F [x]”▶ ∃x.F [x]: “There exists an x such that F [x]”
In each case,▶ x is the quantifiedvariable▶ F [x] is the scope of the quantifier▶ x is bound in F [x] by the quantifier▶ y is free in F if it is not bound by any quantifier
Matt Fredrikson FOL 7 / 33
![Page 8: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/8.jpg)
Closed, Open, and Ground Formulas
A few distinctions on first-order formulas:▶ A formula is closed if it contains no free variables▶ Closed formulas are also called sentences▶ A formula containing free variables is open▶ A formula is ground if it contains no variables
Which are these examples▶ ∀y.((∀x.p(x)) → q(x, y)
▶ ∀y.((∀x.p(x)) → (∃x.q(x, y)))▶ p(a, f(b)) → q(c)
Matt Fredrikson FOL 8 / 33
![Page 9: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/9.jpg)
Examples
How do we “pronounce” the formula?Which variables are free/bound?
∀x.p(f(x), y) → ∀y.p(f(x), y)
∀x.g(x) → ∃y.f(y) ∧ h(x, y)
∀x′.x′ < x → ∀y.y > 0 → r(x′, y) < y
p(i, u) → (f(a, i) = e → ∃j.ℓ ≤ j ≤ u ∧ f(a, j) = e)
Matt Fredrikson FOL 9 / 33
![Page 10: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/10.jpg)
Expressions in FOL
“All cats have more days than dogs.”∀x, y.dog(x) ∧ cat(y) → ndays(y) > ndays(x)
The numeric array a is sorted∀i.0 ≤ i < |a| → a[i] ≤ a[i + 1]
Graph G contains a triangle∃v1, v2, v3.e(v1, v2) ∧ e(v2, v3) ∧ e(v3, v1)
Graph G is connected. . .
Matt Fredrikson FOL 10 / 33
![Page 11: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/11.jpg)
First-Order Logic: Semantics
A first-order structure S = (D, I):
▶ D: universeofdiscourse, non-empty set of objects we’d liketo talk about
▶ I: Interpretation mapping parameters to objects, functions, andpredicates in DI :
1. every constant symbol to a value in D
2. every function symbol f of arity n to a function fI : D 7→ D
3. every relation symbol p of arity n to a relation pI ⊆ Dn
Assignments map variables to values (not object constants!):α : Vars 7→ DI
Matt Fredrikson FOL 11 / 33
![Page 12: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/12.jpg)
Example
x + y > z → y > z − x
What’s the “standard” structure?
Universe of discourse:▶ D = Z = {. . . ,−1, 0, 1, . . .}
Interpretation:▶ Function symbols: + 7→ +Z,− 7→ −Z
▶ Predicate symbols: > 7→>Z
Possible assignment:α = {x 7→ 0, y 7→ 1, z 7→ −1}
Matt Fredrikson FOL 12 / 33
![Page 13: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/13.jpg)
Evaluating Terms
Given I and α, we can evaluate terms to values in D
We write ⟨I, α⟩(a) to denote the evaluation of term a
Three cases for terms:
▶ Object constants: ⟨I, α⟩(a) = I(a)
▶ Variables: ⟨I, α⟩(v) = α(v)
▶ Function terms:⟨I, α⟩(f(t1, . . . , tn)) = I(f)(⟨I, α⟩(t1), . . . , ⟨I, α⟩(tn))
Matt Fredrikson FOL 13 / 33
![Page 14: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/14.jpg)
Evaluating Formulas
Given D, I, α, we define the evaluation of a first-order formula F
We write:
▶ D, I, α |= F if F evaluates to true
▶ D, I, α ̸|= F if F evaluates to false
Base cases:▶ D, I, α |= ⊤ and D, I, α ̸|= ⊥
▶ D, I, α |= p(t1, . . . , tn) iff (⟨I, α⟩(t1), . . . , ⟨I, α⟩(tn)) ∈ I(p)
Matt Fredrikson FOL 14 / 33
![Page 15: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/15.jpg)
Evaluating Formulas
Inductive case for connectives:
D, I, α |= ¬F iff D, I, α ̸|= F
D, I, α |= F1 ∧ F2 iff D, I, α |= F1 and D, I, α |= F2
D, I, α |= F1 ∨ F2 iff D, I, α |= F1 or D, I, α |= F2
D, I, α |= F1 → F2 iff D, I, α ̸|= F1 or I |= F2
D, I, α |= F1 ↔ F2 iff D, I, α |= F1 and I |= F2, orD, I, α ̸|= F1 and D, I, α ̸|= F2
These are the same as they were for propositional logic
Matt Fredrikson FOL 15 / 33
![Page 16: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/16.jpg)
Example
For universe D = {◦, •}, assignment α = {x 7→ •, y 7→ ◦}, and I:▶ I(a) = ◦▶ I(f) = {(◦, ◦) 7→ ◦, (◦, •) 7→ •, (•, ◦) 7→ •, (•, •) 7→ ◦}▶ I(g) = {◦ 7→ •, • 7→ ◦}▶ I(p) = {(◦, •), (•, •)}
What do the following evaluate to?▶ p(a, g(◦)) = true
▶ p(x, f(g(x), y)) → p(y, g(x)) = true
Matt Fredrikson FOL 16 / 33
![Page 17: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/17.jpg)
Evaluating Quantifiers
Let x be a variable assigned by α
An x-variant of α is an interpretation that:▶ Agrees with α on all variables except x▶ Assigns x to some given value c ∈ D
We write an x-variant of α as α[x 7→ c]
Universal quantifier:D, I, α |= ∀x.F iff for all c ∈ D,D, I, α[x 7→ c] |= F
Existential quantifierD, I, α |= ∃x.F iff there exists c ∈ D,D, I, α[x 7→ c] |= F
Matt Fredrikson FOL 17 / 33
![Page 18: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/18.jpg)
Example
For universe D = {◦, •}, assignment α = {x 7→ •, y 7→ ◦}, and I:▶ I(a) = ◦▶ I(f) = {(◦, ◦) 7→ ◦, (◦, •) 7→ •, (•, ◦) 7→ •, (•, •) 7→ ◦}▶ I(g) = {◦ 7→ •, • 7→ ◦}▶ I(p) = {(◦, •), (•, •)}
What do the following evaluate to?▶ ∃x.¬p(x, g(a)) = false
▶ ∀w.∃z.p(w, f(g(w), z)) = true
▶ (∃x.p(x, x)) → p(y, g(x)) = false
Matt Fredrikson FOL 18 / 33
![Page 19: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/19.jpg)
Satisfiability & Validity
A first-order formula F is satisfiable if and only if:
There exists S = (D, I) and assignment α where D, I, α |= F
A first-order formula F is valid if and only if:
For all S = (D, I) and assignments α, D, I, α |= F
We write |= F when F is valid
As before, these are dual to eachother
Matt Fredrikson FOL 19 / 33
![Page 20: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/20.jpg)
Example
Is the formula ∃x.f(x) = g(x) satisfiable?
Satisfying S, α:
▶ D = {0, 1}▶ I(f) = {0 7→ 1, 1 7→ 1}▶ I(g) = {0 7→ 0, 1 7→ 1}
Is it valid?
Falsifying S, α:
▶ D = {0, 1}▶ I(f) = {0 7→ 1, 1 7→ 1}▶ I(g) = {0 7→ 1, 1 7→ 0}
Matt Fredrikson FOL 20 / 33
![Page 21: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/21.jpg)
Proving Validity for First-Order Logic
We’ll extend the semantic argument method from earlier1. Assume F is not valid: there exists I such that I ̸|= F
2. Apply proof rules (more on this shortly)3. If: no contradiction, no applicable rules, conclude that F is
invalid4. If: every branch reaches contradiction, conclude that F is valid
But, we need new proof rules for quantifiers
Matt Fredrikson FOL 21 / 33
![Page 22: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/22.jpg)
Brief Review: Proof Rules
Recall the semantics for implication:
▶ From D, I, α |= F1 → F2:D, I, α |= F1 → F2
D, I, α ̸|= F1 | D, I, α |= F2
▶ From D, I, α ̸|= F1 → F2:D, I, α ̸|= F1 → F2
D, I, α |= F1 D, I, α ̸|= F2
Matt Fredrikson FOL 22 / 33
![Page 23: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/23.jpg)
Proof Rules: Universal Quantification
▶ From D, I, α |= ∀x.F :D, I, α |= ∀x.F
D, I, α[x 7→ c] |= FFor any c ∈ D
For example, if we know D, I, α |= ∀x.p(x, a)
Then we can conclude D, I, α[x 7→ b] |= p(x, a)
Matt Fredrikson FOL 23 / 33
![Page 24: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/24.jpg)
Proof Rules: Universal Quantification
▶ From D, I, α ̸|= ∀x.F :D, I, α ̸|= ∀x.F
D, I, α[x 7→ c] ̸|= FFor a fresh c ∈ D
Here, “fresh” means “not used previously in the proof”
If D, I, α ̸|= ∀x.F , all we know is that F doesn’t hold for some object
We don’t know which object
Hence, we pick a new one, making no assumptions
Matt Fredrikson FOL 24 / 33
![Page 25: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/25.jpg)
Proof Rules: Existential Quantification
▶ From D, I, α |= ∃x.F :D, I, α |= ∃x.F
D, I, α[x 7→ c] |= FFor a fresh c ∈ D
Again “fresh” means “not used previously in the proof”
Notice the similarity to the previous rule
Matt Fredrikson FOL 25 / 33
![Page 26: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/26.jpg)
Proof Rules: Existential Quantification
▶ From D, I, α ̸|= ∃x.F :D, I, α ̸|= ∃x.F
D, I, α[x 7→ c] ̸|= FFor any c ∈ D
There does not exist any object c for which F holds
No matter what x maps to, F won’t hold
Even if its something we used before
Matt Fredrikson FOL 26 / 33
![Page 27: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/27.jpg)
Deriving a Contradiction
▶ Contradiction rule:
D, I, α[· · · ] |= p(s1, . . . , sn)D, I, α[· · · ] ̸|= p(t1, . . . , tn)
⟨I, α[· · · ]⟩(si) = ⟨I, α[· · · ]⟩(ti) for all 1 ≤ i ≤ n
⊥
In the top two lines, the assignments are both variants of α
Contradiction exists whenever disagreement on value of p
For example, if D, I, {x 7→ a} |= p(x)D, I, {y 7→ a} ̸|= p(y)
then ⊥
Matt Fredrikson FOL 27 / 33
![Page 28: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/28.jpg)
Example
Prove the following valid:
F : (∀x.p(x)) → (∀y.p(y))
1 D, I, α ̸|= F2 D, I, α |= ∀x.p(x) 1 and →3 D, I, α ̸|= ∀y.p(y) 1 and →4 D, I, α[x 7→ c] |= p(x) 2 and ∀5 D, I, α[y 7→ c] ̸|= p(x) 3 and ∀6 ⊥ 4 and 5
Matt Fredrikson FOL 28 / 33
![Page 29: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/29.jpg)
Example
Prove the following valid:
F : (∀x.p(x)) ↔ (¬∃x.¬p(x))
1 I, α ̸|= F2a I, α |= ∀x.p(x) 1 and ↔3a I, α ̸|= ¬∃x.¬p(x) 1 and ↔4a I, α |= ∃x.¬p(x) 3a and ¬5a I, α[x 7→ c] |= ¬p(x) 4a and ∃6a I, α[x 7→ c] |= p(x) 2a and ∀7a ⊥ 5a and 6a
2b I, α ̸|= ∀x.p(x) 1 and ↔3b I, α |= ¬∃x.¬p(x) 1 and ↔4b I, α[x 7→ o] ̸|= p(x) 2b and ∀5b I, α ̸|= ∃x.¬p(x) 3b and ¬6b I, α[x 7→ o] ̸|= ¬p(x) 5b and ∃7b I, α[x 7→ o] |= p(x) 6b and ¬8b ⊥ 4b and 7b
Matt Fredrikson FOL 29 / 33
![Page 30: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/30.jpg)
Soundness and Completeness
These proof rules satisfy important properties
SoundnessIf every branch of the semantic argument proof derives acontradiction, then F is invalid. In other words, the proof rules don’treach wrong conclusions.
CompletenessIf F is valid, then there exists a finite-length proof in which everybranch derives a contradiction. In other words, there are no validformulas we can’t prove to be valid.
This is called refutationalcompleteness
Matt Fredrikson FOL 30 / 33
![Page 31: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/31.jpg)
Decidability of First-Order Logic
Decidable ProblemA decision problem is decidable if and only if there exists aprocedure P such that, for any input, either
1. Halts with “yes” when the answer is positive2. Halts with “no” when the answer is negative
Importantresult (Church & Turing): The problem of deciding validityfor first-order logic is not decidable.
Is there a problem here?
Matt Fredrikson FOL 31 / 33
![Page 32: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/32.jpg)
Semidecidability
Semidecidable ProblemA decision problem is semidecidable if and only if there exists aprocedure P such that, for any input, either
1. Halts with “yes” when the answer is positive2. Halts with “no” when the answer is negative3. or does not halt when the answer is negative
The first-order validity decision problem is semidecidable▶ Procedure always halts with yes when F is valid▶ Might not terminate when F is not valid
Matt Fredrikson FOL 32 / 33
![Page 33: AutomatedProgramVerificationandTesting …mfredrik/15414/lectures/05-fol.pdf · AutomatedProgramVerificationandTesting 15414/15614Fall2016 Lecture5: First-OrderLogic Matt Fredrikson](https://reader031.vdocuments.site/reader031/viewer/2022022701/5bbd29dc09d3f292388cd203/html5/thumbnails/33.jpg)
Next Lecture
Topic: First-order theories
Read: Chapter 3, up to (not including) 3.5
Start the homework!
Come to office hours with questions
Matt Fredrikson FOL 33 / 33