« Mathematical foundations: Formal logics (2) Classical first-order logic » A formal logic consists of: – a formal or informal language (formula expressing facts) Patrick Cousot –amodel-theoretic semantics (to define the meaning of Jerome C. Hunsaker Visiting Professor the language, that is which facts are valid) Massachusetts Institute of Technology Department of Aeronautics and Astronautics –a deductive system (made of axioms and inference cousot mit edu rules to formaly derive theorems, that is facts that www.mit.edu/~cousot are provable) Course 16.399: “Abstract interpretation” http://web.mit.edu/afs/athena.mit.edu/course/16/16.399/www/ Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —1— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —3— ľ P. Cousot, 2005 Questions about formal logics The main questions about a formal logic are: –Thesoundness of the deductive system: no provable formula is invalid –Thecompleteness of the deductive system: all valid formulæ are provable George Boole David Hilbert Gottlob Frege Reference [1] Jean van Heijenoort, editor. “From Frege to Gödel: A Source Book in Mathematical Logic, 1879-1931”. Harvard University Press, 1967. Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —2— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —4— ľ P. Cousot, 2005 Classical propositional logic – X 2Vare variables denoting unknown true or false facts Propositional classical logic –Thesetofformulæ ffi 2Fof the propositional logic are defined by the following grammar: ffi ::= X j (ffi1 ^ ffi2) j (:ffi) – The relation “is a subformula of” is well founded, whence can be used for structural definitions and proofs Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —5— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —7— ľ P. Cousot, 2005 Example of formulæ – A is a variable whence a formula The derivation – (:A) is a formula since A is a tree of the for- Syntax of the formula mula is: : classical propositional logic – (A ^ (:A)) is a formula since A and and (:A) are formulae – (:(A ^ (:A)) is a formula since ^ (A ^ (:A)) is a formula A : A Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —6— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —8— ľ P. Cousot, 2005 Abstract syntax Free variables of proopositional formulae – In practice we avoid parentheses thanks to priorities: The set FV(ffi) of free variables appearing in a formula - : has highest priority (evaluated first) ffi is defined by structural induction as follows: - ^ has lowest priority (evaluated second) def FV(X) = fXg - ^ is left associative (evaluation from left to right) def FV(:ffi) =FV(ffi) For example, :A ^:B ^ C stands for (:A) ^ (:B) ^ C FV(ffi ffi ) def=FV(ffi ) FV(ffi ) which stands for ((:A) ^ (:B)) ^ C 1 ^ 2 1 [ 2 –Thederivation tree is given by the following abstract grammar: ffi ::= X j ffi1 ^ ffi2 j:ffi Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —9— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —11— ľ P. Cousot, 2005 Propositional identities Abbreviations (de Morgan laws) def ffi1 _ ffi2 = :(:ffi1 ^:ffi2) Semantics of the def ffi1 =) ffi2 = :ffi1 _ ffi2 def propositional classical logic ffi1 (= ffi2 = ffi2 =) ffi1 def ffi1 () ffi2 =(ffi1 =) ffi2) ^ (ffi1 (= ffi2) def ffi1 _ ffi2 =(ffi1 _ ffi2) ^:(ffi1 ^ ffi2) Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —10— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —12— ľ P. Cousot, 2005 Booleans Tarskian/model-theoretic semantics of the def We define the booleans B = ftt ; ¸g and boolean opera- classical propositional logic tors by the following truth table: The semantics 2 S2F7! (V 7! B) 7! B of a proposi- & tt ¸ : tional formula ffi assign a meaning Sffi to the formula for any given environment 3: tt tt ¸ tt ¸ def ¸ ¸ ¸ ¸ tt SX = (X) def S:ffi = :(Sffi) def Sffi1 ^ ffi2 = Sffi1 & Sffi2 2 Also called an interpretation in logic 3 Hilbert used instead an arithmetic interpretation where 0 is true and 1 is false. Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —13— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —15— ľ P. Cousot, 2005 Environment/Assignment Models –Anenvironment 1 2V7!n B assigns boolean values is a model of ffi (or that satisfies ffi) if and only if: (X) to free propositional variables X. Sffi =tt – An example of assignment is = fX ! tt ;Y ! ¸g such that (X)=tt, (Y )=¸and the value for all which is written: other propositional variables Z 2VnfX; Y g is unde- fined ‚ ffi 1 Also called assignment in logic. Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —14— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —16— ľ P. Cousot, 2005 Entailment Examples of tautologies P = P ( (P = Q)) = P –Aset` 2 }(F) of formulae entails ffi whenever: ) : ) ) (::P )=) P (:(P =) Q)) =) (::P ) P = ( P ) ( (P = Q)) = Q 0 ‚ 0 ‚ ) :: : ) ): 8 :(8ffi 2 ` : ffi )=) ffi P =) (Q =) P ) (P =):P )=) (P =) Q) P =) (Q =) Q) (P =) Q)=) (:Q =):P ) which is written: (:P =) P )=) P (P =):Q)=) (Q =):P ) P =) (:P =) Q) (:P =):Q)=) (Q =) P ) ` ‚ ffi :P =) (P =) Q) (:P =):Q)=) (:P =) Q)=) P ) (:(P =) P )) =) Q (:(P =) Q)) =) (Q =) R) P =) (:(P =):P )) (:(P =) Q)) =) (:P =) R) (P =):P )=):P (P =) Q)=) ((Q =) R)=) (P =) R)) Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —17— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —19— ľ P. Cousot, 2005 Validity Satisfiability/Unsatisfiability –Wesaythatffi is valid if and only if: –Aformulaffi 2F is satisfiable if and only if: 8 2 (V 7! B):Sffi =tt 9 2 (V 7! B):Sffi =tt which is written: –Aformulaffi 2F is unsatisfiable if and only if: ‚ ffi 8 2 (V 7! B):Sffi =tt (i.e. ffi is a tautaulogy, always true) (i.e. ffi is a antilogy, always false) Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —18— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —20— ľ P. Cousot, 2005 Satisfiability/Validity/Unsatisfiability Hilbert deductive system Formulae – Axiom schemata 4: 5 Satisfiable Unsatisfiable (1) ffi _ ffi =) ffi (2) ffi =) ffi0 _ ffi 6 Sometimes true (3) (ffi =) ffi0)=) (ffi00 _ ffi =) ffi0 _ ffi00) 7 Sometimes false – Inference rule schema 4: Always false ffi; ffi =) ffi0 (MP) 8 modus ponens Valid ffi0 Always true 4 to be instanciated for all possible formulae ffi; ffi0;ffi00 2F 5 i.e. :(:(:ffi ^:ffi)) _ ffi) 6 i.e. :(::ffi ^::(:ffi ^:ffi0)) 7 0 00 0 00 def i.e; :(:ffi _ ffi ) _ (:(ffi _ ffi) _ (ffi _ ffi )) where ffi1 _ ffi2 = :(:ffi1 _:ffi2) ffi; :ffi _ ffi0 8 i.e. ffi0 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —21— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —23— ľ P. Cousot, 2005 Hilbert derivation –Aderivation from a set ` 2 }(F) of hypotheses is a finite nonempty sequence: Deductive system for the ffi1;ffi2;:::;ffin n – 0 classical propositional logic of formulae such that for each ffii, i =1;:::;n,wehave: - ffii is a element of ` (hypothesis) - ffii is an axiom 1 k ffii ;:::;ffii - ffii is the conclusion of an inference rule such ffii 1 k 9 that fffii ;:::;ffii g„fffi1;ffi2;:::;ffin`1g 9 So that the premises have already been proved. Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —22— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —24— ľ P. Cousot, 2005 Hilbert proof Hilbert provability –Aproof is a derivation from ; – ffi 2 F is provable from ` 2 }(F) (or ` proves ffi)iff there is a proof of ffi from ` , written: ` ‘ ffi where the deduction system (axioms and inference rules) are understood from the context. – ;‘ffi is written ‘ ffi This is the proof-theoretic semantics of first-order logic. Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —25— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —27— ľ P. Cousot, 2005 Example of proof Example of provability (ffi _ ffi =) ffi)=) (:ffi _ (ffi _ ffi)=) ffi _:ffi) [instance of (3)] (a) ‘:ffi _::ffi ffi _ ffi =) ffi [instance of (1)] (b) Proof. :ffi _ (ffi _ ffi)=) (ffi _:ffi) [(a), (b) and (MP)] (c) = (ffi =) (ffi _ ffi)) =) ffi _:ffi def. =) abbreviation Replace ffi by :ffi is the previous proof of ffi _:ffi. ffi =) (ffi _ ffi) [instance of (2)] (d) ffi _:ffi [(c), (d) and (MP)] Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —26— ľ P. Cousot, 2005 Course 16.399: “Abstract interpretation”, Tuesday March 8th, 2005 —28— ľ P. Cousot, 2005 Soundness of a deductive system Consistency of a deductive system Provable formulae do hold: Absence of contradictory proofs ‚ ` ‘ ffi =) ` ffi :(9` : ` ‘ ffi ^ ` ‘:ffi) A sound deductive system is consistent. Proof. Proof. The proof for propositional logic is by induction on the length of the formal proof of ffi from ` . By reduction ad absurdum assume inconsistency 9` : ` ‘ ffi ^ ` ‘:ffi.By ‚ ‚ 0 ‚ 0 A proof of length one, can only use a formula ffi in ` which is assumed soundness ` ffi ^ ` :ffi whence for all such that 8ffi 2 ` : ffi ,we to hold (i.e. Sffi =tt) or an axiom that does hold as shown below. have S ffi =ttand S :ffi =tt=:S ffi = :tt = ¸ which is the desired contradiction since tt 6=¸. – Sffi _ ffi =) ffi = S:(:(:ffi ^:ffi)) def.