\documentclass[11pt]{article} \usepackage[margin=1.45in]{geometry} \usepackage{proof} \usepackage{amsmath,amsthm,amssymb} \usepackage[raiselinks=false,colorlinks=true,citecolor=blue,urlcolor=blue,linkcolor=blue,bookmarksopen=true,dvips]{hyperref} \setlength{\inferLineSkip}{4pt} % font{ \usepackage{pxfonts} %% fix sans serif \renewcommand\sfdefault{cmss} \DeclareMathAlphabet{\mathsf}{OT1}{cmss}{m}{n} \SetMathAlphabet{\mathsf}{bold}{OT1}{cmss}{b}{n} % }font \theoremstyle{definition} \newtheorem{task}{Task} \newtheorem{ectask}{Extra Credit Task} \newcommand\pimp{\mathrel{\supset}} \newcommand\pand{\mathrel{\wedge}} \newcommand\por{\mathrel{\vee}} \newcommand\ptrue{\top} \newcommand\pfalse{\bot} \newcommand\pnot{\neg} \newcommand\pspades{\spadesuit} \newcommand\pforall[3]{\forall #1{:}#2.\, #3} \newcommand\pexists[3]{\exists #1{:}#2.\, #3} \newcommand\qtri\blacktriangledown \newcommand\ptri[3]{\qtri #1{:}#2.\, #3} \newcommand\eqn{\mathrel{=_N}} \newcommand\z{\mathsf{0}} \newcommand\s{\mathsf{s}} \newcommand\Cases{\mathit{Cases}} \newcommand\true{\;\textit{true}} \newcommand\false{\;\textit{false}} \newcommand\contra{\#} \newcommand\seq{\longrightarrow} \newcommand\ddd{\raisebox{0.2em}[1.3em]{$\vdots$}} \newcommand\com{\raisebox{0.3em}{$\ ,\ \ $}} \newcommand\hyp[2][]{\infer[#1]{#2}{}} \newcommand\sub[3]{\infer[#2]{#3}{#1}} \newcommand{\lred}{\mathrel{\raisebox{0.5em}{$\Longrightarrow_R$}}} \newcommand{\lexp}{\mathrel{\raisebox{0.5em}{$\Longrightarrow_E$}}} \newcommand{\DD}{\mathcal{D}} \newcommand{\EE}{\mathcal{E}} \newcommand{\FF}{\mathcal{F}} \newcommand{\GG}{\mathcal{G}} % some URLs used below \newcommand\tutchGuideURL{http://www.cs.cmu.edu/~fp/courses/15317-f09/software/tutch/doc/html/tutch_ovr.html} \newcommand\tutchProofTermsURL{http://www.cs.cmu.edu/~fp/courses/15317-f09/software/tutch/doc/html/tutch_4.html\#SEC18} \newcommand\tutchProofTermsRefURL{http://www.cs.cmu.edu/~fp/courses/15317-f09/software/tutch/doc/html/tutch_9.html\#SEC28} \newcommand\tutchArithmeticURL{http://www.cs.cmu.edu/~fp/courses/15317-f09/software/tutch/doc/html/tutch_7.html\#SEC21} \title{Constructive Logic (15-317), Fall 2009 \\ Assignment 5: Sequent Calculus for Proof Search} \author{William Lovas \texttt{(wlovas@cs)}} \date{Out: Thursday, October 8, 2009 \\ Due: Thursday, October 15, 2009 (before class)} \begin{document} \maketitle In this assignment, you will explore the \textbf{G4ip} sequent calculus and see how it may be used to build a simple yet realistic theorem prover for intuitionistic propositional logic. By the end of the assignment, you will have implemented a sound and complete proof search procedure capable of proving automatically any of the propositional theorems you've proven manually this semester using Tutch. The written portion of your work (Sections~\ref{sec:manual} and \ref{sec:cut}) should be submitted at the beginning of class. As usual, if you are familiar with \LaTeX, you are encouraged to use this document as a template for typesetting your solutions, but you may alternatively write your solutions \textit{neatly} by hand. The programming portion of your work (Section~\ref{sec:prover}) should be submitted via AFS by copying your code to the directory \begin{verbatim} /afs/andrew/course/15/317/submit//hw05 \end{verbatim} where \verb'' is replaced with your Andrew ID. \section{Manual Theorem Proving (10 points)} \label{sec:manual} During the last few lectures, we have discussed various forms of sequent calculi and considered how they might be used to build a decision procedure for intuitionistic propositional logic. One particularly simple formulation amenable to implementation is Dyckhoff's contraction-free sequent calculus \textbf{G4ip}. (See Appendix~\ref{app:rules} for a recap of the rules.) First, let's get some practice using \textbf{G4ip} as a proof system. \begin{task}[5 pts] Give a proof of the sequent $\cdot \seq ((P \pimp Q) \pimp R) \pand ((P \pimp Q) \pimp S) \pimp (P \pimp Q) \pimp R$ using the rules of \textbf{G4ip}. ($P$, $Q$, $R$, and $S$ all stand for atomic propositions.) \end{task} \begin{task}[5 pts] Give a proof of the sequent $\cdot \seq ((P \por Q) \pand R \pimp S) \pimp R \pand (Q \por P) \pimp S$ using the rules of \textbf{G4ip}. (Again, $P$, $Q$, $R$, and $S$ all stand for atomic propositions.) \end{task} \section{Cut Elimination (5 points)} \label{sec:cut} The Cut Admissibility theorem is a crucial tool that helps us demonstrate the expressivity of our logic: if we can prove something, then we can use it as a lemma towards proving something else. We usually prove this theorem by a nested induction, first on the structure of the cut formula, and then on the structure of the two given derivations. The \textbf{G4ip} calculus also admits such a theorem, and it is proven by roughly similar means (though some additional structural properties are required for the cases involving compound left rules). \newtheorem*{theorem}{Theorem} \newtheorem*{lemma}{Lemma} \begin{theorem}[Cut Admissibility for \textbf{G4ip}] If $\Gamma \seq A$ and $\Gamma, A \seq C$, then $\Gamma \seq C$. \end{theorem} \begin{proof} By nested induction, first on the \textit{weight} of the cut formula $A$, and then on the structure of the derivations $\DD$ of $\Gamma \seq A$ and $\EE$ of $\Gamma, A \seq C$. \end{proof} \begin{task}[5 pts] Prove the case of \textbf{G4ip}'s Cut Admissibility theorem where $A$ is $P \pimp B$, $\DD$ is derived by ${\pimp}R$, and $\EE$ is derived by $P{\pimp}L$. You may assume without proof the following structural properties of \textbf{G4ip}: \begin{lemma}[Weakening] If $\Gamma \seq C$, then $\Gamma, A \seq C$. \end{lemma} \begin{lemma}[Contraction] If $\Gamma, A, A \seq C$, then $\Gamma, A \seq C$. \end{lemma} \begin{lemma}[Identity] For all $A$, we can derive $\Gamma, A \seq A$. \end{lemma} \end{task} \newpage \section{Automated Theorem Proving (25 points)} \label{sec:prover} Because \textbf{G4ip}'s rules all reduce the ``weight'' of the formulas making up the sequent when read bottom-up, it is straightforward to see that it represents a decision procedure even without the benefit of loop checking. The rules themselves are non-deterministic, though, so one must invest some effort in extracting a deterministic implementation from them. \begin{task}[25 pts] Implement a proof search procedure based on the \textbf{G4ip} calculus. Efficiency should not be a primary concern, but see the hints below regarding invertible rules. Strive instead for \textit{correctness} and \textit{elegance}, in that order. \end{task} You should write your implementation in Standard ML.\footnote{If you are not comfortable writing in Standard ML, you should contact the instructors and the TA to work out an alternate arrangement.} Some starter code is provided in the file \verb'prop.sml' to clarify the setup of the problem and give you some basic tools for debugging (see Figure~\ref{fig:startercode}). Implement a structure \verb'G4ip' matching the signature \verb'G4IP'. A simple test harness assuming this structure is given in the structure \verb'Test' in the file \verb'test.sml'. Feel free to post any additional interesting test cases you encounter to the course bulletin board. \begin{figure} \begin{verbatim} signature PROP = sig datatype prop = (* A ::= *) Atom of string (* P *) | True (* | T *) | And of prop * prop (* | A1 & A2 *) | False (* | F *) | Or of prop * prop (* | A1 | A2 *) | Implies of prop * prop (* | A1 => A2 *) val Not : prop -> prop (* ~A := A => F *) val toString : prop -> string end structure Prop :> PROP = ... signature G4IP = sig (* [decide A = true] iff . ===> A has a proof, [decide A = false] iff . ===> A has no proof *) val decide : Prop.prop -> bool end \end{verbatim} \caption{SML starter code for \textbf{G4ip} theorem prover.} \label{fig:startercode} \end{figure} Here are some hints to help guide your implementation: \begin{itemize} \item Be sure to apply all invertible rules before you apply any non-invertible rules. Recall that the only non-invertible rules in \textbf{G4ip} are ${\por}R_1$, ${\por}R_2$, and ${\pimp}{\pimp}L$, but that $P{\pimp}L$ and the $\mathrm{init}$ rule cannot always be applied asynchronously. One simple way to ensure that you do inversions first is to maintain a second context of non-invertible propositions and to process it only when the invertible context is exhausted. \item When it comes time to perform non-invertible search, you'll have to consider all possible choices you might make. Many theorems require you to use your non-invertible hypotheses in a particular order, and unless you try all possible orders, you may miss a proof. \item The provided test cases can help you catch many easy-to-make errors. Test your code early and often! If you come up with any interesting test cases of your own that help you catch other errors, we encourage you to share them via the course bulletin board. \end{itemize} There are many subtleties and design decisions involved in this task, so don't leave it until the last minute! \appendix \section{Complete G4ip Rules} \label{app:rules} \[ \begin{array}{cc} \\[1em] \multicolumn{2}{l}{\textbf{Init Rule}} \\[1em] \multicolumn{2}{c}{\infer[\mathrm{init}]{\Gamma, P \seq P}{}} \\[1em] \multicolumn{2}{l}{\textbf{Ordinary Rules}} \\[1em] \infer[{\ptrue}R]{\Gamma \seq \ptrue}{} & \infer[{\ptrue}L]{\Gamma, \ptrue \seq C}{\Gamma \seq C} \\[1em] \infer[{\pand}R]{\Gamma \seq A \pand B} {\Gamma \seq A & \Gamma \seq B} & \infer[{\pand}L]{\Gamma, A \pand B \seq C} {\Gamma, A, B \seq C} \\[1em] \text{(no ${\pfalse}R$ rule)} & \infer[{\pfalse}L]{\Gamma, \pfalse \seq C}{} \\[1em] \infer[{\por}R_1]{\Gamma \seq A \por B} {\Gamma \seq A} \quad \infer[{\por}R_2]{\Gamma \seq A \por B} {\Gamma \seq B} \quad & \quad \infer[{\por}L]{\Gamma, A \por B \seq C} {\Gamma, A \seq C & \Gamma, B \seq C} \\[1em] \multicolumn{2}{c}{ \infer[{\pimp}R]{\Gamma \seq A \pimp B} {\Gamma, A \seq B} } \\[1em] \multicolumn{2}{l}{\textbf{Compound Left Rules}} \\[1em] \multicolumn{2}{c}{ \infer[P{\pimp}L]{\Gamma, P, P \pimp B \seq C} {\Gamma, P, B \seq C} } \\[1em] \infer[{\ptrue}{\pimp}L]{\Gamma, \ptrue \pimp B \seq C} {\Gamma, B \seq C} & \infer[{\pand}{\pimp}L]{\Gamma, D \pand E \pimp B \seq C} {\Gamma, D \pimp E \pimp B \seq C} \\[1em] \infer[{\pfalse}{\pimp}L]{\Gamma, \pfalse \pimp B \seq C} {\Gamma \seq C} & \infer[{\por}{\pimp}L]{\Gamma, D \por E \pimp B \seq C} {\Gamma, D \pimp B, E \pimp B \seq C} \\[1em] \multicolumn{2}{c}{ \infer[{\pimp}{\pimp}L]{\Gamma, (D \pimp E) \pimp B \seq C} {\Gamma, D, E \pimp B \seq E & \Gamma, B \seq C} } \end{array} \] \end{document}