------------------------------- Week 1, cos 441, fall 2007 ------------------------------- -- coarse logistics => url * my office hours = after class or by appointment * teaching assistants = Kenny Zhu, office hours: Tuesday, Thursday 11-11:30 a.m. * assignments = approximately 1 per week * assignments = part theory, part programming * assignments = may talk about assignments, write up on your own * take-home midterm * take-home final -- to do: * Subscribe to the course mailing list. Go to https://lists.cs.princeton.edu/mailman/listinfo/cos441. -- what we will be studying: * how do we specify the *meaning* of programs and language features precisely? * syntax, typing and execution behavior * what are the *principles* of programming language design? * how do we construct new programming languages or programming language features without making a mess of things? * how do we *reason* about programs and programming languages? * sometimes, amazingly, we can prove that every single program you can write in a particular language has certain properties. Deep properties, like "you never dereference a null pointer". Even though the language is turing complete. -- to do these things, we need to learn a bit of math. -- Homework: Read Pierce, Chap 2 (esp 2.4), Chap 3.1-3.3 ----------------- Deductive Systems ----------------- -- a deductive system has 2 parts: 1. definition of judgment form or collection of judgment forms * judgment = assertion, fact that may or may not be true * a valid or true judgment 2. collection of rules * axioms * inference rules J1 ... Jk --------- name J -- rules include some number of premises above the line and a conclusion below the line. We often put a name beside the rule to allow us to refer to it easily. -- rules often contain "metavariables" -- stand for classes of objects and may be instantiated by any object in the class. The people who write rules should tell you what the metavariables are and what objects are allowed to instantiate them. -- a judgment is valid if: 1. it is the conclusion of an axiom 2. it is the conclusion of a rule where all premises are valid judgements -- a derivation is a proof a judgement is valid. Hence a derivation is 1. either an axiom, or 2. a rule plus derivations for all of the premises of the rule. -- examples: 1. |- n nat "n is a natural number" |- n nat ----------- Z ---------- S |- Z nat |- S n nat Note: n is a "meta-variable". Z and S are not meta-variables -- they are constants (sometimes called "constructors") that allow you to write down concrete numbers like Z and (S Z) and (S S Z). Since the rule named S contains a meta-variables there are many "versions" or "instances" of the rule. A derivation proving that S (S (S Z)) is a natural number: --------- Z |- Z nat ------------------ S |- S Z nat ------------------ S |- S (S Z) nat ------------------ S |- S (S (S Z)) nat 2. |- add n1 n2 n3 "n1 plus n2 equals n3" |- add n1 n2 n3 ------------------- addZ --------------------------- addS |- add Z n n |- add (S n1) n2 (S n3) 3. |- even n "n is an even number" |- odd n "n is an odd number" ---------- evenZ |- even Z |- odd n |- even n ------------- evenS ------------- oddS |- even (S n) |- odd (S n) Alternative definition: ---------- even2Z |- even2 Z |- even2 n ----------------- even2S |- even2 (S (S n)) ---------- odd2Z |- odd2 (S Z) |- odd2 n ----------------- odd2S |- odd2 (S (S n)) ----------------- Rule Induction ----------------- -- the given inference rules are an *exhaustive* source of information about the valid judgments. -- no judgment is valid unless you can derive a proof for it using some finite number of the given inference rules -- this leads to a proof principal (Rule Induction): * to show every derivable judgment has some property P, show for every rule in the deductive system: J1 ... Jn --------- name J if J1 ... Jn have property P then J has property P -- examples: 1. Given a property P, we know that P is true for all natural numbers, if we can prove: * P holds unconditionally for Z. Corresponds to rule: ----------- Z |- Z nat * Assuming P holds for n then P holds for (S n). Corresponds to rule: |- n nat ------------- S |- S n nat -- also called "induction on the structure of natural numbers" or more generally "structural induction" when the objects are numbers, but other things like trees or programming language expressions. Theorem: For all natural numbers n, one of the following judgements is derivable |- even n or |- odd n. Proof: By induction on the derivation of |- n nat. (Or "by induction on the structure of naturals n") Case: -------- |- Z nat |- even Z (by rule evenZ) case: |- n nat ------------- |- S n nat (1) |- even n or (2) |- odd n (by IH) Assuming (1): |- odd S n (by (1) and oddS) Assuming (2): |- even S n (by (2) and evenS) QED Theorem: For all n1, n2, there exists n3 such that |- add n1 n2 n3. ie: add is a total relation. Proof: By induction on the structure of n1. case: -------- |- Z nat |- add Z n2 n2 (by addZ) case: |- n nat ------------- succ |- S n nat |- add n n2 n3' (by IH) |- add (S n) n2 (S n3') (by addS) QED Theorem: If |- even2 n then |- even n. Proof: By induction on the derivation |- even2 n. case: ---------- even2Z |- even2 Z |- even Z (by evenZ) case: |- even2 n ----------------- even2S |- even2 (S (S n)) |- even n (by IH) |- odd (S n) (by oddS) |- even (S (S n)) (by evenS) QED