# HG changeset patch # User Christian Urban <urbanc@in.tum.de> # Date 1303962661 -28800 # Node ID d29a8a6f3138a3f1d7c2cc6e63de6b95b3c41943 # Parent c3ff26204d2ac3a8a14a28f1f1a46f127011f0f2# Parent fc21ba07e51e665a4828a32597cdfa20929d881f merged diff -r fc21ba07e51e -r d29a8a6f3138 IsaMakefile --- a/IsaMakefile Tue Apr 19 13:03:08 2011 +0100 +++ b/IsaMakefile Thu Apr 28 11:51:01 2011 +0800 @@ -128,7 +128,19 @@ cd Slides/generated6 ; $(ISABELLE_TOOL) latex -o pdf root.beamer.tex cp Slides/generated6/root.beamer.pdf Slides/slides6.pdf -slides: slides1 slides2 slides3 slides4 slides5 slides6 +session7: Slides/ROOT7.ML \ + Slides/document/root* \ + Slides/Slides6.thy + @$(USEDIR) -D generated7 -f ROOT7.ML HOL Slides + +slides7: session7 + rm -f Slides/generated7/*.aux # otherwise latex will fall over + cd Slides/generated7 ; $(ISABELLE_TOOL) latex -o pdf root.beamer.tex + cd Slides/generated7 ; $(ISABELLE_TOOL) latex -o pdf root.beamer.tex + cp Slides/generated7/root.beamer.pdf Slides/slides7.pdf + + +slides: slides1 slides2 slides3 slides4 slides5 slides6 slides7 diff -r fc21ba07e51e -r d29a8a6f3138 Nominal/Nominal2_Base.thy --- a/Nominal/Nominal2_Base.thy Tue Apr 19 13:03:08 2011 +0100 +++ b/Nominal/Nominal2_Base.thy Thu Apr 28 11:51:01 2011 +0800 @@ -2398,11 +2398,6 @@ lemma list_renaming_perm: shows "\<exists>q. (\<forall>b \<in> set bs. q \<bullet> b = p \<bullet> b) \<and> supp q \<subseteq> set bs \<union> (p \<bullet> set bs)" proof (induct bs) - case Nil - have "(\<forall>b \<in> set []. 0 \<bullet> b = p \<bullet> b) \<and> supp (0::perm) \<subseteq> set [] \<union> p \<bullet> set []" - by (simp add: supp_zero_perm) - then show "\<exists>q. (\<forall>b \<in> set []. q \<bullet> b = p \<bullet> b) \<and> supp q \<subseteq> set [] \<union> p \<bullet> (set [])" by blast -next case (Cons a bs) then have " \<exists>q. (\<forall>b \<in> set bs. q \<bullet> b = p \<bullet> b) \<and> supp q \<subseteq> set bs \<union> p \<bullet> (set bs)" by simp then obtain q where *: "\<forall>b \<in> set bs. q \<bullet> b = p \<bullet> b" and **: "supp q \<subseteq> set bs \<union> p \<bullet> (set bs)" @@ -2443,6 +2438,11 @@ } ultimately show "\<exists>q. (\<forall>b \<in> set (a # bs). q \<bullet> b = p \<bullet> b) \<and> supp q \<subseteq> set (a # bs) \<union> p \<bullet> (set (a # bs))" by blast +next + case Nil + have "(\<forall>b \<in> set []. 0 \<bullet> b = p \<bullet> b) \<and> supp (0::perm) \<subseteq> set [] \<union> p \<bullet> set []" + by (simp add: supp_zero_perm) + then show "\<exists>q. (\<forall>b \<in> set []. q \<bullet> b = p \<bullet> b) \<and> supp q \<subseteq> set [] \<union> p \<bullet> (set [])" by blast qed diff -r fc21ba07e51e -r d29a8a6f3138 Pearl-jv/Paper.thy --- a/Pearl-jv/Paper.thy Tue Apr 19 13:03:08 2011 +0100 +++ b/Pearl-jv/Paper.thy Thu Apr 28 11:51:01 2011 +0800 @@ -57,7 +57,7 @@ text {* Nominal Isabelle provides a proving infratructure for convenient reasoning - about syntax involving binders, such as lambda terms or type schemes: + about syntax involving binders, such as lambda terms or type schemes in Mini-ML: \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% @{text "\<lambda>x. t \<forall>{x\<^isub>1,\<dots>, x\<^isub>n}. \<tau>"} @@ -196,13 +196,14 @@ text {* \noindent - whereby the string argument specifies the sort of the atom.\footnote{A - similar design choice was made by Gunter et al \cite{GunterOsbornPopescu09} - for their variables.} The use of type \emph{string} for sorts is merely for - convenience; any countably infinite type would work as well. - The set of all atoms we shall write as @{term "UNIV::atom set"}. - We have two auxiliary functions for atoms, namely @{text sort} - and @{const nat_of} which are defined as + whereby the string argument specifies the sort of the + atom.\footnote{A similar design choice was made by Gunter et al + \cite{GunterOsbornPopescu09} for their variables.} The use of type + \emph{string} for sorts is merely for convenience; any countably + infinite type would work as well. In what follows we shall write + @{term "UNIV::atom set"} for the set of all atoms. We also have two + auxiliary functions for atoms, namely @{text sort} and @{const + nat_of} which are defined as \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% \begin{tabular}{@ {}r@ {\hspace{2mm}}c@ {\hspace{2mm}}l} @@ -221,8 +222,8 @@ \end{proposition} For implementing sort-respecting permutations, we use functions of type @{typ - "atom => atom"} that @{text "i)"} are bijective; @{text "ii)"} are the - identity on all atoms, except a finite number of them; and @{text "iii)"} map + "atom => atom"} that are bijective; are the + identity on all atoms, except a finite number of them; and map each atom to one of the same sort. These properties can be conveniently stated in Isabelle/HOL for a function @{text \<pi>} as follows: @@ -241,7 +242,7 @@ written @{term id}, is included in @{typ perm}. Also function composition, written \mbox{@{text "_ \<circ> _"}}, and function inversion, given by Isabelle/HOL's inverse operator and written \mbox{@{text "inv _"}}, preserve the properties - @{text "i"}-@{text "iii"}. + (\ref{permtype}.@{text "i"}-@{text "iii"}). However, a moment of thought is needed about how to construct non-trivial permutations. In the nominal logic work it turned out to be most convenient @@ -299,8 +300,8 @@ \end{isabelle} \noindent - are \emph{equal}. Another advantage of the function representation is that - they form a (non-com\-mu\-ta\-tive) group provided we define + are \emph{equal} and can be used interchangeably. Another advantage of the function + representation is that they form a (non-com\-mu\-ta\-tive) group provided we define \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% \begin{tabular}{@ {}r@ {\hspace{2mm}}c@ {\hspace{2mm}}l@ {\hspace{10mm}}r@ {\hspace{2mm}}c@ {\hspace{2mm}}l} @@ -334,7 +335,7 @@ composition of permutations is not commutative in general; for example \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% - @{text "(a b) + (b c) \<noteq> (b c) + (a b)"} + @{text "(a b) + (b c) \<noteq> (b c) + (a b)"}\;. \end{isabelle} \noindent @@ -343,16 +344,17 @@ the non-standard notation in order to reuse the existing libraries. A \emph{permutation operation}, written infix as @{text "\<pi> \<bullet> x"}, - applies a permutation @{text "\<pi>"} to an object @{text "x"} of type - @{text \<beta>}, say. This operation has the type + applies a permutation @{text "\<pi>"} to an object @{text "x"}. This + operation has the type \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% @{text "_ \<bullet> _ :: perm \<Rightarrow> \<beta> \<Rightarrow> \<beta>"} \end{isabelle} \noindent - and will be defined over the hierarchie of types. - Isabelle/HOL allows us to give a definition of this operation for + whereby @{text "\<beta>"} is a generic type for @{text x}. The definition of this operation will be + given by in terms of `induction' over this generic type. The type-class mechanism + of Isabelle/HOL \cite{Wenzel04} allows us to give a definition for `base' types, such as atoms, permutations, booleans and natural numbers: \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% @@ -377,8 +379,9 @@ \end{tabular}\hfill\numbered{permdefsconstrs} \end{isabelle} - In order to reason abstractly about this operation, - we use Isabelle/HOL's type classes~\cite{Wenzel04} and state the following two + \noindent + The type classes also allow us to reason abstractly about the permutation operation. + For this we state the following two \emph{permutation properties}: \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% @@ -446,8 +449,8 @@ the right-hand side, simplifying the beta-redex and eliminating the permutations in front of @{text x} using \eqref{cancel}. - The use of type classes allows us to delegate much of the routine - resoning involved in determining whether the permutation properties + The main benefit of the use of type classes is that it allows us to delegate + much of the routine resoning involved in determining whether the permutation properties are satisfied to Isabelle/HOL's type system: we only have to establish that base types satisfy them and that type-constructors preserve them. Isabelle/HOL will use this information and determine @@ -492,7 +495,7 @@ text {* An important notion in the nominal logic work is - \emph{equivariance}. It will enable us to characterise how + \emph{equivariance}. This notion allows us to characterise how permutations act upon compound statements in HOL by analysing how these statements are constructed. To do so, let us first define \emph{HOL-terms}. They are given by the grammar @@ -503,8 +506,9 @@ \end{isabelle} \noindent - whereby @{text c} stands for constants and @{text x} for - variables. We assume HOL-terms are fully typed, but for the sake of + where @{text c} stands for constants and @{text x} for + variables. + We assume HOL-terms are fully typed, but for the sake of greater legibility we leave the typing information implicit. We also assume the usual notions for free and bound variables of a HOL-term. Furthermore, it is custom in HOL to regard terms as equal @@ -520,9 +524,9 @@ \end{definition} \noindent - We will primarily be interested in the cases where @{text t} is a constant, but - of course there is no way to restrict this definition in Isabelle/HOL so that it - applies to just constants. + In what follows we will primarily be interested in the cases where @{text t} + is a constant, but of course there is no way in Isabelle/HOL to restrict + this definition to just these cases. There are a number of equivalent formulations for the equivariance property. For example, assuming @{text t} is of permutation type @{text "\<alpha> \<Rightarrow> @@ -542,7 +546,7 @@ \eqref{cancel}. To see the other direction, we use \eqref{permutefunapp}. Similarly for HOL-terms that take more than one argument. The point to note is that equivariance and equivariance in fully - applied form are always interderivable. + applied form are (for permutation types) always interderivable. Both formulations of equivariance have their advantages and disadvantages: \eqref{altequivariance} is usually more convenient to @@ -553,12 +557,13 @@ \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% \begin{tabular}{@ {}l} @{thm eq_eqvt[where p="\<pi>", no_vars]} - \end{tabular} + \end{tabular}\hfill\numbered{eqeqvt} \end{isabelle} \noindent using the permutation operation on booleans and property - \eqref{permuteequ}. Lemma~\ref{permutecompose} establishes that the + \eqref{permuteequ}. + Lemma~\ref{permutecompose} establishes that the permutation operation is equivariant. The permutation operation for lists and products, shown in \eqref{permdefsconstrs}, state that the constructors for products, @{text "Nil"} and @{text Cons} are @@ -576,128 +581,156 @@ @{const True} and @{const False} are equivariant by the definition of the permutation operation for booleans. It is easy to see that the boolean operators, like @{text "\<and>"}, @{text "\<or>"}, @{text - "\<not>"} and @{text "\<longrightarrow>"}, are all equivariant too. (see ??? intro) - - In contrast, the advantage of Definition \ref{equivariance} is that - it leads to a relatively simple rewrite system that allows us to `push' a permutation, - say @{text \<pi>}, towards the leaves of a HOL-term (i.e.~constants and - variables). Then the permutation disappears in cases where the - constants are equivariant, since by Definition \ref{equivariance} we - have @{term "\<pi> \<bullet> c = c"}. What we will show next is that for a HOL-term - @{term t} containing only equivariant constants, a permutation can be pushed - inside this term and the only instances remaining are in front of - the free variables of @{text t}. We can only show this by a meta-argument, - that means one we cannot formalise inside Isabelle/HOL. But we can invoke - it in form of a tactic programmed on the ML-level of Isabelle/HOL. - This tactic is a rewrite systems consisting of `oriented' equations. - - A permutation @{text \<pi>} can be - pushed into applications and abstractions as follows + "\<not>"} and @{text "\<longrightarrow>"}, are equivariant too; for example we have \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% - \begin{tabular}{@ {}lrcl} - i) & @{text "\<pi> \<bullet> (t\<^isub>1 t\<^isub>2)"} & $\stackrel{\rightharpoonup}{=}$ - & @{term "(\<pi> \<bullet> t\<^isub>1) (\<pi> \<bullet> t\<^isub>2)"}\\ - ii) & @{text "\<pi> \<bullet> (\<lambda>x. t)"} & $\stackrel{\rightharpoonup}{=}$ & @{text "\<lambda>x. \<pi> \<bullet> (t[x := (-\<pi>) \<bullet> x])"}\\ + \begin{tabular}{@ {}lcl} + @{text "\<pi> \<bullet> (A \<and> B) = (\<pi> \<bullet> A) \<and> (\<pi> \<bullet> B)"}\\ + @{text "\<pi> \<bullet> (A \<longrightarrow> B) = (\<pi> \<bullet> A) \<longrightarrow> (\<pi> \<bullet> B)"}\\ + \end{tabular} + \end{isabelle} + + \noindent + by the definition of the permutation operation acting on booleans. + + In contrast, the advantage of Definition \ref{equivariance} is that + it leads to a relatively simple rewrite system that allows us to `push' a permutation + towards the leaves of a HOL-term (i.e.~constants and + variables). Then the permutation disappears in cases where the + constants are equivariant. We have implemented this rewrite system + as a simplification tactic on the ML-level of Isabelle/HOL. Having this tactic + at our disposal, together with a collection of constants for which + equivariance is already established, we can automatically establish + equivariance of a constant for which equivariance is not yet known. For this we only have to + make sure that the definiens of this constant + is a HOL-term whose constants are all equivariant. In what follows + we shall specify this tactic and argue that it terminates and + is correct (in the sense of pushing a + permutation @{text "\<pi>"} inside a term and the only remaining + instances of @{text "\<pi>"} are in front of the term's free variables). + + The simplifiaction tactic is a rewrite systems consisting of four `oriented' + equations. We will first give a naive version of this tactic, which however + is in some cornercases incorrect and does not terminate, and then modify + it in order to obtain the desired properties. A permutation @{text \<pi>} can + be pushed into applications and abstractions as follows + + \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% + \begin{tabular}{@ {}lr@ {\hspace{3mm}}c@ {\hspace{3mm}}l} + i) & @{text "\<pi> \<bullet> (t\<^isub>1 t\<^isub>2)"} & \rrh & @{term "(\<pi> \<bullet> t\<^isub>1) (\<pi> \<bullet> t\<^isub>2)"}\\ + ii) & @{text "\<pi> \<bullet> (\<lambda>x. t)"} & \rrh & @{text "\<lambda>x. \<pi> \<bullet> (t[x := (-\<pi>) \<bullet> x])"}\\ \end{tabular}\hfill\numbered{rewriteapplam} \end{isabelle} \noindent - The first rule we established in \eqref{permutefunapp}; + The first equation we established in \eqref{permutefunapp}; the second follows from the definition of permutations acting on functions and the fact that HOL-terms are equal modulo beta-equivalence. Once the permutations are pushed towards the leaves we need the - following two rules + following two equations \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% - \begin{tabular}{@ {}lrcl} - iii) & @{term "\<pi> \<bullet> (- \<pi>) \<bullet> x"} & $\stackrel{\rightharpoonup}{=}$ & @{term "x"}\\ - iv) & @{term "\<pi> \<bullet> c"} & $\stackrel{\rightharpoonup}{=}$ & - @{term "c"}\hspace{6mm}provided @{text c} is equivariant\\ + \begin{tabular}{@ {}lr@ {\hspace{3mm}}c@ {\hspace{3mm}}l} + iii) & @{term "\<pi> \<bullet> (- \<pi>) \<bullet> x"} & \rrh & @{term "x"}\\ + iv) & @{term "\<pi> \<bullet> c"} & \rrh & + {\rm @{term "c"}\hspace{6mm}provided @{text c} is equivariant}\\ \end{tabular}\hfill\numbered{rewriteother} \end{isabelle} \noindent - in order to remove permuations in front of bound variables and equivariant constants. - - In order to obtain a terminating rewrite system, we have to be - careful with rule ({\it i}). It can lead to a loop whenever - \mbox{@{text "t\<^isub>1 t\<^isub>2"}} is of the form @{text "\<pi>' \<bullet> t'"}. Consider - for example the infinite reduction sequence + in order to remove permuations in front of bound variables and + equivariant constants. Unfortunately, we have to be careful with + the rules {\it i)} and {\it iv}): they can lead to a loop whenever + \mbox{@{text "t\<^isub>1 t\<^isub>2"}} is of the form @{text "((op \<bullet>) \<pi>') t"}. Note + that we usually write this application using infix notation as + @{text "\<pi> \<bullet> t"} and recall that by Lemma \ref{permutecompose} the + constant @{text "(op \<bullet>)"} is equivariant. Now consider the infinite + reduction sequence \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% \begin{tabular}{@ {}l} - @{text "\<pi> \<bullet> (\<pi>' \<bullet> t)"}~~$\stackrel{\rightharpoonup}{=}\ldots\stackrel{\rightharpoonup}{=}$\\ - @{text "(\<pi> \<bullet> \<pi>') \<bullet> (\<pi> \<bullet> t)"}~~$\stackrel{\rightharpoonup}{=}\ldots\stackrel{\rightharpoonup}{=}$\\ - @{text "((\<pi> \<bullet> \<pi>') \<bullet> \<pi>) \<bullet> ((\<pi> \<bullet> \<pi>') \<bullet> t)"}~~$\stackrel{\rightharpoonup}{=}\ldots$\\ + @{text "\<pi> \<bullet> (\<pi>' \<bullet> t)"} + $\;\;\stackrel{\text{\it i)}}{\rrh}\stackrel{\text{\it i)}}{\rrh}\stackrel{\text{\it iv)}}{\rrh}\;\;$ + @{text "(\<pi> \<bullet> \<pi>') \<bullet> (\<pi> \<bullet> t)"} + $\;\;\stackrel{\text{\it i)}}{\rrh}\stackrel{\text{\it i)}}{\rrh}\stackrel{\text{\it iv)}}{\rrh}\;\;$ + @{text "((\<pi> \<bullet> \<pi>') \<bullet> \<pi>) \<bullet> ((\<pi> \<bullet> \<pi>') \<bullet> t)"}~~\ldots% + \end{tabular} \end{isabelle} \noindent - where the last step is again an instance of the first term, but it is - bigger (note that for the permutation operation we have that @{text - "\<pi> \<bullet> (op \<bullet>) = (op \<bullet>)"} since as shown in Lemma \ref{permutecompose} - \mbox{@{text "(op \<bullet>)"}} is equivariant). In order to avoid this loop - we need to apply these rules using an `outside to inside' strategy. - This strategy is sufficient since we are only interested of rewriting - terms of the form @{term "\<pi> \<bullet> t"}. + where the last step is again an instance of the first term, but it + is bigger. To avoid this loop we need to apply our rewrite rule + using an `outside to inside' strategy. This strategy is sufficient + since we are only interested of rewriting terms of the form @{term + "\<pi> \<bullet> t"}, where an outermost permutation needs to pushed inside a term. - Another problem we have to avoid is that the rules ({\it i}) and - ({\it iii}) can `overlap'. For this note that - the term @{term "\<pi> \<bullet>(\<lambda>x. x)"} reduces to @{term "\<lambda>x. \<pi> \<bullet> (- \<pi>) \<bullet> - x"}, to which we can apply rule ({\it iii}) in order to obtain - @{term "\<lambda>x. x"}, as is desired. However, the subterm term @{text + Another problem we have to avoid is that the rules {\it i)} and + {\it iii)} can `overlap'. For this note that + the term @{term "\<pi> \<bullet>(\<lambda>x. x)"} reduces by {\it ii)} to + @{term "\<lambda>x. \<pi> \<bullet> (- \<pi>) \<bullet> x"}, to which we can apply rule {\it iii)} + in order to obtain @{term "\<lambda>x. x"}, as is desired---there is no + free variable in the original term and so the permutation should completely + vanish. However, the subterm @{text "(- \<pi>) \<bullet> x"} is also an application. Consequently, the term @{term "\<lambda>x. \<pi> \<bullet> (- \<pi>) \<bullet>x"} can reduce to @{text "\<lambda>x. (- (\<pi> \<bullet> \<pi>)) \<bullet> (\<pi> \<bullet> x)"} using - ({\it i}). Now we cannot apply rule ({\it iii}) anymore and even - worse the measure we will introduce shortly increases. On the - other hand, if we started with the term @{text "\<pi> \<bullet> ((- \<pi>) \<bullet> x)"} - where @{text \<pi>} and @{text x} are free variables, then we do - want to apply rule ({\it i}), rather than rule ({\it iii}) which - would eliminate @{text \<pi>} completely. This is a problem because we - want to keep the shape of the HOL-term intact during rewriting. - As a remedy we use a standard trick in HOL: we introduce - a separate definition for terms of the form @{text "(- \<pi>) \<bullet> x"}, - namely as + {\it i)}. Given our strategy we cannot apply rule {\it iii)} anymore and + even worse the measure we will introduce shortly increased. On the + other hand, if we had started with the term @{text "\<pi> \<bullet> ((- \<pi>) \<bullet> x)"} + where @{text \<pi>} and @{text x} are free variables, then we \emph{do} + want to apply rule {\it i)} and not rule {\it iii)}. The latter + would eliminate @{text \<pi>} completely. The problem is that rule {\it iii)} + should only apply to instances where the variable is to bound; for free variables + we want to use {\it ii)}. + + The problem is that in order to distinguish both cases when + inductively taking a term `apart', we have to maintain the + information which variable is bound. This, unfortunately, does not + mesh well with the way how simplification tactics are implemented in + Isabelle/HOL. Our remedy is to use a standard trick in HOL: we + introduce a separate definition for terms of the form @{text "(- \<pi>) + \<bullet> x"}, namely as \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% @{term "unpermute \<pi> x \<equiv> (- \<pi>) \<bullet> x"} \end{isabelle} \noindent - The point is that we will always start with a term that does not - contain any @{text unpermutes}. With this trick we can reformulate - our rewrite rules as follows + The point is that now we can formulate the rewrite rules as follows \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% \begin{tabular}{@ {}lrcl} - i') & @{text "\<pi> \<bullet> (t\<^isub>1 t\<^isub>2)"} & $\stackrel{\rightharpoonup}{=}$ & + i') & @{text "\<pi> \<bullet> (t\<^isub>1 t\<^isub>2)"} & \rrh & @{term "(\<pi> \<bullet> t\<^isub>1) (\<pi> \<bullet> t\<^isub>2)"}\hspace{45mm}\mbox{}\\ - \multicolumn{4}{r}{provided @{text "t\<^isub>1 t\<^isub>2"} is not of the form @{text "unpermute \<pi> x"}}\smallskip\\ - ii') & @{text "\<pi> \<bullet> (\<lambda>x. t)"} & $\stackrel{\rightharpoonup}{=}$ & @{text "\<lambda>x. \<pi> \<bullet> (t[x := unpermute \<pi> x])"}\\ - iii') & @{text "\<pi> \<bullet> (unpermute \<pi> x)"} & $\stackrel{\rightharpoonup}{=}$ & @{term x}\\ - iv') & @{term "\<pi> \<bullet> c"} & $\stackrel{\rightharpoonup}{=}$ & @{term "c"} - \hspace{6mm}provided @{text c} is equivariant\\ + \multicolumn{4}{r}{\rm provided @{text "t\<^isub>1 t\<^isub>2"} is not of the form @{text "unpermute \<pi> x"}}\smallskip\\ + ii') & @{text "\<pi> \<bullet> (\<lambda>x. t)"} & \rrh & @{text "\<lambda>x. \<pi> \<bullet> (t[x := unpermute \<pi> x])"}\\ + iii') & @{text "\<pi> \<bullet> (unpermute \<pi> x)"} & \rrh & @{term x}\\ + iv') & @{term "\<pi> \<bullet> c"} & \rrh & @{term "c"} + \hspace{6mm}{\rm provided @{text c} is equivariant}\\ \end{tabular} \end{isabelle} \noindent - None of these rules overlap. To see that the permutation on the - right-hand side is applied to a smaller term, we take the measure - consisting of lexicographically ordered pairs whose first component - is the size of a term (without counting @{text unpermutes}) and the - second is the number of occurences of @{text "unpermute \<pi> x"} and - @{text "\<pi> \<bullet> c"}. This means the process of applying these rules - with our `outside-to-inside' strategy must terminate. + and @{text unpermutes} are only generated in case of bound variables. + Clearly none of these rules overlap. Moreover, given our + outside-to-inside strategy, they terminate. To see this, notice that + the permutation on the right-hand side of the rewrite rules is + always applied to a smaller term, provided we take the measure consisting + of lexicographically ordered pairs whose first component is the size + of a term (counting terms of the form @{text "unpermute \<pi> x"} as + leaves) and the second is the number of occurences of @{text + "unpermute \<pi> x"} and @{text "\<pi> \<bullet> c"}. - With the rewriting system in plcae, we are able to establish the - fact that for a HOL-term @{text t} whose constants are all equivariant, - the HOL-term @{text "\<pi> \<bullet> t"} is equal to @{text "t'"} wherby - @{text "t'"} is equal to @{text t} except that every free variable - @{text x} of @{text t} is replaced by @{text "\<pi> \<bullet> x"}. Pitts calls - this fact \emph{equivariance principle}. In our setting the precise - statement of this fact is a bit more involved because of the fact - that @{text unpermute} needs to be treated specially. + With the definition of the simplification tactic in place, we can + establish its correctness. The property we are after is that for for + a HOL-term @{text t} whose constants are all equivariant, the + HOL-term @{text "\<pi> \<bullet> t"} is equal to @{text "t'"} with @{text "t'"} + being equal to @{text t} except that every free variable @{text x} + in @{text t} is replaced by @{text "\<pi> \<bullet> x"}. Pitts calls this + property \emph{equivariance principle} (book ref ???). In our + setting the precise statement of this property is a slightly more + involved because of the fact that @{text unpermutes} needs to be + treated specially. \begin{theorem}[Equivariance Principle] Suppose a HOL-term @{text t} does not contain any @{text unpermutes} and all @@ -723,30 +756,7 @@ For an equivariant HOL-term @{text "t"}, @{term "\<pi> \<bullet> t = t"} for all permutations @{term "\<pi>"}. \end{lemma} - \begin{proof} - By induction on the grammar of HOL-terms. The case for variables cannot arise since - equivariant HOL-terms are closed. The case for constants is clear by Definition - \ref{equivariance}. The case for applications is also straightforward since by - \eqref{permutefunapp} we have @{term "\<pi> \<bullet> (t\<^isub>1 t\<^isub>2) = (\<pi> \<bullet> t\<^isub>1) (\<pi> \<bullet> t\<^isub>2)"}. - For the case of abstractions we can reason as follows - - \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% - \begin{tabular}[b]{@ {}c@ {\hspace{2mm}}l@ {\hspace{8mm}}l} - & @{text "\<pi> \<bullet> (\<lambda>x. t)"}\\ - @{text "\<equiv>"} & @{text "\<lambda>y. \<pi> \<bullet> ((\<lambda>x. t) ((-\<pi>) \<bullet> y))"} & by \eqref{permdefsconstrs}\\ - - \end{tabular}\hfill\qed - \end{isabelle} - \end{proof} - - database of equivariant functions - - Such a rewrite system is often very helpful - in determining whether @{text "\<pi> \<bullet> t = t"} holds for a compound term @{text t}. ??? - - For this we have implemented in Isabelle/HOL a - database of equivariant constants that can be used to rewrite - HOL-terms. + Let us now see how to use the equivariance principle. We have *} diff -r fc21ba07e51e -r d29a8a6f3138 Pearl-jv/document/root.tex --- a/Pearl-jv/document/root.tex Tue Apr 19 13:03:08 2011 +0100 +++ b/Pearl-jv/document/root.tex Thu Apr 28 11:51:01 2011 +0800 @@ -4,6 +4,7 @@ \usepackage{isabellesym} \usepackage{amsmath} \usepackage{amssymb} +\usepackage{mathabx} \usepackage{longtable} \usepackage{graphics} \usepackage{pdfsetup} @@ -19,10 +20,13 @@ \renewcommand{\isasymrightleftharpoons}{} \renewcommand{\isasymemptyset}{$\varnothing$} \newcommand{\isasymallatoms}{\ensuremath{\mathbb{A}}} +\newcommand{\rrh}{\mbox{\footnotesize$\rightrightharpoons$}} \newcommand{\numbered}[1]{\refstepcounter{equation}{\rm(\arabic{equation})}\label{#1}} \newcommand\new[0]{\reflectbox{\ensuremath{\mathsf{N}}}} +\changenotsign + \begin{document} \title{Implementing the Nominal Logic Work in Isabelle/HOL} diff -r fc21ba07e51e -r d29a8a6f3138 Slides/ROOT7.ML --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Slides/ROOT7.ML Thu Apr 28 11:51:01 2011 +0800 @@ -0,0 +1,6 @@ +(*show_question_marks := false;*) +quick_and_dirty := true; + +no_document use_thy "~~/src/HOL/Library/LaTeXsugar"; + +use_thy "Slides7" \ No newline at end of file diff -r fc21ba07e51e -r d29a8a6f3138 Slides/Slides6.thy --- a/Slides/Slides6.thy Tue Apr 19 13:03:08 2011 +0100 +++ b/Slides/Slides6.thy Thu Apr 28 11:51:01 2011 +0800 @@ -12,7 +12,7 @@ (*>*) text_raw {* - \renewcommand{\slidecaption}{Shanghai, 12.~April 2011} + \renewcommand{\slidecaption}{Hefei, 15.~April 2011} \newcommand{\abst}[2]{#1.#2}% atom-abstraction \newcommand{\pair}[2]{\langle #1,#2\rangle} % pairing @@ -128,6 +128,23 @@ *} +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{3 Points} + \large + \begin{itemize} + \item It is easy to make mistakes.\bigskip + \item Theorem provers can prevent mistakes, {\bf if} the problem + is formulated so that it is suitable for theorem provers.\bigskip + \item This re-formulation can be done, even in domains where + we do not expect it. + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} text_raw {* @@ -186,15 +203,12 @@ \end{tabular}\medskip - - - - \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% *} + text_raw {* %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -333,7 +347,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode<presentation>{ \begin{frame}<1->[c] - \frametitle{Theorem Provers} + \frametitle{Lessons Learned} \begin{itemize} \item Theorem provers help with keeping large proofs consistent; @@ -738,13 +752,13 @@ \begin{textblock}{6}(9.5,6.18) \begin{flushright} - \color{gray}``derivative for a char'' + \color{gray}``derivative w.r.t.~a char'' \end{flushright} \end{textblock} \begin{textblock}{6}(9.5,12.1) \begin{flushright} - \color{gray}``deriv.~for a string'' + \color{gray}``deriv.~w.r.t.~a string'' \end{flushright} \end{textblock} @@ -861,10 +875,10 @@ \end{itemize} - I can think of two reasons why this is a good definition:\medskip + There are many reasons why this is a good definition:\medskip \begin{itemize} \item pumping lemma - \item closure properties of regular languages (closed under complement) + \item closure properties of regular languages\\ (e.g.~closure under complement) \end{itemize} \end{frame}} @@ -909,6 +923,24 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode<presentation>{ \begin{frame}[c] + \frametitle{} + \large + \begin{center} + \begin{tabular}{p{9cm}} + My point:\bigskip\\ + + The theory about regular languages can be reformulated + to be more suitable for theorem proving. + \end{tabular} + \end{center} + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] \frametitle{\LARGE The Myhill-Nerode Theorem} \begin{itemize} @@ -925,7 +957,6 @@ \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - *} text_raw {* @@ -1055,7 +1086,7 @@ \smath{R_1}: & \smath{\{[]\}}\\ \smath{R_2}: & \smath{\{[c]\}}\\ \smath{R_3}: & \smath{U\!N\!IV - \{[], [c]\}}\\[6mm] - \multicolumn{2}{l}{\onslide<2->{\smath{X \stackrel{c}{\longrightarrow} Y \dn X ; [c] \subseteq Y}}} + \multicolumn{2}{l}{\onslide<2->{\smath{X \stackrel{c}{\longrightarrow} Y \dn X ;; [c] \subseteq Y}}} \end{tabular} \end{tabular} @@ -1345,7 +1376,7 @@ \begin{itemize} \item \smath{\text{finite}\, (U\!N\!IV /\!/ \approx_L) \;\Leftrightarrow\; L\; \text{is regular}} \bigskip\pause - \item regular languages are closed under complementation; this is easy + \item regular languages are closed under complementation; this is now easy\medskip \begin{center} \smath{U\!N\!IV /\!/ \approx_L \;\;=\;\; U\!N\!IV /\!/ \approx_{-L}} \end{center} @@ -1423,7 +1454,7 @@ \begin{itemize} \item We formalised the Myhill-Nerode theorem based on - regular expressions (DFA are difficult to deal with in a theorem prover).\smallskip + regular expressions only (DFAs are difficult to deal with in a theorem prover).\smallskip \item Seems to be a common theme: algorithms need to be reformulated to better suit formal treatment.\smallskip @@ -1432,7 +1463,7 @@ implement the matcher directly inside the theorem prover (ongoing work).\smallskip - \item Parsing is a vast field and seems to offer new results. + \item Parsing is a vast field which seem to offer new results. \end{itemize} \end{frame}} @@ -1450,23 +1481,126 @@ \alert{\Large Questions?} \end{tabular}} - %\begin{center} - %\bf \underline{Short Bio:} - %\end{center} - %\mbox{}\\[-17mm]\mbox{}\small - %\begin{itemize} - %\item PhD in Cambridge - %\item Emmy-Noether Fellowship in Munich - %\item main results in nominal reasoning and nominal unification - %\end{itemize} + \begin{center} + \bf \underline{Short Bio:} + \end{center} + \mbox{}\\[-17mm]\mbox{}\small + \begin{itemize} + \item PhD in Cambridge + \item Emmy-Noether Research Fellowship at the TU Munich + \item talks at: CMU, Yale, Princeton, MIT,$\ldots$ + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{Future Research} + + My existing strengths:\bigskip + + \begin{itemize} + \item Isabelle (implementation)\bigskip + \item background in logic, programming languages, formal methods + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{Future Research} + + I want to have a single logic framework in which I can + write programs and prove their correctness.\bigskip + + \begin{itemize} + \item extensions of HOL (IO, modules, advanced types) + \item high-level programming languages + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{Future Research} + + Compilers\bigskip + + \begin{itemize} + \item the high-level language needs to be compiled to correct machine + code + \item compiler verification, machine code verification + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{Future Research} + + Stronger type-systems\bigskip + + \begin{itemize} + \item ``correct by construction'' + \item GADTs, dependent types + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{Future Research} + + Proof automation\bigskip + + \begin{itemize} + \item external tools generate ``proof-certificates'' + \item certificates are imported into Isabelle + \item GPU based external provers + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{Future Research} + + Large-scale applications\bigskip + + \begin{itemize} + \item verification of Java-Script, Scala,$\ldots$ + \item interesting code (INTEL in Shanghai) + \end{itemize} \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% *} - - (*<*) end (*>*) \ No newline at end of file diff -r fc21ba07e51e -r d29a8a6f3138 Slides/Slides7.thy --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Slides/Slides7.thy Thu Apr 28 11:51:01 2011 +0800 @@ -0,0 +1,1086 @@ +(*<*) +theory Slides7 +imports "~~/src/HOL/Library/LaTeXsugar" "Main" +begin + +declare [[show_question_marks = false]] + +notation (latex output) + set ("_") and + Cons ("_::/_" [66,65] 65) + +(*>*) + +text_raw {* + \renewcommand{\slidecaption}{Hefei, 15.~April 2011} + + \newcommand{\abst}[2]{#1.#2}% atom-abstraction + \newcommand{\pair}[2]{\langle #1,#2\rangle} % pairing + \newcommand{\susp}{{\boldsymbol{\cdot}}}% for suspensions + \newcommand{\unit}{\langle\rangle}% unit + \newcommand{\app}[2]{#1\,#2}% application + \newcommand{\eqprob}{\mathrel{{\approx}?}} + \newcommand{\freshprob}{\mathrel{\#?}} + \newcommand{\redu}[1]{\stackrel{#1}{\Longrightarrow}}% reduction + \newcommand{\id}{\varepsilon}% identity substitution + + \newcommand{\bl}[1]{\textcolor{blue}{#1}} + \newcommand{\gr}[1]{\textcolor{gray}{#1}} + \newcommand{\rd}[1]{\textcolor{red}{#1}} + + \newcommand{\ok}{\includegraphics[scale=0.07]{ok.png}} + \newcommand{\notok}{\includegraphics[scale=0.07]{notok.png}} + \newcommand{\largenotok}{\includegraphics[scale=1]{notok.png}} + + \renewcommand{\Huge}{\fontsize{61.92}{77}\selectfont} + \newcommand{\veryHuge}{\fontsize{74.3}{93}\selectfont} + \newcommand{\VeryHuge}{\fontsize{89.16}{112}\selectfont} + \newcommand{\VERYHuge}{\fontsize{107}{134}\selectfont} + + \newcommand{\LL}{$\mathbb{L}\,$} + + + \pgfdeclareradialshading{smallbluesphere}{\pgfpoint{0.5mm}{0.5mm}}% + {rgb(0mm)=(0,0,0.9); + rgb(0.9mm)=(0,0,0.7); + rgb(1.3mm)=(0,0,0.5); + rgb(1.4mm)=(1,1,1)} + + \def\myitemi{\begin{pgfpicture}{-1ex}{-0.55ex}{1ex}{1ex} + \usebeamercolor[fg]{subitem projected} + {\pgftransformscale{0.8}\pgftext{\normalsize\pgfuseshading{bigsphere}}} + \pgftext{% + \usebeamerfont*{subitem projected}} + \end{pgfpicture}} + + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1>[t] + \frametitle{% + \begin{tabular}{@ {\hspace{-3mm}}c@ {}} + \\ + \LARGE Verifying a Regular Expression\\[-1mm] + \LARGE Matcher and Formal Language\\[-1mm] + \LARGE Theory\\[5mm] + \end{tabular}} + \begin{center} + Christian Urban\\ + \small Technical University of Munich, Germany + \end{center} + + + \begin{center} + \small joint work with Chunhan Wu and Xingyuan Zhang from the PLA + University of Science and Technology in Nanjing + \end{center} + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{This Talk: 3 Points} + \large + \begin{itemize} + \item It is easy to make mistakes.\bigskip + \item Theorem provers can prevent mistakes, {\bf if} the problem + is formulated so that it is suitable for theorem provers.\bigskip + \item This re-formulation can be done, even in domains where + we do not expect it. + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[t] + \frametitle{Regular Expressions} + + \begin{textblock}{6}(2,4) + \begin{tabular}{@ {}rrl} + \bl{r} & \bl{$::=$} & \bl{$\varnothing$}\\ + & \bl{$\mid$} & \bl{[]}\\ + & \bl{$\mid$} & \bl{c}\\ + & \bl{$\mid$} & \bl{r$_1$ + r$_2$}\\ + & \bl{$\mid$} & \bl{r$_1$ $\cdot$ r$_2$}\\ + & \bl{$\mid$} & \bl{r$^*$}\\ + \end{tabular} + \end{textblock} + + \begin{textblock}{6}(8,3.5) + \includegraphics[scale=0.35]{Screen1.png} + \end{textblock} + + \begin{textblock}{6}(10.2,2.8) + \footnotesize Isabelle: + \end{textblock} + + \only<2>{ + \begin{textblock}{9}(3.6,11.8) + \bl{matches r s $\;\Longrightarrow\;$ true $\vee$ false}\\[3.5mm] + + \hspace{10mm}\begin{tikzpicture} + \coordinate (m1) at (0.4,1); + \draw (0,0.3) node (m2) {\small\color{gray}rexp}; + \path[overlay, ->, line width = 0.5mm, shorten <=-1mm, draw = gray] (m2) edge (m1); + + \coordinate (s1) at (0.81,1); + \draw (1.3,0.3) node (s2) {\small\color{gray} string}; + \path[overlay, ->, line width = 0.5mm, shorten <=-1mm, draw = gray] (s2) edge (s1); + \end{tikzpicture} + \end{textblock}} + + + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[t] + \frametitle{Specification} + + \small + \begin{textblock}{6}(0,3.5) + \begin{tabular}{r@ {\hspace{0.5mm}}r@ {\hspace{1.5mm}}c@ {\hspace{1.5mm}}l} + \multicolumn{4}{c}{rexp $\Rightarrow$ set of strings}\bigskip\\ + &\bl{\LL ($\varnothing$)} & \bl{$\dn$} & \bl{$\varnothing$}\\ + &\bl{\LL ([])} & \bl{$\dn$} & \bl{\{[]\}}\\ + &\bl{\LL (c)} & \bl{$\dn$} & \bl{\{c\}}\\ + &\bl{\LL (r$_1$ + r$_2$)} & \bl{$\dn$} & \bl{\LL (r$_1$) $\cup$ \LL (r$_2$)}\\ + \rd{$\Rightarrow$} &\bl{\LL (r$_1$ $\cdot$ r$_2$)} & \bl{$\dn$} & \bl{\LL (r$_1$) ;; \LL (r$_2$)}\\ + \rd{$\Rightarrow$} &\bl{\LL (r$^*$)} & \bl{$\dn$} & \bl{(\LL (r))$^\star$}\\ + \end{tabular} + \end{textblock} + + \begin{textblock}{9}(7.3,3) + {\mbox{}\hspace{2cm}\footnotesize Isabelle:\smallskip} + \includegraphics[scale=0.325]{Screen3.png} + \end{textblock} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[t] + \frametitle{Version 1} + \small + \mbox{}\\[-8mm]\mbox{} + + \begin{center}\def\arraystretch{1.05} + \begin{tabular}{@ {\hspace{-5mm}}l@ {\hspace{2.5mm}}c@ {\hspace{2.5mm}}l@ {}} + \bl{match [] []} & \bl{$=$} & \bl{true}\\ + \bl{match [] (c::s)} & \bl{$=$} & \bl{false}\\ + \bl{match ($\varnothing$::rs) s} & \bl{$=$} & \bl{false}\\ + \bl{match ([]::rs) s} & \bl{$=$} & \bl{match rs s}\\ + \bl{match (c::rs) []} & \bl{$=$} & \bl{false}\\ + \bl{match (c::rs) (d::s)} & \bl{$=$} & \bl{if c = d then match rs s else false}\\ + \bl{match (r$_1$ + r$_2$::rs) s} & \bl{$=$} & \bl{match (r$_1$::rs) s $\vee$ match (r$_2$::rs) s}\\ + \bl{match (r$_1$ $\cdot$ r$_2$::rs) s} & \bl{$=$} & \bl{match (r$_1$::r$_2$::rs) s}\\ + \bl{match (r$^*$::rs) s} & \bl{$=$} & \bl{match rs s $\vee$ match (r::r$^*$::rs) s}\\ + \end{tabular} + \end{center} + + \begin{textblock}{9}(0.2,1.6) + \hspace{10mm}\begin{tikzpicture} + \coordinate (m1) at (0.44,-0.5); + \draw (0,0.3) node (m2) {\small\color{gray}\mbox{}\hspace{-9mm}list of rexps}; + \path[overlay, ->, line width = 0.5mm, shorten <=-1mm, draw = gray] (m2) edge (m1); + + \coordinate (s1) at (0.86,-0.5); + \draw (1.5,0.3) node (s2) {\small\color{gray} string}; + \path[overlay, ->, line width = 0.5mm, shorten <=-1mm, draw = gray] (s2) edge (s1); + \end{tikzpicture} + \end{textblock} + + \begin{textblock}{9}(2.8,11.8) + \bl{matches$_1$ r s $\;=\;$ match [r] s} + \end{textblock} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[c] + \frametitle{Testing} + + \small + Every good programmer should do thourough tests: + + \begin{center} + \begin{tabular}{@ {\hspace{-20mm}}lcl} + \bl{matches$_1$ (a$\cdot$b)$^*\;$ []} & \bl{$\mapsto$} & \bl{true}\\ + \bl{matches$_1$ (a$\cdot$b)$^*\;$ ab} & \bl{$\mapsto$} & \bl{true}\\ + \bl{matches$_1$ (a$\cdot$b)$^*\;$ aba} & \bl{$\mapsto$} & \bl{false}\\ + \bl{matches$_1$ (a$\cdot$b)$^*\;$ abab} & \bl{$\mapsto$} & \bl{true}\\ + \bl{matches$_1$ (a$\cdot$b)$^*\;$ abaa} & \bl{$\mapsto$} & \bl{false}\medskip\\ + \onslide<2->{\bl{matches$_1$ x$\cdot$(0$|$1)$^*\;$ x} & \bl{$\mapsto$} & \bl{true}}\\ + \onslide<2->{\bl{matches$_1$ x$\cdot$(0$|$1)$^*\;$ x0} & \bl{$\mapsto$} & \bl{true}}\\ + \onslide<2->{\bl{matches$_1$ x$\cdot$(0$|$1)$^*\;$ x3} & \bl{$\mapsto$} & \bl{false}} + \end{tabular} + \end{center} + + \onslide<3-> + {looks OK \ldots let's ship it to customers\hspace{5mm} + \raisebox{-5mm}{\includegraphics[scale=0.05]{sun.png}}} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[c] + \frametitle{Version 1} + + \only<1->{Several hours later\ldots}\pause + + + \begin{center} + \begin{tabular}{@ {\hspace{0mm}}lcl} + \bl{matches$_1$ []$^*$ s} & \bl{$\mapsto$} & loops\\ + \onslide<4->{\bl{matches$_1$ ([] + \ldots)$^*$ s} & \bl{$\mapsto$} & loops\\} + \end{tabular} + \end{center} + + \small + \onslide<3->{ + \begin{center} + \begin{tabular}{@ {}l@ {\hspace{2mm}}c@ {\hspace{2mm}}l@ {}} + \ldots\\ + \bl{match ([]::rs) s} & \bl{$=$} & \bl{match rs s}\\ + \ldots\\ + \bl{match (r$^*$::rs) s} & \bl{$=$} & \bl{match rs s $\vee$ match (r::r$^*$::rs) s}\\ + \end{tabular} + \end{center}} + + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[t] + \frametitle{Testing} + + \begin{itemize} + \item While testing is an important part in the process of programming development\pause\ldots + + \item we can only test a {\bf finite} amount of examples.\bigskip\pause + + \begin{center} + \colorbox{cream} + {\gr{\begin{minipage}{10cm} + ``Testing can only show the presence of errors, never their + absence.'' (Edsger W.~Dijkstra) + \end{minipage}}} + \end{center}\bigskip\pause + + \item In a theorem prover we can establish properties that apply to + {\bf all} input and {\bf all} output. + + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[t] + \frametitle{Version 2} + \mbox{}\\[-14mm]\mbox{} + + \small + \begin{tabular}{@ {}l@ {\hspace{2mm}}c@ {\hspace{2mm}}ll@ {}} + \bl{nullable ($\varnothing$)} & \bl{$=$} & \bl{false} &\\ + \bl{nullable ([])} & \bl{$=$} & \bl{true} &\\ + \bl{nullable (c)} & \bl{$=$} & \bl{false} &\\ + \bl{nullable (r$_1$ + r$_2$)} & \bl{$=$} & \bl{nullable r$_1$ $\vee$ nullable r$_2$} & \\ + \bl{nullable (r$_1$ $\cdot$ r$_2$)} & \bl{$=$} & \bl{nullable r$_1$ $\wedge$ nullable r$_2$} & \\ + \bl{nullable (r$^*$)} & \bl{$=$} & \bl{true} & \\ + \end{tabular}\medskip + + \begin{tabular}{@ {}l@ {\hspace{2mm}}c@ {\hspace{2mm}}l@ {\hspace{-10mm}}l@ {}} + \bl{der c ($\varnothing$)} & \bl{$=$} & \bl{$\varnothing$} & \\ + \bl{der c ([])} & \bl{$=$} & \bl{$\varnothing$} & \\ + \bl{der c (d)} & \bl{$=$} & \bl{if c = d then [] else $\varnothing$} & \\ + \bl{der c (r$_1$ + r$_2$)} & \bl{$=$} & \bl{(der c r$_1$) + (der c r$_2$)} & \\ + \bl{der c (r$_1$ $\cdot$ r$_2$)} & \bl{$=$} & \bl{((der c r$_1$) $\cdot$ r$_2$)} & \\ + & & \bl{\;\;+ (if nullable r$_1$ then der c r$_2$ else $\varnothing$)}\\ + \bl{der c (r$^*$)} & \bl{$=$} & \bl{(der c r) $\cdot$ r$^*$} &\smallskip\\ + + \bl{derivative r []} & \bl{$=$} & \bl{r} & \\ + \bl{derivative r (c::s)} & \bl{$=$} & \bl{derivative (der c r) s} & \\ + \end{tabular}\medskip + + \bl{matches$_2$ r s $=$ nullable (derivative r s)} + + \begin{textblock}{6}(9.5,0.9) + \begin{flushright} + \color{gray}``if r matches []'' + \end{flushright} + \end{textblock} + + \begin{textblock}{6}(9.5,6.18) + \begin{flushright} + \color{gray}``derivative w.r.t.~a char'' + \end{flushright} + \end{textblock} + + \begin{textblock}{6}(9.5,12.1) + \begin{flushright} + \color{gray}``deriv.~w.r.t.~a string'' + \end{flushright} + \end{textblock} + + \begin{textblock}{6}(9.5,13.98) + \begin{flushright} + \color{gray}``main'' + \end{flushright} + \end{textblock} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[t] + \frametitle{Is the Matcher Error-Free?} + + We expect that + + \begin{center} + \begin{tabular}{lcl} + \bl{matches$_2$ r s = true} & \only<1>{\rd{$\Longrightarrow\,\,$}}\only<2>{\rd{$\Longleftarrow\,\,$}}% + \only<3->{\rd{$\Longleftrightarrow$}} & \bl{s $\in$ \LL(r)}\\ + \bl{matches$_2$ r s = false} & \only<1>{\rd{$\Longrightarrow\,\,$}}\only<2>{\rd{$\Longleftarrow\,\,$}}% + \only<3->{\rd{$\Longleftrightarrow$}} & \bl{s $\notin$ \LL(r)}\\ + \end{tabular} + \end{center} + \pause\pause\bigskip + ??? By \alert<4->{induction}, we can {\bf prove} these properties.\bigskip + + \begin{tabular}{lrcl} + Lemmas: & \bl{nullable (r)} & \bl{$\Longleftrightarrow$} & \bl{[] $\in$ \LL (r)}\\ + & \bl{s $\in$ \LL (der c r)} & \bl{$\Longleftrightarrow$} & \bl{(c::s) $\in$ \LL (r)}\\ + \end{tabular} + + \only<4->{ + \begin{textblock}{3}(0.9,4.5) + \rd{\huge$\forall$\large{}r s.} + \end{textblock}} + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1>[c] + \frametitle{ + \begin{tabular}{c} + \mbox{}\\[23mm] + \LARGE Demo + \end{tabular}} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[t] + + \mbox{}\\[-2mm] + + \small + \begin{tabular}{@ {}l@ {\hspace{2mm}}c@ {\hspace{2mm}}ll@ {}} + \bl{nullable (NULL)} & \bl{$=$} & \bl{false} &\\ + \bl{nullable (EMPTY)} & \bl{$=$} & \bl{true} &\\ + \bl{nullable (CHR c)} & \bl{$=$} & \bl{false} &\\ + \bl{nullable (ALT r$_1$ r$_2$)} & \bl{$=$} & \bl{(nullable r$_1$) orelse (nullable r$_2$)} & \\ + \bl{nullable (SEQ r$_1$ r$_2$)} & \bl{$=$} & \bl{(nullable r$_1$) andalso (nullable r$_2$)} & \\ + \bl{nullable (STAR r)} & \bl{$=$} & \bl{true} & \\ + \end{tabular}\medskip + + \begin{tabular}{@ {}l@ {\hspace{2mm}}c@ {\hspace{2mm}}l@ {\hspace{-10mm}}l@ {}} + \bl{der c (NULL)} & \bl{$=$} & \bl{NULL} & \\ + \bl{der c (EMPTY)} & \bl{$=$} & \bl{NULL} & \\ + \bl{der c (CHR d)} & \bl{$=$} & \bl{if c=d then EMPTY else NULL} & \\ + \bl{der c (ALT r$_1$ r$_2$)} & \bl{$=$} & \bl{ALT (der c r$_1$) (der c r$_2$)} & \\ + \bl{der c (SEQ r$_1$ r$_2$)} & \bl{$=$} & \bl{ALT (SEQ (der c r$_1$) r$_2$)} & \\ + & & \bl{\phantom{ALT} (if nullable r$_1$ then der c r$_2$ else NULL)}\\ + \bl{der c (STAR r)} & \bl{$=$} & \bl{SEQ (der c r) (STAR r)} &\smallskip\\ + + \bl{derivative r []} & \bl{$=$} & \bl{r} & \\ + \bl{derivative r (c::s)} & \bl{$=$} & \bl{derivative (der c r) s} & \\ + \end{tabular}\medskip + + \bl{matches r s $=$ nullable (derivative r s)} + + \only<2>{ + \begin{textblock}{8}(1.5,4) + \includegraphics[scale=0.3]{approved.png} + \end{textblock}} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{No Automata?} + + You might be wondering why I did not use any automata? + + \begin{itemize} + \item {\bf Def.:} A \alert{regular language} is one where there is a DFA that + recognises it.\bigskip\pause + \end{itemize} + + + There are many reasons why this is a good definition:\medskip + \begin{itemize} + \item pumping lemma + \item closure properties of regular languages\\ (e.g.~closure under complement) + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[t] + \frametitle{Really Bad News!} + + DFAs are bad news for formalisations in theorem provers. They might + be represented as: + + \begin{itemize} + \item graphs + \item matrices + \item partial functions + \end{itemize} + + All constructions are messy to reason about.\bigskip\bigskip + \pause + + \small + \only<2>{ + Constable et al needed (on and off) 18 months for a 3-person team + to formalise automata theory in Nuprl including Myhill-Nerode. There is + only very little other formalised work on regular languages I know of + in Coq, Isabelle and HOL.} + \only<3>{Typical textbook reasoning goes like: ``\ldots if \smath{M} and \smath{N} are any two + automata with no inaccessible states \ldots'' + } + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{} + \large + \begin{center} + \begin{tabular}{p{9cm}} + My point:\bigskip\\ + + The theory about regular languages can be reformulated + to be more suitable for theorem proving. + \end{tabular} + \end{center} + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE The Myhill-Nerode Theorem} + + \begin{itemize} + \item provides necessary and suf\!ficient conditions for a language + being regular (pumping lemma only necessary)\medskip + + \item will help with closure properties of regular languages\bigskip\pause + + \item key is the equivalence relation:\smallskip + \begin{center} + \smath{x \approx_{L} y \,\dn\, \forall z.\; x @ z \in L \Leftrightarrow y @ z \in L} + \end{center} + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE The Myhill-Nerode Theorem} + + \mbox{}\\[5cm] + + \begin{itemize} + \item \smath{\text{finite}\, (U\!N\!IV /\!/ \approx_L) \;\Leftrightarrow\; L\; \text{is regular}} + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE Equivalence Classes} + + \begin{itemize} + \item \smath{L = []} + \begin{center} + \smath{\Big\{\{[]\},\; U\!N\!IV - \{[]\}\Big\}} + \end{center}\bigskip\bigskip + + \item \smath{L = [c]} + \begin{center} + \smath{\Big\{\{[]\},\; \{[c]\},\; U\!N\!IV - \{[], [c]\}\Big\}} + \end{center}\bigskip\bigskip + + \item \smath{L = \varnothing} + \begin{center} + \smath{\Big\{U\!N\!IV\Big\}} + \end{center} + + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE Regular Languages} + + \begin{itemize} + \item \smath{L} is regular \smath{\dn} if there is an automaton \smath{M} + such that \smath{\mathbb{L}(M) = L}\\[1.5cm] + + \item Myhill-Nerode: + + \begin{center} + \begin{tabular}{l} + finite $\Rightarrow$ regular\\ + \;\;\;\smath{\text{finite}\,(U\!N\!IV /\!/ \approx_L) \Rightarrow \exists r. L = \mathbb{L}(r)}\\[3mm] + regular $\Rightarrow$ finite\\ + \;\;\;\smath{\text{finite}\, (U\!N\!IV /\!/ \approx_{\mathbb{L}(r)})} + \end{tabular} + \end{center} + + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE Final States} + + \mbox{}\\[3cm] + + \begin{itemize} + \item ??? \smath{\text{final}_L\,X \dn \{[|s|]_\approx\;|\; s \in X\}}\\ + \medskip + + \item we can prove: \smath{L = \bigcup \{X\;|\;\text{final}_L\,X\}} + + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE Transitions between\\[-3mm] Equivalence Classes} + + \smath{L = \{[c]\}} + + \begin{tabular}{@ {\hspace{-7mm}}cc} + \begin{tabular}{c} + \begin{tikzpicture}[shorten >=1pt,node distance=2cm,auto, ultra thick] + \tikzstyle{state}=[circle,thick,draw=blue!75,fill=blue!20,minimum size=0mm] + + %\draw[help lines] (0,0) grid (3,2); + + \node[state,initial] (q_0) {$R_1$}; + \node[state,accepting] (q_1) [above right of=q_0] {$R_2$}; + \node[state] (q_2) [below right of=q_0] {$R_3$}; + + \path[->] (q_0) edge node {c} (q_1) + edge node [swap] {$\Sigma-{c}$} (q_2) + (q_2) edge [loop below] node {$\Sigma$} () + (q_1) edge node {$\Sigma$} (q_2); + \end{tikzpicture} + \end{tabular} + & + \begin{tabular}[t]{ll} + \\[-20mm] + \multicolumn{2}{l}{\smath{U\!N\!IV /\!/\approx_L} produces}\\[4mm] + + \smath{R_1}: & \smath{\{[]\}}\\ + \smath{R_2}: & \smath{\{[c]\}}\\ + \smath{R_3}: & \smath{U\!N\!IV - \{[], [c]\}}\\[6mm] + \multicolumn{2}{l}{\onslide<2->{\smath{X \stackrel{c}{\longrightarrow} Y \dn X ;; [c] \subseteq Y}}} + \end{tabular} + + \end{tabular} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE Systems of Equations} + + Inspired by a method of Brzozowski\;'64, we can build an equational system + characterising the equivalence classes: + + \begin{center} + \begin{tabular}{@ {\hspace{-20mm}}c} + \\[-13mm] + \begin{tikzpicture}[shorten >=1pt,node distance=2cm,auto, ultra thick] + \tikzstyle{state}=[circle,thick,draw=blue!75,fill=blue!20,minimum size=0mm] + + %\draw[help lines] (0,0) grid (3,2); + + \node[state,initial] (p_0) {$R_1$}; + \node[state,accepting] (p_1) [right of=q_0] {$R_2$}; + + \path[->] (p_0) edge [bend left] node {a} (p_1) + edge [loop above] node {b} () + (p_1) edge [loop above] node {a} () + edge [bend left] node {b} (p_0); + \end{tikzpicture}\\ + \\[-13mm] + \end{tabular} + \end{center} + + \begin{center} + \begin{tabular}{@ {\hspace{-6mm}}ll@ {\hspace{1mm}}c@ {\hspace{1mm}}l} + & \smath{R_1} & \smath{\equiv} & \smath{R_1;b + R_2;b \onslide<2->{\alert<2>{+ \lambda;[]}}}\\ + & \smath{R_2} & \smath{\equiv} & \smath{R_1;a + R_2;a}\medskip\\ + \onslide<3->{we can prove} + & \onslide<3->{\smath{R_1}} & \onslide<3->{\smath{=}} + & \onslide<3->{\smath{R_1; \mathbb{L}(b) \,\cup\, R_2;\mathbb{L}(b) \,\cup\, \{[]\};\{[]\}}}\\ + & \onslide<3->{\smath{R_2}} & \onslide<3->{\smath{=}} + & \onslide<3->{\smath{R_1; \mathbb{L}(a) \,\cup\, R_2;\mathbb{L}(a)}}\\ + \end{tabular} + \end{center} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1>[t] + \small + + \begin{center} + \begin{tabular}{l@ {\hspace{1mm}}c@ {\hspace{1mm}}ll} + \onslide<1->{\smath{R_1}} & \onslide<1->{\smath{=}} + & \onslide<1->{\smath{R_1; b + R_2; b + \lambda;[]}}\\ + \onslide<1->{\smath{R_2}} & \onslide<1->{\smath{=}} + & \onslide<1->{\smath{R_1; a + R_2; a}}\\ + + & & & \onslide<2->{by Arden}\\ + + \onslide<2->{\smath{R_1}} & \onslide<2->{\smath{=}} + & \onslide<2->{\smath{R_1; b + R_2; b + \lambda;[]}}\\ + \onslide<2->{\smath{R_2}} & \onslide<2->{\smath{=}} + & \only<2>{\smath{R_1; a + R_2; a}}% + \only<3->{\smath{R_1; a\cdot a^\star}}\\ + + & & & \onslide<4->{by Arden}\\ + + \onslide<4->{\smath{R_1}} & \onslide<4->{\smath{=}} + & \onslide<4->{\smath{R_2; b \cdot b^\star+ \lambda;b^\star}}\\ + \onslide<4->{\smath{R_2}} & \onslide<4->{\smath{=}} + & \onslide<4->{\smath{R_1; a\cdot a^\star}}\\ + + & & & \onslide<5->{by substitution}\\ + + \onslide<5->{\smath{R_1}} & \onslide<5->{\smath{=}} + & \onslide<5->{\smath{R_1; a\cdot a^\star \cdot b \cdot b^\star+ \lambda;b^\star}}\\ + \onslide<5->{\smath{R_2}} & \onslide<5->{\smath{=}} + & \onslide<5->{\smath{R_1; a\cdot a^\star}}\\ + + & & & \onslide<6->{by Arden}\\ + + \onslide<6->{\smath{R_1}} & \onslide<6->{\smath{=}} + & \onslide<6->{\smath{\lambda;b^\star\cdot (a\cdot a^\star \cdot b \cdot b^\star)^\star}}\\ + \onslide<6->{\smath{R_2}} & \onslide<6->{\smath{=}} + & \onslide<6->{\smath{R_1; a\cdot a^\star}}\\ + + & & & \onslide<7->{by substitution}\\ + + \onslide<7->{\smath{R_1}} & \onslide<7->{\smath{=}} + & \onslide<7->{\smath{\lambda;b^\star\cdot (a\cdot a^\star \cdot b \cdot b^\star)^\star}}\\ + \onslide<7->{\smath{R_2}} & \onslide<7->{\smath{=}} + & \onslide<7->{\smath{\lambda; b^\star\cdot (a\cdot a^\star \cdot b \cdot b^\star)^\star + \cdot a\cdot a^\star}}\\ + \end{tabular} + \end{center} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE A Variant of Arden's Lemma} + + {\bf Arden's Lemma:}\smallskip + + If \smath{[] \not\in A} then + \begin{center} + \smath{X = X; A + \text{something}} + \end{center} + has the (unique) solution + \begin{center} + \smath{X = \text{something} ; A^\star} + \end{center} + + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1->[t] + \small + + \begin{center} + \begin{tabular}{l@ {\hspace{1mm}}c@ {\hspace{1mm}}ll} + \onslide<1->{\smath{R_1}} & \onslide<1->{\smath{=}} + & \onslide<1->{\smath{R_1; b + R_2; b + \lambda;[]}}\\ + \onslide<1->{\smath{R_2}} & \onslide<1->{\smath{=}} + & \onslide<1->{\smath{R_1; a + R_2; a}}\\ + + & & & \onslide<2->{by Arden}\\ + + \onslide<2->{\smath{R_1}} & \onslide<2->{\smath{=}} + & \onslide<2->{\smath{R_1; b + R_2; b + \lambda;[]}}\\ + \onslide<2->{\smath{R_2}} & \onslide<2->{\smath{=}} + & \only<2>{\smath{R_1; a + R_2; a}}% + \only<3->{\smath{R_1; a\cdot a^\star}}\\ + + & & & \onslide<4->{by Arden}\\ + + \onslide<4->{\smath{R_1}} & \onslide<4->{\smath{=}} + & \onslide<4->{\smath{R_2; b \cdot b^\star+ \lambda;b^\star}}\\ + \onslide<4->{\smath{R_2}} & \onslide<4->{\smath{=}} + & \onslide<4->{\smath{R_1; a\cdot a^\star}}\\ + + & & & \onslide<5->{by substitution}\\ + + \onslide<5->{\smath{R_1}} & \onslide<5->{\smath{=}} + & \onslide<5->{\smath{R_1; a\cdot a^\star \cdot b \cdot b^\star+ \lambda;b^\star}}\\ + \onslide<5->{\smath{R_2}} & \onslide<5->{\smath{=}} + & \onslide<5->{\smath{R_1; a\cdot a^\star}}\\ + + & & & \onslide<6->{by Arden}\\ + + \onslide<6->{\smath{R_1}} & \onslide<6->{\smath{=}} + & \onslide<6->{\smath{\lambda;b^\star\cdot (a\cdot a^\star \cdot b \cdot b^\star)^\star}}\\ + \onslide<6->{\smath{R_2}} & \onslide<6->{\smath{=}} + & \onslide<6->{\smath{R_1; a\cdot a^\star}}\\ + + & & & \onslide<7->{by substitution}\\ + + \onslide<7->{\smath{R_1}} & \onslide<7->{\smath{=}} + & \onslide<7->{\smath{\lambda;b^\star\cdot (a\cdot a^\star \cdot b \cdot b^\star)^\star}}\\ + \onslide<7->{\smath{R_2}} & \onslide<7->{\smath{=}} + & \onslide<7->{\smath{\lambda; b^\star\cdot (a\cdot a^\star \cdot b \cdot b^\star)^\star + \cdot a\cdot a^\star}}\\ + \end{tabular} + \end{center} + + \only<8->{ + \begin{textblock}{6}(2.5,4) + \begin{block}{} + \begin{minipage}{8cm}\raggedright + + \begin{tikzpicture}[shorten >=1pt,node distance=2cm,auto, ultra thick, inner sep=1mm] + \tikzstyle{state}=[circle,thick,draw=blue!75,fill=blue!20,minimum size=0mm] + + %\draw[help lines] (0,0) grid (3,2); + + \node[state,initial] (p_0) {$R_1$}; + \node[state,accepting] (p_1) [right of=q_0] {$R_2$}; + + \path[->] (p_0) edge [bend left] node {a} (p_1) + edge [loop above] node {b} () + (p_1) edge [loop above] node {a} () + edge [bend left] node {b} (p_0); + \end{tikzpicture} + + \end{minipage} + \end{block} + \end{textblock}} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE The Equ's Solving Algorithm} + + \begin{itemize} + \item The algorithm must terminate: Arden makes one equation smaller; + substitution deletes one variable from the right-hand sides.\bigskip + + \item We need to maintain the invariant that Arden is applicable + (if \smath{[] \not\in A} then \ldots):\medskip + + \begin{center}\small + \begin{tabular}{l@ {\hspace{1mm}}c@ {\hspace{1mm}}ll} + \smath{R_1} & \smath{=} & \smath{R_1; b + R_2; b + \lambda;[]}\\ + \smath{R_2} & \smath{=} & \smath{R_1; a + R_2; a}\\ + + & & & by Arden\\ + + \smath{R_1} & \smath{=} & \smath{R_1; b + R_2; b + \lambda;[]}\\ + \smath{R_2} & \smath{=} & \smath{R_1; a\cdot a^\star}\\ + \end{tabular} + \end{center} + + \end{itemize} + + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE Other Direction} + + One has to prove + + \begin{center} + \smath{\text{finite} (U\!N\!IV /\!/ \approx_{\mathbb{L}(r)})} + \end{center} + + by induction on \smath{r}. Not trivial, but after a bit + of thinking, one can prove that if + + \begin{center} + \smath{\text{finite} (U\!N\!IV /\!/ \approx_{\mathbb{L}(r_1)})}\hspace{5mm} + \smath{\text{finite} (U\!N\!IV /\!/ \approx_{\mathbb{L}(r_2)})} + \end{center} + + then + + \begin{center} + \smath{\text{finite} (U\!N\!IV /\!/ \approx_{\mathbb{L}(r_1) \,\cup\, \mathbb{L}(r_2)})} + \end{center} + + + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE What Have We Achieved?} + + \begin{itemize} + \item \smath{\text{finite}\, (U\!N\!IV /\!/ \approx_L) \;\Leftrightarrow\; L\; \text{is regular}} + \bigskip\pause + \item regular languages are closed under complementation; this is now easy\medskip + \begin{center} + \smath{U\!N\!IV /\!/ \approx_L \;\;=\;\; U\!N\!IV /\!/ \approx_{-L}} + \end{center} + \end{itemize} + + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE Examples} + + \begin{itemize} + \item \smath{L \equiv \Sigma^\star 0 \Sigma} is regular + \begin{quote}\small + \begin{tabular}{lcl} + \smath{A_1} & \smath{=} & \smath{\Sigma^\star 00}\\ + \smath{A_2} & \smath{=} & \smath{\Sigma^\star 01}\\ + \smath{A_3} & \smath{=} & \smath{\Sigma^\star 10 \cup \{0\}}\\ + \smath{A_4} & \smath{=} & \smath{\Sigma^\star 11 \cup \{1\} \cup \{[]\}}\\ + \end{tabular} + \end{quote} + + \item \smath{L \equiv \{ 0^n 1^n \,|\, n \ge 0\}} is not regular + \begin{quote}\small + \begin{tabular}{lcl} + \smath{B_0} & \smath{=} & \smath{\{0^n 1^n \,|\, n \ge 0\}}\\ + \smath{B_1} & \smath{=} & \smath{\{0^n 1^{(n-1)} \,|\, n \ge 1\}}\\ + \smath{B_2} & \smath{=} & \smath{\{0^n 1^{(n-2)} \,|\, n \ge 2\}}\\ + \smath{B_3} & \smath{=} & \smath{\{0^n 1^{(n-3)} \,|\, n \ge 3\}}\\ + & \smath{\vdots} &\\ + \end{tabular} + \end{quote} + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE What We Have Not Achieved} + + \begin{itemize} + \item regular expressions are not good if you look for a minimal + one for a language (DFAs have this notion)\pause\bigskip + + \item Is there anything to be said about context free languages:\medskip + + \begin{quote} + A context free language is where every string can be recognised by + a pushdown automaton.\bigskip + \end{quote} + \end{itemize} + + \textcolor{gray}{\footnotesize Yes. Derivatives also work for c-f grammars. Ongoing work.} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}[c] + \frametitle{\LARGE Conclusion} + + \begin{itemize} + \item We formalised the Myhill-Nerode theorem based on + regular expressions only (DFAs are difficult to deal with in a theorem prover).\smallskip + + \item Seems to be a common theme: algorithms need to be reformulated + to better suit formal treatment.\smallskip + + \item The most interesting aspect is that we are able to + implement the matcher directly inside the theorem prover + (ongoing work).\smallskip + + \item Parsing is a vast field which seem to offer new results. + \end{itemize} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + +text_raw {* + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + \mode<presentation>{ + \begin{frame}<1>[b] + \frametitle{ + \begin{tabular}{c} + \mbox{}\\[13mm] + \alert{\LARGE Thank you very much!}\\ + \alert{\Large Questions?} + \end{tabular}} + + \end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +*} + + + +(*<*) +end +(*>*) \ No newline at end of file