COMP4161 T3/2024 Advanced Topics in Software Verification – Assignment 1

1. λ-Calculus (16 marks)

   1. Simplify the term (pq)(λp ⋅ (λq ⋅ (λr ⋅ (q(rp))))))))

      syntactically by applying the syntactic conventions and rules. Justify your answer. (2 marks)

      1. First, we apply the application rule. The term is of the form (MN ) where M = pq and N =

      λp ⋅ (λq ⋅ (λr ⋅ (q(rp)))))))).

      When we apply (MN ) with M = pq and N = λp ⋅ (λq ⋅ (λr ⋅ (q(rp))))))), we substitute p with p (from pq) and q with q (from pq) in the body of N .

      The body of N is λq ⋅ (λr ⋅ (q(rp))))))). Substituting p and q gives us λq ⋅ (λr ⋅ (q(rp))))))) where p and q are the values from pq.

      Now we have another application. The term is now q(λr ⋅ (q(rp))))))) (because we

      applied the first substitution).

      We again apply the application rule. Substitute r with r (whatever its value is in the context) in the body of λr ⋅ (q(rp))))))).

      The body becomes (q(rp)))))).

      So the simplified term is (q(rp)))))).

   2. Restore the omitted parentheses in the term

      a(λab.(bc)a(bc))(λb.cb) (but make sure you don’t change the term structure). (2 marks)

      1. The term should be a((λab.((bc)a(bc))))(λb.cb)).

      The innermost lambda expression λab.(bc)a(bc) needs its own parentheses around the body.

      And the whole application of a to the lambda expression and then to (λb.cb) also needs appropriate parentheses.

   3. Find the normal form of

      (λf ⋅ λx ⋅ f (fx))(λg ⋅ λy ⋅

      g(g(gy))))). Justify your answer by showing the reduction sequence. Each step in the reduction sequence should be a single β-reduction step. Underline or otherwise indicate the redex being reduced for each step. (6 marks)

      1. Let’s start with the term (λf ⋅ λx ⋅ f (fx))(λg ⋅ λy ⋅ g(g(gy))))).

      The redex is (λf ⋅ λx ⋅ f (fx))(λg ⋅ λy ⋅ g(g(gy))))). We substitute f with λg ⋅ λy ⋅ g(g(gy))) and x with any value (let’s say z for simplicity, but it doesn’t matter in this context as we are just reducing syntactically).

      After the first β-reduction, we get λx ⋅ (λg ⋅ λy ⋅ g(g(gy)))(λg ⋅ λy ⋅ g(g(gy))x))).

      Now the new redex is (λg ⋅ λy ⋅ g(g(gy)))(λg ⋅ λy ⋅ g(g(gy))x))). We substitute g with

      λg ⋅ λy ⋅ g(g(gy))) and y with x.

      After the second β-reduction, we get λy ⋅ (λg ⋅ λy ⋅ g(g(gy)))(λg ⋅ λy ⋅ g(g(gy)))(λg ⋅

      λy ⋅ g(g(gy))y))).

      We can continue this process, but it becomes clear that the term will keep expanding and we won’t reach a normal form in a finite number of steps. This is because the function λg ⋅ λy ⋅ g(g(gy))) is being applied to itself repeatedly.

   4. Recall the encoding of natural numbers in lambda calculus (Church Numerals) seen in the lecture:

      0 ≡ λfx, x

      1 ≡ λfx.fx

      2 ≡ λfx.f (fx)

      3 ≡ λfx.f (f (fx))…

      Define exp where exp m n beta-reduces to the Church Numeral representing mn. Provide a justification of your answer. (6 marks)

      1. We want to define an exp function in lambda calculus. Let’s first consider what the operation should do.

         If we have m and n as Church Numerals, we want to apply the function m times to another

         function, and then apply that result n times to the argument x.

      2. We define exp as follows:

         exp ≡ λmnfx.m(nf )x

      3. Justification:

         Let m = λfmxm.fm(xm) and n = λfnxn.fn(xn) (where fm(xm) means applying fm

         m n m

         to xm m times and similarly for n).

         First, we consider the inner application nf .

         n

         Substituting f with f and x with f in the body of n, we get nf = λxn.fn(f ).

         Then we apply m to (nf ).

         Substituting f with (nf ) and x with x in the body of m, we get m(nf ) =

         n

         λxm.(nf )m(xm) = λxm.(λxn.fn(f ))m(xm).

         n

         This means applying the function nf (which is applying fn(f )) m times to xm.

         Finally, we apply the result to x.

         So exp m n f x will result in applying the function m times to nf and then applying that result to x, which is equivalent to the Church Numeral representation of mn.

2. Types (20 marks)

   1. Provide the most general type for the term λabc.a(xbb)(cb).

      Show a type derivation tree to justify your answer. Each node of the tree should correspond to the application of a single typing rule, and be labeled with the typing rule used. Under which contexts is the term type correct? (5 marks)

      1. Type derivation tree:

      Start with the root node representing the whole term λabc.a(xbb)(cb).

      Apply the rule for lambda abstraction. The type of λabc.a(xbb)(cb) is of the form τ1 →

      τ2 → τ3 → τ4 where we need to find the types τ1, τ2, τ3, τ4.

      For the first application a(xbb), we know that a has a type τ1 and xbb must have a type that is compatible with the argument type of a. Let’s assume x has type σ and b has type ρ. Then xbb has type σ → ρ → ρ. So the type of a must be σ → ρ → ρ → τ2.

      For the second application (cb), c has type τ3 and b has type ρ. So τ3 must be ρ → τ4.

      Combining these, the most general type is (σ → ρ → ρ → τ2) → (ρ → τ4) → τ1 →

      τ2 → τ3 → τ4.

      The term is type correct under the context where the types of variables are assigned as described above (i.e., x : σ, b : ρ, a : σ → ρ → ρ → τ2, c : ρ → τ4).

   2. Find a closed lambda term that has the following type:

      (′a ⇒′ b) ⇒ (′c ⇒′ a) ⇒′ c ⇒′ b

      (You don’t need to provide a type derivation, just the term). (4 marks)

      1. The term λfgx.f (gx) has the given type.

      Let’s assume f has type (′a ⇒′ b), g has type (′c ⇒′ a), and x has type ′c. Then gx has type ′a (by applying the function g of type (′c ⇒′ a) to x of type ′c).

      Then f (gx) has type ′b (by applying the function f of type (′a ⇒′ b) to gx of type ′a). So λfgx.f (gx) has the type (′a ⇒′ b) ⇒ (′c ⇒′ a) ⇒′ c ⇒′ b.

   3. Explain why λx.xx is not typable. (3 marks)

      1. The term λx.xx is not typable because when we try to assign a type to it, we run into a problem.

         Let’s assume x has type τ . Then the term xx is applying the function x to itself. But for a function application to be type correct, the type of the function (the first x) must be of the form σ → ρ and the type of the argument (the second x) must be σ.

         In the case of λx.xx, we have the same variable x being both the function and the argument. If we assume x : τ , then for xx to be type correct, τ would need to be both σ → ρ and σ simultaneously, which is not possible for a single type. So the term is not typable.

   4. Find the normal form and its type of (3 marks)

      1. First, we apply the function (λfx.f (xx)) to (λyz.z).

         (λfx.f (xx))(λyz.z).

         The redex is (λfx.f (xx))(λyz.z). We substitute f with λyz.z and x with any value (let’s say a for simplicity).

         After the β-reduction, we get λx.(λyz.z)(xx).

         Now the new term is λx.z. The normal form is λx.z.

         The type of the original term (λfx.f (xx)) is τ1 → τ2 → τ3 where τ1 is the type of f , τ2 is

         the type of x, and τ3 is the result type. If we assume f : σ → ρ, x : τ , then the type of f (xx) is ρ (assuming xx has a compatible type). So the type of (λfx.f (xx)) is (σ → ρ) → τ → ρ.

         The term (λyz.z) has type σ → τ → τ . When we apply the first term to the second term, the resulting type is τ → τ . So the type of the normal form λx.z is τ → τ .

   5. Is (λfx.f (xx))(λyz.z) typable? Compare this situation

      with the Subject Reduction that you learned in the lecture. (5 marks)

      1. The term (λfx.f (xx))(λyz.z) is typable.

         As we saw in part (d), the type of (λfx.f (xx)) is (σ → ρ) → τ → ρ and the type of

         (λyz.z) is σ → τ → τ . The types are compatible for application.

      2. Regarding Subject Reduction:

      Subject Reduction states that if a term M has a type τ and M reduces to N (i.e., M → N

      ), then N also has a type and the type is related to τ .

      In this case, we started with (λfx.f (xx))(λyz.z) and reduced it to λx.z. The original term had a certain type as we determined, and the reduced term also has a type.

      The type of the reduced term is a consequence of the reduction and the typing rules. The fact that the term can be typed before and after reduction is consistent with the idea of Subject Reduction. If the term was not typable before reduction and became typable after reduction (or vice versa), it would violate the principle of Subject Reduction. Here, the typing is consistent throughout the reduction process, which aligns with the concept of Subject Reduction.

3. Propositional Logic (29 marks)

   1. x → ¬¬x (3 marks)

      1. Proof:

         We use the rule notI (introduction of negation). Assume x.

         We want to show ¬¬x.

         Assume ¬x (for the purpose of notI ).

         This leads to a contradiction since we have assumed x and now ¬x. By notI , we can conclude ¬¬x.

         So x → ¬¬x holds by the rule impI (introduction of implication).

   2. (X → Y → ¬X) → X → ¬Y (3 marks)

      1. Proof:

Assume (X → Y → ¬X). Also assume X.

We want to show ¬Y .

From (X → Y → ¬X) and X, by impE (elimination of implication), we get Y → ¬X.

Since we have X and Y → ¬X, and assuming Y

by impE .

But we already have X, so this is a contradiction.

(for the purpose of notI ), we get ¬X