Does TLA+ have an xor operator defined as part of the language itself, or do I have to define my own?
Under the assumption that A \in BOOLEAN /\ B \in BOOLEAN, what is known in propositional logic as "XOR" is inequality:
A # B
which under the same assumption is equivalent to ~ (A <=> B). When A, B take non-Boolean values, these two formulas are not necessarily equivalent. The following axiom could describe the operator <=>
THEOREM
ASSUME
/\ A \in BOOLEAN
/\ B \in BOOLEAN
PROVE
(A <=> B) = (A = B)
For non-Boolean values of A and B, the value of A <=> B is not specified.
In the moderate interpretation of Boolean operators it is unspecified whether A <=> B takes non-Boolean values for non-Boolean A or B.
In the liberal interpretation of Boolean operators, \A A, B: (A <=> B) \in BOOLEAN, as described in the TLA Version 2: A Preliminary Guide.
See also page 10 (which defines the Boolean operators for Boolean values of the arguments) and Sec. 16.1.3 of the TLA+ book. The formula
(A \/ B) /\ ~ (A /\ B)
is meaningful also for non-Boolean values of the identifiers A and B (TLA+ is untyped). So
(15 \/ "a") /\ ~ (15 /\ "a")
is a possible value. I do not know if TLA+ specifies whether this formula has the same value as
15 # "a"
See also the comment on Appendix A, Page 201, line 10 of Practical TLA+.
Related
Just ran into something that seems strange to me. Backticks function as something like a syntactic operator.
applyOp :: Int -> (Int -> Int -> Int) -> Int -> Int
applyOp x op y = x `op` y
> applyOp 2 (+) 5
7
I was surprised to see this. I had always imagined that backticks were required to surround an operator symbol or identifier, not an identifier which can be bound during execution to an operator. Am I thinking about this the wrong way?
Backticks are syntax sugar that turns an identifier into an infix operator. That is to say, a `f` b = f a b is the general rewrite rule. This is useful for clarity, but also allows one to avoid too many brackets, since f (a b) (c d) can be rewritten as a b `f` c d.
However there are a few caveats with using these, but only two restrictions:
The backticked expression must be an identifier, so 1 `mod` 2 is valid, but a `zipWith (+)` b is not valid, because it involved a function application.
Only alphanumeric identifiers can be backticked, so 1 `mod` 2 is valid, but 1 `(+)` 2 is invalid. You could see this as an application of the previous restriction.
Backticked expressions have precedence 9, and are left-associative, so a `f` b `f` c is parsed as (a `f` b) `f` c, and in general other operators will inlcude it, so a +
c `f` b is parsed as a + (c `f` b)*
In this case, applyOp x op y = x `op` y is valid, since op is an alphanumeric identifier, and this is equivalent to applyOp x op y = op x y. Note that there is no restriction on binding pattern-matched identifiers!
*This is untrue for the standard Prelude operators !! and .. More info of precedence and fixity can be found in The Haskell 98 Report.
How can I generate a Buchi Automaton starting from an LTL formula?
e.g.
[] (a <-> ! b)
That is,
At all times in the future
if a is true b is false
if b is true a is false
One option is to use gltl2ba, which is based on ltl2ba.
LTL Formulas
An LTL formula may contain propositional symbols, boolean operators,
temporal operators, and parentheses.
Propositonal Symbols:
true, false
any lowercase string
Boolean operators:
! (negation)
-> (implication)
<-> (equivalence)
&& (and)
|| (or)
Temporal operators:
G (always) (Spin syntax : [])
F (eventually) (Spin syntax : <>)
U (until)
R (realease) (Spin syntax : V)
X (next)
Use spaces between any symbols.
(source: ltl2ba webpage)
Example: generate a Buchi Automaton from the next LTL formula:
[](a <-> ! b)
This reads: it is always true that a if and only if !b (and viceversa). That is, this is the formula you want to encode.
The following command generates the never claim associated with the LTL formula, and also the Buchi Automaton (option -g).
~$ ./gltl2ba -f "[](a <-> ! b)" -g
never { /* [](a <-> ! b) */
accept_init:
if
:: (!b && a) || (b && !a) -> goto accept_init
fi;
}
More examples are available here.
Just ran into something that seems strange to me. Backticks function as something like a syntactic operator.
applyOp :: Int -> (Int -> Int -> Int) -> Int -> Int
applyOp x op y = x `op` y
> applyOp 2 (+) 5
7
I was surprised to see this. I had always imagined that backticks were required to surround an operator symbol or identifier, not an identifier which can be bound during execution to an operator. Am I thinking about this the wrong way?
Backticks are syntax sugar that turns an identifier into an infix operator. That is to say, a `f` b = f a b is the general rewrite rule. This is useful for clarity, but also allows one to avoid too many brackets, since f (a b) (c d) can be rewritten as a b `f` c d.
However there are a few caveats with using these, but only two restrictions:
The backticked expression must be an identifier, so 1 `mod` 2 is valid, but a `zipWith (+)` b is not valid, because it involved a function application.
Only alphanumeric identifiers can be backticked, so 1 `mod` 2 is valid, but 1 `(+)` 2 is invalid. You could see this as an application of the previous restriction.
Backticked expressions have precedence 9, and are left-associative, so a `f` b `f` c is parsed as (a `f` b) `f` c, and in general other operators will inlcude it, so a +
c `f` b is parsed as a + (c `f` b)*
In this case, applyOp x op y = x `op` y is valid, since op is an alphanumeric identifier, and this is equivalent to applyOp x op y = op x y. Note that there is no restriction on binding pattern-matched identifiers!
*This is untrue for the standard Prelude operators !! and .. More info of precedence and fixity can be found in The Haskell 98 Report.
I am learning lambda calculus in Haskell and during that, i come across to this question.
And the solution of these question is this :
But I am unable to understand how they conclude the answer.
Like for eq, I don't understand how they come to this : λab.a b (b (λxy.y) (λxy.x))
and same for nand. It will be really great if someone explains it and help me to understand this question.
Thank you.
Let us first write the functions in question with actual data types (but no pattern-matching: only if/then/else):
data Bool = False | True -- recall this definition
not a = if a then False else True
eq a b = if a then (if b then True else False)
else (if b then False else True )
nand a b = if a then (if b then False else True )
else (if b then True else True )
If you buy these definitions -- which are quite straightforward, just listing the truth tables of the functions -- then we can start doing some reasoning. First, we can simplify the outer branches of the eq and nand functions a little bit:
eq a b = if a then b else not b
nand a b = if a then not b else True
And now we're basically done. We just replace every False and True with their if/then/else behavior, and replace every if/then/else with function application:
type Bool a = a -> a -> a
false a b = a -- `if False then a else b` becomes `false a b`
true a b = b -- `if True then a else b` becomes `true a b`
not a = a false true -- from `if a then False else True`
eq a b = a b (not b) -- from `if a then b else not b`
nand a b = a (not b) true -- from `if a then not b else True`
These are the definitions given in your solutions, though admittedly in Haskell syntax rather than lambda calculus syntax.
I'm using the Haskell convention of writing λ as \.
From the comments it looks like you are having trouble with this part specifically:
eq = \a b. a b (b (\x y. y) (\x y. x))
So I'll just focus on this.
Our encoding of booleans is as functions which take two arguments. True returns the first argument, False returns the second argument. The first paragraph gives the encoding directly:
True = \x y. x
False = \x y. y
We'll use the names instead of the lambda expressions until the very end.
We know that eq should take two arguments, the two booleans to be compared. (The encoding of booleans itself takes two arguments, but this is different -- eq should take two arguments no matter how booleans are encoded) So we know it should look like:
eq = \a b. _________________
At this point pretty much the only thing we can do is check one of the arguments to find out whether it's True or False. eq is symmetrical so it doesn't really matter which one we ask about; let's pick a for no reason. The way we ask, according to the encoding, is to pass two arguments to the thing we want to find out about.
eq = \a b. a ____ ____
Where we haven't figured out what goes in the "holes" yet. The first hole is what will be returned if a turns out to be True, the second one is what will be returned if it turns out to be False.
To figure out how to fill these holes, let's write the truth table for what we're trying to define:
a | b | eq a b
------+-------+---------
True | True | True
True | False | False
False | True | False
False | False | True
Notice that on the two rows where a is True, the a == b column is the exact same as the b column. So when a is True, we just return b. So we can fill in one of the holes:
eq = \a b. a b ____
Now notice in the table that when a is False, a == b is the opposite of the b column, so in that case we should invert b and return it.
To invert b, we want it to be False when b is True and vice versa. In the encoding, that is:
b False True
And that's what we should return when a is False, so we fill in the other hole:
eq = \a b. a b (b False True)
Now we just unroll the definitions of False and True
eq = \a b. a b (b (\x y. y) (\x y. x))
And there you have it.
I have 2 Question about 2 haskell functions
flipSymbol :: Model -> Atom -> Model This function must take a Model and an Atom and flip the truth value of the atom in the model. Now I was thinking of writing this function like this:...
flipSymbol m a = map f m
where
f (atom, value) = if a == atom then (atom, not value) else (atom, value)
Is there a better way?
The second one is a something more complicated and I need some help with it if possible..
In order to check the satisfiability of a formula in a given model we propagate the effects of assigning a truth value to an atom in a formula. Assume an atom to which we assign the value True. The following effects
can be applied to the formula:
The positive literals have the same True value and, therefore, any clauses that contain them are removed from the formula. This is to indicate that these clauses could be satisfied and hence no longer affect the satisfiability of the formula.
The negated literals have a value of False and are, therefore, removed from any clause they are in. This is to indicate that these clauses are still not satisfied and can only be made true by one of the other literals obtaining a value of True. In the case where False is assigned to the atom, the positive literals will now be false and should be removed
from their clauses while the negative literals will become true and have their clauses removed from the formula.
For example, in the formula (P _ Q _ R) ^ (:P _ Q _ :R) ^ (P _ :Q), assume we assign True to P. Then the clauses containing P, ie. (P _ Q _ R) and (P _ :Q) are removed from the formula, whereas :P is removed from any clause it is in, ie. (:P _ Q _ :R). This results in the formula (Q _ :R). On the other hand, if we assign False to P, we then remove (:P _ Q _ :R) from the formula and P from its clauses, thus obtaining (Q _ R) ^ (:Q).
The overall formula is satisfiable if it can be reduced to the empty list since in this case all the clauses were satisfied. If there is an empty list within the overall formula then that means that a clause was not satisfied and hence the formula can not be satisfied with the assignment that led to this state.
assign :: (Atom,Bool) -> Formula -> Formula The assign function should take an (Atom,Bool) pair and a formula and propagate the effects of assigning the given truth value to the atom in the formula as described above.
The code(on which I received help from here also):
module Algorithm where
import System.Random
import Data.Maybe
import Data.List
type Atom = String
type Literal = (Bool,Atom)
type Clause = [Literal]
type Formula = [Clause]
type Model = [(Atom, Bool)]
type Node = (Formula, ([Atom], Model))
-- This function takess a Clause and return the set of Atoms of that Clause.
atomsClause :: Clause -> [Atom]
atomsClause = undefined
-- This function takes a Formula returns the set of Atoms of a Formula
atoms :: Formula -> [Atom]
atoms = nub . map snd
-- This function returns True if the given Literal can be found within
-- the Clause.
isLiteral :: Literal -> Clause -> Bool
isLiteral = isLiteral = any . (==)
-- this function takes a Model and an Atom and flip the truthvalue of
-- the atom in the model
flipSymbol :: Model -> Atom -> Model -- is this ok?
flipSymbol m a = map f m where
f (atom, value) = if a == atom
then (atom, not value)
else (atom, value)
assign :: (Atom,Bool) -> Formula -> Formula
assign = undefined --any advice here?
At a glance, I can't see any way to improve your first formula, maybe you may use logical functions instead of a if-then-else, it's faster:
flipSymbol m a = map f m where
f (atom, value) = (atom, value /= (a == atom))
Notice: /= for Bool is basically xor.
To your last question:
The basic idea is to compare the Atoms, incorporate the Bool-values and fiddeling around with logical ops to get your result. Basically, it looks like this:
assign :: (Atom,Bool) -> Formula -> Formula
assign (a,b) = map . (map f) where
f (x,b) = (x,(x==a)&&b)