Chapter 1 Expressions, Instantiation, and Equality

e review the concept of an expression and its evaluation in a state and W discuss expression schemas. We introduce instantiation as a means for creating an instance of an expression schema and illustrate its application to reasoning about equality. We discuss Leibnizs denition of equality and formalize it in terms of instantiation. We give a proof format for showing equality of two expressions.

1.1 Preliminaries
Recall the syntax1 of conventional arithmetic expressions. Expressions are constructed from constants, variables, parentheses, and operators (like + , . , < , and = ). We use the term constant for the representation of a value; examples are the decimal representations 125 , 26 , and 0 of three integers and the constant , which denotes the ratio of the circumference of a circle to its diameter. A variable is a name with which a value may be associated. An expression that contains a variable can be evaluated only when the value associated with the variable is known. We generally use a lower-case letter followed by one or more lower-case letters or digits for a variable; examples are: x , x23 , and dog . We can dene the syntax of simple expressions as follows. This denition requires each operation2 to be parenthesized. A constant or variable is an expression. For E an expression, (E ) is an expression. For a unary prex operator3 and E an expression, (E ) is an
Syntax refers to the rules for putting symbols together to form expressions. Semantics refers to the meaning of expressions. 2 An operation denotes the application of an operator to operands . For example, operation (3 + 5) applies operator + to the operands 3 and 5 . 3 A unary operator has one operand; a binary operator, two operands. A prex operator is written before its operands, e.g. 5 ; an inx operator, between its operands, e.g. x + 2 ; a postx operator, after its operands, e.g. 5! .
1

1. Expressions, Instantiation, and Equality expression; its operand is E . For example, the negation symbol is used as a unary operator, so (5) is an expression. For a binary inx operator and D and E expressions, (D E ) is an expression, with operands D and E . For example, the symbols + (for addition) and . (for multiplication or product) are binary operators, so (1 + 2) and ((5) . (3 + x)) are expressions.

Dealing with parentheses

The syntax just presented requires operations to be parenthesized. Instead of b + c . d , we have to write ((b + c) . d) . The denition is simple, and it ensures unambiguity the operands of each operator are clearly identied. However, fully parenthesized expressions are tedious to read and write. To eliminate the need for some parentheses, a collection of precedence rules is introduced. Most people use these rules automatically, without thinking about them, at least for the arithmetic operators +, , . , / . Here, we dene the rules precisely. The precedence table for the operators used in this text is given on the inside front cover. Each operator appears on one line of the table. Two operators that appear on the same line have the same precedence, e.g. +

TABLE 1.1. Rules for removing parentheses (a) Parentheses around an expression that is not within another expression may be removed, e.g. ((5 + 3)) may be written as (5 + 3) , and then as 5+3. (b) For a binary operator that is dened to be left associative, (E F ) G may be written as E F G . If right associative, then E (F G) may be written as E F G . An operator that is associative is both left associative and right associative. An operator should be dened to be associative only if (E F ) G and E (F G) are equal. (c) If operator has higher precedence than , then E (F G) may be written as E F G and (E F ) G may be written as E F G . (d) If two dierent binary operators and have the same precedence and are left associative, then (E F ) G may be written as E F G . (e) Unary prex operators are right associative: This means that ( E ) may be written as E , for and two (not necessarily dierent) unary prex operators. Unary postx operators are left associative. (f) If is a unary operator and is a binary operator, then E ( F ) may be written as E F . Also, if has higher precedence than , ( E ) F may be written as E F .

1.1. Preliminaries

and have the same precedence. An operator that appears on an earlier line has higher precedence than one that appears on a later line, e.g. . has higher precedence than + . We also say that . binds tighter than + . The table also denes some operators to be left associative, right associative, or associative. These terms are explained in Table 1.1. Table 1.1 contains rules for removing parentheses from a fully parenthesized expression, using operator precedences as well as the denitions of left and right associativity. A discussion of the conjunctional operators (see line (h) of the precedence table) is given later, on p. 29. As an example, we remove parentheses from (((1 . 2) + 3) = ((8 1) 2)) in a series of steps, indicating which rule of Table 1.1 is used: ((1 . 2) + 3) = ((8 1) 2) (1 . 2) + 3 = (8 1) 2 1 . 2 + 3 = (8 1) 2 1.2 + 3 = 8 1 2 Rule Rule Rule Rule (a) (c), twice, involving = (c) (b)

When removing parentheses, be sure to view a partially parenthesized expression as if it were fully parenthesized. For example, can the parentheses in (1 + 2 . 5) . 6 be removed? The subexpression 1 + 2 . 5 is really 1 + (2 . 5) , so the expression should be viewed as (1 + (2 . 5)) . 6 Since . binds tighter than + , the parentheses cannot be removed. Note that all unary prex operators are right associative. For example, 5 is an abbreviation for ((5)) . Left associativity for unary prex operators wouldnt make sense. The general rules of Table 1.1 are standard. However, only the precedences for the arithmetic and relational operators are standard. For example, and . are sometimes given the same precedence, while we give higher precedence to . . Our precedences are designed to minimize the number of parentheses needed in most cases, to simplify syntactic manipulations, and to provide some systematization and consistency. Generally, when unsure of precedences in a particular situation, look at the precedence table on the inside front cover. Do not hesitate to use parentheses where they help you.

Evaluation of an expression in a state

Assume for this discussion that we know how to evaluate integer expressions that contain integer constants but not variables. For example, 1 + 2 evaluates to 3 and 2 . (3 + 4) evaluates to 14 . Evaluating an expression that contains variables requires knowing what values to use for those variables. To this end, we introduce the notion of a

10

1. Expressions, Instantiation, and Equality

state. A state is a set of variable-value associations. For example, in a state containing the associations (x, 5) and (y, 6) , variable x is associated with 5 and variable y with 6 . Evaluation of an expression E in a state is performed by replacing all variables in E with their values in the state and then computing the value of the resulting expression. For example, evaluating x y + 2 in the state given in the previous paragraph consists of replacing variables x and y by their values to yield 5 6 + 2 and then evaluating 5 6 + 2 to yield 1 .

Functions and function application

A function can be viewed as a set of pairs (argument, result) of values, (with only one pair for each dierent argument ). One way to dene a function is to use a form like g (z ) : 3 . z + 6 . This denes a function g with parameter z (a variable) and body 3 . z + 6 (an expression). A function application, a form of expression, is used to denote the result associated with a given argument. The conventional notation for the function application that applies g to argument 5 is g (5) ; the value of g (5) is the value of the body of function g but with parameter z replaced by argument 5 , i.e. the value of expression 3 . 5 + 6 . In order to reduce the use of parentheses when writing function applications, we use the notation g.5 instead of g (5) when the argument is a variable or constant. Here are two examples of evaluation of function applications. g.5 = = Apply function 3.5 + 6 Arithmetic 21 = g (y + 2) Apply function 3 . (y + 2) + 6

A function can have one or more parameters; a function application will have the same number of arguments as the function has parameters. For example, consider the following function, where the function body is given in an informal manner. min(x, y ) : the minimum of x and y Then, the function application min(2, 3 . 6) yields the value 2 , while the

1.1. Preliminaries

11

function application min(a, 2 + b) evaluated in a state s (say) yields the minimum of the values of a and 2 + b in state s . The notion of an expression can now be simplied to contain only constants, variables, and function applications, as follows. A unary operator like is thought of as a function with one parameter, so that (x + y ) is written as the function application negation(x + y ) . In the same way, a binary operator like + is viewed as a two-parameter function plus , so that x + y is written as plus(x, y ) . If we replace all unary and binary operations by function applications, then an expression is either a constant, a variable, or a function application f 1(E ) , f 2(E 1, E 2) , f 3(E 1, E 2, E 3) , . . . . Some programming languages, e.g. LISP, Scheme, and Miranda, use such a simple syntax or a variation of it.

Metavariables and expression schemas

The syntax for expressions presented on p. 7 includes the sentence, For E an expression, (E ) is an expression. Thus, since (x + 1) is an expression, ((x + 1)) is an expression. We say that (x + 1) is an instance of E and that ((x + 1)) is an instance of (E ) . Similarly, instances of E + b + G are obtained by replacing E and G by expressions. Here are two instances of E + b + G : x + b + (x . y ) and (x . y ) + b + 2 . The upper-case variable E in (E ) is not the usual variable that is associated with a value; it is a metavariable,4 and it stands for any expression. (E ) is called an expression schema; since it stands for many dierent expressions, each of which is produced by instantiating E with some expression. In this text, we use lower-case names, like x and e , for conventional variables and upper-case names, like X and E , for metavariables. Metavariables allow us to present, discuss, and prove properties about a class of expressions, all with the same form. For example, Table 1.1 says that any expression of the form ((E )) can be rewritten as (E ) . Thus, ((2 + y )) can be rewritten as (2 + y ) . In the same way, we can say that addition is symmetric by writing X + Y = Y + X . We continue to call an entity like E 1 + E 2 . E 2 an expression, instead of
Meta is often prexed to the name of a discipline to denote a higher discipline of the same nature but dealing with ulterior and more fundamental problems (from the OED). Metamathematics deals with the philosophy of mathematics. A metalanguage is used to talk about another language. A metapolitician is one who engages in abstract political thinking. In the same way, the notion of a variable is lifted to that of a metavariable.
4

12

1. Expressions, Instantiation, and Equality

an expression schema, for two reasons. First, we want to simplify wording. Saying any instance of the expression or expression schema all the time instead of simply expression would get tiresome after a while. Second, when discussing an entity like E 1+ E 2 . E 2 , we really mean any expression that is an instance of it. For example, think of a phrase like 2 . E is even as an abbreviation for any instance of 2 . E is even. Sometimes, we use a metavariable (written in Roman type) as a name of a particular expression, and not an arbitrary expression. The context will make this clear. For example, the expression 6 . (b + b2 4 . a . c)/(2 . a)+ x is rather messy; to aid in reading it, we may present it as 6 . R + x , where R is given by b + b2 4 . a . c R: . 2.a Here, we have identied a metavariable with a single expression.

1.2 Instantiation
For the moment, we consider only fully parenthesized expressions, as dened on p. 7. We introduce notations for instantiation: for the replacement of a metavariable by an expression (or expression schema). (1.1) Denition of instantiation. Let E be an expression (schema), V a metavariable, and R an expression (schema). The three notations E [V := R]
V ER

E with V := R

denote a copy of E but with all occurrences of metavariablea V replaced by R. The act of replacing all occurrences of V by R in E is called instantiation or uniform substitution.
V must be a metavariable, and not a general expression, because the latter would lead to inconsistencies. Suppose V could be any expression. Since 2 = 1 + 1, we would expect 2[1 + 1:= 3] and (1 + 1)[1 + 1:= 3] to be equal. But the rst equals 2 and the second equals 3.
a

Examples. Expression (F + G)[G:= (z . 2)] ((F + G) . G)[G:= (z . 2)] (x . F )[G:= ((Z + y ))] (G . F )[G:= ((Z + y ))]

Result (F + (z . 2)) ((F + (z . 2)) . (z . 2)) (x . F ) (((Z + y )) . F )

The third example above illustrates that when E contains no occurrences

1.2. Instantiation

13

of the metavariable that is being replaced, the result is just E . The fourth example illustrates that expression R may itself contain metavariables. Why use three dierent notations for the same thing? The rst notation is usually preferable because it doesnt use superscripts and subscripts, giving a simpler and cleaner look. However, if E or R are long, or the notation appears within another expression, the use of the rst notation may require two lines, making it harder to read. In this case, we may resort to the second form, using a superscript and subscript, if the expression then ts on one line. The third notation is used in a particular place within proofs, as will be seen later. Below, we give a more formal, inductive denition of instantiation. In it, R and V are as in the previous denition, and the denition denes instantiation in each of the kinds of available expressions. (1.2) Denition of instantiation. E [V := R] is dened by: v [V := R] = v W [V := R] = W (v a constant or variable) (W a metavariable dierent from V )

V [V := R] = R (E )[V := R] = (E [V := R]) (E )[V := R] = ( (E [V := R])) (D E )[V := R] = ((D[V := R]) (E [V := R])) (F (E ))[V := R] = (F [V := R])(E [V := R]))) (function app.) We now discuss the use of a placeholder to obtain the eect of replacing an expression. Consider the expression (x + y ) . 3 . Suppose we want to talk about replacing x + y in this expression by 3 x to yield the expression (3 x) . 3 . We do this by saying that The rst expression, (x + y ) . 3, is (V . 3)[V := (x + y )] The second expression, (3 x) . 3, is (V . 3)[V := (3 x)] Thus, each of the two expressions is obtained by replacing V in expression (V . 3) by a dierent expression. Here, metavariable V acts as a placeholder for the two subexpressions. While this approach may seem indirect, it is the simplest consistent way to have a notation for such instantiations. In some situations, it is useful to replace more than one variable at a time, as given in the following denition. The last example in Table 1.2

14

1. Expressions, Instantiation, and Equality

should make clear what we mean by simultaneous. (1.3) Denition of simultaneous instantiation. For V a list V1 , . . . , Vn of distinct metavariables and R a list R1 , . . . , Rn of expressions (schemas), the simultaneous instantiations E [V := R]
V ER

E with V := R

denote the simultaneous replacement in E of the occurrences of metavariables V1 , . . . , Vn by the corresponding expressions of R.

Instantiation in non-fully-parenthesized expressions

The denition of instantiation has been given for fully parenthesized expressions, because that is easier and simpler. Instantiation is possible in other expressions as well; one must only ensure that the result is the same as in the corresponding fully parenthesized expression. This may require placing parentheses around R of E [V := R] before the instantiation is made. For example, (V . Y )[V := z + 2] is ((z + 2) . Y ) , and not (z + 2 . Y ) . The precedence table on the inside front cover gives highest precedence to instantiation. This means that V + V [V := 2] is dened to be V + 2 . In order to indicate that both occurrences of V in V + V should be replaced, use parentheses: (V + V )[V := 2] is 2 + 2 . Also, instantiation is left associative, i.e. E [U := R][V := Q] is dened to be (E [U := R])[V := Q] , a copy of E in which every occurrence of U has been replaced by R and then every V has been replaced by Q . In general, E [U := R][V := Q] is dierent from E [U, V := R, Q] , if R contains V , as you can see by performing the following two instantiations:

TABLE 1.2. Examples of instantiation Instantiation for one metavariable 35[A:= 2] = 35 y [A:= 2] = y A[A:= 2] = 2 (A . A + y )[A:= c + y ] = (c + y ) . (c + y ) + y (A2 + B 2 + B 3 )[B := b + c] = A2 + (b + c)2 + (b + c)3 Simultaneous instantiation (A + B + B )[A, B := Z, w] = Z + w + w (A + B + B )[A, B := B, A] = B + A + A

1.3. Equality
HISTORICAL NOTE 1.1. Gottfried Wilhelm Leibniz (16461716)

15

Mathematics, law, religion, history, literature, logic, and philosophy all owe debts to Leibniz. A man of tremendous energy, he read, wrote, and thought incessantly. He was refused a law doctorate at Leipzig at the age of 20, basically because the faculty was envious of him. So, he traveled to the University of Altdorf in Nuremberg and submitted an essay on the historical method of teaching law, which he composed during the trip. Altdorf not only awarded him a doctorate but oered him a professorship. He turned it down. Leibniz spent much of his life as a diplomat, librarian, historian, and genealogist in the service of the nobility the last 40 years were spent with the Duke of Hanover. Leibnizs work brought him into contact with nobility and their problems. In one essay written for an employer, he urged the European states to work together in the conquest of the non-Christian world in the middle east. He worked actively to reunite the Catholic and Protestant churches and wrote treatises that looked for common ground between them. At one point, he was oered the post of librarian at the Vatican but declined because he did not want to become a Catholic. As a mathematician, Leibniz is best known, along with Isaac Newton, for the development of calculus blame your Freshman Calculus course on them. The controversy between these two giants is legendary. Leibniz was also far ahead of his time in dreaming of a general method in which all truths of the reason would be reduced to a kind of calculation. Its principal utility would be in reasoning performed by operations on symbols even geometry would be handled this way, without need for diagrams and gures. Thus, Leibniz foresaw symbol manipulation as we know it today.

(A + 2 . B )[A, B := B, A]

and (A + 2 . B )[A:= B ][B := A]

Further examples of instantiation appear in Table 1.2.

1.3 Equality
We can dene the equality operator = as follows: evaluation of X = Y in a state yields the value true if expressions X and Y have the same value and yields false if they have dierent values.5 For example, in a state with the two variable-value associations (b, 2) and (c, 3) , b = c evaluates to false and b + 1 = c evaluates to true . This characterization of equality is in terms of expression evaluation. For reasoning about expressions, a more useful characterization would be a set
An expression that evaluates to one of true and false is called a boolean expression. We will discuss boolean expressions more thoroughly in Chap. 2.
5

16

1. Expressions, Instantiation, and Equality

of laws that can be used to show that two expressions are equal, without calculating their values. For example, X = Y equals Y = X , regardless of the values of X and Y . A collection of such laws can be regarded as a denition of equality if the following holds: two expressions have the same value in all states i6 one expression can be translated into the other according to these laws. We now give four laws that help characterize equality. The rst two are called axioms, because we take them as self-evident, as truths, without proof. These axioms are our initial theorems the term theorem will be explained carefully momentarily. (1.4) Axiom, Reexivity: X = X (1.5) Axiom, Symmetry7 : (X = Y ) = (Y = X ) The third law for equality, transitivity, is given as an inference rule, which is a syntactic mechanism for deriving new theorems from old theorems. Later we see that theorems correspond to boolean expressions that are true in all states. An inference rule consists of a list of boolean expressions, called its premises , above a line and a boolean expression, called its conclusion, below the line. It asserts that if the premises are theorems, then the conclusion is a theorem. For example, consider the following inference rule (schema). (1.6) Transitivity: X = Y, Y = Z X=Z

We read this inference rule (schema) as: If X = Y and Y = Z are theorems, then X = Z is a theorem. Thus, from theorems x + y = w + 1 and w + 1 = 7 we conclude, by Transitivity (1.6), that x + y = 7 is a theorem. As another example, on page 4, we gave a proof of (e = m . c2 ) = (e/c2 = m) . It is Transitivity that allows us to conclude that the rst expression e = m . c2 equals the third, then equals the fourth, and nally equals the fth expression, e/c2 = m . Thus, we dene theorem as follows. (1.7) Denition. An expression is a theorem i it is an axiom or the conclusion of an inference rule whose premises are theorems.
6 Mathematicians use i as an abbreviation for if and only if. Thus b i c holds provided (i) b holds if c holds and (ii) c holds if b holds. 7 A binary operator (or function f with two parameters) is symmetric, or commutative, if x y = y x (or f (x, y ) = f (y, x) ) is true for all arguments x and y . Hence, (1.5) asserts that = is a symmetric operator.

1.3. Equality
HISTORICAL NOTE 1.2. Symbols for Equality

17

The history of the signs for equality is so interesting and involved that Cajori [8] devotes 12 pages to it. In the fteenth century, a number of dierent symbols were used infrequently for equality, including the dash. Generally, however, equality was expressed using words like aequales, esgale, gleich, and sometimes by the abbreviated form aeq. The use of = for equality was introduced by Robert Recorde in 1577 [33], who wrote, And to auoide the tediouse repetition of these woordes: is equalle to: I will sette as I doe often in woorke use, a paire of parallels, or Gemove lines of one lengthe, thus: , bicause noe .2. thynges, can be more equalle. Recorde viewed = only as an abbreviation and not as a boolean function. The concept of function took over 100 years to develop (Leibniz introduced the term in 1694); type boolean, another 150 years (George Boole introduced it in about 1850)! In spite of the appropriateness of Recordes symbol for equality, it did not appear in print again until sixty-one years later, many authors preferring to use a word rather than a symbol for equality. One problem was that = was in use at the time for at least ve dierent purposes. Also, there were competing symbols for equality, to cite a few: [ , | , , , and 2|2 (by H erigone, in 1634, who also used 3|2 and 2|3 for > and < ). In the late seventeenth century, = became the favorite in England for equality. However, = faced real competition on the continent, where Descartes had used the symbol (for Taurus) to denote equality in 1637 in [13]. On the continent, most authors used either Descartes symbol or no symbol at all. But in the eighteenth century, = gradually won out, in large part due to the adoption of = by Newton and Leibniz at the close of the seventeenth century. Today, Recordes = , the only symbol he introduced, is universally embraced. Equality is one of our most important concepts, and it deserves a unique symbol. The use of = for assignment in FORTRAN has caused great confusion, and the tragic use of = for assignment and == for equality in C and now Java has furthered this confusion.

A fourth law of equality was articulated by Gottfried Wilhelm Leibniz, some 350 years ago (see Historical note 1.3 on p. 18). In modern terminology, we paraphrase Leibnizs rule as follows. Two expressions are equal in all states i replacing one by the other in any expression E does not change the value of E (in any state). Partly, Leibniz was saying that if X = Y holds, then replacing X by Y in an expression Z does not change the value of Z . This statement is often called substitution of equals for equals, because X is being replaced by

18

1. Expressions, Instantiation, and Equality

HISTORICAL NOTE 1.3. Leibnizs Definition of Equality

Def. 1. Two terms are the same (eadem ) if one can be substituted for the other without altering the truth of any statement (salva veritate ). If we have A and B , and A enters into some true proposition, and the replacement of B for A wherever it appears results in a new proposition that is likewise true, and if this can be done for every proposition, then A and B are said to be the same ; and conversely, if A and B are the same, they can be substituted for one another as I have said. Terms that are the same are also called coincident (coincidentia ); A and A are, of course, said to be the same, but if A and B are the same, they are called coincident. Def. 2. Terms that are not the same, that is, terms that cannot always be substituted for one another, are dierent (diversa ). Corollary. Whence also, whatever terms are not dierent are the same. Charact. 1. A B signies that A and B are the same, or coincident. Charact. 1. A non B signies that A and B are dierent. (From [31, page 291], which is an English translation of the Latin version of Leibnizs work found in [21]. Leibniz used the sign for equality see Historical note 1.2 on p. 17).

something that is equal to it, Y . Here are two instances of this statement, written as inference rules. (1.8) a+b=b+a . x (a + b) = x . (b + a) 3 + b = 2.c 2 . c . x/(3 + b) = 2 . c . x/(2 . c)

The rst inference rule is read: If a+b = b+a is a theorem, then x . (a+b) = x . (b + a) is a theorem. We want to express substitution of equals for equals as an inference-rule schema, with the two rules (1.8) as instances of it. In order to do this, we make use of the notation for instantiation, using a placeholder V for the expression to be substituted for. (1.9) Leibniz: X=Y E [V := X ] = E [V := Y ]

The following instantiation of (1.9), with X replaced by a + b , Y by b + a , and E by x . V , yields the left inference rule of (1.8). a+b=b+a (x . V )[V := a + b] = (x . V )[V := b + a] In using Leibniz (1.9), not every occurrence of an expression must be replaced. For example, consider the two instances of Leibniz (1.9) given

1.4. Reasoning using Leibnizs rule

19

below. In the rst, one instance of a . b has been replaced; in the second, both instances. In the rst, E is a . b + V ; in the second, E is V + V . a.b = b.a a.b + a.b = a.b + b.a a.b = b.a a.b + a.b = b.a + b.a

Naming, equality, and hidden variables

On page p. 12, we introduced a name R for an expression using a format that will be used often in this text: b + b2 4 . a . c R: . 2.a R and the expression E that it names can be used interchangeably. R is simply an abbreviation for E . Within another expression, replacing E by R , or vice versa, does not change the value of the expression. This means that the name and the expression are equal. Therefore, in some situations, we may introduce the name using alternative phrasings: . . . . We dene R = ( b + b2 4 . a . c )/(2 . a) . . . . . . . . Let R be (b + b2 4 . a . c )/(2 . a) . . . . An expression that contains R , like x + R , then has three hidden variables, a , b , and c , and these must be taken into account when an instantiation is performed. For example, the textual substitution (x + R)[b := 5] yields x + R1 , where R1 = (5 + 52 4 . a . c )/(2 . a) .

1.4 Reasoning using Leibnizs rule

A proof that E 0 = E 3 (say) can often be written as a sequence of substitutions of equals for equals that transform E 0 into E 3 . Throughout this text, we use the following format for such proofs. In it, an expression within braces and on a line that begins with = is called a hint. E0 = E1 = E2 = E3 X2 = Y 2 see below X1 = Y 1 see below X0 = Y 0 see below

20

1. Expressions, Instantiation, and Equality E 0 = E 1 , E 1 = E 2 , and E 2 = E 3 are theorems. E 0 = E 2 is a theorem (which follows by inference from E 0 = E 1 and E 1 = E 2 ) and nally that (again by Transitivity (1.6)).

This proof claims that Further, it claims that rule Transitivity (1.6) E 0 = E 3 is a theorem

We require in such proofs that each substitution of equals for equals be an instance of Leibniz (1.9). That is, each step of the form below is just a reformatting of Leibniz (1.9), as shown to the right. E0 = E1 In words, E 0 = E 1 is the conclusion of an instance of Leibniz (1.9), and the hint X 0 = Y 0 is the premise. Here is an example of such a replacement, with boxes around X and Y of the premise of Leibniz (1.9). To the right, we give the corresponding instance of Leibniz (1.9). x . ( x + y + c) = x+y =y+x x . ( y + x + c) A hint may be written as an instantiation. For example, suppose we have this theorem: (1.10) 2 . X/2 = X . x+y =y+x x . (x + y + c) = x . (y + x + c) X0 = Y 0 0=Y0 Leibniz: X E0 = E1

Suppose we want to use (1.10)[X := j ] , i.e. 2 . j/2 = j , as a hint. We may write this as illustrated in the following step. 2 . j/2 = 2 . (j 1) (1.10), with X := j j = 2 . (j 1)

If the instantiation is simple enough, we may omit the indication with X := j , e.g. 2 . j/2 = 2 . (j 1) (1.10) j = 2 . (j 1)

Concluding remarks for Chapter 1

21

We may also place an explanatory comment in a hint (after a dash ), as in the following hint. (1.10) note that / is division Most of our proofs of equalities use the format just introduced. In it, the expressions Ei are aligned but indented past the column in which = appears, the hints are aligned and indented a bit further, and the hints are delimited by and . Parentheses are never placed around the expressions E 0 , E 1 , etc., because the line breaks in the proof take their place. Adhere carefully to this format; the more standard our communication mechanism, the easier time we have understanding each other.

Proof schemata versus proofs

The proof to the left below shows that (X + X )/2 = X is a theorem schema. The proof itself is actually a proof schema , in that some of its expressions contain metavariables. In fact, every proof of a formula that contains a metavariable is a proof schema. We can instantiate this proof schema to yield a proof by replacing each metavariable by an expression. One such instantiation is shown to the right below. (X + X )/2 X + X = X .2 X . 2/2 = 2/2 = 1 X .1 = X .1 = X X = (3 . b + 3 . b)/2 X + X = X . 2, with X := 3 . b 3 . b . 2/2 = 2/2 = 1 3.b.1 = X . 1 = X , with X := 3 . b 3.b =

In the same way, a proof of any instantiation of the theorem schema (X + X )/2 = X can be obtained by instantiating its proof schema. Basically, then, if we have proved a theorem schema, we can obtain a proof of any instantiation of it. In general, we get more leverage when we prove a theorem schemata instead of a theorem.

Concluding remarks for Chapter 1

The method of proof developed in this text rests on the concepts listed below. A thorough knowledge of these fundamental ideas is needed. Variable, metavariable, and a metavariable used as the name of an expression.

22

1. Expressions, Instantiation, and Equality Expression and expression schema. Evaluation of an expression in a state. Instantiation (or uniform substitution) (page 12). The characterization of equality through Reexivity (1.4), Symmetry (1.5), inference rule Transitivity (1.6), and inference rule Leibniz (1.9). The proof format discussed on page 19, and the use of each inference rule in a proof.

Exercises for Chapter 1

1.1 Perform the following instantiations. Be careful with parenthesization and remove unnecessary parentheses. (a) X [X := b + 2] (d) (X + X . 2)[X := X . Y ] (b) X + Y . X [X := b + 2] (e) (X + X . 2)[Y := X . Y ] (c) (X + Y . X )[X := b + 2] (f) (X + X . Y + X . Y . Z )[X := X + Y ] 1.2 Perform the following simultaneous instantiations. Be careful with parenthesization and remove unnecessary parentheses. (a) X [X, Y := b + 2, X + 2] (d) (X + X . 2)[X, Y := x . Y, X . Y ] (b) X + Y . X [X, Y := b + 2, X + 2] (e) (X + Y . 2)[Y, X := X . Y, X . X ] . (c) (X + Y X )[X, Y := b + 2, x + 2] (f) (X + X . Y . z )[X, Y := Y, X ] 1.3 Leibnizs denition of equality given just before inference rule Leibniz (1.9) says that X = Y is true in every state i E [V := X ] = E [V := Y ] is true in every state. Inference rule Leibniz (1.9), however, gives only the if part. Give an argument to show that the only if part follows from Leibniz (1.9). That is, suppose E [V := X ] = E [V := Y ] is true in every state, for every expression E , and show that X = Y is true in every state. 1.4 Here is another version of Leibniz. Leibniz:

Z = X, Z = Y E [V := X ] = E [V := Y ]

Show that transitivity of = follows from this denition. 1.5 This exercise illustrates the inconsistency that arises if we use instantiation to replace general expressions. The instantiation (x + 1 + 1)[1 + 1:= 3] yields the expression x + 3 . Suppose, however, we replace 1 + 1 by 2 , yielding the equal expression (x + 2)[1 + 1:= 3] . Show that an inconsistency arises. 1.6 Inference rule Leibniz (1.9) stands for an innite number of inference rules, each of which is constructed by instantiating E , X , and Y with dierent expressions. Below, are a number of instantiations of Leibniz, with parts missing. Fill in the missing parts and write down what expression E is. Do not simplify;

Exercises for Chapter 1

23

do not manipulate the expression beforehand. The last two exercises have four answers; give them all.

x=x+2 4.x + y = ? 2.y + 1 = 5 (b) x + (2 . y + 1) . w = ?

(a) (c) (d)

x+1=y 3 . (x + 1) + 3 . x + 1 = ?

x=y x+x= ? 7=y+1 (e) 7.x + 7.y = ?

1.7 Below is a list of substitutions of equals for equals. Put each of them in the form of an instance of inference rule Leibniz, rst with the instantiation performed and second with the instantiation not performed. For example, the answer for part (a) is

4=2+2 b . c . 4 = b . c . (2 + 2)
(a) =

and

4=2+2 (b . c . V )[V := 4] = (b . c . V )[V := 2 + 2]

(d) = x + 2.3.d 3.d = 6 x + 2.6 x + 2.4 x+2 . 4 = y y x . x . yx x=y y . x . yy

b.c.4 4=2+2 b . c . (2 + 2) xy + y y = 2.x . x2 x + 2 . x xy + y y = 2.x . x2 x + y

(b) =

(e) =

(c) =

(f) =

1.8 The purpose of this exercise is to reinforce your understanding of the use of Leibniz (1.9) along with a hint in proving two expressions equal. For each of the expressions E [V := X ] and hints X = Y below, write the resulting expression E [V := Y ] . There may be more than one correct answer. (a) (b) (c) (d) (e) E [V := X ] x+y+w x+y+w x . (x + y ) (x + y ) . w (x + y ) . q . (x + y ) hint X = Y x=b+c y + w = b.c x+y =y+x w = x.y x+y =y+x

1.9 The purpose of this exercise is to reinforce your understanding of the use of Leibniz (1.9) along with a hint in proving two expressions equal. For each of the following pair of expressions E [V := X ] and E [V := Y ] , identify a hint X = Y

24

1. Expressions, Instantiation, and Equality

that would show them to be equal and indicate what E is. (a) (b) (c) (d) (e) E [V := X ] (x + y ) . (x + y ) (x + y ) . (x + y ) x+y+w+x x.y .x x.y .x E [V := Y ] (x + y ) . (y + x) (y + x) . (y + x) x + y .w + x (y + w) . y . x y .x.x

1.10 In Sec. 1.3, we stated that the four laws Reexivity (1.4), Symmetry (1.5), Transitivity (1.6), and Leibniz (1.9) characterized equality. This statement is almost true. View = as a function eq (x, y ) that yields a value true or false . There is one other function that, if used in place of eq in the four laws, satises all of them. What is it? 1.11 Consider the following expressions as the only axioms (besides reexivity and symmetry of equality). F1 : X . 0 = X F2 : (X X ) = 0 F3 : X + X = 2 . X Using the proof format discussed on p. 19, prove (a + b) . (c + c 2 . c) = 0 . Be explicit about instantiations used in your proof.