CS402 Introduction to Logic, Fall 2007

Homework #1 Solution

2007년 10월 2일

1.
(a) p v~ (q^ (r → q))
p v~ (q^ (r → q)) p q r p v~ (q^ (r → q))
↳ p (open) T T T T
↳ ~(q^(r→q)) T T F T
↳ q, ~(~r v q) T F T T
↳ q, ~q (close) T F F T
↳ q, r (open) F T T F
~(p v~ (q^ (r → q))) F T F F
≡~p ^ ~(q^(~r v q)) F F T T
≡~p ^ (~q v ~(r v q)) F F F T
↳ ~p, ~q (open)
↳ ~p, ~r ^ ~q (open)
↳ ~p, ~r (open)
↳ ~p, ~q (open)

 SATISFIABLE but not VALID

(b) p^q→ p v q
p^q→ p v q p q p^q-->p v q
≡ (~p^q) v (p v q) T T T
↳ p (open) T F T
↳ (~p^q) v q F T T
↳ q (open) F F T
↳ ~p, q (open)
~(p^q → p v q)
≡~(~(p^q) v (p v q))
≡ (p^q) ^ ~(p v q)
≡ (p^q)^(~p^~q)
↳ p, q, ~p, ~q (close)

 VALID
(c) ((p → ~q) → ~p) → q
((p → ~q) → ~p) → q p q ((p--> ~q)--> ~p)-->q
((~p v ~q) ^ p) v q T T T
↳ q (open) T F T
↳ ((~p v ~q) ^ p) F T T
↳ p, (~p v ~q) F F F
↳ p, ~p (close)
↳ p, ~q (open)

~(((p → ~q) → ~p) → q)

~( (p → ~q) → ~q) v q
↳ ~(~(p → ~q) v ~q)
≡ (~p v q) ^ q
↳ ~p, q (open)
↳ q (open)
↳ q (open)
 SATISFIABLE but not VALID

(d) (p → q) v (p → ~q)

(p → q) v (p → ~q) p q (p-->q)v (p--> ~q)

↳ p→q T T T
≡~p v q T F T
↳ ~p (open) F T T
↳ q (open) F F T
↳ p → ~q
≡~p v ~q
↳ ~p (open)
↳ ~q (open)
~((p → q) v (p → ~q))
≡~(~p v q) ^ ~(~p v ~q)
≡ (p ^ ~q) ^ (p ^ q)
↳ p, ~q, p, q (closed)

 VALID
(e) ((p → q) → p) → p

((p → q) → p) → p p q ((p-->q)-->p)-->p
≡~(~(~p v q) v p) v p T T T
≡ ((~p v q) ^ ~p) v p T F T
↳ p (open) F T T
↳ (~p v q) ^ ~p F F T
↳ ~p (open)
↳ ~p ^ q (open)

~(((p → q) → p) → p)
≡~(~((p → q) → p) v p)
≡ ((p → q) → p ) ^ ~p
≡ (~(~p v q) v p) ^ ~p
↳ ~(~p v q), ~p
≡ (p ^ ~q), ~p
↳ p, ~q, ~p (closed)
↳ p, ~p (closed)

 VALID

(f) (p v q →r) → (p → r) v (q → r)
(p v q → r) → (p → r) v (q → r) p q r (p v q → r) → (p → r) v (q → r)

≡~(p v q → r) v ((p → r) v (q → r)) T T T T

≡~(~(p v q) v r) v (~p v r) v (~q v r) T T F T
↳ ~(~(p v q) v r) T F T T
↳ (p v q) , ~r T F F T
↳ ~r, p (open) F T T T
↳ ~r, q (open) F T F T
↳ (~p v r) v (~q v r) F F T T
↳ ~p v r F F F T
↳ ~p (open)
↳ r (open)
↳ ~qvr
↳ ~q (open)
↳ r (open)

~((p v q → r) → (p → r) v (q → r))
 ≡~(~(p v q → r) v (p → r) v (q → r))
≡ (p v q → r) ^ ~(p → r) ^ ~(q → r)
≡ (~(p v q) v r) ^ (p ^ ~r) ^ (q ^ ~r)
↳ (~p ^ q) v r , p, ~r, q
↳ ~p, p, ~r, q (closed)
↳ r, p, ~r, q (closed)

 VALID

(g) (p → q) → ~p → ~q
(p → q) → ~p → ~q p q (p-->q)--> ~p--> ~q
≡~(~p v q) v (p v ~q) T T T
≡ (p ^ ~q) v (p v ~q) T F T
↳ p, (p v ~q) F T F
↳ p (open) F F T
↳ p, ~q (open)
↳ ~q, p, ~q
↳ ~q, p (open)
↳ ~q (open)

~((p → q) → ~p → ~q)
≡~(~(~p v q) v (~~P v ~q))
≡ ((~p v q) ^ (~p ^ q))
≡ (~p v q), ~p, q
↳ ~p, ~p, q (open)
↳ q, ~p, q (open)

 SATISFIABLE but not VALID

2.
The proof is in pp.33-38 of the textbook.
3.

- Original code.

void f(unsigned int y) {

unsigned int x = 1 ;
x = x + y ;
if (x == 2)
x += 1 ;
else
x = 2 ;
assert(x == 2) ;

- Translate the program into SSA form

x0 = 1
x1 = x0 + y ;
if (x1 == 2)
x2 = x1 + 1
else
x2 = 2
assert(x2 ==2)

- Create a Boolean formula from the SSA representation

C : (x0==1) and (x1=x0+y0) and (x1==2 imp x2==x1+1) and (x1!=2 imp x2==x1+2)
x00 ∧ ￢x01 ∧ ( x10 ↔ x00 ⊕ y00 ) ∧ ( x11 ↔ x01 ⊕ y01 ⊕ (x00 ∧ y00))
∧ ((￢x10 ∧ x11) → x20 ↔ x10 ⊕ 1 ∧ x21 ↔ x11 ⊕ 0 ⊕ (x10 ∧ 1))
∧ (￢(x10 ∧ x11) → x20 ↔ x10 ⊕ 0 ∧ x21 ↔ x11 ⊕ 1 ⊕ (x10 ∧ 0))

P : (x2 == 2)
￢x20 ∧ x21

F : C ∧ ￢P

- Translate the formula F into CNF form

(x0 == 1)
x00 ∧ ￢x01

(x1 = x0 + y0)
(￢x11 ∨ ￢x00 ∨ ￢y00 ∨ x01 ∨ ￢ y01) ∧ (￢x11 ∨ ￢ x00 ∨ ￢ y00 ∨ ￢ x01 ∨ y01) ∧ (￢ x11 ∨ x00 ∨ x01
∨ y01) ∧ (￢x11 ∨ x00 ∨ ￢x01 ∨ ￢y01) ∧ (￢x11 ∨ y00 ∨ x01 ∨ y01) ∧ (￢x11 ∨ y00 ∨ ￢x01 ∨ ￢y01) ∧
(x11 ∨ x00 ∨ x01 ∨ ￢y01) ∧ (x11 ∨ x00 ∨ ￢x01 ∨ y01) ∧ (x11 ∨ y00 ∨ x01 ∨ ￢ y01) ∧ (x11 ∨ y00 ∨ ￢x01 ∨ y01) ∧
(x01 ∨ y01 ∨ ￢x00 ∨ ￢y00 ∨ x11) ∧ (￢x01 ∨ ￢y01 ∨ ￢ x00 ∨ ￢ y00 ∨ x11)

x1 == 2 imp x2 == x1 + 1
(x10 ∨ ￢x11 ∨ x10 ∨ x20) ∧ (￢x11 ∨ x10 ∨ x21)

x1 != 2 imp x2 == 2

(￢x10 ∨ ￢x20) ∧ (￢ x10 ∨ x21) ∧ (x11 ∨ ￢x20) ∧ (x11 ∨ x21)

￢P (x2 == 2)
x20 ∨ ￢x21

- Run MiniSat and capture the result and interpret the result
Above CNF formula was translated into MiniSat input file format as below. The final formula in CNF form
has 21 clauses composed with 8 boolean variables.
p cnf 8 21
1 0
-2 0
-4 -1 -7 2 -8 0
-4 -1 -7 -2 -8 0
-4 1 2 8 0
-4 1 -2 -8 0
-4 7 2 8 0
-4 7 -2 -8 0
4 1 2 -8 0
4 1 -2 8 0
4 7 2 -8 0
4 7 -2 8 0
2 8 -1 -7 4 0
-2 -8 -1 -7 4 0
3 -4 3 5 0
-4 3 6 0
-3 -5 0
-3 6 0
4 -5
4 6 0
5 -6 0
MiniSat returns the result file which contains the situation where given formula is satisified as below.

SAT
1 -2 -3 4 5 6 7 -8 0

The result shows that the formula is satisfied when x 00 is true, x01 is false, x10 is false, x11 is true, x20 is true,
x21 is true, y00 is true, and y01 is false. The interpretation of the result is that the assertion is violated in the
case of y being 1. In that case the value of x is 3 when the assertion is met.

4.

I made a program which computes GCD and LCM of two given integers. And the assertion of the
program is located at the last line to check whether GCD is always no greater than LCM. The code of the
program is below.

int main()
{
int x, y ;
int a, b, t ;
int gcd, lcm ;

scanf("%d", &x) ;
scanf("%d", &y) ;

a = x ; b = y ;
while (b != 0) {
t = b ;
b = a % b ;
a = t ;
 }
gcd = a ;
lcm = x * y / gcd ;

assert(lcm >= gcd) ;

}

This program was verified by CBMC with 30 numbers of unwinding. The result is below.
 CMBC results that the verification has failed. The error trace showed that the program allows divide-by-
zero case. To correct the program, I modified the program as below.

int main()
{
 int x, y ;
int a, b, t ;
int gcd, lcm ;

scanf("%d", &x) ;
scanf("%d", &y) ;
if (x == 0 || y == 0) return 1 ;
a = x ; b = y ;
while (b != 0) {
t = b ;
b = a % b ;
a = t ;
}
gcd = a ;
lcm = x * y / gcd ;

assert(lcm >= gcd) ;

}

The result of verification of modified program is below.

The verification result shows that overflow problem was not considered. So I modified the program to
limit the range of input value as 0~100.
int main()
{
int x, y ;
int a, b, t ;
int gcd, lcm ;

scanf("%d", &x) ;
scanf("%d", &y) ;
if (x <= 0 || y <= 0) return 1 ;
if (x > 100 || y > 100) return 1 ;
a = x ; b = y ;
while (b != 0) {
t = b ;
 b = a % b ;
a = t ;
}
gcd = a ;
lcm = x * y / gcd ;

assert(lcm >= gcd) ;

}

Then, CBMC results that the program was verified successfully.