Presentation is loading. Please wait.

Presentation is loading. Please wait.

Going back to techniques Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Going back to techniques Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain."— Presentation transcript:

1 Going back to techniques Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search strategy E-graph Today: rewrite rules Communication between decision procedures and between prover and decision procedures DPLL Backtracking Incremental SAT Matching Natural deduction Sequents Tactics & Tacticals Resolution Next class

2 Rewrite rules

3 Equality We’ve seen one way of dealing with equality in this class: the E-graph Another way to deal with equalities is to treat them as rewrite rules An equality a = b can be used either as the rewrite rule a ! b or b ! a

4 Plan First, we’ll see how rewrite rules are used in a few system –We’ll see some of the issues that come up Then we’ll dig into the details –Formal foundations: rewrite systems This is a huge area of work and research –We’ll see the snowflake on the tip of the iceberg

5 Rewrite rules in resolution Show that the following is unsat: –{ P(1), : P(f(0)), f(0) = 1 }

6 Rewrite rules in resolution Show that the following is unsat: –{ P(1), : P(f(0)), f(0) = 1 } This technique is called demodulation

7 Resolution: another example Show that the following is unsat: –{ P(0), : P(f(0)), f(0) = 0 }

8 Resolution: another example Show that the following is unsat: –{ P(0), : P(f(0)), f(0) = 0 } Which direction to pick –In the first example, can choose f(1) ! 1 or 1 ! f(1) –In the second example, pick f(0) ! 0 Termination issues are cropping up

9 Rewrite rules in ACL2 Recall ACL2 architecture: –Given a goal formula, try to apply various techniques in turn. Each technique generates sub-goals. Recurse on sub-goals. Techniques: –Simplification –Instantiating known theorems –Term rewriting –As a last resort, induction

10 Rewrite rules in ACL2 Rewrite rules in ACL2 are guarded A rewrite rule is a lemma of the form: – h 1 Æ … Æ h n ) a = b Here again, must pick a direction for the equality –Try to rewrite more “complicated” terms to “simpler” terms

11 Rewrite rules in ACL2 ACL2 also uses local equality assumptions for performing rewrites If lhs = rhs appears as a hypothesis in the goal, then replace lhs with rhs in rest of goal Boyer and Moore call this cross-fertilization More local than having rewrite lemmas

12 Performance issues Heuristics for termination –Decreasing measure (guarantees termination “statically”) –Detect infinite loops and stop (can detect loops in the terms, or loops in the application of rules) –Or just have a timeout One can also cache the results of rewriting –Rewriting can be expensive

13 Moving to the formal details… We’ve seen some intuition for where to use rewrite rules Now, let’s see some of the details Rewrite rules have been studied in the context of term rewrite systems, which to are just sets of rewrite rules

14 Term rewrite systems A term rewrite system is a pair (T, R), where T is a set of terms and R is a set of rewrite rules of the form l 1 ! l 2 T should actually be an algebra signature, but for our purposes, thinking of T as a set of terms is good enough Rewrite rules can have free variables, but variables on the rhs must be a subset of variables on the lhs

15 Example 0 + y ! y s(x) + y ! s(x + y) fib(0) ! 0 fib(s(0)) ! s(0) fib(s(s(x))) ! fib(s(x)) + fib(x) Run on: fib(s(s(s(0)))

16 Example 0 + y ! y s(x) + y ! s(x + y) fib(0) ! 0 fib(s(0)) ! s(0) fib(s(s(x))) ! fib(s(x)) + fib(x) Run on: fib(s(s(s(0)))

17 A single rewrite step We write t 1 ! t 2 to mean that term t 1 rewrites to term t 2 –s(0 + s(0)) ! s(s(0)) Notice that the rewrite rule can be implied to a sub-term! We need a way to formalize this

18 Contexts A context C[ ¢ ] is a term with a “hole” in it: –C[ ¢ ] = s(0 + ¢ ) The whole can be filled: –C[s(0)] = s(0 + s(0)) When we write t 1 = C[t 2 ], it means that term t 2 appears inside t 1, and C is the context inside which t 2 appears

19 A single rewrite step t 1 ! t 2 iff there exists a context C, and a rewrite rule l 1 ! l 2 such that:

20 A single rewrite step t 1 ! t 2 iff there exists a context C, and a rewrite rule l 1 ! l 2 such that: –t 1 = C[l 1 ] –t 2 = C[l 2 ] Can we show: –s(0 + s(0)) ! s(s(0)) –from rewrite rule s(x) + y ! s(x + y)

21 A single rewrite step t 1 ! t 2 iff there exists a context C, a term t, a substitution , and a rewrite rule l 1 ! l 2 such that:

22 A single rewrite step t 1 ! t 2 iff there exists a context C, a term t, a substitution , and a rewrite rule l 1 ! l 2 such that: –t 1 = C[t] –  = unify(l 1, t) –t 2 = C[  ( l 2 )]

23 Transitive closure of rewrites ! * is the reflexive transitive closure of ! Another way to say the same: we write t 1 ! * t 2 to mean that there exists a possibly empty sequence s 0 … s n such that: – t 1 ! s 0 ! … ! s n ! t 2

24 Termination An term t is normal form or is irreducible if there is no term t’ such that t ! t’ A rewrite system (T, R) is normalizing (also called weakly normalizing) if every t 2 T has a normal form A rewrite system (T,R) is terminating (also called strongly normalizing) if there is no term t 2 T that will rewrite forever What is the difference between strong and weak normalization?

25 Termination One technique for showing termination: assign a measure to each term, and show that rewrite rules strictly decrease the measure Example: s(p(x)) ! x p(s(x)) ! x minus(0) ! 0 minus(s(x)) ! p(minus(x))

26 Termination Termination guarantees normalization However, it does not guarantee that there is a unique normal form for a given term We would like to have this additional uniqueness property Confluence is the additional property we need

27 Confluence Local confluence: for all terms a,b and c, if a ! b and a ! c, then there exists a term d such that b ! * d and c ! * d a bc d * *

28 Confluence Local confluence: for all terms a,b and c, if a ! b and a ! c, then there exists a term d such that b ! * d and c ! * d a bc d Global confluence: for all terms a,b and c, if a ! * b and a ! * c, then there exists a term d such that b ! * d and c ! * d * * a bc d * * * *

29 Confluence Local confluence: for all terms a,b and c, if a ! b and a ! c, then there exists a term d such that b ! * d and c ! * d a bc d Global confluence: for all terms a,b and c, if a ! * b and a ! * c, then there exists a term d such that b ! * d and c ! * d * * a bc d * * * * when there exists a d such that b ! * d and c ! * d, we say that b and c are joinable

30 Relation between local and global Theorem: for a terminating system, local confluence implies global confluence Proof by picture…

31 Proof by picture

32

33 Canonical systems A terminating and confluent system is canonical, meaning that each term has a unique canonical form Simple decision procedure for such systems To determine t 1 = t 2 :

34 Canonical systems A terminating and confluent system is canonical, meaning that each term has a unique canonical form Simple decision procedure for such systems: To determine t 1 = t 2 :

35 Determining confluence We would like an algorithm for determining whether a terminating system is confluent To do this, we need to define the notion of critical pair

36 Critical pairs Let l 1 ! r 1 and l 2 ! r 2 be rewrite rules that have no variables in common (rename vars if needed) Suppose l 1 = C[t] such that t is a non-trivial term (not a variable), and such that  = unify(t,l 2 ) Then (  (C[r 2 ]),  (r 1 )) is a critical pair The intuition is that a critical pair represents a choice point: given a term l 1 =C[l 2 ], we can either apply l 1 ! r 1 to get r 1, or we can apply l 2 ! r 2 to get C[r 2 ]

37 Critical pairs: example b(w(x)) ! w(w(w(b(x)))) w(b(y)) ! b(y) b(b(z)) ! w(w(w(w(z))))

38 Critical pairs: example b(w(x)) ! w(w(w(b(x)))) w(b(y)) ! b(y) b(b(z)) ! w(w(w(w(z))))

39 Critical pairs: another example s(p(x)) ! x p(s(x)) ! x minus(0) ! 0 minus(s(x)) ! p(minus(x))

40 Critical pairs: another example s(p(x)) ! x p(s(x)) ! x minus(0) ! 0 minus(s(x)) ! p(minus(x))

41 Critical pairs Theorem: A term rewrite system is locally confluent if and only if all its critical pairs are joinable Recall the meaning of joinable: b and c are joinable if there exists a d such that b ! * d and c ! * d Corollary: A terminating rewrite system is confluent if and only if all its critical pairs are joinable

42 Algorithm for deciding confluence Given a terminating rewrite system, find all critical pairs, and call this set CR

43 Algorithm for deciding confluence Given a terminating rewrite system, find all critical pairs, and call this set CR For each pair (s,t) 2 CR: –Find all the normal forms of s and t –Note: s and t are guaranteed to have normal forms because the system is terminating.

44 Algorithm for deciding confluence Given a terminating rewrite system, find all critical pairs, and call this set CR For each pair (s,t) 2 CR: –Find all the normal forms of s and t

45 Algorithm for deciding confluence Given a terminating rewrite system, find all critical pairs, and call this set CR For each pair (s,t) 2 CR: –Find all the normal forms of s and t –Let NS be the set of normal forms of s and NT be the set of normal forms of t

46 Algorithm for deciding confluence Given a terminating rewrite system, find all critical pairs, and call this set CR For each pair (s,t) 2 CR: –Find all the normal forms of s and t –Let NS be the set of normal forms of s and NT be the set of normal forms of t –If sizeof(NS) > 1 or sizeof(NT) > 1 return “NOT CONFLUENT” –(more than one normal form implies NOT confluent since confluence would imply unique normal form)

47 Algorithm for deciding confluence Given a terminating rewrite system, find all critical pairs, and call this set CR For each pair (s,t) 2 CR: –Find all the normal forms of s and t –Let NS be the set of normal forms of s and NT be the set of normal forms of t –If sizeof(NS) > 1 or sizeof(NT) > 1 return “NOT CONFLUENT” –If NS and NT are disjoint, return “NOT CONFLUENT” Return “CONFLUENT”

48 What if the system is not confluent?

49 If we find a critical pair such that the normal forms are disjoint, add additional rewrite rules This is called the Knuth-Bendix completion procedure

50 Knuth-Bendix completion procedure Given a terminating rewrite system, find all critical pairs, and call this set CR While there exists a critical pair (s,t) 2 CR such that the normal forms NS of s and the normals forms NT of t are disjoint: –For each s’ in NS, and for each term t’ in NT, add the rewrite rule s’ ! t’

51 Knuth-Bendix completion procedure Given a terminating rewrite system, find all critical pairs, and call this set CR While there exists a critical pair (s,t) 2 CR such that the normal forms NS of s and the normals forms NT of t are disjoint: –For each s’ in NS, and for each term t’ in NT, add the rewrite rule s’ ! t’ Subtlety: should we add s’ ! t’, or t’ ! s’? Completion algorithm also takes a “reduction order” as an argument Algorithm fails if s’ and t’ have the same reduction order

52 Knuth-Bendix completion procedure Three possible outcomes: –Terminates with success, yielding a terminating confluent rewrite system that is equivalent to the original rewrite system (in terms of equalities that are provable) –Terminate with a failure –Does not terminate

53 Example s(p(x)) ! x p(s(x)) ! x minus(0) ! 0 minus(s(x)) ! p(minus(x))

54 Example s(p(x)) ! x p(s(x)) ! x minus(0) ! 0 minus(s(x)) ! p(minus(x))

55 Inductionless induction Technique introduced by Musser in 1980 for proving properties of inductive structures Latter became known as inductionless induction, because it allows one to prove, without using induction, properties that look as though they would require induction

56 Inductionless induction The general idea is to prove statements by consistency checking –add the statement to be proven as an axiom to the base theory, and see if the resulting theory is consistent. –If it is, then conclude that the statement holds; if it doesn’t, then conclude that the statement doesn’t hold This approach is not sound in general, but it works in restricted cases

57 Inductionless induction Musser showed that this approach works for equality theories in the following sense: –if (1) A is a set of equality axioms about some abstract data type, one is which are booleans (with true and false) –(2) these abstract data types are fully specified by A (exact definition not important here, but essentially this guarantees a certain form of modularity between the defined types) –(3) A [ {t 1 = t 2 } is consisten, then A ² t 1 = t 2 so why are we seeing this today with rewrite systems, and not next class, with induction?

58 Use Knuth-Bendix Show that A [ { t 1 = t 2 } consistent or inconsistent using the Knuth-Bendix completion procedure Suppose A has already been converted to a canonical rewrite system (using Knuth-Bendix, for example), and that A has been shown to fully specify the abstract data types it mentions (there are automatic ways of doing this) To attempt to prove t 1 = t 2, one adds either t 1 ! t 2 or t 2 ! t 1 to the system, and then we run Knuth-Bendix

59 Three possible outcomes If the completion procedure finishes with a rewrite system that does not contain the rule true ! false, then t 1 = t 2 is entailed by A If the completion procedure finishes with a rewrite system that contains the rule true ! false, then t 1 = t 2 is not entailed by A If the completion procedure fails or runs forever, nothing can be concluded

60 Example Types: –x : character, s : string, s’ : string –null : string (empty string) –s::x : string (s with character x added at the end) –x::s : string (s with character x added to the front) –s + s’ : string (concatentation of s and s’) –isNull(s) : boolean

61 Example Axioms (axioms for booleans not shown) (s = s) = true (null = s+x) = false (s+x = null) = false (s+x = s’+x’) = (x = x’) and (s = s’) x::null = null::s x::(s::x’) = (x::s)::x’ null + s = s (s::x’) + s’ = s + (x’::s’) isnull(null) = true isnull(s::x) = false

62 Example Show: s + (s’::x) = (s+s’)::x One would usually prove this by induction on the size of s Using inductionless induction: –add s + (s’::x) ! (s+s’)::x as a rewrite rule –Knuth-Bendix doesn’t add any new rules (trust me…) –So s + (s’::x) = (s+s’)::x holds

63 Example Try to show: s + null = null Add s + null ! null Critical pair with: (s+x = null) ! false

64 Example Try to show: s + null = null Add s + null ! null Critical pair with: (s+x = null) ! false In this case, Knuth-Bendix derives true ! false: s + null = null does not hold

Download ppt "Going back to techniques Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain."

Similar presentations

The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.

The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Programmed Strategies for Program Verification Richard B. Kieburtz OHSU/OGI School of Science and Engineering and Portland State University.

Programmed Strategies for Program Verification Richard B. Kieburtz OHSU/OGI School of Science and Engineering and Portland State University.
Completeness and Expressiveness

Completeness and Expressiveness
Some important properties Lectures of Prof. Doron Peled, Bar Ilan University.

Some important properties Lectures of Prof. Doron Peled, Bar Ilan University.
In this episode of The Verification Corner, Rustan Leino talks about Loop Invariants. He gives a brief summary of the theoretical foundations and shows.

In this episode of The Verification Corner, Rustan Leino talks about Loop Invariants. He gives a brief summary of the theoretical foundations and shows.
Chapter Three: Closure Properties for Regular Languages

Chapter Three: Closure Properties for Regular Languages
10 October 2006 Foundations of Logic and Constraint Programming 1 Unification ­An overview Need for Unification Ranked alfabeths and terms. Substitutions.

10 October 2006 Foundations of Logic and Constraint Programming 1 Unification ­An overview Need for Unification Ranked alfabeths and terms. Substitutions.
C O N T E X T - F R E E LANGUAGES ( use a grammar to describe a language) 1.

C O N T E X T - F R E E LANGUAGES ( use a grammar to describe a language) 1.
UIUC CS 497: Section EA Lecture #2 Reasoning in Artificial Intelligence Professor: Eyal Amir Spring Semester 2004.

UIUC CS 497: Section EA Lecture #2 Reasoning in Artificial Intelligence Professor: Eyal Amir Spring Semester 2004.
Automated Reasoning Systems For first order Predicate Logic.

Automated Reasoning Systems For first order Predicate Logic.
Inference and Reasoning. Basic Idea Given a set of statements, does a new statement logically follow from this. For example If an animal has wings and.

Inference and Reasoning. Basic Idea Given a set of statements, does a new statement logically follow from this. For example If an animal has wings and.
Copyright © Cengage Learning. All rights reserved.

Copyright © Cengage Learning. All rights reserved.
1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.
1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.
Introduction to Computability Theory

Introduction to Computability Theory
Plan for today Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search.

Plan for today Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search.
What’s left in the course. The course in a nutshell Logics Techniques Applications.

What’s left in the course. The course in a nutshell Logics Techniques Applications.
Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.

Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.
Last time Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search strategy.

Last time Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search strategy.

Similar presentations

Ads by Google