Automated Reasoning Rippling: Heuristic Guidance for Inductive - - PowerPoint PPT Presentation

Automated Reasoning Lecture 17, page 1 Rippling (II)

Automated Reasoning Rippling: Heuristic Guidance for Inductive Proof (II)

Alan Bundy

Automated Reasoning Lecture 17, page 2 Rippling (II)

Ripple-Based Heuristics

Induction Rules: choose induction which best supports rippling. Lemmas: design wave-rule to unblock ripple. Generalisation: generalise goal to allow wave-rule to apply.

Automated Reasoning Lecture 17, page 3 Rippling (II)

Induction Variable Selection

∀ t, l, m:list(nat). t @ (l @ m) = (t @ l) @ m @ (l @ m) = t @ ( @ m) = t @ (l @ ) = ( @ l) @ m (t @ ) @ m (t @ l) @ t t l l m m

Automated Reasoning Lecture 17, page 4 Rippling (II)

Induction Rules Available

_ # _ _ # _ # _ ... @ ...

P(nil) ∀h:. P(h # nil) ∀h1, h2:. ∀t:list(). (P(t) → P( )) ∀l:list(). P(l) h1 # h2 #

t

P(nil) ∀h:. P(h # nil) ∀t1, t2:list(). (P(t1) ∧ P(t2) → P( )) ∀l:list(). P(l) @ t2 t1 P(nil) ∀h:. ∀t:list(). (P(t) → P( )) ∀l:list(). P(l) h#

t ... ...

Automated Reasoning Lecture 17, page 5 Rippling (II)

suggests

... # ... induction rule. X #

...

Ripple Analysis

Wave Rule: Wave Occurrences: ∀ t, l, m:list(nat). @ ( @ m) = ( @ l) @ m Induction Variable: Induction Rule:

X #

(Y @ Z) ( ) @ Z ⇒ X # Y

t is best choice since it has the fewest flaws.

variable

• ccurrences

t l all flawed all unflawed some unflawed, some flawed m

X #

...

X1 # X2 # @

... ... ...

Wave Rule Induction Rule

...#... ...#...#... ...@... t t l

Automated Reasoning Lecture 17, page 6 Rippling (II)

Failure of Rippling Analysis

Conjecture: ∀t, l:list(). even(len(t @ l)) ↔ even(len(l @ t)) Wave-Rules: Step Case: using ... # ... induction on t.

IH

(1)+(4)⇔ (3)⇔

because only one-level look-ahead. even( ) ⇒ even(X) s(s( )) X len( ) ⇒ H # T s( ) len(T) s( ) len(L @ T) len(L @ ) ⇒ H # T X# (Y @ Z) ( ) @ Z ⇒ X# Y even(len(( ) @ l ))↔ even(len(l @ )) h# t h# t even(len( ))↔ even( ) h# (t @ l) s( ) len(l @ t) even( ) ↔ even( ) s( ) len(t @ l) s( ) len(l @ t)

blocked blocked

(1) (2) (3) (4)

Automated Reasoning Lecture 17, page 7 Rippling (II)

Failure of Ripple Preconditions

• Precondition 1 is true:
• 1. The induction conclusion contains a wave-front.

(other side similar)

• Precondition 2 is false:
• 2. A wave-rule applies to this wave-front.

However, there is a near miss:

• Preconditions 3 and 4 are inapplicable.
• 3. Any condition is provable.
• 4. Inserted inwards wave-fronts contain a sink or an
• utwards wave-front.

even( ) ↔ ... s( )

len(t @ l)

even( ) ⇒ even(X) s(s( )) X

Automated Reasoning Lecture 17, page 8 Rippling (II)

Ind_Strat 1

Induction Revision Critic

Induction Base Symbolic Evaluation Step Ripple Induction Critic Wave Blocked Ind_Strat 2 Ind_Strat 2 Ind_Strat 1 now abandoned Induction Base Step

Critic Invocation: Critic Applied:

Automated Reasoning Lecture 17, page 9 Rippling (II)

Patch: Re-Choose Induction Rule

Blocked Goal: Desired Goal: Inwards Wave-Rules: Calculation of New Induction Term:

(6)⇔ (6)⇔ (5)⇔ (5)⇔

even( )↔ ... s( ) len(t @ l) even( )↔ ... s(s( )) len(t @ l) H # (T @ L) ⇒ ( ) @ L (5) H # T ⇒ len( ) (6) H # T s( ) len(T) even( )↔ ... s(s( )) len( @ l) even( ) ↔ ... even(len( )) ↔ ... H1 # H2 # ( @ l) even(len( ))↔ ... even(len( H1 # H2 # t @ l)) ↔ ... t s( ) len( ) H2 # ( @ l) t t H1 # ( H2 # t @ l)

suggests ... # ... # ... induction on t.

Automated Reasoning Lecture 17, page 10 Rippling (II)

(3)+(4)⇔even( ) ↔ even( )

s( ) len( ) h2 #

IH

even(len(( )@ l)) ↔ even(len(l @ ))

h1 # h2 #

Patch: Apply New Induction Rule

New Induction Rule: New Step Case:

(1)⇔ even(len( )) ↔ even(len(l @ ))

h1 # ( @ l )

h2 #

t

t

h1 # h2 #

t

h1 # h2 #

t

(t @ l) s( ) len( l @ ) h2 # t

(3)+(4)⇔

even( ) ↔ even( ) s(s( )) len(t @ l) s(s( )) len(l @ t)

(2) twice ⇔

even(len(t @ l)) ↔ even(len(l @ t))

P(nil), ∀h:. P(h # nil), ∀h1:.∀h2:.∀t:list(). P(t) → P( ) ∀l:list(). P(l) h1 # h2 #

t

Automated Reasoning Lecture 17, page 11 Rippling (II)

Conjecture: ∀n:nat. even(n + n) Wave-Rules: + Y ⇒ (7)

even( ) ⇒ even(X) (8)

Induction Conclusion:

even( + ) (7)⇔ even( ) s(s( ))

Rippling Failure: Missing Wave-Rule

s( ) X s( ) X + Y X s( ) n s( ) n s( ) n + s( ) n

blocked

Automated Reasoning Lecture 17, page 12 Rippling (II)

even( )

Failure of Ripple Precondition

• Precondition 1 is true:
• 1. The induction conclusion contains a wave-front.

(in fact, two)

• Precondition 2 is false:
• 2. A wave-rule applies to this wave-front.

(to neither of them)

• Preconditions 3 and 4 are inapplicable.
• 3. Any condition is provable.
• 4. Inserted inwards wave-fronts contain a sink or an
• utwards wave-front.

s( ) n + s( ) n

Automated Reasoning Lecture 17, page 13 Rippling (II)

Ind_Strat 1

Lemma Speculation Critic

Induction Base Step Ripple Lemma Critic Wave Blocked

Critic Invocation: Critic Applied:

Ind_Strat 1 Induction Base Step Ripple Wave Unblocked Lemma Cut

Automated Reasoning Lecture 17, page 14 Rippling (II)

X + ⇒

(8)⇔ even( )

X + ⇒ (8) even( )

Patch: Lemma Speculation

Blocked Goal: focus on innermost wave-front. Schematic Wave-Rule: Continued Ripple: where F=s. Final Wave-Rule: which must now be proved. s( ) n + s( ) n s( ) Y F( ) X + Y s(F( )) n + n

(2)⇔

even ( n + n) s( ) Y s( ) X + Y

Automated Reasoning Lecture 17, page 15 Rippling (II)

qrev( , L ) ⇒ qrev(T, ) (10) H # rev( ) ⇒ (9)

Rippling Failure: Missing Sink

Conjecture: ∀t:list(A). rev(t) = qrev(t,nil) Wave-Rules: Induction Conclusion:

@ (H # nil) rev(T) H # T H # T L IH rev( ) = h # t qrev( , nil) h # t @ (h # nil) rev(t)

(9)⇔ = qrev( , nil)

h # t

missing sink

Automated Reasoning Lecture 17, page 16 Rippling (II)

qrev( , L ) ⇒ qrev(T, ) ... = qrev(t, )

Failure of Ripple Preconditions

• Preconditions 1, 2 and 3 are true:
• 1. The induction conclusion contains a wave-front.
• 2. A wave-rule applies to this wave-front.
• 3. Any condition is provable – trivially, no condition.
• Precondition 4 is false.
• 4. Inserted inwards wave-fronts contain a sink or an
• utwards wave-front.

... = qrev( , nil) h # t H # H # T L h # nil

Automated Reasoning Lecture 17, page 17 Rippling (II)

Ind Strat 1

Generalisation Critic

Induction Base Step Ripple Gen. Critic Wave Blocked

Critic Invocation: Critic Applied:

Ind Strat 2 Generalisation Ind Strat 1 now abandoned Ind Strat 2 Generalisation Justification Generalised Conjecture Cut

Automated Reasoning Lecture 17, page 18 Rippling (II)

Patch: Sink Speculation

Original Conjecture: ∀t:list(A). rev(t) = qrev(t,nil) Disallowed Ripple: Schematic Conjecture: Induction Hypothesis: where F, G and L are meta-variables.

... = qrev(t, ) h # nil ∀t:list(A). ∀l:list(A). F(rev(t), l) = qrev(t, G(l)) F(rev(t), L) = qrev(t, G(L))

Automated Reasoning Lecture 17, page 19 Rippling (II)

Y @

Patch: Instantiating the Meta-Variables

New Step Case: where F = @, F'(X,Y)= Y and G(X) = X Key Wave-Rule: Generalised Conjecture:

∀t:list(A). ∀l:list(A). rev(t) @ l = qrev(t,l)

Z ( ) @ Z ⇒ X @ @Y X

F(rev( ), ) = qrev( ,G( )) h #

t

rev(t) @ ( ) = qrev(t, ) h # nil @ F'( , )

@ (h # nil)

rev(t) l h #

t

F( , ) = qrev(t, )

@ (h # nil) rev(t) rev(t) @ ( ) = qrev(t, ) l l h # G( ) l l h # G( ) l rev(t) @ ( ) = qrev(t, ) h # F'( , )

@ (h # nil)

rev(t) l h # G( ) l h # l h # l

Automated Reasoning Lecture 17, page 20 Rippling (II)

Pattern of Failure Suggests Patch

✿=success ❍=partial success =failure

Automated Reasoning Lecture 17, page 21 Rippling (II)

Results: Selected Conjectures 1

(i) induction revision, (ii) lemma discovery No. Conjecture (ii) T3 L1 T4 L2 T5 L3 T8 L4, L5 T10 rev(rev(X)) = X L8 T11 rev(rev(X) @ rev(Y)) = Y @ X L9, L10 T12 L11 T13 half(X + X) = X L1 T14 L12 T16 even(X + X) L1 T21 L11, L13 T22 ✿ L14 T23 ✿ L15 T26 half(X + Y) = half(Y + X) ✿ L17 (i) len(X @ Y) = len(Y) + len(X) len(X @ X) = double(len(X)) len(rev(X)) = len(X) nth(X, nth(Y,Z)) = nth(Y, nth(X,Z)) qrev(X,Y) = rev(X) @ Y

• rdered(isort(X))

rotate(len(X), X @ Y) = Y @ X even(len(X @ Y)) ↔ even(len(Y @ X)) half(len(X @ Y)) = half(len(Y @ X))

Automated Reasoning Lecture 17, page 22 Rippling (II)

Results: Selected Conjectures 2

(ii) lemma discovery, (iii) generalization, (iv) case-split No. Conjecture (ii) (iii) (iv) T27 G1 T29 G3, G4 T30 rev(rev(x) @ nil) = X G5, G6 T32 G9 T33 G10 T35 G12 T36 ✿ T39 ✿ T40 ✿ T42 ✿ T45 ✿ T48 L18 ✿ T49 L19 ✿ T50 L20, L21 ✿ rev(X) = qrev(X,nil) rev(qrev(X,nil)) = X rotate(len(X),X) = X fact(X) = qfact(X,1) exp(X,Y) = qexp(X,Y,1) X ∈ Y  X ∈ (Y @ Z) X ∈ nth(Y,Z)  X ∈ Z X ⊆ Y  (X  Y = Y) X ∈ Y  X ∈ (Y  Z) X ∈ insert(X,Y) len(isort(X)) = len(X) X ∈ isort(Y)  X ∈ Y count(X,isort(Y)) = count(X,Y)

Automated Reasoning Lecture 17, page 23 Rippling (II)

Results: Selected Lemmata

L3 L5 L8 L10 rev((X @ (Y#nil)) @ nil = Y#rev(X @ nil) L11 (X @ (Y#nil)) @ Z = X @ (Y#Z) L12 L14 L15 L16 L17 half(X + s(s(Y))) = s(half(X + Y)) L18 L19 L20 count(X, insert(X,Y)) = s(count(X,Y)) L21 L22 (X @ Y) @ Z = X @ (Y @ Z) L23 L24 (X + Y) + Z = X + (Y + Z) len(X @ Y#nil) = s(len(X)) nth(s(V), nth(s(W), X#Y#Z)) = nth(s(V), nth(W, Y#Z)) rev(X @(Y#nil)) = Y#ev(X)

• rdered(Y)  ordered(insert(X,Y))

even(len(W @ Z))  even(len(W @ X#Y#Z)) len(X @ Y#Z#nil) = s(s(len(X)) even(X + Y)  even(X + s(s(Y))) len(insert(X,Y)) = s(len(Y)) X ≠ Y  (X ∈ insert(Y,Z)  X ∈ Z) X ≠ Y  (count(X, insert(Y,Z)) = count(X,Z)) (X * Y) * Z = X * (Y * Z)

Automated Reasoning Lecture 17, page 24 Rippling (II)

Results: Generalisations

G1 L22 G2 L22 G3 L11 G4 L8, L11 G5 rev(rev(X) @ Y) = rev(Y) @ X L11 G6 rev(rev(X) @ rev(Y)) = Y @ X L8, L11 G7 L11 G8 L8, L11 G9 L11, L22 G10 L23 G11 L24 G12 L23 rev(X) @ Y = qrev(X,Y) revflat(X) @ Y = qrevflat(X,Y) rev(qrev(X,Y)) = rev(Y) @ X rev(qrev(X,rev(Y))) = Y @ X qrev(qrev(X,Y),nil) = rev(Y) @ X qrev(qrev(X,rev(Y)),nil) = Y @ X rotate(len(X), X @ Y) = Y @ X fac(X) * Y = qfac(X,Y) (X * Y) + Z = mult(X,Y,Z) exp(X,Y) * Z = qexp(X,Y,Z)

Automated Reasoning Lecture 17, page 25 Rippling (II)

Summary

• Ripple analysis: Induction rules chosen to suit

rippling.

• Different patterns of proof breakdown suggest

different patches.

• Ripple breakdowns suggest: induction revision;

lemma speculation, case split or generalisation.

• Implemented via proof planning with critics.