Hipster: Integrating Theory Exploration in a Proof Assistant Moa - - PowerPoint PPT Presentation

hipster integrating theory exploration in a proof
SMART_READER_LITE
LIVE PREVIEW

Hipster: Integrating Theory Exploration in a Proof Assistant Moa - - PowerPoint PPT Presentation

Aug 28, 2022 199 likes •359 views

Hipster: Integrating Theory Exploration in a Proof Assistant Moa Johansson Joint work with Dan Ros en, Nick Smallbone and Koen Claessen Chalmers University, Gothenburg, Sweden. Conference on Intelligent Computer Mathematics Coimbra,

slide-1
SLIDE 1

Hipster: Integrating Theory Exploration in a Proof Assistant

Moa Johansson Joint work with Dan Ros´ en, Nick Smallbone and Koen Claessen Chalmers University, Gothenburg, Sweden. Conference on Intelligent Computer Mathematics Coimbra, Portugal 9 July 2014

slide-2
SLIDE 2

Introduction: Theory Exploration

Theory Exploration Paradigm [Buchberger-2000]:

  • Theorems not proved in isolation.
  • Rather, explore whole theories:
  • Prove routine lemmas.
  • Proceed to more complex theorems.
  • Possibly backtrack and prove more lemmas.
  • New theories on top of old ones.
  • Interactive theorem proving:
  • Creative/hard steps left to user.
slide-3
SLIDE 3

Introduction: Theory Exploration

Theory Exploration Paradigm [Buchberger-2000]:

  • Theorems not proved in isolation.
  • Rather, explore whole theories:
  • Prove routine lemmas.
  • Proceed to more complex theorems.
  • Possibly backtrack and prove more lemmas.
  • New theories on top of old ones.
  • Interactive theorem proving:
  • Creative/hard steps left to user.

Our work: Automatically discover new and interesting lemmas in inductive theories.

slide-4
SLIDE 4

Inductive Theorem Proving and Theory Exploration

Example Domain: Proofs by induction

  • Often need lemmas (also needing induction).
  • Hard to find automatically, e.g. generalisations.
  • Bottom-up approach: Create richer background theory first.
slide-5
SLIDE 5

Inductive Theorem Proving and Theory Exploration

Example Domain: Proofs by induction

  • Often need lemmas (also needing induction).
  • Hard to find automatically, e.g. generalisations.
  • Bottom-up approach: Create richer background theory first.

Background: HipSpec

  • Inductive prover for Haskell.
  • Generate (equational) conjectures. Tested, not proved.
  • Apply induction, then call off the shelf FO-provers.
slide-6
SLIDE 6

Hipster: Theory Exploration for Isabelle/HOL

  • Translate Isabelle/HOL theory to Haskell.
  • Use conjecture generation from HipSpec.
  • Currently only equational conjectures.
  • Prove in Isabelle (LCF-style).
  • Keep interesting theorems (need induction).
  • Discard if trivial proof.
slide-7
SLIDE 7

Hipster: Theory Exploration for Isabelle/HOL

  • Translate Isabelle/HOL theory to Haskell.
  • Use conjecture generation from HipSpec.
  • Currently only equational conjectures.
  • Prove in Isabelle (LCF-style).
  • Keep interesting theorems (need induction).
  • Discard if trivial proof.

Demo: Exploring a theory about binary trees

slide-8
SLIDE 8

Hipster: Overview

Isabelle theory Code generator Theory exploration Conjectures Difficult reasoning Theorems

Proved Failed

Routine reasoning

Trivially proved? Discard

Haskell Program

slide-9
SLIDE 9

Conjecture Generation in Haskell

  • Set of functions and variables.
  • All type-correct terms up to given depth.
  • Testing (many) random ground instances.
  • Evaluate and divide equivalence classes.
slide-10
SLIDE 10

Conjecture Generation in Haskell

  • Set of functions and variables.
  • All type-correct terms up to given depth.
  • Testing (many) random ground instances.
  • Evaluate and divide equivalence classes.

Example: xs →[], ys →[a], zs →[b] Term Ground Instance Value (xs @ ys) @ zs xs @ (ys @ zs) xs @ [] xs

slide-11
SLIDE 11

Conjecture Generation in Haskell

  • Set of functions and variables.
  • All type-correct terms up to given depth.
  • Testing (many) random ground instances.
  • Evaluate and divide into equivalence classes.

Example: xs →[], ys →[a], zs →[b] Term Ground Instance Value (xs @ ys) @ zs ([] @ [a]) @ [b] xs @ (ys @ zs) [] @ ([a] @ [b]) xs @ [] [] @ [] xs []

slide-12
SLIDE 12

Conjecture Generation in Haskell

  • Set of functions and variables.
  • All type-correct terms up to given depth.
  • Testing (many) random ground instances.
  • Evaluate and divide into equivalence classes.

Example: xs →[], ys →[a], zs →[b] Term Ground Instance Value (xs @ ys) @ zs ([] @ [a]) @ [b] [a,b] xs @ (ys @ zs) [] @ ([a] @ [b]) [a,b] xs @ [] [] @ [] [] xs [] []

slide-13
SLIDE 13

Ongoing and Further Work

  • Experiments with different tactics for hard/routine reasoning.
  • Conditional lemmas:
  • Given a side condition, generate lemmas.
  • E.g. sorted(xs) ==> sorted(insert x xs)
slide-14
SLIDE 14

Conclusion

  • Automatically find and prove routine lemmas.
  • LCF-style re-checkable proofs.
  • Incremental exploration, store lemmas in libraries.
  • User can control search space.
  • Lemmas enhance automated tactics, e.g. Sledgehammer.