Automated Reasoning Rippling: Heuristic Guidance for Inductive - PowerPoint PPT Presentation

Automated Reasoning Rippling: Heuristic Guidance for Inductive Proof (II) Alan Bundy Automated Reasoning Rippling (II) Lecture 17, page 1

Ripple-Based Heuristics Induction Rules: choose induction which best supports rippling. Lemmas: design wave-rule to unblock ripple. Generalisation: generalise goal to allow wave-rule to apply. Automated Reasoning Rippling (II) Lecture 17, page 2

Induction Variable Selection ∀ t, l, m :list(nat). t @ (l @ m) = (t @ l) @ m t @ (l @ m) = t @ ( @ m) = t @ (l @ ) = m l t ( @ l) @ m (t @ ) @ m (t @ l) @ m l Automated Reasoning Rippling (II) Lecture 17, page 3

Induction Rules Available P (nil) h# t ∀ h : . ∀ t :list(  ) . ( P ( t ) → P ( )) _ # _ ∀ l :list(  ) . P ( l ) P (nil) ∀ h : . P ( h # nil) h 1 # h 2 # ∀ h 1 , h 2 : . ∀ t :list(  ) . ( P ( t ) → P ( )) t _ # _ # _ ∀ l :list(  ) . P ( l ) P (nil) ∀ h : . P ( h # nil) ∀ t 1 , t 2 :list(  ) . ( P ( t 1 ) ∧ P ( t 2 ) → P ( )) t 1 t 2 @ ... @ ... ∀ l :list(  ) . P ( l ) ... ... Automated Reasoning Rippling (II) Lecture 17, page 4

Ripple Analysis Wave Rule: ( ) @ Z ⇒ ( Y @ Z ) X # Y X # Wave Occurrences: ∀ t , l , m :list(nat). @ ( @ m ) = ( @ l ) @ m t t l Induction Variable: variable occurrences t all unflawed t is best choice since it l some unflawed, some flawed has the fewest flaws. all flawed m Induction Rule: Induction Rule Wave Rule ... ...#... suggests ... X # X # ... # ... induction rule. ... ...#...#... X 1 # X 2 # ... ... ...@... @ Automated Reasoning Rippling (II) Lecture 17, page 5

Failure of Rippling Analysis Conjecture: ∀ t , l :list (  ) . even ( len ( t @ l )) ↔ even ( len ( l @ t )) Wave-Rules: (1) X# Y X# ( Y @ Z ) ( ) @ Z ⇒ (2) even ( ) ⇒ even ( X ) s (s( )) X (3) len ( ) ⇒ H # T s ( ) len ( T ) (4) len ( L @ ) ⇒ H # T s ( ) len ( L @ T ) Step Case: using ... # ... induction on t . IH even ( len (( ) @ l )) ↔ even ( len ( l @ )) h# t h# t even ( len ( )) ↔ even ( ) h# ( t @ l ) s( ) len ( l @ t ) (1)+(4) ⇔ even ( ) ↔ even ( ) s( ) len ( t @ l ) s( ) len ( l @ t ) (3) ⇔ blocked blocked because only one-level look-ahead. Automated Reasoning Rippling (II) Lecture 17, page 6

Failure of Ripple Preconditions ● Precondition 1 is true: 1. The induction conclusion contains a wave-front. even ( ) ↔ ... s ( ) len ( t @ l ) (other side similar) ● Precondition 2 is false: 2. A wave-rule applies to this wave-front. However, there is a near miss: even ( ) ⇒ even ( X ) s(s( )) X ● Preconditions 3 and 4 are inapplicable. 3. Any condition is provable. 4. Inserted inwards wave-fronts contain a sink or an outwards wave-front. Automated Reasoning Rippling (II) Lecture 17, page 7

Induction Revision Critic Critic Invocation: Ind_Strat 1 Ind_Strat 2 Induction Base Step Symbolic Ripple Evaluation Wave Induction Blocked Critic Critic Applied: Ind_Strat 1 Ind_Strat 2 Induction now abandoned Base Step Automated Reasoning Rippling (II) Lecture 17, page 8

Patch: Re-Choose Induction Rule Blocked Goal: even ( ) ↔ ... s( ) len ( t @ l ) Desired Goal: even ( ) ↔ ... s(s( )) len ( t @ l ) Inwards Wave-Rules: H # ( T @ L ) ⇒ ( ) @ L (5) H # T s ( ) len ( T ) ⇒ len ( ) (6) H # T Calculation of New Induction Term: t even ( ) ↔ ... s(s( )) len ( @ l ) H 2 # t s( ) len ( ) ( @ l ) even ( ) ↔ ... (6) ⇔ even ( len ( )) ↔ ... H 1 # H 2 # t (6) ⇔ ( @ l ) (5) ⇔ even ( len ( )) ↔ ... H 1 # ( H 2 # t @ l ) suggests ... # ... # ... even ( len ( H 1 # H 2 # t @ l )) ↔ ... (5) ⇔ induction on t . Automated Reasoning Rippling (II) Lecture 17, page 9

Patch: Apply New Induction Rule New Induction Rule: ∀ h : . P ( h # nil), P (nil), h 1 # h 2 # ∀ h 1 : . ∀ h 2 : . ∀ t :list(  ) . P ( t ) → P ( ) t ∀ l :list(  ) . P ( l ) New Step Case: even ( len (( )@ l )) ↔ even ( len ( l @ )) t t h 1 # h 2 # h 1 # h 2 # IH (1) ⇔ even ( len ( )) ↔ even ( len ( l @ )) t h 1 # h 2 # h 2 # h 1 # ( @ l ) t h 2 # (3)+(4) ⇔ even ( ) ↔ even ( ) h 2 # s( ) len ( ) ( t @ l ) s( ) len ( l @ ) t even ( ) ↔ even ( ) (3)+(4) ⇔ len ( t @ l ) len ( l @ t ) s(s( )) s(s( )) (2) twice ⇔ even ( len ( t @ l )) ↔ even ( len ( l @ t )) Automated Reasoning Rippling (II) Lecture 17, page 10

Rippling Failure: Missing Wave-Rule Conjecture: ∀ n :nat. even ( n + n ) Wave-Rules: + Y ⇒ (7) s( ) X s( ) X + Y even ( ) ⇒ even ( X ) (8) s(s( )) X Induction Conclusion: even ( + ) s( ) n s( ) n (7) ⇔ even ( ) s( ) n + s( ) n blocked Automated Reasoning Rippling (II) Lecture 17, page 11

Failure of Ripple Precondition ● Precondition 1 is true: 1. The induction conclusion contains a wave-front. even ( ) s( ) n + s( ) n (in fact, two) ● Precondition 2 is false: 2. A wave-rule applies to this wave-front. (to neither of them) ● Preconditions 3 and 4 are inapplicable. 3. Any condition is provable. 4. Inserted inwards wave-fronts contain a sink or an outwards wave-front. Automated Reasoning Rippling (II) Lecture 17, page 12

Lemma Speculation Critic Critic Invocation: Ind_Strat 1 Induction Base Step Ripple Wave Lemma Blocked Critic Cut Critic Applied: Ind_Strat 1 Lemma Induction Base Step Ripple Wave Unblocked Automated Reasoning Rippling (II) Lecture 17, page 13

Patch: Lemma Speculation Blocked Goal: s( ) n + s( ) n even ( ) focus on innermost wave-front. Schematic Wave-Rule: X + ⇒ (8) s( ) Y F ( ) X + Y Continued Ripple: (8) ⇔ even ( ) n + n s( F ( )) (2) ⇔ even ( n + n ) where F =s. Final Wave-Rule: s( ) Y s( ) X + Y X + ⇒ which must now be proved. Automated Reasoning Rippling (II) Lecture 17, page 14

Rippling Failure: Missing Sink Conjecture: ∀ t :list( A ). rev ( t ) = qrev ( t ,nil) Wave-Rules: rev ( ) ⇒ (9) H # T @ ( H # nil) rev ( T ) qrev ( , L ) ⇒ qrev( T , ) (10) H # H # T L Induction Conclusion: h # t IH rev ( ) = qrev ( , nil) h # t (9) ⇔ = qrev ( , nil) h # t @ ( h # nil) rev ( t ) missing sink Automated Reasoning Rippling (II) Lecture 17, page 15

Failure of Ripple Preconditions ● Preconditions 1, 2 and 3 are true: 1. The induction conclusion contains a wave-front. ... = qrev ( , nil) h # t 2. A wave-rule applies to this wave-front. qrev ( , L ) ⇒ qrev ( T , ) H # H # T L 3. Any condition is provable – trivially, no condition. ● Precondition 4 is false. 4. Inserted inwards wave-fronts contain a sink or an outwards wave-front. ... = qrev ( t , ) h # nil Automated Reasoning Rippling (II) Lecture 17, page 16

Generalisation Critic Critic Invocation: Ind Strat 1 Ind Strat 2 Generalisation Induction Base Step Ripple Wave Gen. Blocked Critic Critic Applied: Ind Strat 1 Ind Strat 2 Generalisation now Cut abandoned Justification Generalised Conjecture Automated Reasoning Rippling (II) Lecture 17, page 17

Patch: Sink Speculation Original Conjecture: ∀ t :list( A ). rev ( t ) = qrev ( t ,nil) Disallowed Ripple: ... = qrev ( t , ) h # nil Schematic Conjecture: ∀ t :list( A ). ∀ l :list( A ). F ( rev ( t ), l ) = qrev ( t , G ( l )) Induction Hypothesis: F ( rev ( t ), L ) = qrev ( t , G ( L )) where F , G and L are meta-variables. Automated Reasoning Rippling (II) Lecture 17, page 18

Patch: Instantiating the Meta-Variables New Step Case: t l t h # h # F ( rev ( ), ) = qrev ( ,G( )) l F ( , ) = qrev ( t , ) rev ( t ) l @ ( h # nil) h # G ( ) l @ ( h # nil) rev ( t ) @ ( ) = qrev ( t , ) h # nil @ F '( , ) l rev ( t ) h # G ( ) l rev ( t ) @ ( ) = qrev ( t , ) @ ( h # nil) h # h # F '( , ) rev ( t ) l G ( ) l rev ( t ) @ ( ) = qrev ( t , ) h # l h # l where F = @ , F '( X , Y )= Y and G(X) = X Key Wave-Rule: Z ( ) @ Z ⇒ X @ @ Y Y @ X Generalised Conjecture: ∀ t :list( A ). ∀ l :list( A ). rev ( t ) @ l = qrev ( t , l ) Automated Reasoning Rippling (II) Lecture 17, page 19