Certification of Classical Confluence Results for Left-Linear Term - PowerPoint PPT Presentation

Certification of Classical Confluence Results for Left-Linear Term Rewrite Systems Aart Middeldorp Julian Nagele Department of Computer Science University of Innsbruck ITP 2016 August 23, 2016

Introduction Rewriting • simple computational model for equational reasoning • widely used in proof assistants, functional programming,. . . • this talk: untyped first-order term rewriting Confluence Criteria Knuth and Bendix, orthogonality, strongly/parallel/development · closed critical pairs, decreasing diagrams (rule labeling), ∗ ∗ parallel and simultaneous critical pairs, divide and conquer techniques (commutation, layer preservation, order-sorted · · CR decomposition), decision procedures, depth/weight preservation, reduction-preserving completion, Church-Rosser modulo, ∗ ∗ relative termination and extended critical pairs, non-confluence · techniques (tcap, tree automata, interpretation), . . . JN & AM (UIBK) Certification of Classical Confluence Results 2/15

Introduction Reliable Automatic Confluence Analysis TRS algorithms & techniques Literature Confluence Tool theorems & proofs Isabelle/HOL XML Proof code generation & IsaFoR Ce T A Haskell compiler accept/reject JN & AM (UIBK) Certification of Classical Confluence Results 3/15

Critical Pairs Critical Pairs Definition → is strongly confluent if ← · → ⊆ → ∗ · = ← Definition critical overlap ( ℓ 1 → r 1 , C , ℓ 2 → r 2 ) µ consists of • (variable disjoint variants of) rules ℓ 1 → r 1 , ℓ 2 → r 2 • context C , such that ℓ 2 = C [ ℓ ′ ] with ℓ ′ / ∈ V and mgu( ℓ 1 , ℓ ′ ) = µ then C µ [ r 1 µ ] ← ⋊ → r 2 µ is critical pair Theorem (Huet) If TRS R is linear and s → = · ∗ ← t and s → ∗ · = ← t for all t ← ⋊ → s then → R is strongly confluent JN & AM (UIBK) Certification of Classical Confluence Results 4/15

Critical Pairs Proof by Picture JN & AM (UIBK) Certification of Classical Confluence Results 5/15

Critical Pairs Proof by Picture = JN & AM (UIBK) Certification of Classical Confluence Results 5/15

Critical Pairs Proof by Picture = * JN & AM (UIBK) Certification of Classical Confluence Results 5/15

Critical Pairs Critical Pairs Example • TRS R f(f( x , y ) , z ) → f( x , f( y , z )) f( x , y ) → f( y , x ) • 4 non-trivial critical pairs f(f( x , f( y , z )) , v ) ← ⋊ → f(f( x , y ) , f( z , v )) f( x , f( y , z )) ← ⋊ → f( z , f( x , y )) f( z , f( x , y )) ← ⋊ → f( x , f( y , z )) f(f( y , x ) , z ) ← ⋊ → f( x , f( y , z )) • are strongly closed, hence R is (strongly) confluent Remark Right-linearity is a rather unnatural restriction Theorem (Huet) If R is left-linear and s − → ∥ t for all s ← ⋊ → t then − → ∥ has the diamond property JN & AM (UIBK) Certification of Classical Confluence Results 6/15

Critical Pairs Proof by Picture ∥ ∥ ∥ ∥ IH ∥ ∥ JN & AM (UIBK) Certification of Classical Confluence Results 7/15

Critical Pairs Parallel Rewriting and Measuring Overlap Definitions (Huet) { p 1 ,..., p n } t if p i � p j for i � = j and s | p i → ǫ t | p i for all 1 � i , j � n • s − − − − − − → ∥ � P 1 � P 2 • overlap of peak is � H ← ∥ s − − → = � q ∈ Q | s | q | where ∥ • Q = { p 1 ∈ P 1 | ∃ p 2 ∈ P 2 . p 2 � p 1 } ∪ { p 2 ∈ P 2 | ∃ p 1 ∈ P 1 . p 1 � p 2 } • book keeping required by sets of positions and reasoning about � H in Isabelle became convoluted, inelegant, and in the end unmanageable Definitions (Toyama) s 1 ,..., s n C [ t 1 , . . . , t n ] if s i → ǫ t i for all 1 � i � n • C [ s 1 , . . . , s n ] − − − − → ∥ � t 1 ,..., t n u 1 ,..., u m � • overlap of peak is � T = � ← − − − − s − − − − − → s ∈ S | s | where ∥ ∥ • S = { u i | ∃ t j . u i ✂ t j } ∪ { t j | ∃ u i . t j ✂ u i } JN & AM (UIBK) Certification of Classical Confluence Results 8/15

Critical Pairs Example • TRS R f(a , a , b , b) → f(c , c , c , c) a → b a → c b → a b → c • peak after closing critical pair f(a , a , b , b) f(c , c , c , c) ∥ f(b , a , b , b) ∥ f(b , b , a , a) � � f(a , a , b , b) a , a , b , b • � T ← − − − − f(a , a , b , b) − − − − − → = 2 since S = { a , b } ∪ ∅ ∥ ∥ � a , b , b b , a , b , b � • � T ← − − − f(b , a , b , b) − − − − → = 2 since S = { a , b } ∪ { a , b } ∥ ∥ JN & AM (UIBK) Certification of Classical Confluence Results 9/15

Critical Pairs Measuring Overlap in IsaFoR Definition Overapproximation of overlap between two parallel steps is multiset defined by � ✷ , a ✷ , b � � ← − − s − − → = { s } ∥ ∥ � C , a 1 ,..., a c � ✷ , b � ← − − − − − − − − → = { a 1 , . . . , a c } s ∥ ∥ � ✷ , a D , b 1 ,..., b d � � ← − − s − − − − − − → = { b 1 , . . . , b d } ∥ ∥ n � � � � f ( C 1 ,..., C n ) , a f ( D 1 ,..., D n ) , b C i , a i D i , b i � � � ← − − − − − − − − f ( s 1 , . . . , s n ) − − − − − − − − → = ← − − − s i − − − → ∥ ∥ ∥ ∥ i =1 where a 1 , . . . , a n = a and b 1 , . . . , b n = b are partitions of a and b such that length of a i and b i matches number of holes in C i and D i for all 1 � i � n • compare multisets using multiset extension of superterm relation ✄ mul • ✄ mul is well-founded JN & AM (UIBK) Certification of Classical Confluence Results 10/15

Critical Pairs Example Applying this definition for the two peaks from before yields � � f( ✷ , ✷ , ✷ , ✷ ) , a , a , b , b ✷ , f(a , a , b , b) � ← − − − − − − − − − − − f(a , a , b , b) − − − − − − − → = { a , a , b , b } ∥ ∥ � � f(b , ✷ , ✷ , ✷ ) , a , b , b f( ✷ , ✷ , ✷ , ✷ ) , b , a , b , b � ← − − − − − − − − − − f(b , a , b , b) − − − − − − − − − − − → = { a , b , b } ∥ ∥ and { a , a , b , b } ✄ mul { a , b , b } Lemma � � � � C , a D , b D , b C , a • � ← − − − − → = � ← − − − − → s s ∥ ∥ ∥ ∥ � � � � f ( C 1 ,..., C n ) , a f ( D 1 ,..., D n ) , b C i , a i D i , b i • � ← − − − − − − → ⊆ � ← − − − − − − − − f ( s 1 , . . . , s n ) − − − − − − − − → s i ∥ ∥ ∥ ∥ � � C , a 1 ,..., a c D , b • { a 1 , . . . , a c } ✄ = mul � ← − − − − − − − − → s ∥ ∥ JN & AM (UIBK) Certification of Classical Confluence Results 11/15

Critical Pairs Almost Parallel Closed Critical Pairs Theorem (Toyama) ∥ · ∗ ← s for all If R is left-linear, t − → ∥ s for all inner critical pairs t ←· ⋊ → s , and t − → overlays t ← ⋉ ⋊ → s then − → ∥ is strongly confluent Proof (Adaptations) C , a D , b • t ← − − s − − → u ∥ ∥ ∥ ∗ · ← ∥ ∗ · ← • show t − → − ∥ u and u − → − ∥ t • if C = D = ✷ then assumption for overlays applies • other cases remain (almost) the same Remark • incorporating Toyama’s extension to commutation is straightforward JN & AM (UIBK) Certification of Classical Confluence Results 12/15

Certification and Experiments Certification and Experiments Ce T A • Ce T A computes critical pairs • and checks linearity and joining conditions • only information required in certificate: bound on length of → ∗ CSI on 277 TRSs in Confluence Problem Database SC PC SC+PC full yes 38 21 41 110 no 0 0 0 48 maybe 239 256 236 119 JN & AM (UIBK) Certification of Classical Confluence Results 13/15

Conclusion Development Closed Critical Pairs Theorem (van Oostrom) If R is left-linear and t − → ○ s for all critical peaks t ← ⋊ → s then − → ○ has the diamond property • nesting of steps makes describing − → ○ harder • need to split off single steps on both sides and combine closing step with remainder • due to nesting of redexes this needs non-trivial reasoning about residuals • need to split off “innermost” overlap to get decrease in measure • notion of overlap does not carry over JN & AM (UIBK) Certification of Classical Confluence Results 14/15

Conclusion Summary • formalization of two classical confluence results • strongly closed was straightforward • (almost) parallel closed was much more involved Main differences to Paper Proof • multihole contexts for describing parallel steps • notion of overlap: collect overlapping redexes in multiset, compare with ✄ mul • future work: development closed • harder future work: apply to higher-order rewriting JN & AM (UIBK) Certification of Classical Confluence Results 15/15