Advertisement

Making a productive use of failure to generate witnesses for coinduction from divergent proof attempts

  • L.A. Dennis
  • A. Bundy
  • I. Green
Article

Abstract

Coinduction is a proof rule. It is the dual of induction. It allows reasoning about non-well-founded structures such as lazy lists or streams and is of particular use for reasoning about equivalences. A central difficulty in the automation of coinductive proof is the choice of a relation (called a bisimulation).

We present an automation of coinductive theorem proving. This automation is based on the idea of proof planning [7]. Proof planning constructs the higher level steps in a proof, using knowledge of the general structure of a family of proofs and exploiting this knowledge to control the proof search. Part of proof planning involves the use of failure information to modify the plan by the use of a proof critic [23] which exploits the information gained from the failed proof attempt.

Our approach to the problem was to develop a strategy that makes an initial simple guess at a bisimulation and then uses generalisation techniques, motivated by a critic, to refine this guess, so that a larger class of coinductive problems can be automatically verified.

The implementation of this strategy has focused on the use of coinduction to prove the equivalence of programs in a small lazy functional language which is similar to Haskell [22].

We have developed a proof plan for coinduction and a critic associated with this proof plan. These have been implemented in CoCLAM, an extended version of CLAM [9], with encouraging results. The planner has been successfully tested on a number of theorems.

Keywords

Inference Rule Operational Semantic Label Transition System Reduction Rule Proof Strategy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    M. Abadi and A.D. Gordon, A calculus for cryptographic protocols: The Spi Calculus, in: Fourth ACM Conference on Computer and Communications Security (ACM Press, 1997) pp. 36–47. Full version available as Technical Report 414, University of Cambridge Computer Laboratory, January 1997.Google Scholar
  2. [2]
    S. Abramsky, The lazy lambda calculus, in: Research Topics in Functional Programming, ed. D. Turner (Addison-Wesley, Reading, MA, 1990) pp. 65–117.Google Scholar
  3. [3]
    D. Basin and T.Walsh, Difference matching, in: 11th Conference on Automated Deduction, ed. D. Kapur, Lecture Notes in Artificial Intelligence, Vol. 607(Springer, Berlin, 1992) pp. 295–309.Google Scholar
  4. [4]
    D. Basin and T. Walsh, A calculus for and termination of rippling, J. Autom. Reason. 16(1–2) (1996) pp. 147–180.MATHMathSciNetCrossRefGoogle Scholar
  5. [5]
    C. Benzmüller, L. Cheikhrouhou, D. Fehrer, A. Fiedler, X. Huang, M. Kerber, M. Kohlhase, A.Meier, E. Melis, W. Schaarschmidt, J. Siekmann and V. Sorge, Ωmega, Towards a mathematical assistant, in: 14th Conference on Automated Deduction, ed. W. McCune, Lecture Notes in Artificial Intelligence, Vol. 1249(Springer, Berlin, 1997) pp. 252–255.Google Scholar
  6. [6]
    R. Boulton, K. Slind, A. Bundy and M. Gordon, An interface between CLAM and HOL, in: Proceedingsof the 11th International Conference on Theorem Proving in Higher Order Logics, eds. J. Grundy and M. Newey, Lecture Notes in Computer Science, Vol. 1479(Springer, Berlin) pp. 87–104.Google Scholar
  7. [7]
    A. Bundy, The use of explicit plans to guide inductive proofs, in: 9th Conference on Automated Deduction, eds. R. Lusk and R. Overbeek (1988) pp. 111–120. Longer version available from Edinburgh as DAI Research Paper No. 349.Google Scholar
  8. [8]
    A. Bundy, A. Stevens, F. van Harmelen, A. Ireland and A. Smaill, Rippling: A heuristic for guiding inductive proofs, Artif. Intell. 62(1993) 185–253. Also available from Edinburgh as DAI Research Paper No. 567.MATHMathSciNetCrossRefGoogle Scholar
  9. [9]
    A. Bundy, F. van Harmelen, C. Horn and A. Smaill, The Oyster-Clam system, in: 10th International Conference on Automated Deduction, ed. M.E. Stickel, Lecture Notes in Artificial Intelligence, Vol. 449(Springer, Berlin, 1990) pp. 647–648. Also available from Edinburgh as DAI Research Paper 507.Google Scholar
  10. [10]
    A. Bundy, A. Smaill and J. Hesketh, Turning eureka steps into calculations in automatic program synthesis, in: Proceedings of UK IT 90, ed. S.L.H. Clarke (1990) pp. 221–226. Also available from Edinburgh as DAI Research Paper 448.Google Scholar
  11. [11]
    H. Chen, J. Hsiang and H.-C. Kong, On finite representations of infinite sequences of terms, in: Proceedings of the 2nd International Workshop of Conditional and Typed Rewriting Systems, ed. M. Okada, Lecture Notes in Computer Science, Vol. 516(Springer, Berlin, 1990) pp. 100–114.Google Scholar
  12. [12]
    R. Cleaveland, J. Parrow and B. Steffen, The ConcurrencyWorkbench: A semantics-based verification tool for finite-state systems, in: Proceedings of the Workshop on Automated Verification Methods for Finite-State Systems, Lecture Notes in Computer Science, Vol. 407(Springer, Berlin, 1989). Also available from Edinburgh, as ECS-LFCS-89-83.Google Scholar
  13. [13]
    G. Collins, A proof tool for reasoning about functional programs. in: 9th International Conference of Theorem Proving in Higher Order Logics, eds. J. von Wright, J. Grundy and J. Harrison, Lecture Notes in Computer Science, Vol. 1125(Springer, Berlin, 1996) pp. 109–124.Google Scholar
  14. [14]
    L. Dennis, A. Bundy and I. Green, Using a generalisation critic to find bisimulations for coinductive proofs, in: 14th Conference on Automated Deduction, ed.W. McCune, Lecture Notes in Artificial Intelligence, Vol. 1249(Springer, Berlin, 1996) pp. 276–290.Google Scholar
  15. [15]
    L. Dennis, Proof planning coinduction, unpublished Ph.D. thesis, Edinburgh University (1998).Google Scholar
  16. [16]
    M. Fiore, A coinduction principle for recursive data types based on bisimulation, in: Proceedings of the Eight IEEE Symposium on Logic in Computer Science (1993) pp. 110–119.Google Scholar
  17. [17]
    J. Goguen, How to prove algebraic inductive hypotheses without induction, with applications to the correctness of data type implementation, in: 5th Conference on Automated Deduction, eds.W. Bibel and R. Kowalski, Lecture Notes in Computer Science, Vol. 87(Springer, Berlin, 1980) pp. 356–373.Google Scholar
  18. [18]
    J. Goguen, K. Lin and G. Rosu, Circular Coinductive Rewriting, in: Proceedings, Automated Software Engineering (ASE)'00 (2000) o appear.Google Scholar
  19. [19]
    A.D. Gordon, Bisimilarity as a theory of functional programming, in: Proceedings of 11th Conference on the Mathematical Foundations of Programming Semantics, Electronic Notes in Computer Science, Vol. 1(Elsevier, 1995).Google Scholar
  20. [20]
    A.D. Gordon, Bisimilarity for a first-order calculus of objects with subtyping, in: Proceedings, 23rd Symposium on Principles of Programming Languages (ACM SIGPLAN-SIGACT, 1996) pp. 386–395.Google Scholar
  21. [21]
    A.D. Gordon and L. Cardelli, Mobile ambients, in: Proceedings FoSSaCS'98, Lecture Notes in Computer Science, Vol. 1578(Springer, Berlin, 1998). Full version to appear in Theor. Comput. Sci.Google Scholar
  22. [22]
    P. Hudak, S. Peyton–Jones, P.Wadler et al., Report on the functional programming language Haskell: A non-strict, purely functional language version 1.2, ACM SIGPLAN Notices 27(5) (1992).Google Scholar
  23. [23]
    A. Ireland and A. Bundy, Productive use of failure in inductive proof, J. Autom. Reason. 16(1–2) (1996) 79–111. Also available as DAI Research Paper No. 716, Department of Artificial Intelligence, Edinburgh.Google Scholar
  24. [24]
    B. Jacobs and J. Rutten, A tutorial on (co)algebras and (co)induction, EATCS Bull. 2(1997) 222–259.Google Scholar
  25. [25]
    D. Park, Fixpoint induction and proofs of program properties, in: Machine Intelligence, Vol. 5, eds. D. Michie and B. Meltzer (1970) pp. 59–78.Google Scholar
  26. [26]
    L.C. Paulson, Co-induction and co-recursion in higher-order logic, Technical Report 304, University of Cambridge, Computer Laboratory (1993).Google Scholar
  27. [27]
    S.L. Peyton Jones, The Implementation of Functional Programming Languages (Prentice-Hall, Englewood Cliffs, NJ, 1987).MATHGoogle Scholar
  28. [28]
    U.S. Reddy, Narrowing as the Operational Semantics of Functional Languages, in: Proc. of Second IEEE Int'l Symp. on Logic Programming (IEEE, New York, 1985) pp. 138–151.Google Scholar
  29. [29]
    H.G. Rice, Classes of recursively enumerable sets and their decision problems, Trans. Amer. Math. Soc. 89(1953) 25–59.MathSciNetGoogle Scholar
  30. [30]
    G. Roşu and J. Goguen, Circular Coinduction, UCSD Technical Report CSE2000-064 (1999).Google Scholar
  31. [31]
    J. Rutten, Universal coalgebra: A theory of systems, Technical Report CS-R9652, CWI, Amsterdam (1996).Google Scholar
  32. [32]
    M. Sheeran and G. Jones, Circuit Design in Ruby (North-Holland, Amsterdam, 1990).Google Scholar
  33. [33]
    A. Tarski, A lattice-theoretical fixpoint theorem and its applications, Pacific J. Math. 5(1955) 285–309.MATHMathSciNetGoogle Scholar
  34. [34]
    T. Walsh, A divergence critic for inductive proof, J. Artif. Intell. Res. 4(1996) 209–235.MATHGoogle Scholar

Copyright information

© Kluwer Academic Publishers 2000

Authors and Affiliations

  • L.A. Dennis
    • 1
  • A. Bundy
    • 2
  • I. Green
    • 2
  1. 1.Division of InformaticsUniversity of EdinburghEdinburghUK E-mail
  2. 2.Division of InformaticsUniversity of EdinburghEdinburghUK

Personalised recommendations