Assertion Application - Assertion level proof planning with compiled strategies

As we have seen in the previous section, inferences are just another representation of assertions. In this form, each assertion consists of multiple premises and conclusions, augmented by a possibly empty set of hypotheses for each premise (see Definition (6.2.7)). Each of these premises, conclusions, and hypotheses can be identified with a specific node in the free variable task tree.

When applying an inference to transform a given task, we typically try to instantiate some of its formal arguments, i.e., try to find corresponding subformulas in a task and a substitution σ which makes the formula in the task and the formula corresponding to the formal argument of the inference equal. Thereby additional conditions which result from the deep access to subformulas have to be respected, such as restricting matching candidates for premises to subformulas with negative polarity.

From an abstract point of view to determine how a single inference can be applied can be understood as a classical retrieval problems of candidate terms from a given query term or subject term satisfying a specific relationship. Such problems occur frequently in the setting of automated theorem proving, and powerful indexing techniques have been devel- oped to support efficient retrieval. However, in contrast to the standard approach, we have to solve a simultaneous unification/matching problem, as several premises/conclusions are usually instantiated. Such a problem is known in the context of hyperresolution, where one also has to solve the problem of simultaneous retrieval of unifiable terms. Instead of matching/unifying all inference nodes simultaneously, a reasonable strategy consists of

matching one inference node at a time, starting from an inference where no node has been matched. This has been done for example in Vampire [RV99].

We follow a similar approach and introduce the notion of partial argument instantiations (PAI), which is an adaptation of the notion from [BS01b] to the new inferences presented here and makes the instantiation process explicit. The idea is as follows: We start with a PAI which maps all elements of the inference to⊥. Subsequently, this partial argument instantiation is updated by instantiating a previously uninstantiated argument of the inference, resulting in a new PAI. We say that the new PAI is an partial argument instantiation update with respect to the previous PAI.

Let us now start with the development of the formal framework. First, we introduce the notion of a task position, which represents the matching candidates of a specific proof task, i.e., nodes of the task tree that are labeled with formulas. The corresponding positions are split into three sets, according to the polarities that can arise.

Definition 6.3.1 (Task Position). Let T = w1, . . . , wn be a task. The task positions of

T , denoted by Pos, are defined to be the following set: Pos(T ) =

[

i=1

S(wi) (6.37)

Moreover, we define the following three subsets:

Pos(T )+₌_{{t ∈ Pos(T ) | pol(t) = +}} _(6.38)

Pos(T )−={t ∈ Pos(T ) | pol(t) = −} (6.39)

Pos(T )◦ ₌_{{t ∈ Pos(T ) | pol(t) = ◦}} _(6.40)

(6.41) Example 6.3.2. The task

A−,B−∧α_C−−

⊢α _D+ _(6.42)

has the following task positions: • Pos(T ) = {A, B, C, B ∧ C, D} • Pos(T )− ₌_{{A, B, C, B ∧ C}}

• Pos(T )+ ₌_{D}

• Pos(T )0 ₌_∅

Remark 6.3.3. Note that it is not allowed to match above windows, even though the labels of the corresponding nodes principally denote admissible matching positions. In particular, nodes with labels A, B which do occur in two different windows cannot be matched against A_{∧ B, even if their parent node has label A ∧ B.}

Based on the notion of a task position, we now define the notion of an inference substitution with respect to an inference _{I and a task T . An inference substitution} consists of two components: a partial mapping σN : L ֒→ Pos(T ) that identifies a task

position for a formal argument l ∈ L, and a substitution σ. Intuitively, an instantiated argument l _{∈ L identifies two nodes in the free variable task tree – one corresponding to} the node of the inference, and one corresponding to a node of the task – that are made equal under σ:

Definition 6.3.4 (Inference Substitution). Let I be an inference with names _{L for} premises and conclusions and let T be a task. An inference substitution wrt. T is a pair σI =hσN, σi consisting of a mapping σN :L ֒→ Pos(T ) and a substitution σ. Given

an inference substitution, its domain is defined as

dom(σI) :={l ∈ L | σN(l)6= ⊥} (6.44)

Given an inference and a corresponding inference substitution, its application will be modeled by a sequence of resolution replacement rules within the Core calculus (the exact details are explained in the next section). Thereby, each underlying resolution replacement rule application is subject to several conditions on the underlying free variable task tree. The essence of the following definition, which looks rather technical at a first glance, is to lift these conditions to the level of inferences, thereby taking the structural properties of task trees into account (c.f. Theorem 6.1.12). That is, once an inference substitution satisfies the specified conditions, all induced resolution replacement rules are admissible. Definition 6.3.5 (Partial Argument Instantiation). Let σI be an inference substitution

with respect to an inference I some task T . We say that σI is a partial argument instan-

tiation iff

(i) σ is an admissible substitution. (ii) for all l ∈ dom(σI) it holds

• if l denotes a premise, then σI(l) ∈ Pos−(T ) and Label(σI(l))σ = Label(l)σ.

Moreover, for any conclusion c σI(c) and σI(l) are α-related.

• if l denotes a conclusion, then σI(l) ∈ Pos+(T ) and Label(σI(l))σ = Label(l)σ.

• for two conclusion labels l, l′ _{∈ dom(σ}

I), σI(l) and σI(l′) are strictly β-related

to each other. Moreover, we require

(iii) no position is contained within another position, i.e., for all l, l′ ∈ dom(σT

I) it holds

that l _{6≺ l}′_.

(iv) for two premise labels l, l′ ∈ dom(σT

I), it holds that σIT(l) and σIT(l′) are α-related to

each other.

A PAI σI is called empty, iff dom(σI) = ∅.

Let us explain the additional conditions (iii) and (iv), which are not needed to ensure the correctness of the inference application, before giving an example of a PAI. The condition (iv) corresponds to the intuition of not using assertions from different branches simultaneously, as the following example illustrates:

Example 6.3.6. Consider the inference conj-I

conj-I p1 : A p2 : B

c1 : A∧ B (6.45)

and the task T _h

Suppose that the conclusion has been matched against the formula A _{∧ B. Without the} condition, we could subsequently both match p1 and p2 in (6.46), thereby introducing the

proof obligations (¬B)+ _{and (}_¬A)+_{. Finally, condition (iii) ensures that all contraction}

steps need to be performed explicitly. Consider again the inference conj-i shown above and the task

A−_{⊢ B}+ (6.47)

Without the condition (iii), we can apply conj-i in forwards direction to deduce A_{∧ A,} which is not possible with the restriction.

Let us now illustrate the concept of a PAI: Example 6.3.7. Consider the task

(A_{⊂ B)}+_⇒β (f (A)_{⊂ f(B))}−i− _{⊢ Auto(f, G)}+ _⇒α f (Ker(f, G))_{⊂ G}+ (6.48) and the inference

p1 : U ⊂ V p2 : V ⊂ W

c : U _{⊂ W} Trans⊂ (6.49)

For premises, the nodes corresponding to the following formulas are candidates for the instantiation process:

{f(A) ⊂ f(B), Auto(f, G)} (6.50)

Similarly, for the conclusion of the inference the following nodes are candidates:

{f(Ker(f, G)) ⊂ G, A ⊂ B} (6.51)

Using the substitution

σ = {U 7→ f(ker(f, G)), W 7→ G, A 7→ ker(f, G), V 7→ f(G)} (6.52) the task reads as

ker(f, G) _{⊂ B ⇒ (f(ker(f, G)) ⊂ f(B)) ⊢ Auto(f, G) ⇒ f(Ker(f, G)) ⊂ G} (6.53) and the inference as

f (ker(f, G))_{⊂ f(G) f(G) ⊂ G}

f (ker(f, G))⊂ G (6.54)

Therefore, we can both instantiate the first premise and the conclusion of the inference, obtaining the following PAI which consists of σ and the inference substitution

σL :{p1, p2, c} → Pos(T ); σL(x) =        f (ker(f, G))_{⊂ f(B) x = p}1 ⊥ x = p2 Ker(f, G)_{⊂ B} x = c (6.55)

The matching process is illustrated in Figure 6.2, which shows the free variable task tree. In the figure, solid boxes indicate the corresponding positions within the task tree. The dashed boxes correspond to proof obligations that will be introduced when applying the inference. The inference substitution (6.55) is admissible, because

α β β U _{⊂ V}+ _V _{⊂ W}+ (U ⊂ W )− α β A _{⊂ B} f (A) _{⊂ f(B)}− α Auto(f, G)− _{f (Ker(f, G))}_{⊂ G}+

Figure 6.2: Initial free variable indexed formula tree for our example

(ii) _{• σ}I(p1) has negative polarity and is α-related to σI(c) via the right child of the

root node; moreover, σI(p1)σ =I(p1)σ

• σI(c) has positive polarity; moreover, σI(c)σ = I(c)σ

• there is only one conclusion (iii) the task positions do not overlap

(iv) there is only one instantiated premise, so all instantiated premises are α-related to each other

Notation 6.3.8. From now on, we will denote partial argument instantiations with respect to an inference I and a task T by paiT

Motivated by the above example, we now introduce the notion of a partial argument instantiation update to make the stepwise search process of a PAI explicit. The intuition of a PAI update for a given PAI is that at least one new task position has been added to the PAI. Formally, this is captured by the following definition:

Definition 6.3.9 (Partial Argument Instantiation Update). Let I be an inference, T be a task, paiT

I, pai′I T

be partial argument instantiations for_{I with respect to T . Then pai}′ I

is a partial argument update of paiT I iff

• paiT

I(l) = paiTI(l) for all l∈ dom(paiTI).

• there is at least one formal argument of I in dom(pai′

IT)\ dom(paiTI).

Example 6.3.10. Let us illustrate the above definition using the inference and task from Example 6.3.7 by showing one possible sequence of PAI updates leading from the empty PAI to the one shown in (6.55).

−→ σL(x) =        ⊥ x = p1 ⊥ x = p2 Ker(f, G)_{⊂ B x = c} −→ σL(x) =        f (ker(f, G))_{⊂ f(B) x = p}1 ⊥ x = p2 Ker(f, G)_{⊂ B} x = c

The instantiation process can also be shown schematically by abstracting over the con- crete statements, resulting in a so-called PAI-status. This allows the computation of all possible status updates statically. For the inference (6.49), the corresponding graph is shown in Figure 6.3, where the rounded boxes correspond to PAIs and indicate the instantiated arguments. The squared boxes indicate the argument that is added when following the edge.

∅ ⊕P 1 hP 1i ⊕C hP 1, Ci ⊕P 2 ⊕P 2 ⊕P 2 hP 2i ⊕P 1 [hP 1, P 2i] ⊕C hP 1, P 2, Ci ⊕C ⊕C hCi ⊕P 2 hC, P 2i ⊕P 1 ⊕P 1

Figure 6.3: Possible status updates for the inference (6.49)

To be able to describe the effects of the application of an inference, let us introduce three main directions in which an inference can be applied: forwards, backwards, and close. Intuitively, an inference is applied in forwards direction if it introduces new facts, in backwards direction if it reduces a goal to new subgoals, and in close direction if it closes the goal.

Definition 6.3.11 (Applicable Inference, Forward/Backward/Close Direction). Let _{I be} an inference, T be a task and paiT

I a partial argument instantiation. paiTI is applicable iff

one of the following conditions hold: (i) for all conclusions c, paiT

I(c) 6= ⊥

(ii) there is a premise p such that paiT

I(p)6= ⊥.

We classify paiT

I to the following directions: paiTI is called

• forward partial argument instantiation if for all c ∈ C it holds that paiT

I(c) = ⊥

and there is some p_{∈ P such that pai}T

I(p) 6= ⊥.

• backward partial argument instantiation if there exists a c ∈ C such that paiT I(c)6=

⊥.

• closing partial argument instantiation if all premises and all conclusions are instantiated.

In the following, we describe the application of such an inference to a given proof state and show how a given task is transformed. We will define two transformations, dependent on whether the inference is applied forwards or backwards.

In document Assertion level proof planning with compiled strategies (Page 107-112)