Proving Properties of Constraint Logic Programs by Eliminating
Proving Properties of Constraint Logic Programs by Eliminating Existential Variables Alberto Pettorossi (Università di Roma “Tor Vergata”), Maurizio Proietti (IASI-CNR, Roma), Valerio Senni (Università di Roma “Tor Vergata”) CILC 2006 – DIB – Università di Bari 26 -27 June 2006
1. Outline of the work • Goal: proving first order properties of Costraint Logic Programs (CLPs) • Focus: CLPs on the domain of lists and real numbers • Technique: existential quantifiers elimination by means of program transformation
2. Programs on lists of reals where a and X Var • Polynomials p : : = a | X | p 1 + p 2 | a X • Constraints c : : = p 1 = p 2 | p 1 < p 2 | p 1 ≤ p 2 | c 1 c 2 • LR-programs head terms body terms clauses h : : = X | [ ] | [X|L] where X Var and L Var. L b : : = p | L cl : : = r 1(h 1, …, hn) c | r 1 (h 1, …, hn) c r 2 (b 1, …, bn) | r 1 (h 1, …, hn) c r 2 (b 1, …, bn) Goal: given a program P and a property , verify whether or not M(P)
3. Proof by transformation • start from the pair < P, prop > • transform the statement prop into a (stratified, finite) set of definitions D 1…Dn • add each of the D 1…Dn to the inital program P obtaining at each step a new lr-program without existential variables • If the transformation process terminates, then the definition of prop is propositional (by definition of lr-programs)
4. An example • Initial program P member (X, [Y|L]) X=Y member (X, [Y|L]) member (X, L) • Property : L U X ( X L X ≤ U ) we want to show that any list of reals has an upper bound • Two steps : 1. First we transform the statement prop into a set of definitions D 1…Dn 2. By applying the Unfold/Fold rules we transform D 1…Dn P into a new program T such that the definition of prop is propositional
5. Clause-Form Transformation Step 1. : L U X ( X L X ≤ U ) prop L U X ( X L X > U ) r q p D 4: prop p D 3: p list (L) q (L) • not lr-clauses D 2: q (L) list (L) r (L, U) • with existential variables D 1: r (L, U) X > U list(L) member (X, L)
6. Unfold-Fold Transformation Step 2. The unfold/fold transformation is aimed at transforming the clauses obtained after the Step 1 into lr-clauses. D 4 : prop p by repeated applications of the D 3 : p p 1 • unfold, p 1 • fold and • constraint replacement rules D 2 : q ([]) we obtain the final program T T q ([X|T]) q 1(X, T) q 1 (X, [Y|T]) X > Y q 1 (X , L) For each initial predicate we have q 1 (X, [Y|T]) X ≤ Y q 1 (Y , L) obtained a new definition, made of lr-clauses. Possibly with the use of some auxiliary predicate (p 1, q 1) D 1 : r ([X|T], U) X > U list (L) r ([X|T], U) r (T, U)
6. Unfold-Fold Transformation Step 2. The unfold/fold transformation is aimed at transforming the clauses obtained after the Step 1 into lr-clauses. D 4 : prop p by repeated applications of the D 3 : p p 1 • unfold, p 1 • fold and • constraint replacement rules D 2 : q ([]) we obtain the final program T T q ([X|T]) q 1(X, T) q 1 (X, [Y|T]) X > Y q 1 (X , L) For each initial predicate we have q 1 (X, [Y|T]) X ≤ Y q 1 (Y , L) obtained a new definition, made of lr-clauses. Possibly with the use of some auxiliary predicate (p 1, q 1) D 1 : r ([X|T], U) X > U list (L) r ([X|T], U) r (T, U)
6. Unfold-Fold Transformation Step 2. The unfold/fold transformation is aimed at transforming the clauses obtained after the Step 1 into lr-clauses. D 4 : prop p by repeated applications of the D 3 : p p 1 • unfold, p 1 • fold and • constraint replacement rules D 2 : q ([]) we obtain the final program T T q ([X|T]) q 1(X, T) q 1 (X, [Y|T]) X > Y q 1 (X , L) For each initial predicate we have q 1 (X, [Y|T]) X ≤ Y q 1 (Y , L) obtained a new definition, made of lr-clauses. Possibly with the use of some auxiliary predicate (p 1, q 1) D 1 : r ([X|T], U) X > U list (L) r ([X|T], U) r (T, U)
6. Unfold-Fold Transformation Step 2. The unfold/fold transformation is aimed at transforming the clauses obtained after the Step 1 into lr-clauses. D 4 : prop p prop by repeated applications of the D 3 : p p 1 • unfold, p 1 • fold and • constraint replacement rules D 2 : q ([]) we obtain the final program T T q ([X|T]) q 1(X, T) q 1 (X, [Y|T]) X > Y q 1 (X , L) For each initial predicate we have q 1 (X, [Y|T]) X ≤ Y q 1 (Y , L) obtained a new definition, made of lr-clauses. Possibly with the use of some auxiliary predicate (p 1, q 1) D 1 : r ([X|T], U) X > U list (L) r ([X|T], U) r (T, U)
7. The Unfold-Fold Strategy A general Unfold/Fold strategy Input: an lr-program P and a hierarchy <D 1, . . . , Dn> of clauses Output: an lr-program T for all D 1, . . . , Dn : Di unfold + replace-constraints * no T yes i>n define-fold * the final program i : = i + 1 yes New. Defs = no
8. The Unfold-Fold Strategy at work start from clause D 1 : r (L, U) X > U list(L) member (X, L) Unfold : Fold : r ([X|T], U) X > U list(T) r ([X|T], U) Y > U list(T) member (Y, T) 1. r ([X|T], U) X > U list(T) 2. r ([X|T], U) r (T, U)
8. The Unfold-Fold Strategy at work start from clause D 1 : r (L, U) X > U list(L) member (X, L) Unfold : Fold : r ([X|T], U) X > U list(T) r ([X|T], U) Y > U list(T) member (Y, T) 1. r ([X|T], U) X > U list(T) 2. r ([X|T], U) r (T, U) We go on with the following definitions D 2, D 3, and D 4 • lr-clauses • without existential variables
9. Introduction of new Definitions clause D 2 : q (L) list (L) r (L, U) Unfold : q ([ ]) q ([X|T]) X ≤ U list (T) r (T, U) we cannot fold
9. Introduction of new Definitions clause D 2 : q (L) list (L) r (L, U) Unfold : q ([ ]) q ([X|T]) X ≤ U list (T) r (T, U) Define : q 1(X, T) X ≤ U list (T) r (T, U) Fold : we cannot fold 3. q ([ ]) 4. q ([X|T]) q 1(X, T) Continue to apply the transformation rules to the new definition Unfold : q 1(X, [ ]) q 1(X, [Y|T]) X ≤ U Y ≤ U list (T) r (T, U)
9. Introduction of new Definitions clause D 2 : q (L) list (L) r (L, U) Unfold : q ([ ]) q ([X|T]) X ≤ U list (T) r (T, U) Define : q 1(X, T) X ≤ U list (T) r (T, U) Fold : we cannot fold 3. q ([ ]) 4. q ([X|T]) q 1(X, T) Continue to apply the transformation rules to the new definition Unfold : need for new definitions q 1(X, [ ]) q 1(X, [Y|T]) X ≤ U Y ≤ U list (T) r (T, U) reduce the occurrences of existential variables
10. Constraint Replacement : q 1 (X, [Y|T]) X ≤ U Y ≤ U list (T) r (T, U) U U U X Y X≤U Y≤U X Y X>Y X≤U X≤Y Y≤U
10. Constraint Replacement : q 1 (X, [Y|T]) X ≤ U Y ≤ U list (T) r (T, U) U U U X Y X≤U Y≤U X Y X>Y X≤U X≤Y Y≤U We substitute the clause for and : q 1 (X, [Y|T]) X > Y X ≤ U list (T) r (T, U) : q 1 (X, [Y|T]) X ≤ Y Y ≤ U list (T) r (T, U)
10. Constraint Replacement : q 1 (X, [Y|T]) X ≤ U Y ≤ U list (T) r (T, U) U U U X Y X≤U Y≤U X Y X>Y X≤U X≤Y Y≤U We substitute the clause for and : q 1 (X, [Y|T]) X > Y X ≤ U list (T) r (T, U) : q 1 (X, [Y|T]) X ≤ Y Y ≤ U list (T) r (T, U) after folding we obtain : 5. q 1 (X, [Y|T]) X > Y q 1 (X, T) 6. q 1 (X, [Y|T]) X ≤ Y q 1 (Y, T) which allow for folding
11. Last part of the Trasformation clause D 3 : p list (L) q (L) Unfold : p list(T) q 1 (X, T) Define : p 1 list(T) q 1 (X, T) Fold : Unfold : Constraint Replace : Fold : 7. p p 1 X > Y list(T) q 1 (X, T) p 1 X ≤ Y list(T) q 1 (Y, T) p 1 list(T) q 1 (Y, T) 8. p 1 project these constraints out
12. Final Program At the end of the transformation we obtain the following program: T: 1. r ([X|T], U) X > U list(T) 2. r ([X|T], U) r (T, U) 3. q ([ ]) 4. q ([X|T]) newp 1(X, T) 5. q 1 (X, [Y|T]) X > Y q 1 (X, T) 6. q 1 (X, [Y|T]) X ≤ Y q 1 (Y, T) 7. p p 1 8. p 1 9. prop p By simple inspection of the program T we can decide that the property prop is true
13. Termination A brief note on termination: for all D 1, . . . , Dn : Di unfold + replace-constraints * no T yes i>n define-fold * the final program i : = i + 1 yes New. Defs = no
13. Termination A brief note on termination: for all D 1, . . . , Dn : Di unfold + replace-constraints * no T yes i>n define-fold * the final program i : = i + 1 The only source for nontermination is the possible introduction of infinitely many new definitions yes New. Defs = no
14. Experimental results We have run some experiments on the MAP system that implements the Unfold/Fold transformation strategy. • constraints handling: clp(r) module of SICStus prolog (implementing a variant of the Fourier-Motzkin algorithm for existential variables elimination) • theorems in theory of linear orders, lists, and sum Property Time L U Y ( Y L Y U ) 140 ms L Y ( (sumlist(L, Y) Y > 0) X (X L X > 0) ) 170 ms L M N ( (ord(L) ord(M) sumzip(L, M, N)) ord(N) ) 160 ms L M X Y ( (leqlist(L, M) sumlist(L, X) sumlist(M, Y)) X Y ) 50 ms
15. Future work • identify some theories of interest for which this strategy succeeds • experiment on different data structures (e. g. trees) and domains with a linear order and closed under projection • investigate phenomena that lead to nontermination • generalization techniques that allow for folding
- Slides: 26