Like this presentation? Why not share!

Constructing List Homomorphisms from Proofs

by Yun-Yan Chi, Research Assistant at Academia Sinica on Jan 29, 2013

• 103 views

be used in APLAS '12

be used in APLAS '12

Views

Total Views
103
Views on SlideShare
103
Embed Views
0

Likes
0
0
0

No embeds

Constructing List Homomorphisms from ProofsPresentation Transcript

• Constructing List Homomorphisms from Proofs Yun-Yan Chi Shin-Cheng Mu IIS, Academia Sinica, Taiwan September 17, 2012 Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 1/ 25
• Prelude Preliminaries The Way To GoList Homomorphism ▸ A function h on lists is called a list homomorphism if it satisﬁes h (xs + ys) = h xs h ys, + for some associative operator ( ) ▸ E.g. sum (xs + ys) = sum xs + sum ys + Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 2/ 25
• Prelude Preliminaries The Way To GoList Homomorphism ▸ A function h on lists is called a list homomorphism if it satisﬁes h (xs + ys) = h xs h ys, + for some associative operator ( ) ▸ E.g. sum (xs + ys) = sum xs + sum ys + ▸ Potential chances of parallelisation ▸ compute h xs and h ys in parallel ▸ combine the results using ( ) ▸ Can a list homomorphism be mechanically constructed? Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 2/ 25
• Prelude Preliminaries The Way To GoA clue ▸ The well-known third list-homomorphism theorem: ▸ h is a list homomorphism ▸ if h can be foldr (⊲) e and foldl(⊳) e for some (⊲), (⊳) and e ▸ E.g. sum ([3, 5, 7, 9]) = 3 + sum [5, 7, 9] = sum [3, 5, 7] + 9 = sum [3, 5] + sum [7, 9] Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 3/ 25
• Prelude Preliminaries The Way To GoBut, how? ▸ Plenty of previous work was devoted to the construction of ( ) from the deﬁnitions of (⊲) and (⊳) ▸ Practically, eﬀorts are needed to prove h = foldr (⊲) e = foldl (⊳) e ▸ This occurs often that one of (⊲) or (⊳) is picked as deﬁnition of h, while the other is much harder to ﬁnd Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 4/ 25
• Prelude Preliminaries The Way To GoBut, how? ▸ We may have a good guess of ( ) by mixing (⊲) and (⊳) ▸ The proof of the correctness of ( ) is very similar to the proof of h = foldr (⊲) e = foldl (⊳) e, which we have to provide anyway ▸ Our idea: transform the proof of the correctness of ( ) from the proof of foldr = foldl, after assembling a possible ( ) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 4/ 25
• Prelude Fold Preliminaries Tupling The Way To Go Foldr-Fusion LawPreludePreliminaries Fold Tupling Foldr-Fusion LawThe Way To Go Proof by Fusion Proof Generalisation Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 5/ 25
• Prelude Fold Preliminaries Tupling The Way To Go Foldr-Fusion LawFoldr ▸ A function h is a instance of foldr (⊲) e if h can be deﬁned as ▸ h [] = e ▸ h (x xs) = x ⊲ h xs for some e and (⊲) ▸ E.g. foldr (⊲) e xs = foldr (⊲) e (x1 (x2 (x3 [ ]))) = x1 ⊲ foldr (⊲) e (x2 (x3 [ ])) = ... = x1 ⊲ (x2 ⊲ (x3 ⊲ e)) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 6/ 25
• Prelude Fold Preliminaries Tupling The Way To Go Foldr-Fusion LawFoldl ▸ Symmetrically, h is a foldl(⊳) e if it can be deﬁned as ▸ h [] = e ▸ h (xs + [x]) = h xs ⊳ x, + for some (⊳) and e ▸ E.g. foldl (⊳) e xs = foldl (⊳) e ((([ ] + [x1 ]) + [x2 ]) + [x3 ]) + + + = foldl (⊳) e (([ ] + [x1 ]) + [x2 ]) ⊳ x3 + + = ... = ((e ⊳ x1 ) ⊳ x2 ) ⊳ x3 Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 7/ 25
• Prelude Fold Preliminaries Tupling The Way To Go Foldr-Fusion LawTupling ▸ Not all functions can be a fold ▸ Tupling: for h, ﬁnd a k such that ⟨h, k⟩ is a fold ▸ ⟨h, k⟩ x = (h x, k x) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 8/ 25
• Prelude Fold Preliminaries Tupling The Way To Go Foldr-Fusion LawFoldr-Fusion Law ▸ One can fuse f and foldr into another foldr Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 9/ 25
• Prelude Fold Preliminaries Tupling The Way To Go Foldr-Fusion LawFoldr-Fusion Law ▸ One can fuse f and foldr into another foldr (f ○ foldr (⊲) e) xs = (f ○ foldr (⊲) e) (x1 (x2 (x3 ... []))) = f (x1 ⊲ (x2 ⊲ (x3 ⊲ ... ⊲ e))) = { f (x ⊲ z) = x ⊕ f z } x1 ⊕ (f (x2 ⊲ (x3 ⊲ ... ⊲ e))) = ... = x1 ⊕ (x2 ⊕ (x3 ⊕ ... ⊕ (f e))) = foldr (⊕) (f e) xs Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 9/ 25
• Prelude Proof by Fusion Preliminaries Proof Generalisation The Way To GoReturn to our approach ▸ Since we try to transform the proof of ▸ h = foldr (⊲) e = foldl (⊳) e to the proof of ▸ the correctness of ( ), ▸ we want to know how to 1. prove that h = foldr (⊲) e = foldl (⊳) e 2. prove that ( ) do deﬁne a list homomorphism 3. transform the former to the latter Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 10/ 25
• Prelude Proof by Fusion Preliminaries Proof Generalisation The Way To Goh = foldr (⊲) e = foldl (⊳) e ▸ Let h = foldr (⊲) e ▸ To prove that h = foldl (⊳) e, we have to show ▸ h[] = e ▸ h (xs + [z]) = h xs ⊳ z + ▸ In point-free style: h ○ (+ +[z]) = (⊳ z) ○ h h ○ (+ +[z]) = { foldr -fusion, since (+ +[z]) = foldr ( ) [z] } foldr (⊲) (h [z]) = { foldr -fusion (backwards) } (⊳ z) ○ foldr (⊲) e = (⊳ z) ○ h Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 11/ 25
• Prelude Proof by Fusion Preliminaries Proof Generalisation The Way To Goh = foldr (⊲) e = foldl (⊳) e ▸ For the second foldr -fusion ▸ z ⊲e=e⊳z ▸ (x ⊲ y ) ⊳ z = x ⊲ (y ⊳ z) - the associativity of (⊲) and (⊳) ▸ We will have the proof of h = foldr (⊲) e = foldl (⊳) e if we have the proof of above fusion conditions Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 11/ 25
• Prelude Proof by Fusion Preliminaries Proof Generalisation The Way To Goh is list homomorphism ▸ To prove that h is a list homomorphism, we have to show ▸ h (xs + ys) = h xs + h ys ▸ In point-free style: h ○ (+ +ys) = ( h ys) ○ h h ○ (+ +ys) = { foldr -fusion, since (+ +ys) = foldr ( ) ys } foldr (⊲) (h ys) = { foldr -fusion (backwards) } ( h ys) ○ foldr (⊲) e = ( h ys) ○ h Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 12/ 25
• Prelude Proof by Fusion Preliminaries Proof Generalisation The Way To Goh is list homomorphism ▸ For the second foldr -fusion ▸ h ys = e h ys ▸ (x ⊲ y ) h ys = x ⊲ (y h ys) ▸ If we have the proof of those fusion conditions, we will have the proof of ( ) do deﬁne a list homomorphism Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 12/ 25
• Prelude Proof by Fusion Preliminaries Proof Generalisation The Way To GoGeneralisation ▸ To transform the proof of ▸ h = foldr (⊲) e = foldl (⊳) e to the proof of ▸ h (xs + ys) = h xs + h ys Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 13/ 25
• Prelude Proof by Fusion Preliminaries Proof Generalisation The Way To GoGeneralisation ▸ To transform the proof of ▸ z ⊲e=e⊳z ▸ (x ⊲ y ) ⊳ z = x ⊲ (y ⊳ z) to the proof of ▸ h ys = e h ys ▸ (x ⊲ y ) h ys = x ⊲ (y h ys) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 13/ 25
• Prelude Proof by Fusion Preliminaries Proof Generalisation The Way To GoGeneralisation ▸ To transform the proof of ▸ z ⊲e=e⊳z ▸ (x ⊲ y ) ⊳ z = x ⊲ (y ⊳ z) to the proof of ▸ h ys = e h ys ▸ (x ⊲ y ) h ys = x ⊲ (y h ys) ▸ To come up with ( ) and its correctness proof ▸ Generalise the former proof to the latter by replacing the occurrences of z in (⊳) by metavariables Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 13/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Example: Steep Setup Proving foldr (⊲) e = foldl (⊳) e Constructing ( )Conclusions Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 14/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ E.g. steep [20, 10, 5, 2] Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ E.g. steep [20, 10, 5, 2] Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ E.g. steep [20, 10, 5, 2] Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ E.g. steep [20, 10, 5, 2] Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ Can steep be a foldr ? Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ Can steep be a foldr ? Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ Can steep be a foldl ? Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ Can steep be a foldl ? Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ Can steep be a foldl ? Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep ▸ A list of numbers is said to be steep if each number is larger than the sum of the numbers to its right. ▸ Can steep be a foldl ? Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 15/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Cap ▸ cap xs, upper-bound of value we can attach to the right of xs ▸ cap can be a foldr together with sum Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 16/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Cap ▸ cap xs, upper-bound of value we can attach to the right of xs ▸ cap can be a foldl Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 16/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Steep as Fold ▸ We can compute steep if we can compute cap ▸ ⟨cap, sum⟩ can be foldr (⊲) (∞, 0) and foldl (⊳) (∞, 0), where ▸ x ⊲ (c2 , s2 ) = ((x − s2 ) ↓ c2 , x + s2 ) ▸ (c1 , s1 ) ⊳ z = ((c1 − z) ↓ z, s1 + z) ▸ It is not so obvious that foldr = foldl Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 17/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Example: Steep Setup Proving foldr (⊲) e = foldl (⊳) e Constructing ( )Conclusions Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 18/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Fusion Conditions ▸ z ⊲ (∞, 0) = (∞, 0) ⊳ z ▸ (x ⊲ y ) ⊳ z = x ⊲ (y ⊳ z) ▸ The former condition trivially holds: z ⊲ (∞, 0) = { deﬁnition of (⊲) } ((z − 0) ↓ ∞, z + 0) = { arithmetics } ((∞ − z) ↓ z, 0 + z) = { deﬁnition of (⊳) } (∞, 0) ⊳ z. Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 19/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Proof of Associativity (x ⊲ (c, s)) ⊳ z = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) ⊳ z = { deﬁnition of (⊳) } ((((x − s) ↓ c) − z) ↓ z, x + s + z) = { (−z) distributes over (↓) } (((x − s − z) ↓ (c − z)) ↓ z, x + s + z) = { arithmetics } (((x − (s + z)) ↓ ((c − z) ↓ z), x + s + z) = { deﬁnition of (⊲) } x ⊲ ((c − z) ↓ z, s + z) = { deﬁnition of (⊳) } x ⊲ ((c, s) ⊳ z) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 20/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Example: Steep Setup Proving foldr (⊲) e = foldl (⊳) e Constructing ( )Conclusions Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 21/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )The Aim now is 1. Generalise the proof of ▸ (x ⊲ y ) ⊳ z = x ⊲ (y ⊳ z) to a proof of ▸ (x ⊲ y ) (c2 , s2 ) = x ⊲ (y (c2 , s2 )). 2. Construct a deﬁnition of ( ) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 22/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Generalise The Proof ▸ Copy the proof of associativity (x ⊲ (c, s)) ⊳ z = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) ⊳ z = { deﬁnition of (⊳) } ((((x − s) ↓ c) − z) ↓ z, x + s + z) = { -z distributes over (↓) } (((x − s − z) ↓ (c − z)) ↓ z, x + s + z) = { arithmetics } (((x − (s + z)) ↓ ((c − z) ↓ z), x + s + z) = { deﬁnition of (⊲) } x ⊲ ((c − z) ↓ z, s + z) = { deﬁnition of (⊳) } x ⊲ ((c, s) ⊳ z) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 23/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Generalise The Proof ▸ Generalise ⊳ z to (c2 , s2 ) (x ⊲ (c, s)) ⊳ z = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) ⊳ z = { deﬁnition of (⊳) } ((((x − s) ↓ c) − z) ↓ z, x + s + z) = { -z distributes over (↓) } (((x − s − z) ↓ (c − z)) ↓ z, x + s + z) = { arithmetics } (((x − (s + z)) ↓ ((c − z) ↓ z), x + s + z) = { deﬁnition of (⊲) } x ⊲ ((c − z) ↓ z, s + z) = { deﬁnition of (⊳) } x ⊲ ((c, s) ⊳ z) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 23/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Generalise The Proof ▸ Generalise ⊳ z to (c2 , s2 ) (x ⊲ (c, s)) (c2 , s2 ) = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) (c2 , s2 ) = { deﬁnition of ( ) } ((((x − s) ↓ c) − z) ↓ z, x + s + z) = { -z distributes over (↓) } (((x − s − z) ↓ (c − z)) ↓ z, x + s + z) = { arithmetics } (((x − (s + z)) ↓ ((c − z) ↓ z), x + s + z) = { deﬁnition of (⊲) } x ⊲ ((c − z) ↓ z, s + z) = { deﬁnition of ( ) } x ⊲ ((c, s) (c2 , s2 )) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 23/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Generalise The Proof ▸ Replace z by metavariable Xi (x ⊲ (c, s)) (c2 , s2 ) = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) (c2 , s2 ) = { deﬁnition of ( ) } ((((x − s) ↓ c) − z) ↓ z, x + s + z) = { -z distributes over (↓) } (((x − s − z) ↓ (c − z)) ↓ z, x + s + z) = { arithmetics } (((x − (s + z)) ↓ ((c − z) ↓ z), x + s + z) = { deﬁnition of (⊲) } x ⊲ ((c − z) ↓ z, s + z) = { deﬁnition of ( ) } x ⊲ ((c, s) (c2 , s2 )) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 23/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Generalise The Proof ▸ Replace z by metavariable Xi (x ⊲ (c, s)) (c2 , s2 ) = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) (c2 , s2 ) = { deﬁnition of ( ) } ((((x − s) ↓ c) − X1 ) ↓ X2 , x + s + X3 ) = { -X1 distributes over (↓) } (((x − s − X1 ) ↓ (c − X1 )) ↓ X2 , x + s + X3 ) = { arithmetics } (((x − (s + X1 )) ↓ ((c − X1 ) ↓ X2 ), x + s + X3 ) = { deﬁnition of (⊲) } x ⊲ ((c − X1 ) ↓ X2 , s + X1 ) = { deﬁnition of ( ) } x ⊲ ((c, s) (c2 , s2 )) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 23/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Generalise The Proof ▸ (s + X1 ) and (s + X3 ) have to be the same term (x ⊲ (c, s)) (c2 , s2 ) = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) (c2 , s2 ) = { deﬁnition of ( ) } ((((x − s) ↓ c) − X1 ) ↓ X2 , x + s + X3 ) = { -X1 distributes over (↓) } (((x − s − X1 ) ↓ (c − X1 )) ↓ X2 , x + s + X3 ) = { arithmetics } (((x − (s + X1 )) ↓ ((c − X1 ) ↓ X2 ), x + s + X3 ) = { deﬁnition of (⊲) } x ⊲ ((c − X1 ) ↓ X2 , s + X1 ) = { deﬁnition of ( ) } x ⊲ ((c, s) (c2 , s2 )) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 23/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Generalise The Proof ▸ (s + X1 ) and (s + X3 ) have to be the same term (x ⊲ (c, s)) (c2 , s2 ) = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) (c2 , s2 ) = { deﬁnition of ( ) } ((((x − s) ↓ c) − X1 ) ↓ X2 , x + s + X1 ) = { -X1 distributes over (↓) } (((x − s − X1 ) ↓ (c − X1 )) ↓ X2 , x + s + X1 ) = { arithmetics } (((x − (s + X1 )) ↓ ((c − X1 ) ↓ X2 ), x + s + X1 ) = { deﬁnition of (⊲) } x ⊲ ((c − X1 ) ↓ X2 , s + X1 ) = { deﬁnition of ( ) } x ⊲ ((c, s) (c2 , s2 )) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 23/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Generalise The Proof ▸ Proof of (x ⊲ y ) (c2 , s2 ) = x ⊲ (y (c2 , s2 )) (x ⊲ (c, s)) (c2 , s2 ) = { deﬁnition of (⊲) } ((x − s) ↓ c, x + s) (c2 , s2 ) = { deﬁnition of ( ) } ((((x − s) ↓ c) − X1 ) ↓ X2 , x + s + X1 ) = { -X1 distributes over (↓) } (((x − s − X1 ) ↓ (c − X1 )) ↓ X2 , x + s + X1 ) = { arithmetics } (((x − (s + X1 )) ↓ ((c − X1 ) ↓ X2 ), x + s + X1 ) = { deﬁnition of (⊲) } x ⊲ ((c − X1 ) ↓ X2 , s + X1 ) = { deﬁnition of ( ) } x ⊲ ((c, s) (c2 , s2 )) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 23/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Reﬁning The ( ) ▸ (c1 , s1 ) (c2 , s2 ) = ((c1 − X1 ) ↓ X2 , s1 + X1 ) ▸ Satisﬁes that (c2 , s2 ) = (∞, 0) (c2 , s2 ) (c2 , s2 ) = ((∞ − X1 ) ↓ X2 , 0 + X1 ) ≡ (c2 , s2 ) = (∞ ↓ X2 , X1 ) ≡ (c2 , s2 ) = (X2 , X1 ) Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 24/ 25
• Setup Example: Steep Proving foldr (⊲) e = foldl (⊳) e Conclusions Constructing ( )Reﬁning The ( ) ▸ (c1 , s1 ) (c2 , s2 ) = ((c1 − X1 ) ↓ X2 , s1 + X1 ) ▸ Satisﬁes that (c2 , s2 ) = (∞, 0) (c2 , s2 ) (c2 , s2 ) = ((∞ − X1 ) ↓ X2 , 0 + X1 ) ≡ (c2 , s2 ) = (∞ ↓ X2 , X1 ) ≡ (c2 , s2 ) = (X2 , X1 ) ▸ We have thus discovered that ▸ (c1 , s1 ) (c2 , s2 ) = ((c1 − s2 ) ↓ c2 , s1 + s2 ) ▸ This ( ) has got to be correct, because we have the proof already! Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 24/ 25
• Example: Steep ConclusionsConclusions ▸ We have proposed and demonstrated a novel approach to constructing ( ). ▸ Starting with a trivial generalisation of either (⊲) or (⊳), we exploit the constraint enforced by the proof of associativity to reﬁne ( ). ▸ Once we have constructed ( ), we have its correctness proof too. Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 25/ 25