constructing list homomorphisms from proofs

Constructing List Homomorphisms from Proofs

Yun-Yan Chi Shin-Cheng Mu

IIS, Academia Sinica, Taiwan

September 17, 2012

Yun-Yan Chi, Shin-Cheng Mu APLAS 2011 1/ 25

PreludePreliminaries

The Way To Go

List Homomorphism

▸ A function h on lists is called a list homomorphism if itsatisfies

h (xs ++ ys) = h xs ⊙ h ys,

for some associative operator (⊙)

▸ E.g. sum (xs ++ ys) = sum xs + sum ys

▸ Potential chances of parallelisation▸ compute h xs and h ys in parallel▸ combine the results using (⊙)

▸ Can a list homomorphism be mechanically constructed?



The Way To Go

List Homomorphism

▸ A function h on lists is called a list homomorphism if itsatisfies

h (xs ++ ys) = h xs ⊙ h ys,

for some associative operator (⊙)

▸ E.g. sum (xs ++ ys) = sum xs + sum ys▸ Potential chances of parallelisation

▸ compute h xs and h ys in parallel▸ combine the results using (⊙)

▸ Can a list homomorphism be mechanically constructed?



The Way To Go

A clue

▸ The well-known third list-homomorphism theorem:▸ h is a list homomorphism▸ if h can be foldr(⊲) e and foldl(⊳) e

for some (⊲), (⊳) and e

▸ E.g.

sum ([3,5,7,9]) = 3 + sum [5,7,9]

= sum [3,5,7] + 9

= sum [3,5] + sum [7,9]



The Way To Go

But, how?

▸ Plenty of previous work was devoted to the construction of(⊙) from the definitions of (⊲) and (⊳)

▸ Practically, efforts are needed to proveh = foldr (⊲) e = foldl (⊳) e

▸ This occurs often that one of (⊲) or (⊳) is picked as definitionof h, while the other is much harder to find



The Way To Go

But, how?

▸ We may have a good guess of (⊙) by mixing (⊲) and (⊳)

▸ The proof of the correctness of (⊙) is very similar to the proofof h = foldr (⊲) e = foldl (⊳) e, which we have to provideanyway

▸ Our idea: transform the proof of the correctness of (⊙) fromthe proof of foldr = foldl , after assembling a possible (⊙)



The Way To Go

FoldTuplingFoldr-Fusion Law

Prelude

PreliminariesFoldTuplingFoldr-Fusion Law

The Way To GoProof by FusionProof Generalisation



The Way To Go


Foldr

▸ A function h is a instance of foldr (⊲) e if h can be defined as▸ h [ ] = e▸ h (x ∶ xs) = x ⊲ h xs

for some e and (⊲)

▸ E.g.

foldr (⊲) e xs

= foldr (⊲) e (x1 ∶ (x2 ∶ (x3 ∶ [ ])))

= x1 ⊲ foldr (⊲) e (x2 ∶ (x3 ∶ [ ]))

= ...

= x1 ⊲ (x2 ⊲ (x3 ⊲ e))



The Way To Go


Foldl

▸ Symmetrically, h is a foldl(⊳) e if it can be defined as▸ h [ ] = e▸ h (xs ++ [x]) = h xs ⊳ x ,

for some (⊳) and e

▸ E.g.

foldl (⊳) e xs

= foldl (⊳) e ((([ ] ++ [x1]) ++ [x2]) ++ [x3])

= foldl (⊳) e (([ ] ++ [x1]) ++ [x2]) ⊳ x3

= ...

= ((e ⊳ x1) ⊳ x2) ⊳ x3



The Way To Go


Tupling

▸ Not all functions can be a fold

▸ Tupling:for h, find a k such that ⟨h, k⟩ is a fold

▸ ⟨h, k⟩ x = (h x , k x)



The Way To Go


Foldr-Fusion Law

▸ One can fuse f and foldr into another foldr

(f ○ foldr (⊲) e) xs

= (f ○ foldr (⊲) e) (x1 ∶ (x2 ∶ (x3 ∶ ... ∶ [])))

= f (x1 ⊲ (x2 ⊲ (x3 ⊲ ...⊲ e)))

= { f (x ⊲ z) = x ⊕ f z }x1⊕ (f (x2 ⊲ (x3 ⊲ ...⊲ e)))

= ...

= x1⊕ (x2⊕ (x3⊕ ...⊕ (f e)))

= foldr (⊕) (f e) xs



The Way To Go

Proof by FusionProof Generalisation

Return to our approach

▸ Since we try to transform the proof of▸ h = foldr (⊲) e = foldl (⊳) e

to the proof of▸ the correctness of (⊙),

▸ we want to know how to

1. prove that h = foldr (⊲) e = foldl (⊳) e2. prove that (⊙) do define a list homomorphism3. transform the former to the latter



The Way To Go


h = foldr (⊲) e = foldl (⊳) e

▸ Let h = foldr (⊲) e▸ To prove that h = foldl (⊳) e, we have to show

▸ h [ ] = e▸ h (xs ++ [z]) = h xs ⊳ z

▸ In point-free style: h ○ (++[z]) = (⊳ z) ○ h

h ○ (++[z])

= { foldr -fusion, since (++[z]) = foldr (∶) [z] }foldr (⊲) (h [z])

= { foldr -fusion (backwards) }(⊳ z) ○ foldr (⊲) e

= (⊳ z) ○ h



The Way To Go


h = foldr (⊲) e = foldl (⊳) e

▸ For the second foldr -fusion▸ z ⊲ e = e ⊳ z▸ (x ⊲ y) ⊳ z = x ⊲ (y ⊳ z) - the associativity of (⊲) and (⊳)

▸ We will have the proof of h = foldr (⊲) e = foldl (⊳) eif we have the proof of above fusion conditions



The Way To Go


h is list homomorphism

▸ To prove that h is a list homomorphism, we have to show▸ h (xs ++ ys) = h xs ⊙ h ys

▸ In point-free style: h ○ (++ys) = (⊙h ys) ○ h

h ○ (++ys)

= { foldr -fusion, since (++ys) = foldr (∶) ys }foldr (⊲) (h ys)

= { foldr -fusion (backwards) }(⊙h ys) ○ foldr (⊲) e

= (⊙h ys) ○ h



The Way To Go


h is list homomorphism

▸ For the second foldr -fusion▸ h ys = e ⊙ h ys▸ (x ⊲ y)⊙ h ys = x ⊲ (y ⊙ h ys)

▸ If we have the proof of those fusion conditions, we will havethe proof of (⊙) do define a list homomorphism



The Way To Go


Generalisation

▸ To transform the proof of▸ h = foldr (⊲) e = foldl (⊳) e

▸ (x ⊲ y) ⊳ z = x ⊲ (y ⊳ z)

to the proof of▸ h (xs ++ ys) = h xs ⊙ h ys

▸ (x ⊲ y)⊙ h ys = x ⊲ (y ⊙ h ys)

▸ To come up with (⊙) and its correctness proof

▸ Generalise the former proof to the latter by replacing theoccurrences of z in (⊳) by metavariables



The Way To Go


Generalisation

▸ To transform the proof of▸ z ⊲ e = e ⊳ z▸ (x ⊲ y) ⊳ z = x ⊲ (y ⊳ z)

to the proof of▸ h ys = e ⊙ h ys▸ (x ⊲ y)⊙ h ys = x ⊲ (y ⊙ h ys)

▸ To come up with (⊙) and its correctness proof

▸ Generalise the former proof to the latter by replacing theoccurrences of z in (⊳) by metavariables


Example: SteepConclusions

SetupProving foldr (⊲) e = foldl (⊳) eConstructing (⊙)

Example: SteepSetupProving foldr (⊲) e = foldl (⊳) eConstructing (⊙)

Conclusions




Steep▸ A list of numbers is said to be steep if each number is larger

than the sum of the numbers to its right.▸ E.g. steep [20,10,5,2]

Can steep be a foldl ?





than the sum of the numbers to its right.▸ Can steep be a foldr ?

Can steep be a foldl ?





than the sum of the numbers to its right.▸ Can steep be a foldl ?




Cap

▸ cap xs, upper-bound of value we can attach to the right of xs▸ cap can be a foldr together with sum

cap can be a foldl




Cap

▸ cap xs, upper-bound of value we can attach to the right of xs▸ cap can be a foldl




Steep as Fold

▸ We can compute steep if we can compute cap▸ ⟨cap, sum⟩ can be foldr (⊲) (∞,0) and foldl (⊳) (∞,0),

where▸ x ⊲ (c2, s2) = ((x − s2) ↓ c2, x + s2)▸ (c1, s1) ⊳ z = ((c1 − z) ↓ z , s1 + z)

▸ It is not so obvious that foldr = foldl





Conclusions




Fusion Conditions

▸ z ⊲ (∞,0) = (∞,0) ⊳ z

▸ (x ⊲ y) ⊳ z = x ⊲ (y ⊳ z)▸ The former condition trivially holds:

z ⊲ (∞,0)

= { definition of (⊲) }((z − 0) ↓∞, z + 0)

= { arithmetics }((∞− z) ↓ z ,0 + z)

= { definition of (⊳) }(∞,0) ⊳ z .




Proof of Associativity

(x ⊲ (c, s)) ⊳ z

= { definition of (⊲) }((x − s) ↓ c, x + s) ⊳ z

= { definition of (⊳) }((((x − s) ↓ c) − z) ↓ z , x + s + z)

= { (−z) distributes over (↓) }(((x − s − z) ↓ (c − z)) ↓ z , x + s + z)

= { arithmetics }(((x − (s + z)) ↓ ((c − z) ↓ z), x + s + z)

= { definition of (⊲) }x ⊲ ((c − z) ↓ z , s + z)

= { definition of (⊳) }x ⊲ ((c, s) ⊳ z)





Conclusions




The Aim now is

1. Generalise the proof of▸ (x ⊲ y) ⊳ z = x ⊲ (y ⊳ z)

to a proof of▸ (x ⊲ y)⊙ (c2, s2) = x ⊲ (y ⊙ (c2, s2)).

2. Construct a definition of (⊙)




Generalise The Proof▸ Copy the proof of associativity

(x ⊲ (c, s)) ⊳ z



= { -z distributes over (↓) }(((x − s − z) ↓ (c − z)) ↓ z , x + s + z)







Generalise The Proof▸ Generalise ⊳ z to ⊙ (c2, s2)

(x ⊲ (c, s)) ⊳ z










Generalise The Proof▸ Generalise ⊳ z to ⊙ (c2, s2)

(x ⊲ (c, s))⊙ (c2, s2)

= { definition of (⊲) }((x − s) ↓ c, x + s)⊙ (c2, s2)

= { definition of (⊙) }((((x − s) ↓ c) − z) ↓ z , x + s + z)




= { definition of (⊙) }x ⊲ ((c, s)⊙ (c2, s2))




Generalise The Proof▸ Replace z by metavariable Xi

(x ⊲ (c, s))⊙ (c2, s2)


= { definition of (⊙) }((((x − s) ↓ c) − z) ↓ z , x + s + z)








Generalise The Proof▸ Replace z by metavariable Xi

(x ⊲ (c, s))⊙ (c2, s2)


= { definition of (⊙) }((((x − s) ↓ c) −X1) ↓X2, x + s +X3)

= { -X1 distributes over (↓) }(((x − s −X1) ↓ (c −X1)) ↓X2, x + s +X3)

= { arithmetics }(((x − (s +X1)) ↓ ((c −X1) ↓X2), x + s +X3)

= { definition of (⊲) }x ⊲ ((c −X1) ↓X2, s +X1)





Generalise The Proof▸ (s +X1) and (s +X3) have to be the same term

(x ⊲ (c, s))⊙ (c2, s2)










Generalise The Proof▸ Proof of (x ⊲ y)⊙ (c2, s2) = x ⊲ (y ⊙ (c2, s2))

(x ⊲ (c, s))⊙ (c2, s2)










Refining The (⊙)

▸ (c1, s1)⊙ (c2, s2) = ((c1 −X1) ↓X2, s1 +X1)

▸ Satisfies that (c2, s2) = (∞,0)⊙ (c2, s2)

(c2, s2) = ((∞−X1) ↓X2,0 +X1)

≡ (c2, s2) = (∞ ↓X2,X1)

≡ (c2, s2) = (X2,X1)

▸ We have thus discovered that▸ (c1, s1)⊙ (c2, s2) = ((c1 − s2) ↓ c2, s1 + s2)▸ This (⊙) has got to be correct, because we have the proof

already!



Conclusions

▸ We have proposed and demonstrated a novel approach toconstructing (⊙).

▸ Starting with a trivial generalisation of either (⊲) or (⊳), weexploit the constraint enforced by the proof of associativity torefine (⊙).

▸ Once we have constructed (⊙), we have its correctness prooftoo.


constructing list homomorphisms from proofs

Sports

h ys h h

h ys foldr e

h xs h ys

foldr h ys

foldr h z

foldr fusion h ys

e h ys x y h ys

z foldr e