Theories of bounded arithmetic for deep inference proof systems

(1)

Theories of bounded arithmetic for deep inference proof systems

Anupam Das

Ecole Normale Sup´´ erieure de Lyon

Team Carte, LORIA, Nancy March 9, 2015

(2)

Outline

1 Introduction 2 Monotone proofs

3 Atomic flows and normalisation 4 Relativised bounded arithmetic

5 Bounded arithmetics for monotone systems 6 Example: correctness of merge-sort

7 Conclusions

(3)

Outline

7 Conclusions

(4)

Motivation

• Proof complexity: find lower bounds for Frege systems.

• Subproblem: lower bounds for certainrestrictionson proofs.

• This talk: vary the permitted interactions betweenlogical and structuralsteps in proofs.

• Closely related to normalisation procedures in deep inference.

• (My motivation: proof complexity of deep inference.)

(5)

Motivation

• Proof complexity: find lower boundsfor Frege systems.

(6)

Motivation

(7)

Motivation

• This talk: vary the permitted interactions betweenlogical andstructural steps in proofs.

(8)

Motivation

(9)

Motivation

(10)

Motivation

• Theories of bounded arithmetic areuniform versions of propositional systems.

• Induction formulae can only have bounded quantifiers. E.g.

∀x≤t.∃y ≤t⁰(x).φ(x,y)

• Proofs of Π₁ sentences areformal templates for associated classes of propositional proofs withlow complexity.

• Other uses: bounded reverse mathematics, extraction of algorithms of low complexity,...

(11)

Motivation

• Induction formulae can only have bounded quantifiers.

E.g.

∀x≤t.∃y ≤t⁰(x).φ(x,y)

(12)

Motivation

∀x≤t.∃y ≤t⁰(x).φ(x,y)

(13)

Motivation

∀x≤t.∃y ≤t⁰(x).φ(x,y)

• Proofs of Π1 sentences areformal templates for associated classes of propositional proofs withlow complexity.

(14)

Motivation

∀x≤t.∃y ≤t⁰(x).φ(x,y)

• Proofs of Π1 sentences areformal templates for associated classes of propositional proofs withlow complexity.

(15)

The proposed programme of research

1 Formulate a bounded arithmetic for monotone proofs. Fixed pointssimulate formula classes ofunbounded depth.

2 Recover normal formsof proofs asfragmentsof this theory. Restricting topolynomial inductionsuffices.

. . . bygraph-rewriting-based normalisation indeep inference.

3 Deliver positiveproof complexity resultsand gain intuition towards possiblenegative results.

(16)

The proposed programme of research

1 Formulate a bounded arithmetic for monotone proofs.

Fixed pointssimulate formula classes ofunbounded depth.

(17)

The proposed programme of research

(18)

The proposed programme of research

2 Recover normal formsof proofs asfragmentsof this theory.

Restricting topolynomial inductionsuffices.

(19)

The proposed programme of research

(20)

The proposed programme of research

(21)

The proposed programme of research

(22)

Outline

1 Introduction

2 Monotone proofs

7 Conclusions

(23)

Monotone and normal proofs

• Monotone proofs are obtained by the followingrewrite system,

w1 :A^∧B →A w₂ :A→A^∨B

c1 :A→A^∧A c₂ :A^∨A→A s:A^∧(B^∨C)→(A^∧B)^∨C modulo associativity and commutativity of∧ and∨.

• Equivalent to the class of negation-freesequent proofs.

• Normal proofs: all 1-steps occur before all 2-steps.

• (Monotone and normal proofs are also equivalent to certain

‘analytic’deep inferencesystems.)

(24)

Monotone and normal proofs

w1 :A^∧B →A w₂ :A→A^∨B

(25)

Monotone and normal proofs

w1 :A^∧B →A w₂ :A→A^∨B

(26)

Monotone and normal proofs

w1 :A^∧B →A w₂ :A→A^∨B

(27)

Outline

7 Conclusions

(28)

Normalisation procedures from deep inference

• Deep inference enjoysfine-grained normalisation procedures.

• These transform monotone proofs to normal ones.

• The idea is as follows:

1 Atomic flow: trace the paths of atoms through proofs.

2 Graph rewritingsteps induce sound manipulationson their associated proofs.

3 Complexity determined bynumber of pathsin the input flow.

• Path counting algorithms from graph theory can then be employed to give accurate estimates.

(29)

Normalisation procedures from deep inference

(30)

Normalisation procedures from deep inference

(31)

Normalisation procedures from deep inference

(32)

Normalisation procedures from deep inference

(33)

Normalisation procedures from deep inference

(34)

Example of an atomic flow

a

−→

w

a^∨a

−→

c2

(a^∧a)^∨a

−→

c2

(a^∧a)^∨(a^∧a)

−→

c1

a^∧a

−→

w1

(a^∨b)^∧a

−→

s/AC

a^∨(b^∧a)

−→

c2

(a^∧a)^∨(b^∧a)

−→

w2/AC (a^∧a)^∨b

(35)

Local rewriting rules

We consider the followingrewrite system on atomic flows:

→ → →

→ →

→

Theorem

• System isterminating and confluent.

• Induces a transformation from monotone proofs to normal proofspreserving premisses and conclusions.

• Time complexity: polynomial in number of paths of input.

(36)

Local rewriting rules

→ → →

→ →

→

Theorem

(37)

Local rewriting rules

→ → →

→ →

→

Theorem

(38)

Local rewriting rules

→ → →

→ →

→

Theorem

(39)

Local rewriting rules

→ → →

→ →

→

Theorem

(40)

Example of a flow reduction

→ → →

(41)

Complexity issues

• When is normalisationefficient?

• The typical problem: loops formed fromc1 andc2 nodes alternating in series. E.g.,

. . .

• If there are n loops in total then the number of (maximal) paths is 2ⁿ.

(42)

Complexity issues

• The typical problem: loops formed fromc₁ andc₂ nodes alternating in series.

E.g.,

. . .

(43)

Complexity issues

• The typical problem: loops formed fromc₁ andc₂ nodes alternating in series. E.g.,

.. .

(44)

Complexity issues

• The typical problem: loops formed fromc₁ andc₂ nodes alternating in series. E.g.,

.. .

(45)

Outline

3 Atomic flows and normalisation

4 Relativised bounded arithmetic

7 Conclusions

(46)

The Paris-Wilkie translation

• Parikh first considered the theory I∆₀, essentially Robinson’s Arithmetic with induction on ∆0-formulae.

• By free-cut elimination all variables in a proof of a Π1 formula can be bounded by a term, i.e. a polynomial.

• Paris and Wilkie gave a translation relating this theory to propositional proofs:

I∆₀proofs of Π₁formulae are translated toclassesof propositional proofs.

Proofs arepolynomialin size and boundedin depth. Relates concepts in logic to those in (proof) complexity.

(47)

The Paris-Wilkie translation

I∆₀proofs of Π₁formulae are translated toclassesof propositional proofs.

(48)

The Paris-Wilkie translation

I∆₀proofs of Π₁formulae are translated toclasses of propositional proofs.

(49)

The Paris-Wilkie translation

Proofs arepolynomialin size andbounded in depth.

Relates concepts in logic to those in (proof) complexity.

(50)

The Paris-Wilkie translation

Proofs arepolynomialin size andbounded in depth.

Relates concepts in logic to those in (proof) complexity.

(51)

Translation of formulae

Closed ∆0-formulae are translated as follows: hP(t)i := p_val(t) hs ≤ti :=

(> val(s)≤val(t)

⊥ val(s)>val(t) hφ ? ψi := hφi?hψi

h(∃x ≤t)φ(x)i :=

val(t)

W

k=0

hφ(k)i

h(∀x ≤t)φ(x)i :=

val(t)

V

k=0

hφ(k)i

(52)

Translation of formulae

Closed ∆0-formulae are translated as follows:

hP(t)i := p_val(t) hs ≤ti :=

(> val(s)≤val(t)

⊥ val(s)>val(t) hφ ? ψi := hφi?hψi

h(∃x ≤t)φ(x)i :=

val(t)

W

k=0

hφ(k)i

h(∀x ≤t)φ(x)i :=

val(t)

V

k=0

hφ(k)i

(53)

Translation of proofs

• By free-cut elimination an I∆₀-proof of ∀x.φ(x) can be assumed to contain only ∆0-formulae in the free variablex.

• From here proof steps are translated locally.

• For example, this is how the induction ruleis translated:

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

hπ(0)i

hΓi,hφ(0)i → hφ(1)i,h∆i

· · · hπ(t)i

hΓi,hφ(t−1)i → hφ(t)i,h∆i

cut==========================================================================

hΓi, . . . ,hΓi,hφ(0)i → hφ(t)i,h∆i, . . . ,h∆i

c===================================================

hΓi,hφ(0)i → hφ(t)i,h∆i

(54)

Translation of proofs

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

hπ(0)i

· · · hπ(t)i

cut==========================================================================

c===================================================

(55)

Translation of proofs

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

hπ(0)i

· · · hπ(t)i

cut==========================================================================

c===================================================

(56)

Translation of proofs

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

hπ(0)i

· · · hπ(t)i

cut==========================================================================

c===================================================

(57)

Outline

7 Conclusions

(58)

Simulating monotonicity and deep inference

• Monotonicity: nonlogical symbols must occur in positive contextin induction steps.

• Deep inference: admit inductive definitions of predicates.

• E.g. we can define the thresholdpredicate, which is true just when k of P(a), . . . ,P(b) are true:

TP(k,a,b) ↔ ∃i ≤k .

T_P i,a,b^a+b₂ c

∧ T_P k−i,b^a+b₂ c+ 1,b

• (We should somehow control the complexity of closure functions, but we will not address this in this talk.)

(59)

Simulating monotonicity and deep inference

• Deep inference: admit inductive definitions of predicates.

TP(k,a,b) ↔ ∃i ≤k .

T_P i,a,b^a+b₂ c

∧ T_P k−i,b^a+b₂ c+ 1,b

(60)

Simulating monotonicity and deep inference

• Deep inference: admit inductive definitionsof predicates.

TP(k,a,b) ↔ ∃i ≤k .

T_P i,a,b^a+b₂ c

∧ T_P k−i,b^a+b₂ c+ 1,b

(61)

Simulating monotonicity and deep inference

TP(k,a,b) ↔ ∃i ≤k .

TP i,a,b^a+b₂ c

∧ T_P k−i,b^a+b₂ c+ 1,b

(62)

Simulating monotonicity and deep inference

TP(k,a,b) ↔ ∃i ≤k .

TP i,a,b^a+b₂ c

∧ T_P k−i,b^a+b₂ c+ 1,b

(63)

Induction in deep inference

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

= · · · ·

(64)

Induction in deep inference

Consider the translation of an induction step in deep inference:

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

c↑ −−−−−Γ−

Γ^∧Γ^∧φ(0)

=−−−−−−−−−−−−−−−−−−−−−− c↑ −−−−−Γ−

Γ^∧Γ^∧ Γ^∧φ(0)

π(0)

φ(1)^∨∆

s−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ

c↑ −−−−−−

Γ^∧Γ^∧



 Γ^∧φ(1)

π(1)

φ(2)^∨∆

∨ ∆^∨∆

c↓ −−−−−−−

∆





s−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

...

s−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ^∧





Γ^∧φ(t−1)

π(t−2)

φ(t−1)^∨∆

∨ ∆^∨∆

c↓ −−−−−−−

∆





s−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ^∧φ(t−1)

π(t−1)

φ(t)^∨∆

∨ ∆^∨∆

c↓ −−−−−−−

∆

=−−−−−−−−−−−−−−−−−−−−−−−−−−−

φ(t)^∨ ∆^∨∆

c↓ −−−−−−−

∆

= · · · ·

(65)

Induction in deep inference

Analysing this from astructural point of view:

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

c↑−−−−−−Γ Γ^∧Γ^∧φ(0)

=−−−−−−−−−−−−−−−−−−−−−−

c↑−−−−−−Γ Γ^∧Γ^∧

Γ^∧φ(0)

π(0)

φ(1)^∨∆

s−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

c↑−−−−−−Γ Γ∧Γ^∧

Γ∧φ(1)

π(1)

φ(2)^∨∆

∨ ∆^∨∆

c↓−−−−−−−

∆

s−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

...

s−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ^∧ Γ^∧φ(t−1)

π(t−2)

φ(t−1)^∨∆

∨ ∆∨∆

c↓−−−−−−−

∆

s−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ∧φ(t−1)

π(t−1)

φ(t)^∨∆

∨ ∆^∨∆

c↓−−−−−−−

∆

=−−−−−−−−−−−−−−−−−−−−−−−−−−−

∆∨∆

= · · · ·

(66)

Induction in deep inference

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

= · · · ·

(67)

Induction in deep inference

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

= · · · ·

(68)

Induction in deep inference

π(x)

Γ, φ(x)→φ(x+ 1),∆

I N D−−−−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

= · · · ·

(69)

Induction in deep inference

• Multiple inductions induce flows with polynomial-length sequences of loops, meaninginefficient normalisation.

• Solution: replace induction withpolynomial induction: Γ, φ(b^x₂c)→φ(x),∆

PIND−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

• Length of atomic flows is now polylogarithmicallybounded.

• So time complexity of normalisation isquasipolynomially bounded.

(70)

Induction in deep inference

• Solution: replace induction withpolynomial induction:

Γ, φ(b^x₂c)→φ(x),∆

PIND−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

(71)

Induction in deep inference

Γ, φ(b^x₂c)→φ(x),∆

PIND−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

(72)

Induction in deep inference

Γ, φ(b^x₂c)→φ(x),∆

PIND−−−−−−−−−−−−−−−−−−−−−−−

Γ, φ(0)→φ(t),∆

(73)

Outline

7 Conclusions

(74)

Definition of merge sort

Aninductive definition for merge-sort on a stringσ =σ¹σ², with

|σ¹|=|σ²|=n, can be given as follows, Definition (Merge sort)

sort(σ) :=merge(sort(σ¹),sort(σ²)) wheremerge(α1· · ·αm, β1· · ·βn) :=τ¹τ² with,

τ¹ = merge(α₁· · ·α_k, β₁· · ·βc−k), τ² = merge(αk+1· · ·αn, βc−k+1· · ·αn) forc =b^m+n₂ cand the leastk such that τ_i¹≤τ_j² for all i,j. Naturally, we shouldformally prove that some suchk exists.

(75)

Definition of merge sort

|σ¹|=|σ²|=n, can be given as follows,

Definition (Merge sort)

τ¹ = merge(α₁· · ·α_k, β₁· · ·βc−k), τ² = merge(αk+1· · ·αn, βc−k+1· · ·αn) forc =b^m+n₂ cand the leastk such that τ_i¹≤τ_j² for all i,j. Naturally, we shouldformally prove that some suchk exists.

(76)

Definition of merge sort

sort(σ) :=merge(sort(σ¹),sort(σ²))

wheremerge(α1· · ·αm, β1· · ·βn) :=τ¹τ² with, τ¹ = merge(α₁· · ·α_k, β₁· · ·βc−k), τ² = merge(αk+1· · ·αn, βc−k+1· · ·αn) forc =b^m+n₂ cand the leastk such that τ_i¹≤τ_j² for all i,j. Naturally, we shouldformally prove that some suchk exists.

(77)

Definition of merge sort

τ¹ = merge(α₁· · ·α_k, β₁· · ·βc−k), τ² = merge(αk+1· · ·αn, βc−k+1· · ·αn) forc =b^m+n₂ cand the leastk such that τ_i¹≤τ_j² for all i,j.

Naturally, we shouldformally prove that some suchk exists.

(78)

Definition of merge sort

τ¹ = merge(α₁· · ·α_k, β₁· · ·βc−k), τ² = merge(αk+1· · ·αn, βc−k+1· · ·αn) forc =b^m+n₂ cand the leastk such that τ_i¹≤τ_j² for all i,j. Naturally, we shouldformally provethat some such k exists.

(79)

Sign-change lemma

Essentially we need the following lemma:

Lemma

If a<b, f(a)<0 and f(b)≥0 ⇒ then∃x ∈[a,b) such that f(x)<0and f(x+ 1)≥0.

We can prove this in our theory using aninterval-halving algorithm. Proof.

By induction onb−a. For thebase case we have thatb−a= 1, sox =a will do.

For theinductive step, let c =d^a+b₂ e and we have that f(c)≥0 orf(c)<0. In the former case we appeal to the inductive

hypothesis on the interval [a,c), and in the latter [c,b).

(80)

Sign-change lemma

Lemma

We can prove this in our theory using aninterval-halving algorithm.

Proof.

(81)

Sign-change lemma

Lemma

Proof.

(82)

Sign-change lemma

Lemma

Proof.

(83)

Well-definedness

Theorem

The functions sort and merge are well-defined.

(84)

Correctness

A stringσ is sortedif, for every i <|σ|, we have that σ_i ≤σ_i+1. Theorem

For any stringσ, sort(σ) is sorted.

Proof sketch.

Letσ =σ¹σ² and proceed by induction on |σ|. By the inductive definition we have thatsort(σ) =merge(sort(σ¹),sort(σ²)). The two arguments of the merge are sorted, by the inductive hypothesis and, byinvoking another inductionand appealing to the construction of merge, we have that the merge of two sorted strings is sorted, whence the result follows.

(85)

Correctness

A stringσ is sortedif, for every i <|σ|, we have that σ_i ≤σ_i+1.

Theorem

Proof sketch.

(86)

Correctness

Proof sketch.

(87)

Correctness

Proof sketch.

Letσ =σ¹σ² and proceed by induction on |σ|.

By the inductive definition we have thatsort(σ) =merge(sort(σ¹),sort(σ²)). The two arguments of the merge are sorted, by the inductive hypothesis and, byinvoking another inductionand appealing to the construction of merge, we have that the merge of two sorted strings is sorted, whence the result follows.

(88)

Correctness

Proof sketch.

Letσ =σ¹σ² and proceed by induction on |σ|. By the inductive definition we have thatsort(σ) =merge(sort(σ¹),sort(σ²)).

The two arguments of the merge are sorted, by the inductive hypothesis and, byinvoking another inductionand appealing to the construction of merge, we have that the merge of two sorted strings is sorted, whence the result follows.

(89)

Correctness

Proof sketch.

Letσ =σ¹σ² and proceed by induction on |σ|. By the inductive definition we have thatsort(σ) =merge(sort(σ¹),sort(σ²)).

The two arguments of the merge are sorted, by the inductive hypothesis and, byinvoking another inductionand appealing to the construction ofmerge, we have that the merge of two sorted strings is sorted, whence the result follows.