recap (lecture 1): propositional logic · pdf filerecap (lecture 1): propositional logic...

Recap (Lecture 1): Propositional logic program

A definite clause is a formula of one of the two shapes below

q (a Prolog fact q . )

p1 ∧ · · · ∧ pk → q (a Prolog rule q :- p1, . . . , pk .)

where p1, . . . , pk , q are all atoms (that is, atomic statements).

A logic program is a list F1, . . . ,Fn of definite clauses

A goal is a list g1, . . . , gm of atoms.

The job of the system is to ascertain whether the logicalconsequence below holds.

F1, . . . ,Fn |= g1 ∧ · · · ∧ gm .

Example logic program (Lecture 1)

chicago → windy

edinburgh → windy

edinburgh → scotland

scotland → rainy

windy ∧ rainy → insideOutUmbrella

edinburgh

The Prolog search procedure

The search starts with the goal g1, . . . , gm, given by the user to thesystem, as the initial (current) goal.

At every stage in the search, we have an associated list of atoms:the current goal.

If we ever obtain the empty goal (notation ε) as the current goalthen the search is successful, and Prolog returns the answer yes.

If the search terminates without obtaining the empty goal thenProlog returns the answer no.

We illustrate the procedure, using our running example.

The initial goal is thus insideOutUmbrella.

Current goal: insideOutUmbrella.

The only clause in the program that can be used to deriveinsideOutUmbrella is

windy ∧ rainy→ insideOutUmbrella

Replace the current goal with

windy, rainy

Current goal: windy, rainy

The clauses in the program that might be used to derive windyare:

chicago→windy

edinburgh→windy

Try the first rule first, so replace the current goal with

chicago, rainy

Current goal: chicago, rainy

There are no clauses in the program that can be used to derivechicago.

(This is the point at which Sicstus Prolog complains with theoriginal Prolog formulation of the example. The error messagestates that no rule is found with chicago as conclusion.)

We thus backtrack to the last point at which there remains anunexplored search option.

We thus restore the current goal to

windy, rainy

Current goal: windy, rainy

We have already seen that the first matching clause

chicago→ windy

does not produce a derivation of windy.

We thus try the next clause in the program that matches windy:

edinburgh→ windy

So replace the current goal with

edinburgh, rainy

Current goal: edinburgh, rainy

The first atom in the goal, edinburgh, is an axiom.

We thus remove edinburgh from the goal list.

So replace the current goal with

rainy

Continuing the same way, we obtain successively:

Current goal: rainy

Current goal: scotland

Current goal: edinburgh

Current goal: ε

Now the search has produced an empty list for the current goal.This means the search for a derivation has been successful.

So (idealized) Prolog search thus returns the answer yes to thequery insideOutUmbrella

Prolog search tree for goal insideOutUmbrella

iOU

(1)

windy,rainy

(2)

chicago,rainy

(3)

failedinburgh,rainy

(4)

rainy

(5)

scotland

(6)

edinburgh

(7)

ε

(8)

yes

Order in which the nodes are visited.

Prolog search tree for goal insideOutUmbrella

iOU (1)

windy,rainy (2)

chicago,rainy (3)fail

edinburgh,rainy (4)

rainy (5)

scotland (6)

edinburgh (7)

ε (8)yes

Order in which the nodes are visited.

What does Prolog search do?

Why is Prolog search correct? Where does it come from?

The theoretical explanation is that (propositional) Prolog issearching for a formal derivation of the goal from axioms given bythe program in an inference system (a.k.a. proof system) fordefinite clause (propositional) logic.

A derivation can be directly read off from a successful branch inthe search tree.

The next slide shows the derivation that is found by proof search inthe case of the running example.

After that we define the inference system rigorously

Example derivation

ε edin

edin edin→ scot

scot scot→ rain

rain edin

edin, rain edin→ wind

wind, rain wind ∧ rain→ iOU

insideOutUmbrella

The inference system

To derive new goals starting with the empty goal ε, which we viewas trivially established.

We then use a single inference rule to derive a new established goalfrom a goal already established

g1, . . . , gl−1, h1, . . . , hk , gl+1, . . . , gm h1 ∧ · · · ∧ hk → gl

g1, . . . , gl−1, gl , gl+1, . . . , gm

where 1 ≤ l ≤ m and k ≥ 0.

The rule says: if we have already established goalg1, . . . , gl−1, h1, . . . , hk , gl+1, . . . , gm and we haveh1 ∧ · · · ∧ hk → gl as one of the program clauses, then we canobtain g1, . . . , gl−1, gl , gl+1, . . . , gm as a new established goal.

Constructing a derivation

Derivations can be constructed in two directions.

I Bottom up: To prove a goal g1, . . . , gm, start from the emptygoal ε and apply the inference rules until g1, . . . , gm is reached.

I Top down: To prove g1, . . . , gm, apply the inference rulesbackwards, starting from g1, . . . , gm, until ε is produced.

I Counterintuitively, “bottom up” starts at the top of the paperand proceeds downwards, whereas “top down” starts at thebottom and builds upwards. The terminology “top down” and“bottom up” is motivated by the approach to problem solvingrather than the direction the process takes on paper.

I It makes no difference to the derivation how it is put together.However the top down approach is (usually) the one bestsuited to searching for a derivation.

Prolog proof search is topdown.

Constructing a derivation

Derivations can be constructed in two directions.

I Bottom up: To prove a goal g1, . . . , gm, start from the emptygoal ε and apply the inference rules until g1, . . . , gm is reached.

I Top down: To prove g1, . . . , gm, apply the inference rulesbackwards, starting from g1, . . . , gm, until ε is produced.

I Counterintuitively, “bottom up” starts at the top of the paperand proceeds downwards, whereas “top down” starts at thebottom and builds upwards. The terminology “top down” and“bottom up” is motivated by the approach to problem solvingrather than the direction the process takes on paper.

I It makes no difference to the derivation how it is put together.However the top down approach is (usually) the one bestsuited to searching for a derivation. Prolog proof search is topdown.

Top-down proof search

A top-down search for a derivation maintains a list g1, . . . , gn ofatoms, the current goal. The procedure is:

I For l with 1 ≤ l ≤ n, find an axiom (program clause) of form

h1 ∧ · · · ∧ hk → gl

Replace gl with h1, . . . , hk . So the current goal becomes

g1, . . . , gl−1, h1, . . . , hk , gl+1, . . . , gn

This includes, with k = 0, the case in which gl is itself anaxiom, in which case it simply gets removed from the list.

The choice of l and choice of axiom means that the search spacebranches, producing a search tree.

The goal of the proof search procedure is to find a branch in thesearch tree ending in a leaf labelled with the empty goal ε.

Prolog search tree

Prolog search specializes the above by always considering theindividual goal atoms in goal order.

This means that given a current goal

g1, . . . , gn

Prolog always looks for an axiom (program clause) of form

h1 ∧ · · · ∧ hk → g1

That is l on the previous slide is always chosen to be 1.

This policy is built into the Prolog search tree for a query. In aProlog search tree, the branching reflects only the choice involvedin selecting which axiom to use.

Prolog proof search

Prolog proof search is depth first:

I The search always moves to an unvisited (i.e., not previouslyvisited) child (i.e., immediately below) node of the currentnode, whenever such a node exists.

I If there is no such node, the search backtracks to the mostrecently visited node from which such an unvisited child nodeis available.

Prolog proof search follows program order.

I Child nodes are visited in the order that the axioms (Prologrules) that determine the child node appear in the program(i.e., from left to right in the trees as we are drawing them).

Another example logic program

hotterSun → warmerClimate

carbonIncrease → warmerClimate

warmerClimate → iceMelts

iceMelts → albedoDecrease

albedoDecrease → warmerClimate

carbonIncrease

Prolog search tree for goal iceMelts

iM

wC

hSfail

cI

yes

aD

iM

wC

hSfail

cI

yes

aD

...

A derivation of the goal iceMelts

ε cI

cI cI→ wC

wC wC→ iM

iM

Prolog search for goal iceMelts

iM (1)

wC (2)

hS (3) cI (4)

yes (5)

aD

iM

wC

hS cI

yes

aD

...

Reordering program can improve efficiency . . .






carbonIncrease

Resulting Prolog search

iM (1)

wC (2)

cI (3)

yes (4)

hS aD

iM

wC

cI

yes

hS aD

...

. . . or reduce efficiency . . .






carbonIncrease

. . . drastically!

iM (1)

wC (2)

hS (3) aD (4)

iM (5)

wC (6)

hS (7) aD (8)

... (∞)

cI

yes

cI

yes

In Sicstus Prolog

Program:

warmerClimate :- hotterSun.warmerClimate :- albedoDecrease.warmerClimate :- carbonIncrease.iceMelts :- warmerClimate.albedoDecrease :- iceMelts.carbonIncrease.hotterSun :- false.

Query:

| ?- iceMelts.! Resource error: insufficient memory

Incompleteness of Prolog proof search

The correct answer to the query iceMelts is yes, becauseiceMelts is a logical consequence of the program (irrespective ofhow we order the axioms in the program).

Our original derivation of iceMelts is a valid derivation(irrespective of how we order the axioms in the program).

However, whether Prolog proof search is successful or not dependson the order in which the axioms in the program are given.

The Prolog proof search procedure is said to be incomplete: itdoes not always find a derivation, even if a derivation exists.

Notation

I Goal g1, . . . , gm is a logical consequence of F1,F2, . . . ,Fn

F1, . . . ,Fn |= g1 ∧ · · · ∧ gm .

I Goal g1, . . . , gm is derivable from F1,F2, . . . ,Fn:

F1, . . . ,Fn ` g1, . . . , gm .

i.e., there is some derivation of g1, . . . , gm from axiomsF1,F2, . . . ,Fn

I Goal g1, . . . , gm is Prolog derivable from F1,F2, . . . ,Fn:

F1, . . . ,Fn `Prolog g1, . . . , gm ,

i.e., Prolog proof search is successful.

Fundamental properties

Correctness of Prolog proof search

(straightforward)

F1, . . . ,Fn `Prolog g1, . . . , gm implies F1, . . . ,Fn ` g1, . . . , gm .

Soundness of inference system

(not too hard; see appendix)

F1, . . . ,Fn ` g1, . . . , gm implies F1, . . . ,Fn |= g1 ∧ · · · ∧ gm .

Completeness of inference system

(a bit harder; see appendix)

F1, . . . ,Fn |= g1 ∧ · · · ∧ gm implies F1, . . . ,Fn ` g1, . . . , gm .


(already shown)

F1, . . . ,Fn |= g1∧· · ·∧gm doesn’t imply F1, . . . ,Fn `Prolog g1, . . . , gm .


Correctness of Prolog proof search (straightforward)


Soundness of inference system

(not too hard; see appendix)






(already shown)





Soundness of inference system (not too hard; see appendix)






(already shown)







Completeness of inference system (a bit harder; see appendix)



(already shown)







Completeness of inference system (a bit harder; see appendix)


Incompleteness of Prolog proof search (already shown)


Discussion

We have a complete inference system for propositional definiteclause logic, but Prolog’s proof search procedure is incomplete.

Incompleteness can be remedied in different ways, e.g.:

I Add loop checking to the Prolog search procedure to checkwhen the search reconsiders an atom already encountered.

This provides a decision procedure for propositionaldefinite-clause logic: the search will say yes if a derivationexists, and no if no derivation exists.

I Use breadth-first search instead of depth-first search.

This gives a complete proof procedure (a derivation will befound whenever one exists) without loop checking, but not adecision procedure. Loop checking still needs to be added inorder to detect when no derivation is available.

Loop checking

iM (1)

wC (2)

hS (3) aD (4)

iM (5)

wC

hS aD

...

cI

yes

cI (6)

yes (7)

Breadth-first search

iM (1)

wC (2)

hS (3) aD (4)

iM (6)

wC

hS aD

...

cI

yes

cI (5)

yes (7)

Discussion (continued)

There are sound pragmatic reasons, however, that Prolog does notimplement such modified search algorithms.

I Loop checking makes proof search less efficient, and it isanyway not a useful modification once we move to thepredicate (first-order) logic used by Prolog (wherenon-terminating behaviour can occur without the same goalever repeating itself).

I Breadth-first search is in general inefficient, since it alwaysexplores all branches, irrespective of their usefulness.

The benefit of program-order depth-first search is that theprogramer can order the clauses in the program to maximizethe efficiency of Prolog’s proof search algorithm.

Conclusions

Prolog proof search is an example of good engineering design basedon an interplay between theoretical and practical considerations.

I It has a strong theoretical foundation, in being based on acomplete inference system for definite-clause logic.

I However, its incomplete proof search procedure is a goodimplementation choice, allowing efficient proof search in thecontext of predicate logic, and permitting the programmer totailor programs with regard to efficiency issues.

Main points today

Prolog search tree

inference system

Prolog search strategy as program-order depth-first search

incompleteness of Prolog proof search strategy

correctness of Prolog proof search strategy

soundness of inference system

completeness of inference system

Proofs of soundness and completeness are given as non-examinableappendices to this lecture.

Appendix: Proof of soundness

We need to prove:


Suppose that F1, . . . ,Fn ` g1, . . . , gm.

Let I be an interpretation for which

I |= F1 and . . . and I |= Fn

We need to show that I |= g1 ∧ · · · ∧ gm.

To this end, let Π be a derivation tree for g1, . . . , gm.

We show on next 2 slides that, for every established goalg ′1, . . . , g

′m′ . that occurs in Π, it holds that I |= g ′1 ∧ · · · ∧ g ′m′ .

Thus, in particular, I |= g1 ∧ · · · ∧ gm, as required.

Proof of soundness (continued)

We show: for every established goal g ′1, . . . , g′m′ . that occurs in Π,

it holds that I |= g ′1 ∧ · · · ∧ g ′m′ .

We work from the initial empty goal in Π downwards, propagatingthe property that I |= g ′1 ∧ · · · ∧ g ′m′ as we go.

(Formally, this is a proof by induction on the structure/height ofthe derivation.)

There are two cases:

1. If the goal g ′1, . . . , g′m′ is empty then m′ = 0.

It is immediate that I |= g ′1 ∧ · · · ∧ g ′m′ since an emptyconjunction is true by convention.

Proof of soundness (continued)

2. Otherwise the derivation of g ′1, . . . , g′m′ within Π must look like

···g ′1, . . . , g

′l−1, h1, . . . , hk , g

′l+1, . . . , g

′m′ h1 ∧ · · · ∧ hk → g ′l

g ′1, . . . , g′m′

where h1 ∧ · · · ∧ hk → g ′l is an axiom.

By the property we are propagating through the tree,

I |= g ′1 ∧ · · · ∧ g ′l−1 ∧ h1 ∧ · · · ∧ hk ∧ g ′l+1 ∧ · · · ∧ g ′m′ .

Because h1 ∧ · · · ∧ hk → g ′l is an axiom,

I |= h1 ∧ · · · ∧ hk → g ′l .

Thus indeed I |= g ′1 ∧ · · · ∧ g ′m′ .

Illustration of the propagation process

(1) I |=

ε

(1) I |=

cI

(2) I |=

cI

(1) I |=

cI→ wC

(3) I |=

wC

(1) I |=

wC→ iM

(4) I |=

iM


(1) I |= ε (1) I |= cI

(2) I |=

cI (1) I |= cI→ wC

(3) I |=

wC (1) I |= wC→ iM

(4) I |=

iM


(1) I |= ε (1) I |= cI

(2) I |= cI (1) I |= cI→ wC

(3) I |=

wC (1) I |= wC→ iM

(4) I |=

iM


(1) I |= ε (1) I |= cI

(2) I |= cI (1) I |= cI→ wC

(3) I |= wC (1) I |= wC→ iM

(4) I |=

iM


(1) I |= ε (1) I |= cI

(2) I |= cI (1) I |= cI→ wC

(3) I |= wC (1) I |= wC→ iM

(4) I |= iM

Appendix: Proof of completeness

We need to prove:

F1, . . . ,Fn |= q1 ∧ · · · ∧ qm implies F1, . . . ,Fn ` q1, . . . , qm .

Suppose that F1, . . . ,Fn |= q1 ∧ · · · ∧ qm.

We need to show that F1, . . . ,Fn ` q1, . . . , qm.

To this end, define the following interpretation I:

I(q) =

{true if F1, . . . ,Fn ` q

false otherwise

We show on next 2 slides that

I |= F1 and . . . and I |= Fn

Proof of completness (continued)

I(q) =

{true if F1, . . . ,Fn ` q

false otherwise

We show that I |= Fi for every Fi in F1, . . . ,Fn.

There are 2 cases to consider.

1. If Fi is an atom q then trivially F1, . . . ,Fn ` q. SoI(q) = true. I.e., I |= q.

Proof of completness (continued)

I(q) =

{true if F1, . . . ,Fn ` q

false otherwise

2. In the case Fi is an implication p1 ∧ · · · ∧ pk → q, we need toshow I |= p1 ∧ · · · ∧ pk → q.

Suppose I |= p1 and . . . and I |= pk . That is,F1, . . . ,Fn ` p1 and . . . and F1, . . . ,Fn ` pk .

Combine the derivations of p1, . . . , pk to get one of q:

···p1 . . .

···pk

p1, . . . , pk p1 ∧ · · · ∧ pk → q

q

So F1, . . . ,Fn ` q. Thus I |= q.

Proof of completeness (completed)

I(q) =

{true if F1, . . . ,Fn ` q

false otherwise

We have assumed that F1, . . . ,Fn |= q1 ∧ · · · ∧ qm,and we have shown that I |= F1 and . . . and I |= Fn.

Therefore I |= q1 ∧ · · · ∧ qm. Whence, by definition of I:

F1, . . . ,Fn ` q1 and . . . and F1, . . . ,Fn ` qm

We now combine the derivations:

···q1 . . .

···qm

q1, . . . , qm

Showing that F1, . . . ,Fn ` q1, . . . , qm as required.

Combining derivations

In two places in the proof we needed to “combine” m derivationsof several individual goals q1 and . . . and qm to obtain a combinedderivation the single goal q1, . . . , qm. In the proof we drew thiscombined derivation in the schematic form:

···q1 . . .

···qm

q1, . . . , qm

It is left as an exercise to explicitly define the method of combiningderivations being used here.

recap (lecture 1): propositional logic · pdf filerecap (lecture 1): propositional logic...

Documents