Equivalence, and Property Internalization and Preservation for Equational Programs

Abstract

An equational theory \(\mathcal {E}=(\varSigma , E \cup B)\) is an equational program if its equations E, oriented as rewrite rules \(\vec{E}\), are ground convergent modulo axioms B. Its properties are the inductive theorems of the initial algebra \(\mathbb {T}_{\varSigma /E \cup B}\) defined by \((\varSigma , E \cup B)\). Since programs are structured in module hierarchies, checkable syntactic conditions are given to preserve program properties up and/or down such hierarchies. Two equational programs \(\mathcal {E}=(\varSigma , E \cup B)\) and \(\mathcal {E}'=(\varSigma , E' \cup B')\) are equivalent iff they define the same computable functions on the same algebraic data types. Succinct conditions to verify \(\mathcal {E}\) and \(\mathcal {E}'\) equivalent are given. A useful internalization method to extend an equational program \(\mathcal {E}\) into an equivalent one by adding new rewrite rules or structural axioms that are inductive theorems of \(\mathcal {E}\) is also given. This method can make proofs of program properties simpler and shorter, and offers a new way to prove equational theories ground convergent.

Appendices

\(\text {A}\qquad \) Proofs of Theorems and Lemmas

Proof of Theorem 2.

Proof

First of all, note that, since \(\mathbb {C}_{\varSigma /\vec{E},B}|_{\varOmega ^{+}} = \mathbb {C}_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}}\) and \(\mathbb {C}_{\varSigma '/\vec{E}',B'}|_{\varOmega '^{+}} = \mathbb {C}_{\varOmega '^{+}/\vec{E'}_{\varOmega '^{+}},B'_{\varOmega '^{+}}}\), the S-sorted function of the unique \(\varSigma \)-homomorphism \(h: \mathbb {C}_{\varSigma /\vec{E},B} \rightarrow \mathbb {C}_{\varSigma '/\vec{E}',B'}|_{\varSigma }\) coincides with the S-sorted function of the unique \(\varOmega ^{+}\)-homomorphism \(h: \mathbb {C}_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}} \rightarrow \mathbb {C}_{\varOmega '^{+}/\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}|_{\varOmega ^{+}}\). Therefore, in each case (1)–(3) we just need to show that, for each sort \(s \in S\), the function \(h_{s}: C_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}},s} \rightarrow C_{\varOmega '^{+}/\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}},s}\) is injective, resp. surjective, resp. bijective. Furthermore, since the unique surjective \(\varOmega ^{+}\)-homomorphism \(\mathbb {T}_{\varOmega ^{+}} \rightarrow \mathbb {C}_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}}\) maps each \(u \in T_{\varOmega ^{+},s}\) to \([u!_{\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}}] \in C_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}},s}\), and the unique \(\varOmega ^{+}\)-homomorphism \(\mathbb {T}_{\varOmega ^{+}} \rightarrow \mathbb {C}_{\varOmega '^{+}/\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}|_{\varOmega ^{+}}\) maps each \(u \in T_{\varOmega ^{+},s}\) to \([u!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}] \in C_{\varOmega '^{+}/\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}},s}\), by initiality of \(\mathbb {T}_{\varOmega ^{+}}\) \(h_{s}\) must be the function \(h_{s}: C_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}},s} \ni [u!_{\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}}]_{B_{\varOmega ^{+}}} \mapsto [u!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}]_{B'_{\varOmega '^{+}}}\in C_{\varOmega '^{+}/\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}},s}\).

If the inclusion is extending we need to show that for any \([u]_{B_{\varOmega ^{+}}} , [v]_{B_{\varOmega ^{+}}} \in C_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}},s}\), if \([u!_{\vec{E}'_{{\varOmega '^{+}},{B'_{{\varOmega '}^{+}}}}}]_{B'_{\varOmega '^{+}}}= [v!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}]_{B'_{\varOmega '^{+}}}\), then \([u]_{B_{\varOmega ^{+}}} = [v]_{B_{\varOmega ^{+}}}\). But \([u!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}]_{B'_{\varOmega '^{+}}}= [v!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}]_{B'_{\varOmega '^{+}}}\) just means \(u!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}=_{B'_{\varOmega '^{+}}} v!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}\). First of all note that, \(u!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}=u\) and \(v!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}=v\), i.e., both terms are in \(\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}\)-canonical form. Let me show this for \(u!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}\) since the argument is identical for \(v!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}\). Suppose \(u\rightarrow _{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}w\). This happens iff there is a term \(w'\) such that \(u!_{{\vec{U}_{\varOmega '^{+}}}, {B'_{A\vee C,\varOmega '^{+}}}}=u'\), \(u' \rightarrow _ {{\vec{E}'_{\varOmega '^{+}}}{U_{\varOmega '^{+}}},{B'_{A \vee C,\varOmega '^{+}}}}w'\) and \(w =_{B'_{\varOmega '^{+}}}w'\). But note that \(u'=u!_{\vec{U}_{\varOmega '^{+}}, B'_{A\vee C,\varOmega '^{+}}}\) is actually \(u'=u!_{\vec{U}_{\varOmega ^{+}}, B_{A\vee C,\varOmega ^{+}}}\). This is because, (a) u is an \(\varOmega ^{+}\)-term and by assumption (i), if w is an \(\varOmega ^{+}\)-term, then \(w=_{ B'_{A\vee C,\varOmega '^{+}}}w'\) iff \(w'\) is an \(\varOmega ^{+}\)-term and \(w=_{ B_{A\vee C,\varOmega ^{+}}}w'\), and (b), also by assumption (i), for any \(\varOmega ^{+}\)-term \(u''\) if \(u''\rightarrow _{\vec{U}_{\varOmega '^{+}}, B_{A\vee C,\varOmega '^{+}}}u'''\) the rule \(f(x,e)\rightarrow x\), (resp. \(f(e,x)\rightarrow x\)) applied to \(u''\) to get \(u'''\) can always be chosen to be a rule in \(\vec{U}_{\varOmega ^{+}}\). This means that \(u'\) is an \(\varOmega ^{+}\)-term and \(u=_{B_{\varOmega ^{+}}}u'\). But since \([u] \in C_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}},s}\), \(u'\) must be in \(\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}\)-canonical form. This therefore means that a rewrite \(u' \rightarrow _ {{\vec{E}'_{\varOmega '^{+}}}{U_{\varOmega '^{+}}},{B'_{A \vee C,\varOmega '^{+}}}}w'\) is impossible, since by (a) above and the assumption in (1) such a rewrite must be of the form \(u' \rightarrow _ {{\vec{E}_{{\varOmega ^{+}}_{U_{\varOmega ^{+}}}},B_{A \vee C,\varOmega '^{+}}}}w'\), which is impossible by \(u'\) in \(\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}\)-canonical form. This shows that \(u!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}=u\) and \(v!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}=v\). We furthermore have \(u!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}=_{B'_{\varOmega '^{+}}} v!_{\vec{E}'_{\varOmega '^{+}},B'_{\varOmega '^{+}}}\), i.e., \(u =_{B'_{\varOmega '^{+}}} v\), which holds iff \(u!_{\vec{U}_{\varOmega '^{+}}, B'_{A\vee C,\varOmega '^{+}}} =_{B'_{A \vee C,\varOmega '^{+}}} v!_{\vec{U}_{\varOmega '^{+}}, B'_{A\vee C,\varOmega '^{+}}}\), which, reasoning as above, holds iff \(u!_{\vec{U}_{\varOmega ^{+}}, B_{A \vee C,\varOmega ^{+}}} =_{B_{A \vee C,\varOmega ^{+}}} v!_{\vec{U}_{\varOmega ^{+}}, B_{A \vee C,\varOmega ^{+}}}\), which is equivalent to \(u=_{B_{\varOmega ^{+}}}v\), proving the injectivity of \(h_{s}\).

If the inclusion is generated-by we need to show h surjective. Since \(\mathbb {C}_{\varOmega '^{+}/\vec{E'}_{\varOmega '^{+}},B'_{\varOmega '^{+}}}\) and \(\mathbb {C}_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}}\) are initial \(\varOmega '^{+}\)-, resp. \(\varOmega ^{+}\)-, algebras, we have surjective \(\varOmega '^{+}\)-, resp. \(\varOmega ^{+}\)-, homomorphisms \(q' : \mathbb {T}_{\varOmega '^{+}}\rightarrow \mathbb {C}_{\varOmega '^{+}/\vec{E'}_{\varOmega '^{+}},B'_{\varOmega '^{+}}}\) and \(q: \mathbb {T}_{\varOmega ^{+}} \rightarrow \mathbb {C}_{\varOmega ^{+}/\vec{E}_{\varOmega ^{+}},B_{\varOmega ^{+}}}\). But conditions (a)–(b) in (2) mean that \(\mathbb {T}_{\varOmega '^{+}}|_{\varOmega ^{+}} = \mathbb {T}_{\varOmega ^{+}}\), which forces the unique \(\varOmega ^{+}\)-homomorphism \(\mathbb {T}_{\varOmega ^{+}} \rightarrow \mathbb {C}_{\varOmega '^{+}/\vec{E'}_{\varOmega '^{+}},B'_{\varOmega '^{+}}}|_{\varOmega ^{+}}\) to be \(q'|_{\varOmega }\) and therefore surjective, and, by initiality of \(\mathbb {T}_{\varOmega ^{+}}\), the homomorphism identity \(q ; h = q'|_{\varOmega ^{+}}\), which by \(q'|_{\varOmega ^{+}}\) surjective forces h to be surjective.

If the inclusion is protecting, h is injective by the requiements in (1) and surjective by those in (2), and therefore bijective. \(\Box \).

Proof of Theorem 3.

Proof

To see the \((\Rightarrow )\) implication, since \(\mathbb {T}_{\varSigma /E \cup G} \models E\) we have a unique \(\varSigma \)-homomorphism \(h: \mathbb {T}_{\varSigma /E} \rightarrow \mathbb {T}_{\varSigma /E \cup G}\). And since \(\mathbb {T}_{\varSigma /E}\models E \cup G\), we also have a unique \(\varSigma \)-homomorphism \(g: \mathbb {T}_{\varSigma /E \cup G} \rightarrow \mathbb {T}_{\varSigma /E }\). But then, the initiality of \(\mathbb {T}_{\varSigma /E}\) forces \(h;g = id _{\mathbb {T}_{\varSigma /E}}\), and the initiality of \(\mathbb {T}_{\varSigma /E \cup G}\) forces \(g;h = id _{\mathbb {T}_{\varSigma /E \cup G}}\). Therefore, we have an isomorphism: \(\mathbb {T}_{\varSigma /E} \cong \mathbb {T}_{\varSigma /E \cup G}\). We will be done of we prove the following lemma:

Lemma 2

Let \(E,E'\) be two sets of \(\varSigma \)-equations such that \(\mathbb {T}_{\varSigma /E} \cong \mathbb {T}_{\varSigma /E'}\). Then, \(\mathbb {T}_{\varSigma /E} = \mathbb {T}_{\varSigma /E'}\).

Proof

\(\mathbb {T}_{\varSigma /E}\) and \(\mathbb {T}_{\varSigma /E'}\) are uniquely determined by the respective ground equality relations \(=_{E} \cap T_{\varSigma }^{2}\) and \(=_{E'} \cap T_{\varSigma }^{2}\). We just need to show \((=_{E} \cap T_{\varSigma }^{2}) = (=_{E'} \cap T_{\varSigma }^{2})\). Since we have a \(\varSigma \)-isomorphism \(h: \mathbb {T}_{\varSigma /E} \rightarrow \mathbb {T}_{\varSigma /E'}\), and unique \(\varSigma \)-homomorphisms \([\_]_{E}: \mathbb {T}_{\varSigma } \rightarrow \mathbb {T}_{\varSigma /E}\), and \([\_]_{E'}: \mathbb {T}_{\varSigma } \rightarrow \mathbb {T}_{\varSigma /E}\), the initiality of \(\mathbb {T}_{\varSigma }\) forces \([\_]_{E}; h = [\_]_{E'}\), i.e., \(h_{s}([t]_{E}) = [t]_{E'}\) for each \(t \in T_{\varSigma ,s}, s\in S\). Let \(t \in T_{\varSigma ,s}\) and \(t' \in T_{\varSigma ,s'}\) with \(t =_{E} t'\). Then \([s]=[s']\) and, by h order-sorted \(\varSigma \)-homomorphism and \([t]_{E}=[t']_{E}\), we must have \(h_{s}([t]_{E})=h_{s'}([t']_{E})\), which forces:

$$h_{s}([t]_{E})= [t]_{E'}= [t']_{E'}=h_{s'}([t']_{E}) $$

giving us the containment \((=_{E} \cap T_{\varSigma }^{2}) \subseteq (=_{E'} \cap T_{\varSigma }^{2})\). Using the inverse isomorphism \(h^{-1}\) we likewise get \((=_{E'} \cap T_{\varSigma }^{2}) \subseteq (=_{E} \cap T_{\varSigma }^{2})\), giving us \((=_{E} \cap T_{\varSigma }^{2}) = (=_{E'} \cap T_{\varSigma }^{2})\), as desired. \(\Box \)

To see the \((\Leftarrow )\) implication, since \(\mathbb {T}_{\varSigma /E} = \mathbb {T}_{\varSigma /E \cup G}\) we have \(\mathbb {T}_{\varSigma /E} \models G\), which exactly means \((\varSigma ,E) \models _{ind} G\). \(\Box \)

Proof of Lemma 1

Proof

It follows from the assumptions on \(\vec{E}_{\varDelta _{0}}\) (resp. \(\vec{E}'_{\varDelta _{0}}\)) and \(B_{\varDelta }\), that for any \(t \in T_{\varDelta _{0} \uplus \varOmega ^{+}}\), if \(t\rightarrow _{\vec{E},B}t'\) (resp. \(t\rightarrow _{\vec{E}',B'}t'\)), then \(t' \in T_{\varDelta _{0} \uplus \varOmega ^{+}}\) and \(t\rightarrow _{ \vec{E}_{\varDelta _{0}} \cup \vec{E}_{\varOmega _{+}}, B_{\varDelta _{0}} \cup B_{\varOmega ^{+}}}t'\) (resp. \(t\rightarrow _{\vec{E}'_{\varDelta _{0}} \cup \vec{E}'_{\varOmega _{+}}, B'_{\varDelta _{0}} \cup B'_{\varOmega ^{+}}}t'\)). Therefore, both \((\varDelta _{0} \uplus \varOmega ^{+}, E_{\varDelta _{0}} \cup E_{\varOmega _{+}} \cup B_{\varDelta _{0}} \cup B_{\varOmega ^{+}})\) and \((\varDelta _{0} \uplus \varOmega ^{+}, E'_{\varDelta _{0}} \cup E'_{\varOmega _{+}} \cup B'_{\varDelta _{0}} \cup B'_{\varOmega ^{+}})\) are sufficiently complete w.r.t. \(\varOmega \), ground convergent, and therefore admissible. Furthermore, for each \(t \in T_{\varDelta _{0} \uplus \varOmega ^{+}}\), \(t!_{\vec{E},B}=t!_{\vec{E}_{\varDelta _{0}} \cup \vec{E}_{\varOmega _{+}},B_{\varDelta _{0}} \cup B_{\varOmega ^{+}}}\) and \(t!_{\vec{E}',B'}=t!_{\vec{E}'_{\varDelta _{0}} \cup \vec{E}'_{\varOmega _{+}},B'_{\varDelta _{0}} \cup B'_{\varOmega ^{+}}}\), which forces \(\mathbb {C}_{\varDelta \uplus \varOmega ^{+}/\vec{E},B}|_{\varDelta _{0} \uplus \varOmega ^{+}} =\mathbb {C}_{\varDelta \uplus \varOmega ^{+}/\vec{E}_{\varDelta _{0}}\cup \vec{E}_{\varOmega _{+}},B_{\varDelta _{0}} \cup B_{\varOmega ^{+}} }\) and \(\mathbb {C}_{\varDelta \uplus \varOmega ^{+}/\vec{E}',B'}|_{\varDelta _{0} \uplus \varOmega ^{+}} =\mathbb {C}_{\varDelta \uplus \varOmega ^{+}/\vec{E}'_{\varDelta _{0}}\cup \vec{E}'_{\varOmega _{+}},B'_{\varDelta _{0}}\cup B'_{\varOmega ^{+}} }\), which, by \(\mathcal {E} \equiv _{ sem } \mathcal {E}'\), forces \((\varDelta _{0} \uplus \varOmega ^{+}, E_{\varDelta _{0}} \cup E_{\varOmega _{+}} \cup B_{\varDelta _{0}} \cup B_{\varOmega ^{+}}) \equiv _{ sem } (\varDelta _{0} \uplus \varOmega ^{+}, E'_{\varDelta _{0}} \cup E'_{\varOmega _{+}} \cup B'_{\varDelta _{0}} \cup B'_{\varOmega ^{+}})\). \(\Box \)

Proof of Theorem 4.

Proof

To see \((\Rightarrow )\), note that semantic equivalence forces (1), since \(\mathbb {C}_{\varSigma /\vec{E},B}=\mathbb {C}_{\varSigma /\vec{E}',B'}\) implies that \(\mathbb {C}_{\varSigma /\vec{E},B}|_{\varOmega } =\mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega }}= \mathbb {C}_{\varOmega /\vec{E}'_{\varOmega },B'_{\varOmega }}= \mathbb {C}_{\varSigma /\vec{E}',B'}|_{\varOmega }\); and also forces (2), since \(\mathcal {E} \equiv _{ind} \mathcal {E}'\) means that \(\mathbb {T}_{\varSigma /E \cup B} = \mathbb {T}_{\varSigma /E' \cup B'}\), which forces \((\varSigma ,E \cup B) \models _{ind} (E'_{\varDelta } \setminus E_{\varDelta }) \cup (B_{\varDelta }' \setminus B_{\varDelta })\).

To prove the \((\Leftarrow )\) implication we first prove:

Lemma 3

For any two canonical term algebras \(\mathbb {C}_{\varSigma /\vec{E},B}\) and \(\mathbb {C}_{\varSigma /\vec{E}',B'}\) with respective constructor subspecifications \((\varOmega , E_{\varOmega } \cup B_{\varOmega })\) and \((\varOmega , E'_{\varOmega } \cup B'_{\varOmega })\) and such that \(\mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega }}= \mathbb {C}_{\varOmega /\vec{E}'_{\varOmega },B'_{\varOmega }}\), \(\mathbb {C}_{\varSigma /\vec{E},B}= \mathbb {C}_{\varSigma /\vec{E}',B'}\) iff for each \(\varSigma \)-term t, \(t ! _{\vec{E}/B} =_{B_{\varOmega }} t ! _{\vec{E'}/B'}\).

Proof

To see the \((\Rightarrow )\) implication, note that the unique \(\varSigma \)-homomorphism \(\mathbb {T}_{\varSigma } \rightarrow \mathbb {C}_{\varSigma /\vec{E},B}\) maps each \(t\in \mathbb {T}_{\varSigma }\) to \([t ! _{\vec{E}/B}]_{B_{\varOmega }}\in \mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega }}\). Therefore, \(\mathbb {C}_{\varSigma /\vec{E},B}= \mathbb {C}_{\varSigma /\vec{E}',B'}\) means that for each \(t\in \mathbb {T}_{\varSigma }\), \([t !_{\vec{E}/B}]_{B_{\varOmega }} =[t ! _{\vec{E'}/B'}]_{B'_{\varOmega }}\), and therefore that \(t !_{\vec{E}/B}=_{B_{\varOmega }} t ! _{\vec{E'}/B'}\).

To see the \((\Leftarrow )\) implication, since \(\mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega }}=\mathbb {C}_{\varOmega /\vec{E}'_{\varOmega },B'_{\varOmega }}\), \(\mathbb {C}_{\varSigma /\vec{E},B}\) and \(\mathbb {C}_{\varSigma /\vec{E}',B'}\) have the same underlying S-sorted set of data elements, and the same interpretation \(c_{\mathbb {C}_{\varSigma /\vec{E},B}}= c_{\mathbb {C}_{\varSigma /\vec{E}',B'}}\) for each constructor operator \(c \in \varOmega \). Therefore, to show \(\mathbb {C}_{\varSigma /\vec{E},B}= \mathbb {C}_{\varSigma /\vec{E}',B'}\) we only need to show that for each \(f\in \varDelta \) we have \(f_{\mathbb {C}_{\varSigma /\vec{E},B}}= f_{\mathbb {C}_{\varSigma /\vec{E}',B'}}\). Indeed, \(f_{\mathbb {C}_{\varSigma /\vec{E},B}}([u_{1}],\ldots ,[ u_{n}]) =[f(u_{1},\ldots , u_{n}) !_{\vec{E}/B}] =[f(u_{1},\ldots , u_{n}) !_{\vec{E}'/B'}]= f_{\mathbb {C}_{\varSigma /\vec{E}',B'}}([u_{1}],\ldots ,[ u_{n}])\). \(\Box \)

Now note that (1) (using Theorems 3 and 1) and (2) force \((\varSigma ,E \cup B) \models _{ind} E' \cup B'\), which forces \(t ! _{\vec{E}/B} =_{E \cup B} t ! _{\vec{E'}/B'}\), which, by the Church-Rosser property, then forces \(t ! _{\vec{E}/B} =_{B_{\varOmega } } (t ! _{\vec{E'}/B'}) !_{\vec{E}/B}\), which by (1) and Lemma 3 forces \(\mathbb {C}_{\varSigma /\vec{E},B}= \mathbb {C}_{\varSigma /\vec{E}',B'}\). \(\Box \)

Proof of Theorem 5.

Proof

\((\varSigma ,B,\vec{E} \cup \vec{G})\) will be admissible if we prove that \((\varSigma ,B,\vec{E} \cup \vec{G})\) is locally ground confluent modulo B. Let \(t,u,v \in T_{\varSigma }\) be such that \(u \; _{\vec{E} \cup \vec{G}/B} \! \leftarrow t \rightarrow _{\vec{E} \cup \vec{G}/B} v\). We need to show that \(u \downarrow _{\vec{E} \cup \vec{G}/B} v\). This will hold if we prove that \(u \downarrow _{\vec{E} /B} v\). But since \((\varSigma ,E \cup B) \models _{ ind } G\), by Theorem 3 this forces \(u =_{E \cup B} v\), which, since \(\vec{E}\) is gound convergent modulo B, forces \(u \downarrow _{\vec{E} /B} v\). Next we have to show that \(\mathbb {C}_{\varSigma /\vec{E},B}=\mathbb {C}_{\varSigma /\vec{E}\cup \vec{G},B}\). Let us first prove that for each \(t \in T_{\varSigma }\) \(t!_{\vec{E},B}=_{B_{\varOmega }}t! _{\vec{E}\cup \vec{G},B}\). Since \(t!_{\vec{E},B}=_{E \cup G \cup B} t! _{\vec{E}\cup \vec{G},B}\), by \((\varSigma ,E \cup B) \models _{ ind } G\) and Theorem 3, \(t!_{\vec{E},B}=_{E \cup B}t! _{\vec{E}\cup \vec{G},B}\), which by the ground Church-Rosser Theorem holds iff \(t!_{\vec{E},B}=_{B_{\varOmega }} (t! _{\vec{E}\cup \vec{G},B})!_{\vec{E},B}\). But, by definition, \(t! _{\vec{E}\cup \vec{G},B}\) is already in \(\vec{E},B\)-canonical form, so that \(t!_{\vec{E},B}=_{B_{\varOmega }}t! _{\vec{E}\cup \vec{G},B}\). This means that \(\mathbb {C}_{\varSigma /\vec{E},B}\) and \(\mathbb {C}_{\varSigma /\vec{E}\cup \vec{G},B}\) have the same S-sorted set of data elements. So, to prove \(\mathbb {C}_{\varSigma /\vec{E},B}=\mathbb {C}_{\varSigma /\vec{E}\cup \vec{G},B}\) it is enough to prove that for each \(f \in \varSigma \) we have the function identity \(f_{\mathbb {C}_{\varSigma /\vec{E},B}}=f_{\mathbb {C}_{\varSigma /\vec{E}\cup \vec{G},B}}\). But this follows easily from \(t!_{\vec{E},B}=_{B_{\varOmega }}t! _{\vec{E}\cup \vec{G},B}\), as in the proof of Lemma 3. \(\Box \)

Proof of Theorem 6.

Proof

To show \((\varSigma ,E \cup B \cup B')\) admissible we need to show that the rules \(\vec{E}\) are locally ground confluent modulo \(B \cup B'\). Let \(t,u,v \in T_{\varSigma }\) be such that \(u \; _{\vec{E} /B \cup B'} \! \leftarrow t \rightarrow _{\vec{E} /B \cup B'} v\). We need to show that \(u \downarrow _{\vec{E} /B \cup B'} v\). This will hold if we prove \(u \downarrow _{\vec{E} /B} v\). But since \((\varSigma ,E \cup B) \models _{ ind } B'\), Theorem 3 forces \(u =_{E \cup B} v\), which, since \(\vec{E}\) is ground confluent modulo B, forces \(u \downarrow _{\vec{E} /B} v\), as desired.

We will be done if we show that \(\mathbb {C}_{\varSigma /\vec{E},B}=\mathbb {C}_{\varSigma /\vec{E},B \cup B'}\). First of all note that for any ground \(\varSigma \)-term \(t\in T_{\varSigma }\), \(t!_{\vec{E},B}=_{B_{\varOmega }}t!_{\vec{E},B \cup B'}\). This is because, by Theorem 3, \(t!_{\vec{E},B}=_{E \cup B}t_{\vec{E},B \cup B'}\), by the ground Church Rosser Theorem \(t!_{\vec{E},B}=_{B_{\varOmega }}(t!_{\vec{E},B \cup B'})!_{\vec{E},B}\) and by \(t!_{\vec{E},B \cup B'}\) already being in \(\vec{E},B\)-normal form \(t!_{\vec{E},B}=_{B_{\varOmega }}t!_{\vec{E},B \cup B'}\). Second, \(\mathbb {C}_{\varSigma /\vec{E},B}\) and \(\mathbb {C}_{\varSigma /\vec{E},B \cup B'}\) will have the same undelying S-sorted set of data elements if we show that \(t!_{\vec{E},B}=_{B_{\varOmega }}t!_{\vec{E},B \cup B'} \Leftrightarrow t!_{\vec{E},B}=_{B_{\varOmega } \cup B'_{\varOmega } }t!_{\vec{E},B \cup B'}\), since this shows that \([t!_{\vec{E},B}]_{B_{\varOmega }}=[t!_{\vec{E},B \cup B'}]_{B_{\varOmega } \cup B'_{\varOmega } }\). This only requires showing \(t!_{\vec{E},B}=_{B_{\varOmega } \cup B'_{\varOmega } }t!_{\vec{E},B \cup B'} \Rightarrow t!_{\vec{E},B}=_{B_{\varOmega }}t!_{\vec{E},B \cup B'}\). But, by Theorem 3, \(t!_{\vec{E},B}=_{B_{\varOmega } \cup B'_{\varOmega } }t!_{\vec{E},B \cup B'} \Rightarrow t!_{\vec{E},B}=_{E \cup B}t!_{\vec{E},B \cup B'}\), which, as shown above, forces \(t!_{\vec{E},B}=_{B_{\varOmega }}t!_{\vec{E},B\cup B'}\), as desired. The only remaining task is to show that for each \(f \in \varSigma \), \(f_{\mathbb {C}_{\varSigma /\vec{E},B}} = f_{\mathbb {C}_{\varSigma /\vec{E},B \cup B'}}\). But this follows easily from \(t!_{\vec{E},B}=_{B_{\varOmega }}t!_{\vec{E},B \cup B'}\), exactly as in the proof of Lemma 3. \(\Box \)

Proof of Theorem 7

Proof

Assuming (1), (2) and Theorem 6 (with \(\varDelta = \emptyset \)) yields \(\mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega }}= \mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega } \cup B'_{\varOmega }}\) and \(\mathbb {C}_{\varOmega /\vec{E}'_{\varOmega },B'_{\varOmega }} = \mathbb {C}_{\varOmega /\vec{E}'_{\varOmega }, B_{\varOmega } \cup B'_{\varOmega }}\). Assuming (1), (3) and Theorem 5 yields \(\mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega } \cup B'_{\varOmega }} = \mathbb {C}_{\varOmega /\vec{E}_{\varOmega } \cup \vec{E}'_{\varOmega },B_{\varOmega } \cup B'_{\varOmega }} = \mathbb {C}_{\varOmega /\vec{E}'_{\varOmega },B_{\varOmega } \cup B'_{\varOmega }}\). Therefore,

$$\mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega }}= \mathbb {C}_{\varOmega /\vec{E}_{\varOmega },B_{\varOmega } \cup B'_{\varOmega }}= \mathbb {C}_{\varOmega /\vec{E}_{\varOmega } \cup \vec{E}'_{\varOmega },B_{\varOmega } \cup B'_{\varOmega }} = \mathbb {C}_{\varOmega /\vec{E}'_{\varOmega },B_{\varOmega } \cup B'_{\varOmega }} = \mathbb {C}_{\varOmega /\vec{E}'_{\varOmega },B'_{\varOmega }} $$

as desired. \(\Box \)

Proof of Theorem 8

Proof

Since \(\mathcal {E} \equiv _{ sem } \mathcal {E}''\) whe have \(\mathcal {E} \models _{ ind } E_{1} \cup B_{1}\). Since by hypothesis the rules \(\vec{E} \cup \vec{E}_{1}\) are terminating modulo \( B \cup B_{1} \cup B_{2}\), they are a fortiori terminating modulo \(B \cup B_{1}\). Therefore, Theorem 5 applies and we have \((\varSigma ,E \cup E_{1} \cup B)\) admissible and \(\mathcal {E} \equiv _{ sem } (\varSigma ,E \cup E_{1} \cup B)\), which implies \((\varSigma ,E \cup E_{1} \cup B) \models _{ ind } B_{1}\), and, since \(\varSigma \) is \(B \cup B_{1} \cup B_{2}\)-preregular, a fortiori \(\varSigma \) is \(B \cup B_{1}\)-preregular, so that Theorem 5 applies and we have \(\mathcal {E}'\) admissible and \((\varSigma ,E \cup E_{1} \cup B) \equiv _{ sem } \mathcal {E}'\). Therefore, by symmetry and transitivity of \(\equiv _{ sem }\), we get \(\mathcal {E} \equiv _{ sem } \mathcal {E}' \equiv _{ sem } \mathcal {E}''\). \(\Box \)

\(\text {B}\qquad \) NuITP Proof Scripts

To prove inductive theorems with the NuITP all modules should previously be entered in Maude after giving the Maude command set include BOOL off . This is because the BOOL module, which has several built-in features, would otherwise be added by default; but the NuITP does not expect any built-in features in the modules it proves properties about.

NuITP Proof Script for Example 3

NuITP Proof Script for Example 4

NuITP Proof Script for Example 5