Term Rewriting using MAUDE

Teodora PetrovićNikola KuzmanovićMilan Bjelica

Faculty of Technical Science, Novi Sad

Introduction

Maude is a high-level language and a high-performance system supporting both equational and rewriting logic computation.

Maude can be used in three ways:• as a declarative programming language,• as an executable formal specification language,• as a formal verification system.

http://maude.cs.uiuc.edu

Maude - the basics

Maude’s basic programming statements are very simple and easy to understand:• Equations

• Functional module• Conditional

• Rules• System module• Conditional

Equations and Rewrite Rules

Equation X = Y • 'non-directional‘ action (there are no

restrictions) • equation is either true or false.

Rewrite rule X -> Y • 'directional' action: X can be replaced by Y, but

not the other way around.

• X cannot be a variable. • Y cannot contain variables not in X. (There

is no extra variable).

Modules

Consists of syntax declarations, providing appropriate language to describe the system at hand, and of statements, asserting the properties of such a system.

Functional modules admit equations, identifying data, and memberships, stating typing information for some data.

System modules also admit rules, describing transitions between states, in addition to equations and memberships.

Syntax declaration (signature)

Sorts - giving names for the types of data. Subsorts - organizing the data types in a

hierarchy. Kinds - correspond to “error supertypes”. Operators - providing names for the operations

that will act upon the data and allowing us to build expressions (or terms) referring to such data.

Terms in a rewrite theory are constructed using operators.

Example 1 - Equation (1/2)

mod NAT is sort Nat . op 0 : -> Nat [ctor] . *** operators (terms)op s : Nat -> Nat [ctor] . op _+_ : Nat Nat -> Nat .

vars N M : Nat . *** variables

eq 0 + s(N) = s(N) . *** equationseq s(N) + M = s (N + M) .

endm

Example 1 – Equation (2/2)

Example 2 – Rewrite Rules (1/2)

mod PERSON is including NAT . *** our previous module sorts Person State . op married : -> State [ctor] . op divorced : -> State [ctor] . op single : -> State [ctor] . op engaged : -> State [ctor] . op dead : -> State [ctor] . op person : State Nat -> Person [ctor] . var N : Nat . var S : State . rl [birthday] : person (S, N) => person (S, N + s(0)) . rl [get-engaged] : person (single, N) => person (engaged, N) . rl [get-married] : person (engaged, N) => person (married, N) . rl [get-divorced] : person (married, N) => person (divorced, N) . crl [las-vegas] : person (S, N) => person (married, N) if (S =/= married) /\ (S =/= dead) . crl [die] : person (S, N) => person (dead, N) if (S =/= dead) .

endm

Example 2 – Rewrite Rules (2/2)

MAUDE advanced features and applications

Outline:- MAUDE application

- Crossing the river problem

- Advanced MAUDE features- Tile-puzzle (object oriented MAUDE)

- Power of MAUDE (meta-programming)

Crossing the river (problem)

A shepherd needs to transport to the other side of a river a wolf, a goat, and a cabbage. He has only a boat with room for the himself and another item. The problem is that in the absence of the shepherd the wolf would eat the goat, and the goat would eat the cabbage.

Crossing the river (solution)

mod RIVER-CROSSING is sorts Side Group State . ops left right : -> Side [ctor] . op change : Side -> Side . --- shepherd, wolf, goat, cabbage ops s w g c : Side -> Group [ctor] . op __ : Group Group -> Group [ctor assoc comm] . op {_} : Group -> State [ctor] . op toBeEaten : Group -> Bool .

op initial : -> State . eq change(left) = right . eq change(right) = left .

Crossing the river (solution)

vars S S’ : Side . var G : Group . ceq w(S) g(S) s(S’) = w(S) s(S’) if S =/= S’ . --- wolf eats goat ceq c(S) g(S) w(S’) s(S’) = g(S) w(S’) s(S’) if S =/=

S’ . --- goat eats cabbage ceq toBeEaten(w(S) g(S) s(S’) G) = true if S =/= S’ . ceq toBeEaten(c(S) g(S) s(S’) G) = true if S =/= S’ . eq toBeEaten(G) = false [owise] . eq initial = { s(left) w(left) g(left) c(left) } .

Crossing the river (solution)

crl [shepherd-alone] : { s(S) G } => { s(change(S)) G } if not(toBeEaten(s(S) G)) . crl [wolf] : { s(S) w(S) G } => { s(change(S)) w(change(S)) G } if not(toBeEaten(s(S) w(S) G)) . rl [goat] : { s(S) g(S) G } => { s(change(S)) g(change(S)) G }. crl [cabbage] : { s(S) c(S) G } => { s(change(S)) c(change(S)) G } if not(toBeEaten(s(S) c(S) G)) .endm

Crossing the river (results)

Tile-puzzle (problem)

Tile-puzzle (solution)

(omod TILE-MY-PUZZLE is sorts Value Coord . ops One Two Three Four Five Six Seven Eight : -> Value [ctor] . op empty : -> Value [ctor] . ops 0 1 2 : -> Coord [ctor] . ops s_ p_ : Coord -> Coord . eq s 0 = 1 . eq s 1 = 2 . eq p 1 = 0 . eq p 2 = 1. op ‘(_‘,_‘) : Coord Coord -> Oid . class Tile | val : Value . ops right left up down : -> Msg .

Tile-puzzle (solution)

vars R1 R2 C1 C2 : Coord . var V : Value . crl [l] : right < (R1, C1) : Tile | val : V > < (R1, C2) : Tile | val : empty > => < (R1, C1) : Tile | val : empty > < (R1, C2) : Tile | val : V > if C2 = p C1 . crl [r] : left < (R1, C1) : Tile | val : V > < (R1, C2) : Tile | val : empty > => < (R1, C1) : Tile | val : empty > < (R1, C2) : Tile | val : V > if C2 = s C1 .

Tile-puzzle (solution)

crl [u] : up < (R1, C1) : Tile | val : V > < (R2, C1) : Tile | val : empty > => < (R1, C1) : Tile | val : empty > < (R2, C1) : Tile | val : V > if R2 = p R1 . crl [d] : down < (R1, C1) : Tile | val : V > < (R2, C1) : Tile | val : empty > => < (R1, C1) : Tile | val : empty > < (R2, C1) : Tile | val : V > if R2 = s R1 . ops initial final : -> Configuration .

Tile-puzzle (solution)

eq initial = < (0, 0) : Tile | val : Seven > < (0, 1) : Tile | val : One > < (0, 2) : Tile | val : Two > < (1, 0) : Tile | val : Six > < (1, 1) : Tile | val : empty > < (1, 2) : Tile | val : Eight > < (2, 0) : Tile | val : Five > < (2, 1) : Tile | val : Four > < (2, 2) : Tile | val : Three > . eq final = < (0, 0) : Tile | val : Seven > < (0, 1) : Tile | val : Eight > < (0, 2) : Tile | val : One > < (1, 0) : Tile | val : Six > < (1, 1) : Tile | val : empty > < (1, 2) : Tile | val : Two > < (2, 0) : Tile | val : Five > < (2, 1) : Tile | val : Four > < (2, 2) : Tile | val : Three > .endom)

Power of MAUDE (meta-programming)

META-LEVEL standard library for MAUDE• Meta-programming extends beyond the ordinary

programs.• Simply put, a meta-module looks at modules like

a programmer.• In Maude, a meta-level module will govern

iconic representations of other Maude modules. Maude literally clarifies itself through the

power of the meta-level, for the language may actually be defined by itself.

Power of MAUDE (meta-programming)

We can write, in Maude, the module that interprets Maude code.

op op_:_->_[_] : Qid QidList Qid AttrSet -> OpDecl [ctor] .

This is the perfect example of Maude defining itself:• the very declaration itself can be understood via the

declaration.• It is perfect circular logic, which is all right as long as

we stay within the circle.• The above may be found in the signature of Maude,

a module that expresses the syntax of Maude... in the syntax of Maude.

How MAUDE deals with confluence and termination?

Outline:- MAUDE vs Termination- MAUDE vs Confluence

MAUDE vs Termination

We can prove the TRS is not terminating, but vice-versa is not possible.

Ackermann function

00

00

0

1,,1

1,1

1

,

nm

nm

m

nmAmA

mA

n

nmA

This function can be proven terminating formally, by using RPO (recursive path ordering) – S. Lucas.

Ackermann function in Maude

MAUDE vs Termination

It is not possible to prove termination in Maude, it is only possible to test it.

However, it is possible to define the maximum number of rewriting cycles to force termination at some point, e.g.

rewrite [10] in ACKERMANN : ack(s(0), s(s(s(s(s(0)))))) .

MAUDE vs Confluence

Is this transition system confluent?

MAUDE vs Confluence

How MAUDE decided the computation?

MAUDE vs Confluence

mod TRANSITION_SYSTEM issort State .ops n1 n2 n3 n4 n5 n6 : -> State [ctor] .rl [a] : n1 => n3 . rl [b] : n1 => n2 .rl [c] : n3 => n4 . rl [d] : n4 => n2 .rl [e] : n2 => n1 . rl [f] : n2 => n6 .rl [g] : n2 => n5 .endm

We can try to redefine relation priorities:

MAUDE vs Confluence

Again, it succeeded.

MAUDE, termination, confluence

MAUDE distributes application of rewrite rules throughout whole rewrite theory.

It is not possible to prove the system is not confluent.

There can be the case which proves the system is not terminating, but not necessarily! It is hard to determine whether the system really runs infinitely.

MAUDE Termination Tool

References

Manuel Clavel, Francisco Duran, Steven Eker, Patrick Lincoln, Narciso Mart-Oliet, Jose Meseguer, Carolyn Talcott, Maude Manual (Version 2.4).

M. Clavel, F. Duran , S. Eker, P. Lincoln, N. Marti-Oliet, J. Meseguer, J.F. QuesadaMaude: specification and programming in rewriting logic.

M. Clavel, F. Duran , S. Eker, P. Lincoln, N. Marti-OlietA High Performance Logical Framework.

Enno Ohlebusch,Advanced Topics in Term Rewriting.

Theodore McCombsMaude 2.0 Primer.

Thanks for your attention!