UNIVERSITY OF ILLINOIS LIBRARY AT URBANA-CHAMPAIGN below v ef ° re "» taS*E borrow ^ ffsp OfC 720/0 ^en renewing by oh™,. P^ious du e ^ yph0ne >-ntenew due date below L162 Moci-Vv • UIUCDCS-R-79-987 UILU-ENG 79 1737 Orderings for Term-rewriting Systems by Nachum Dershowitz August 19 79 • •■ •IS'I % DEPARTMENT OF COMPUTER SCIENCE UNIVERSITY OF ILLINOIS AT URBANA-CHAMPAIGN URBANA, ILLINOIS THE LIBRARY OF THE MAR 2 5 1980 UNIVERSITY OF ILLINOIS ' 'R^ANA - r.HA VPAJGN Digitized by the Internet Archive in 2013 http://archive.org/details/orderingsforterm987ders Orderings for Term-rewriting Systems * Nachum Dershowitz Department of Computer Science University of Illinois at Urbana-Champaign Urbana, Illinois 61801 August 1979 *Research supported in part under NSF Grant MCS 77-22830 ABSTRACT Methods of proving that a term- rewriting system terminates are presented. They are based on the notion of "simplification orderings", orderings in which any term that is homeomorphically embeddable in another is smaller than the other. Most of the well-founded orderings that have been used for proving termination are indeed simplication orderings. A particularly useful class of simplification orderings, the "recursive path orderings", is defined. Several examples of the use of such orderings in termination proofs are given. I. INTRODUCTION It is sometimes convenient to express programs in the form of term-rewriting systems. Such programs are easy to understand and have a simple, elegant syntax and semantics. For example, the following system of five rewrite rules transforms logical formulae [containing the operators V (disjunction) > A (conjunction), and i (negation)] into an equivalent formula in disjunctive normal form: -i-ia ■> a -i(aVB) ■* (naA-,8) -i(aAB) -> (iaV-,3) aA(0Vy) + (aA3)V(aAy) (gVy)Aa -> (BAa)V(yAa) The first rule indicates that double negations may be eliminated; the second and third rules apply DeMorgan's laws to push negations inward; the last two rules apply the distributivity of conjunction over disjunction. Such systems are becoming increasingly popular in automated simplification and theorem-proving applications; some examples are Itturiaga [1967], Griesmer and Jenks [1971], Hearn [1971], Ballantyne and Bledsoe [1977], Boyer and Moore [1977], Carter, et al. [1977], Weyrauch [1977], and Musser [1978]. The above program is executed for a given input term by repeatedly replacing subterms of the form of the left-hand side of some rule with the corresponding right-hand side, until no further rewrites are possible. Thus, the second rule in the above system may be applied to the input term aA-n(bVc) by replacing -i(bVc) with (-ibA-ic) , thereby (A) obtaining aA-i(-ibA-ic) . The computation iterates in this manner, at each stage choosing some applicable rule and applying it to some subterm. Continuing with our example: By applying the third rule, we get aA(-i-ibV-i-ic) Two applications of the first rule then yield aA(bVc). Finally, an application of the fourth rule gives (aAb)V(aAc) which is in disjunctive normal form. At this point, no rule is applicable and the system is said to have "terminated" with the final result (aAb)V(aAc). To verify the correctness of such a program, one must show 1) that it always terminates, i.e. given any input term, execution will always reach a stage for which there is no way to continue applying rules, and 2) that it is "partially correct", in the sense that if it does terminate, then the final result is what was desired. In this paper, we deal only with the termination aspect of correctness. The difficulty in proving the termination of a system such as the one for disjunctive normal form above stems from the fact that while some rules may decrease the size of a term, other rules may increase its size and duplicate occurrences of subterms. Furthermore, applying a rule to a subterm not only affects the structure of that subterm, but also changes the structure of its superterms. Any proof of termination must take into consideration the many different possible rewrite sequences generated by the nondeterministic choice of rules and subexpressions. Various methods for proving termination of term-rewriting systems have been suggested in recent years, including Iturriaga [1967], Knuth and Bendix [1969], Manna and Ness [1970], Lankford [1975], Lipton and Snyder [1977], Plaisted [July 1978], Plaisted [Sept. 1978], and Dershowitz and Manna [1979]. In this paper we present new methods of proving termination. One can show (Huet and Lankford [1978]) that termination is in general an undecidable property of such systems. The partial correctness of term-rewriting systems, on the other hand, is often easy to verify. One usually shows that each rule is "value-preserving", i.e. if Jl -*■ r is a rule in the system, then £ = r in the intended interpretations. (In the above example, each rule preserves logical equivalence.) Furthermore, one must verify that all possible final results have the desired properties, for example by showing that were a final result not of the desired form, then some rule could still be applied to it. (By the definition of disjunctive normal form, no compound formula may be negated, nor may a disjunction be conjoined with another formula.) Hence, proving partial correctness is in many cases formally quite simple; it is not dealt with in this paper. To illustrate the difficulty of determining if and why a system terminates we present four variations on System (A) : The first variation is -i-ia -*■ a -i(oVB) -*■ (-.-.-rfxA-me) (B) -i(aA3) ■+ (-i-i-rfxV -,-.-. B) aA(3Vy) ■* (aAB)V(aAy) (BVy)Aa ■+ (BAa)V(yAa) . Here the second and third rules have been modified to introduce additional double negations (that can be eliminated by the first rule) . The next variation is the same as System (B) with the two rules for distribution removed: 1-ta. -*■ a -i(aVg) ■*■ (- 1 -.- l aA-,-,-,3) (C) -i(aA3) -*■ (-i-i-.aV-i-i-.$) . 4 This system pushes negations into disjunctions or conjunctions and eliminates double negations. The third variation is -n°l •*■ a -<(aV6) ■» (( n - l -,aA-.-.-.6)A(-maAnTr6)) -i(aAB) + ((-?-naV-m3)V(- 1 -,- 1 aV-,- n e)) (D) (aAa) -*- a (aVa) + a Here the second and third rules have been further complicated to duplicate conjuncts and disjuncts. To compensate, two rules for their elimination have been added. The last variation is the same as System (D) , except that the extra negations have been removed from the second and third rules: -i-,a ■* a -,(aV$) + (( n aA n 3)A(- | aA^e)) -,(aA3) ■+ ((- t aV- I g)V(-,aV n 3)) (E) (aAa) -*■ a (aVa) ■*■ a . The reader is invited to determine which of these five systems do terminate and which do not. In the next section we define what we mean by "simplification orderings" and show how they may be used to prove termination.* In Section III we define "quasi-simplification orderings" and extend our termination method for them. Then, in Section IV, we define a class of "recursive path orderings" and show that they are simplification orderings. Finally, in Section V, we illustrate the use of these orderings in termination proofs * This extends the result reported in Dershowitz [1979]. II. FIRST TERMINATION THEOREM Given a set of terms T, a term- rewriting system P over T is a finite set of rewrite rules, each of the form £.(a) -> r.(a), where the a are variables ranging over T. Such a rule may be applied to a term t e T if t contains a subterm of the form of the left-hand side of the rule, i.e. if t contains a subterm £.(a) with the terms a instantiating the variables a. The rule is applied by substituting the term r.(a) for the subterm I , (a) in t. (The variables appearing in r. must be a subset of those in £..) The choice of which rule to apply is made nondetermi- nistically from amongst the applicable rules; similarly, the choice of subterm to apply a rule to is nondeterministic. We write t =* t' to indicate that the term t' e T may be obtained from the term t e T by a single application of some rule in P. For example, the one-rule system (aAB)AY ■* aA(BAY) (F) reparenthesizes a conjunction by associating to the right. Applying that rule twice to the term t = (aAb) A((cAd) Ae) , we get t =* aA(bA((cAd)Ae)) =* aA(bA(cA(dAe)) ) , or alternatively, t =* (aAb)A(cA(dAe)) =* aA(bA(cA(dAe) ) ) . In either case, no further applications of the rule are possible. We say that a term-rewriting system P terminates over a set of terms T, if there exist no infinite sequences of terms t. e T such that t^ : " L 2 ' t 3 ~ ' ' ' ' We will need the following concepts: A partially-ordered set (S>) consists of a set S and a transitive and irreflexive binary relation > defined on elements of S. (Asymmetry of a partial ordering follows from transitivity and irreflexivity.) A partially ordered set is said to be totally ordered if for any two distinct elements s and s' of S, either s > s' or s 1 > s. For example, both the set Z of integers and the set N of natural numbers are totally ordered by the "greater-than" relation >. The set P(Z) of all subsets of the integers is partially ordered by the subset relation C. A set S is said to be well-founded under a partial ordering > if it admits no infinite descending sequences s. > s_ > s > . . . of elements of S. Thus, N is well-founded under >, since no sequence can descend beyond 0, but Z is not, since -1 > -2 > -3 > ... is an infinite descending sequence. A quasi-ordered set (S,fc) consists of a set S and a transitive and reflexive binary relation > defined on elements of S. For example, the set Z of integers is quasi-ordered under the relation "greater or congruent modulo 10". The following theorem (see Manna and Ness [1970], also Lankford [1975]) is often used to prove the termination of term-rewriting systems: Theorem (Manna and Ness [1970]): A term-rewriting system P = {1. -> r.}. n over a set of terms T terminates, if there x 1 1=1 ' exists a well-founded ordering > over T with the property that t > t' implies f(...t...) >> f(...t'...) (replacement) for any terms t,t',f(...t...),f(...t'...) e T, and for which I. > r , i = l,...,p, (reduction) for any assignment of terms in T to the variables of JU„ The reduction condition asserts that applying any rule reduces the subterm to which the rule is applied in the well-founded ordering. The replacement condition guarantees that by reducing subterms the top-level term is also reduced. It follows that t =* t' implies t > t'. Since by nature of a well-founded set there can be no infinite descending sequences, there can also be no infinite sequence of rewrites. Our method for proving termination is based on the following Definition : A transitive and irreflexive relation >• (a partial ordering) is a simplification ordering for a set of terms T if it possesses the following three properties: 1) t V t' implies f (...t...) > f(...t'...), (replacement) 2) f(...t...) > t, (subterm) and 3) f ( . . . t . . . ) > f ( ) (deletion) for any terms t,t',f(...t...),f(...t'...),f( ) £ T. By the subterm property, any term is also greater than any of the (not necessarily immediate) subterms contained wathin it. The deletion condition assert that deleting subterms of a (variable arity) operator reduces the term in the ordering; if the operators f have fixed arity, the condition is superfluous. The following theorem gives a sufficient criterion for proving that a term-rewriting system terminates for all inputs. First Termination Theorem : A term-rewriting system P = {£. -> r.}. , over a set of terms T terminates if there l i i=l exists a simplification ordering > over T such that I. > r., i=l,...,p, (reduction) for any assignment of terms in T to the variables of £.. The proof of this theorem is based on the following: Definition : A set S is well-related under a relation R if every infinite sequence s_,s~,... of elements of S contains a pair of elements s. and s , , i < 1, such that SjRs.. i J i J Note that any finite set is well-related under any reflexive relation, while no (nonempty) set is well-related under a nonreflexive relation. Note also that a set S is well-related under a relation R, if and only if every infinite sequence of elements of S contains an infinite subsequence that forms a chain of related elements. (Otherwise, there would be an infinite number of maximal length, but finite, chains. But then the last elements of those chains would also contain a related pair, implying that some chain was not maximal.) The following lemma follows from the definitions: Well-relation Lemma : A set S is well-founded under a partial ordering >, if and only if it is well-related under its negation y. Let F be a set of operators, R some relation defined over F, and T(F) the set of all terms over F. [If f e F and t ,...,t e T(F), where n _> 0, (for f of unrestricted arity) , then f(t, ,...,t ) e T(F).l The 1 n relation R may be extended to a homeomorphic embedding relation < on terms in T(F) (viewing terms as trees) as follows: s = f (s n ,s ,. .. ,s ) < g(t ,t ,...,t ) = t , l z m — k. ± z. n if and only if (a) fRg and for all i, 1 <_ i <_ m, we have s . < t . , where l over T. As usual, s ^t means t ^ s or t = s. Proof : The proof is by induction on the size (number of occurrences of operators) of t. Assume that s' _ v 1' ' m — ° 1 ' n (m or n may be zero), then either (a) f = g and s. < t. for all i, J i 1 _< i _< m, in which case s. ^ t. by the induction hypothesis and therefore -"i s^f(t. ,...,t. ) ^ t by the replacement and deletion properties; or else J l J m (b) s _£ t . for some j , 1 <^ j <^ n, in which case s. On the other hand, if I. > r., then it follows by the replacement property that t- > t_ > . . . and by transitivity that t . > t . for all i < j . This 12 y 1 j contradicts the aayuHWtcy of >. Note that the definition of a simplification ordering does not require that > be well-founded, e.g. the set N is not well-founded under the simplification ordering <• The subterm condition, however, is a necessary condition for any total ordering > on T(F) with the replacement property to be well-founded. (Were t > f(...t...) for some terms t and f(...t...), then we would have an infinite descending sequence of terms t > f(...t...) V f(...f(...t. ..)...) > ... .) The following theorem provides a sufficient condition for well-foundedness: Well-foundedness Theorem : Given a simplification ordering > over T(F) such that f > g implies f(t r ...,t n ) > g( tl t n ) ^cement) for any operators f, g e F and terms t,,...,t e T(F), T(F) is well-founded under >, if F is well-related under <. Proof : If F is well-related under < f then T(F) is well-related under <^ (Tree Theorem) . It is easy to see (along the lines of the Embedding Lemma) that s < t implies s < t. Thus, T(F) is well-related under •< and is therefore (Well-relation Lemma) well-founded under >. 11 Note that by the Well-relation Lemma, for a total ordering > on F, F is well-related under <, if and only if F is well-founded under >. Thus, for a total simplification ordering > satisfying the operator replace- ment condition, T(F) is well-founded under > if F is. 12 III. THE SECOND TERMINATION THEOREM Given a partial ordering > on a set S, it may be extended to a partial ordering » on finite multisets of elements of S, wherein a multiset is reduced by removing one or more elements and replacing them with any finite number of elements, each of which is smaller than one of the elements removed. For example, if > is the "greater than" ordering on the natural numbers, then {3,3,4,0} » {3,2,2,1,1,1,4} in the multiset ordering, since an occurrence of 3 has been replaced by five smaller numbers and in addition an occurrence of has been removed (i.e. replaced by zero elements). Such a multiset ordering >^ is well-founded, if and only if S is well-founded under >. (See Dershowitz and Manna [1979].) Given a quasi-ordering > on a set S, define the equivalence relation as both V and ^, and the partial ordering > as V but not r*. The multiset ordering >^ may then be defined as follows: A multiset is reduced by removing one or more elements and replacing them with any finite number of smaller elements (with respect to » ; at the same time any number of other elements may be replaced with equivalent ones (with respect to ~). Analogous to the definition of a simplification ordering, we have the Definition : A transitive and reflexive relation V (a quasi- ordering) is a quasi-simplification ordering for a set of terms T if it possesses the following three properties: 1) t V t* implies f(...t...) > f(...t'...), (replacement) 2) f(...t...) V t, (subterm) and 3) f (. . . t. . . ) V f ( ) (deletion) for any terms t,t',f(...t...),f(...t'...),f( ) e T. 13 The Embedding Lemma also holds for quasi-simpllf Ication orderings, i.e. s < t implies s ^ t. We have a P Second Termination Theorem: A term-rewriting system P = {£..->- r. } . . ° i 1 i=l over a set of terms T terminates if there exists a quasi-simplif ication ordering > such that £. > r. , i = 1 p , (reduction) for any assignment of terms in T to the variables of £.. Proof : Let S (t) denote the multiset of all the (various level) sub terms in the term t, i.e. s*(f(t 1 ,...,t )) = {f(t.,...,t )} u s*(t.) u ... u s *(t ) , In in i n where U denotes union of multisets. Define an ordering >' on T as follows: s >' t if and only if S (s) W S (t) in the extension V> of the quasi-ordering > to multisets. We first show that X is a simplification ordering: 1) For the replacement condition we must show that if S (t) ^ S (t') then S (f (. . . t . . . )) >^ S*(f(...t\..)), i.e. {f(...t...)} U ... U S*(t) U ... >^ {f(... t '...)}U ...U S (t ' ) U . . . . We are given that f(...t...)^f(...t'...) and the rest follows from the definition of the multiset ordering. 2) The subterm * v * condition S (f(...t...)) >> S (t) follows directly from the definitions. ■k ft 3) The deletion condition S (f(...t...)) » S (f(... ...)) follows from the given property f(...t...)J^f( ) and the definition of ». To apply the First Termination Theorem we must show that 1. >' r., i.e. S (£.) » S (r.), given that I. > r.. But if I. > r . , then ii l i li li 14 by the subterm property of quasi-simplification orderings, I is also greater than any subterm of r.. Thus, S (£ ) » S (r ) and the result follows. n 15 IV. THE RECURSIVE PATH ORDERING In this section, we give a recursive definition of an ordering on terms and show that it is a simplification ordering and also that (under suitable conditions) it is well-founded. We begin with the Definition : Let > be a partial ordering on a set of operators F. The recursive path ordering > over the set T(F) of terms over F is defined recursively as follows: s = f(s 1 ,...,s m ) > gCt^...,^) = t , if and only if f = g and {s 1 ,. . . ,s m > » {^.....t } f f > g and {s} »* {t l5 ...,t n }, or or f y g and {s l5 ...,s } » {t}, — 1 m — w* i * * where » is the extension of > to multisets and >^_ means * )* or =. We shall consider two terms to be equal if they are the same except for permutations of subterms. This definition is similar to a characterization of the "path of subterms" ordering given in Plaisted [Sept. 1978]. For example, representing terms as trees, we have 2 l s = / \ V* / \ 3 1 2 2 1 /\ /\ /\ 3 3 3 3 = t o 16 in the recursive path ordering over T(N) with the operators ordered by >: By the definition of > , to compare two terms with the same outermost operator, in our case 3, we must compare (the multisets of) their subterms, viz, 2 1 / \ / \ 3 1 and 2 2 I / \ /\ /\ 3 3 3 3. I ill Since 2 > 1, for the former to be greater than the latter we must have 2 2 2 / \ * / \ / \ 3 1 > 3 0,33 I / \ I II 3 0. I Since 2 = 2, we must now compare with | | , > and (' ' '} Lo oj * i in the multiset ordering » . Finally since / \ is greater than 3 3 both and , we indeed have s > t. We have the Theorem : The recursive path ordering > is a simplification ordering. 17 it Proof : We must show that the relation ^ is irreflexive and transitive and that it satisfies the replacement, subterm, and deletion conditions of simplification orderings. Irreflexivity : We wish to prove that t % t for any term t. The proof is by induction on the size (number of operators) of t. If t is of the it form f(t..,...,t ), then by the inductive hypothesis, the relation ^ is irreflexive for the subterms t.. It follows from the definition of the I it multiset ordering that {t. ,...,t } )F> {t, ,...,t }. Thus, by the 1 n ' 1 n ■k definition of the recursive path ordering, f(t n ,...,t ) )L f(t_,...,t ). In ± n Subterm: We show instead that if s V t for two terms s and t, >V it then (a) s > t. for any subterm t. of t and (b) f(...s...) V t for any it superterm f(...s...) of s. Since s > s, it follows from (b) that it f(...s...) >• s, as desired. Let g and h be the outermost operators of s and t, respectively. We prove (a) and (b) simultaneously by induction on the (combined) size of s and t For (a) s ^ t , consider three cases: * * * 1) g = h. By the definition of > , if s >■ t then s. > t. — i — j for some subterm s. of s, and by the inductive hypothesis (b) * it follows that s > t . J 2) g > h. In this case, it follows directly from the * * definition of >» that s > t.. J 3) g > h. From the definition of > , we have s. > t for some l — subterm s ± of s. By the inductive hypothesis (a), s. >* t., it and by hypothesis (b) , we get s >> t . j 18 it For (b) f(...s...) y t we again consider three cases: ft 1) f = h. We already know (a) that s >- t. for any subterm t. of t. Thus, by the definition of the multiset ordering, * ft { . . . s . . . } ^ { . . . t . . . . } and by the definition of V , J f(...s...) >* t. ft 2) f > h. Since s > t . , it follows from the inductive ft hypothesis (b) that f(...s...)> t., and therefore {f(...s...)> ^ {...t....} iti the multiset ordering. Thus, by the definition of > , f(...s...) > t. ft 3) f ¥ h. We are given that s > t. It follows from the definition of the multiset ordering that {...s...} >^ {t} * ft and from the definition of > that f(...s.. .) >• t. Transitivity: We must show that s ^ t and t >■ u together * * * imply s >• u. Note that by the subterm condition, s > t. and t > u, for any subterms t. of t and u, of u. Let f, g, and h be the outermost operators of s, t, and u, respectively. The proof is by induction on the size of s, t, and u and considers five cases: ft 1) g y h. We are given that sV t. for any subterm t. of t, J J V* »* while by the definition of t > u, we have t. > u for * * * some t.. Thus, s > t. > u, and s > u follows from the induction hypothesis , since t. is smaller than t. ft 2) f > h. By the definition of s V u, we must show that * s > u, for all subterms u, of u. But we are given that s > t > u, and the result follows by the induction hypothesis , since u is smaller than u. 19 3) f ^ g, h. We are given that s. V t ^ u for some subterm s. of s. By the induction hypothesis, s. V u, since s, * * is smaller than s, and by the definition of > , s > u. 4) f = h /h_ g. We must show that { . . .s. . . . } ^ { . . .u . . . } and are given that s. > t > u, for some s. and for all u, . X K. X rC The result follows by the induction hypothesis. 5) f = g = h. We must show that { . . .s . . . . } >•>• {. . .u, . . . } and are given that {...s. ...} W { . . . t . . . . }_>^ {...u . ..}. 1 J K v * v * \* By the induction hypothesis, s. > t. > u implies s. > u, X K. X K. for all s., t., and u, , and since the extension of a transitive relation to multisets is also transitive, it follows that {...s....} » {...u, ...}. l k Since these five cases cover all possible relations between f, g, and h, our proof of transitivity is complete. Replacement: By the definition of a multiset ordering, JL, JL {...s...}>V {...s 1 ...} if s V s'. Thus , by the definition of the recursive path ordering, f(...s...) V f(...s'...). Deletion: By the definition of a multiset ordering, ■k { . . .s. . .} y> { }. Thus, by the definition of the recursive path JL ordering, f (. . .s. . .) V f ( ). D Since the recursive path ordering is a simplification ordering, it may be used in conjunction with the First Termination Theorem to prove the termination of term-rewriting systems. It turns out that •k when > is a total ordering, the recursive path ordering >■ is in effect the same as the "path of subterms" ordering defined in Plaisted [Sept. 19 78] in a more complex manner. His proof of well-foundedness is considerably longer than our proof below. 20 Finally, we prove the JL Theorem : The recursive path ordering ^ on the set of terms T(F) is well-founded, if and only if the ordering > on the set of operators F is well-founded. Note that if > is a total ordering on F, then > is a total ordering on T(F), in which case this theorem follows as a corollary of the Well-foundedness Theorem. Proof : The "only-if" direction follows trivially from the fact that for f, g e F, f >• g implies f > g. The proof of the "if" direction is similar to Nash-Williams' [1963] proof of the Tree Theorem. Assume that ^ is well-founded and that the theorem is false. Then there must exist an infinite descending sequence of terms t.. ^ t~ V t„ >• .... Construct a "minimal" descending sequence in the following manner: if the terms t.. > t~ V ... ^ t. _, i _> 1, have already been chosen, then let t. be a minimal size i-th term from among those infinite descending sequences beginning with the terms already chosen. Let op(t) denote the outermost operator of a term t and let S(t) be the multiset of immediate subterms of t, i.e. op(f (t, , . . . ,t )) = f and S(f(t.,...,t )) = {t. ,...,t }. in In We first show that for all i, op(t.) > op(t .,-,)• For assume contrariwise that for some i, op(t.) ^ op(t .,-•)• Then by the definition of t. > t. in , ti > t . , , for some subterm t. of t.. But then by the i i+I i — l+l li 21 * v A v « .j v * t. ^ *- and subterm property of > , we have t ±mm± > t ± > t ± > c ±+1 r t ±+2 . * v * v * S* i-J V* t V* . . . would be a smaller descending C l C 2 > " i-1 i i+2 sequence than the minimal one. Since we are given that > is well-founded, there must therefore be an infinite descending sequence t > t £+1 > . . . , all elements of which have the same outermost operator. Thus by the definition of >* we must have an infinite descending sequence of multisets of subterms S(t ) »* S(t ) >>>•* .... On the other hand, by the assumption of Jfc * oo minimality the set S = U S(t.) is well-founded. (Otherwise, there would i-1 * * exist an infinite descending sequence s 1 V s 2 > ... of elements of S. Since s e S(t k > for some k, the sequence t ± > t 2 > ... > t k-1 > s >* s >* ... would be smaller than the minimal one.) But if S is well- founded, then multisets of elements of S are also well-founded. Contradiction. a The "multiset" and "nested multiset" orderings in Dershowitz and Manna [19 79] and the "simple path" ordering in Plaisted [July 19 78] are special cases of this recursive path ordering; their well-foundedness follows as a corollary of this theorem. The ("linear") ordering in Knuth and Bendix [1969] and the "polynomial" ordering in Lankford [19 79] are other examples of simplification orderings. 22 V. EXAMPLES We return, in this section, to the six examples (A-F) of term-rewriting systems that have been presented in the previous sections, (A) Our first example was the following system for computing the disjunctive normal form of a logical formula: -i-ia -> a -i(aVB) -* (-iaAnB) -i(«A|3) > (iaV-,3) aA(BVy) -> (aAB)V(aAy) (3Vy)Aa -* (BAa)V(yAa) To prove that this system terminates for all inputs, let the operators -,, A, and V be ordered by -, > A V V, and order terms according to the recursive path ordering > . Since this is a simplification order- ing on terms, by the First Termination Theorem, we need only show that -i-ia > a , -,(aV3) >* (naA-,3), -i(aAe) > (-.aV-,3), aA(3Vy) > (aA3)V(aAy), and (3Vy)Aa > (3Aa)V(yAa) , for any terms a, 3, and y. The first inequality follows from the subterm condition of simplification orderings. By the definition of the recursive path order- ing 5 to show that -|(aV3) ^ (naA-i3) when ->>A, we must show that * * i(aV3) > ia, and n(aV3) > i3. Now, since the outermost operators of 23 -|(aVB), -ia, and -|3 are the same, we must show that ctVBV a and aV$V B. But this is true by the subterm condition. Thus the second inequality holds. By an analogous argument, the third inequality also holds. For the fourth inequality, we must show ctA(3Vy)> (aAB)V(aAy). Since A>V, we must show aA(6Vy)^ aAB and aA(3Vy)> aAy. By the definition of the recursive path ordering for the case when two terms have the same outermost operator, we must show that {a,BVy}W (a, 8} and {a,BVy}^ {a,y}. These two inequalities between multisets hold, since the element BVy is greater than both 3 and Y with which it is replaced. Thus the fourth inequality holds. Similarly the fifth inequality may be shown to hold. Therefore, by the First Termination Theorem, this system terminates for all inputs. □ (B) The variation -i-ia ■+• a -i(aVB) -*■ (rnaA-mB) -i(aAB) ■* (nnnaVn-i-iB) aA(BVy) ■* (aAB)V(aAy) (BVy)Aa ■+ (BAa)V(yAa) of System (A) does not in fact terminate for all inputs, though whenever it does terminate, the resulting expression is in disjunctive normal form. To see that it does not terminate, consider the following derivation: n-i(aA(aVa)) ■* -,-,( (aAa)V(aAa)) ^-|(n-ii(aAa)Ann-i(aAa)) =*...=> -,(-, (aAa) A-i(aAa) ) =*...=* n((-rnaV-rna)A(-rriaV-n-ia)) =*...=> -i( (naV-,a)A(-,aV n a)) => n ( haA (naVna) ) V (naA (naVna) ) ) "* (n-n(naA( n aV-,a))A-,T,( n aA( n aVTa)))=> ... . Thus, beginning with a term of the form -|-|(aA(aVa)) , a term containing a subterm of the same form is derived, and the process may continue ad infinitum. D 24 (C) Our third example was -na -*■ a -,(aV3) ■> (innaA-i-i-iB) -i(aAB) -> (- n -,aV n -i-.8) . We cannot use the recursive path ordering to prove the termination of this system. Instead, we use the Second Termination Theorem and define the following quasi-simplif ication ordering: t > t' for two terms t and t', if and only if [t] > [t T ] and {[a] : -ja appears in t} » {[a] : ^a appears in t'}, where [a] denotes the number of operators other than -| in a, and >>_ means either » in the multiset extension of the ordering > on numbers, or else =. It is easy to see that this quasi-ordering satisfies the replacement and subterm properties of quasi-simplif ication orderings on fixed-arity terms. It remains to show that each rule reduces the subterm it is applied to under the ordering > . Note that the number of operators other than -j is the same for both sides of each rule. To see that -na > a , note that there are two less elements in the multiset of numbers of operators for the right-hand side than for the left-hand side. To see that n(aV3) V (-maA-mB) and -,(aAg) > (-maV-mB) , note that the number of operators other than -| in aV3 and aAB is greater than that of -na, -,a, tt3, and-iB. Thus the multisets corresponding to the left-hand sides are strictly greater than those for the right-hand sides. C3 (D) The system -na -> a -l(aV3) ■* ((-nn aA iniB)A(nn-iaA-,-n3)) -,(aAB) ■* ((- n -^V- 1 -,-,5)v(- m 3V- n - 1 3)) (aAa) -»■ a (aVa) -> a 25 however, does not terminate. The following derivation demonstrates this: -n(aAa) => -,( (- l -,-,aV- n -,a)V(- n -iaV- ri -,a) ) =*...=> -,((-iaV-,a)V(-,aV-,a)) => ((-ini(-|aV-,a)A- 1 -,-,(-,aV- 1 a))A(- n -,(- l aV-,a) Ann-i(-iaV-ia)))^ . . .=> m-i(naVna) =*...=» -rrnC-naA-na) =>,... D (E) The proof of the termination of the system -i-ia ■+ a -i(avg) -> (( n aA-,3)A(-raA n S)) -i(aA6) -> ((- 1 aV-,e)V(- l aV-,6)) (aAa) ■*■ a (aVa) -»■ a . is similar to that of System (A) . We use the recursive path ordering with the operators partially ordered by -|VA and -JVV . We have it -n<* > a , ■k (a^a) > a , •k and (aVa) > a , by the subterm condition; we have n(aVB) >* ((-ictA- 1 6)A(- 1 aA-,B)) and -i(aAB) >* ( (na v - 1 B)V(-,aV-,B)) , since -\ is greater than both A and V, and the subterms aVg and aA3 are greater than either a or 3 by the subterm condition. Using the recursive path ordering to prove the termination of systems in this manner, generalizes the conditions for termination in Itturiaga [1967]. The cases where Itturiaga's method works are those for which the operators are partially ordered so that the outermost ("virtual") operators of the left-hand side of the rules are greater 26 than any other ("complementary") operators on the left-hand side, which in turn are greater than anv other operators. o (F) To prove the termination of the one-rule system (aAg)Ay ■+ aA(gAy) , we again use the Second Termination Theorem. We define the quasi-ordering if and only if |t| > |f | or else (t and t' are conjunctions and) 1 1| = 1 1' | and 1 1 | _> 1 1' | , where |a| denotes the total number of operators in a and t and t' are the left conjuncts of t and t', respectively. To see that this is a quasi-simplif ication ordering, note that tVt' implies j 1 1 _>_ j t " | . Replacing a right conjunct t_ with a smaller or equivalent one (under ^) can only decrease the total size of a conjunction t = t-| At 2 an< * ca nnot change the size of t-,; replacing t, with a smaller or equivalent left conjunct cannot increase the size of t or t . The subterm condition t^t^t^t^ obviously holds since 1 1.. A t | > 1 1 | , 1 1 ? | . It remains to show that (aAB)Ay > aA(gAy) . But | (aAB)Ay | = |aA(3Ay) |, while | otA3 j > j ot | , and the proof is complete. 27 This example illustrates how the conditions for termination required by the methods of Knuth and Bendix [1969] and Lankford [1979] may be relaxed: Given a quasi-ordering V on (fixed arity) operators and a quasi-simplif ication ordering > on terms, such that f (. . .t. . ,) ! t implies f unary and f ^ F 8 for all operators g, we define the quasi-simplif ication ordering s = f(s ,...,s ) V g(t , ...,t ) = t , 1 m In if and only if (s,f ,s , . . . ,s ) V (t,g,t ,. . . ,t ) , 1 m In where the two tuples are compared lexicographically, first according to the terms s V t, then according to the operators f ^g, and finally according to the subterms s. >_t.. To prove termination, one must find appropriate quasi-orderings > and > for which H.Vr, for all rules ~ r "1 1 i i . -*■ v . in the given system. D 28 ACKNOWLEDGEMENT We gratefully acknowledge the valuable discussions with David Plaisted and Tom Brown that helped lead to the results reported here, 29 REFERENCES A. M. Ballantyne and W. W. Bledsoe [July 1977], Automatic proofs of theorems in analysis using nonstandard techniques , J. ACM, vol. 24, no. 3, pp. 353-374. R. S. Boyer and J S. Moore [Aug. 1977], A lemma driven automatic theorem prover for recursive function theory , Proc. Fifth Intl. Joint Conf . on Artificial Intelligence, MIT, Cambridge, MA, pp. 511-519. W. C. Carter, H. A. Ellozy, W. H. Joyner, Jr., and G. B. Leeman, Jr. [Jan. 1977], Techniques for microprogram validation , Memo RC6361, IBM T. J. Watson Research Center, Yorktown Heights, NY. N. Dershowitz [Apr. 19 79], A note on simplification orderings , Report R- 79-986, Department of Computer Science, University of Illinois, Urbana, IL. N. Dershowitz and Z. Manna [Aug. 1979], Proving termination with multiset orderings , Comm. ACM, vol. 22, no. 8, pp. 465-476. J. H. Griesmer and R. D. Jenks [Mar. 1971], SCRATCHPAD/1 - An interactive facility for symbolic mathematics , Proc. Second Symp . on Symbolic and Algebraic Manipulation (S. Petrick, ed.), Los Angeles, CA, ACM, New York, NY. A. C. Hearn [Mar. 1971], REDUCE 2-A system and language for algebraic manipulation , Proc. Second Symp. on Symbolic and Algebraic Manipulation (S. Petrick, ed.), Los Angeles, CA, ACM, New York, NY. G. Huet and D. S. Lankford [1978], On the uniform halting problem for term rewriting systems , Report 283, IRIA, Le Chesney, France. R. Iturriaga [May 1967], Contributions to mechanical mathematics , Ph.D. thesis, Carnegie-Mellon University, Pittsburgh, PA. D. E. Knuth and P. B. Bendix [1969], Simple word problems in universal algebras , Computational Problems in Universal Algebras (J. Leech, ed . ) , Pergamon Press, Oxford, pp. 263-297. J. B. Kruskal [May 1960], Well-quasi-ordering, the tree theorem, and Vazsonyi's conjecture , Trans. Amer. Math. Soc, vol. 95, pp. 210-225. D. S. Lankford [May 1975], Canonical algebraic simplification in computational logic , Memo ATP-25, Automatic Theorem Proving Project, Univ. of Texas, Austin, TX. D. S. Lankford [May 1979], On proving term rewriting systems are Noetherian , Memo MTP-3, Mathematics Dept., Louisiana Tech. Univ., Ruston, LA. 30 R. J. Lipton and L. Snyder [Aug. 1977], On the halting of tree replacement systems , Proc. Conf. on Theoretical Computer Science, Univ. of Waterloo, Waterloo, Ontario, pp. 43-46. Z. Manna and S. Ness [Jan. 1970], On the termination of Markov algorithms , Proc. Third Hawaii Intl. Conf. on System Sciences, Honolulu, HI, pp. 789-792, D. R. Musser [June 1978], A data type verification system based on rewrite rules , Memo, Information Sciences Institute, Univ. of Southern California, Marina del Ray, CA. C. St. J. A. Nash-Williams [1963], On well-quasi-ordering finite trees , Proc. Cambridge Philo . Soc, vol. 59, pp. 833-835. D. Plaisted [July 1978], Well-founded orderings for proving termination of systems of rewrite rules , Report R-78-932, Dept. of Computer Science, Univ. of Illinois, Urbana, IL. D. Plaisted [Sept. 1978], A recursively defined ordering for proving termination of term rewriting systems , Report R-78-943, Dept. of Computer Science, Univ. of Illinois, Urbana, IL. R. W. Weyhrauch [July 1977], A users manual for FOL , Memo AIM-235.1, Artificial Intelligence Laboratory, Stanford Univ., Stanford, CA. BIBLIOGRAPHIC DATA SHEET 4. Title and Subtitle 1. Report No. UIUCDCS-R-79-987 Orderings for Term- rewriting Systems 3. Recipient's Accession No. 5. Report Date August 19 79 7. Author(s) Nachum Dershowitz 9. Performing Organization Name and Address Dept. of Computer Science University of Illinois Urbana, IL 61801 12. Sponsoring Organization Name and Address National Science Foundation Washington, D.C. 15. Supplementary Notes 6. 8. Performing Organization Rept. No. 10. Project/Task/Work Unit No. 11. Contract /Grant No. NSF MCS 77-22 830 13. Type of Report & Period Covered 14. 16. Abstracts Methods of proving that a term- rewriting system terminates are presented. They are based on the notion of "simplification orderings", orderings in which any term that is homeomorphically embeddable in another is smaller than the other. Most of the well-founded orderings that have been used for proving termination are indeed simplification orderings. A particularly useful class of simplification orderings, the "recursive path orderings", is defined. Several examples of the use of such orderings in termination proofs are given. 17. Key Words and Document Analysis. 17a. Descriptors program verification, simplification orderings, term- rewriting, termination, well-founded orderings 17b. Identifiers/Open-Ended Terms 17c. COSATI Field/Group 18. Availability Statement FORM NTIS-35 (10-70) 19. Security Class (This Report) UNCLASSIFIED 20. Security Class (This Page UNCLASSIFIED 21. No. of Pages 12. 22. Price USCOMM-DC 40329-P7 1 \7Wt FEB 20