Implementing the Omega Test in HOL Outline: Basic Fourier-Motzkin - PowerPoint PPT Presentation

Implementing the Omega Test in HOL Outline: Basic Fourier-Motzkin variable elimination Omega’s extension to F-M variable elimination Implementing this in HOL On the need for efficiency in conversion to DNF ARG lunch – p.1

Fourier-Motzkin Variable Elimination The basis for Hodes’s method ( ARITH CONV in HOL and d.p.’s in Isabelle, ACL2 and Coq) Fundamental theorem: ( ∃ x. a ≤ αx ∧ βx ≤ b ) ≡ aβ ≤ αb True over R (and Q ). . . ARG lunch – p.2

Fourier-Motzkin Variable Elimination The basis for Hodes’s method ( ARITH CONV in HOL and d.p.’s in Isabelle, ACL2 and Coq) Fundamental theorem: ( ∃ x. a ≤ αx ∧ βx ≤ b ) ≡ aβ ≤ αb True over R (and Q ). . . . . . false over Z E.g., ( ∃ x. 3 ≤ 2 x ≤ 3) �≡ 6 ≤ 6 ARG lunch – p.2

� ✁ ✁ � ✁ � � ✁ � ✁ ✁ FMVE—Multiple Constraints Let L ( x ) be conjunction of lower bounds on x , indexed by i , of the form a > 0) . ≤ α ( α x Let U ( x ) be conjunction of upper bounds on x , indexed by j , of the form β > 0) . x ≤ b ( β Want to show: � ( ∃ x. L ( x ) ∧ U ( x )) ≡ ≤ α a β b �✄✂ On assumption that core theorem is true. (Similar “ex- tension to n × m constraints” proofs are required for theorems over Z .) ARG lunch – p.3

☎ ☎ ☎ ☎ ☎ ☎ Multiple Constraints: Induction #1 Many upper bounds, one lower bound. Have: � ( ∃ x. a ≤ αx ∧ U ( x )) ≡ ≤ αb aβ Want ( ∃ x. a ≤ αx ∧ βx ≤ b ∧ U ( x )) ≡ � ≤ αb ∧ aβ ≤ αb aβ ARG lunch – p.4

✆ ✆ ✆ ✆ ✆ ✆ Multiple Constraints: Induction #1 Many upper bounds, one lower bound. Have: � ( ∃ x. a ≤ αx ∧ U ( x )) ≡ ≤ αb aβ Want ( ∃ x. a ≤ αx ∧ βx ≤ b ∧ U ( x )) ≡ � ≤ αb ∧ aβ ≤ αb aβ Left to right is easy: I.H. gives first conjunct; core theorem gives second. ARG lunch – p.4

✝ ✝ ✝ ✝ ✝ ✝ Multiple Constraints: Induction #1 Many upper bounds, one lower bound. Have: � ( ∃ x. a ≤ αx ∧ U ( x )) ≡ ≤ αb aβ Want ( ∃ x. a ≤ αx ∧ βx ≤ b ∧ U ( x )) ≡ � ≤ αb ∧ aβ ≤ αb aβ Right to left: I.H. gives us ∃ y. a ≤ αy ∧ U ( y ) ARG lunch – p.5

✞ ✞ ✞ ✞ ✞ ✞ Multiple Constraints: Induction #1 Many upper bounds, one lower bound. Have: � ( ∃ x. a ≤ αx ∧ U ( x )) ≡ ≤ αb aβ Want ( ∃ x. a ≤ αx ∧ βx ≤ b ∧ U ( x )) ≡ � ≤ αb ∧ aβ ≤ αb aβ Right to left: I.H. gives us ∃ y. a ≤ αy ∧ U ( y ) Core theorem gives ∃ z. a ≤ αz ∧ βz ≤ b ARG lunch – p.5

✟ ✟ ✟ ✟ ✟ ✟ Multiple Constraints: Induction #1 Many upper bounds, one lower bound. Have: � ( ∃ x. a ≤ αx ∧ U ( x )) ≡ ≤ αb aβ Want ( ∃ x. a ≤ αx ∧ βx ≤ b ∧ U ( x )) ≡ � ≤ αb ∧ aβ ≤ αb aβ Right to left: I.H. gives us ∃ y. a ≤ αy ∧ U ( y ) Core theorem gives ∃ z. a ≤ αz ∧ βz ≤ b y and z both satisfy ( a, α ) -constraint. Minimum of y and z will satisfy both upper-bound constraints. ARG lunch – p.5

✠ ☛ ✠ ☛ ☛ ✠ ✠ ☛ ✠ ✡ ☛ ☛ ✡ ✠ ☛ ☛ ☛ Multiple Constraints: Induction #2 n upper bounds, m lower bounds. Have: � ( ∃ x. L ( x ) ∧ U ( x )) ≡ ≤ α a β b Want ( ∃ x. a ≤ αx ∧ L ( x ) ∧ U ( x )) ≡ � � ≤ α ∧ ≤ αb a β b aβ ARG lunch – p.6

✌ ✍ ☞ ✍ ✍ ☞ ☞ ✍ ☞ ☞ ✍ ✍ ✌ ☞ ✍ ✍ ✍ Multiple Constraints: Induction #2 n upper bounds, m lower bounds. Have: � ( ∃ x. L ( x ) ∧ U ( x )) ≡ ≤ α a β b Want ( ∃ x. a ≤ αx ∧ L ( x ) ∧ U ( x )) ≡ � � ≤ α ∧ ≤ αb a β b aβ Left to right: first conjunct by I.H.; second by appeal to induction #1 ARG lunch – p.6

✏ ✑ ✎ ✑ ✑ ✎ ✎ ✑ ✎ ✎ ✑ ✑ ✏ ✎ ✑ ✑ ✑ Multiple Constraints: Induction #2 n upper bounds, m lower bounds. Have: � ( ∃ x. L ( x ) ∧ U ( x )) ≡ ≤ α a β b Want ( ∃ x. a ≤ αx ∧ L ( x ) ∧ U ( x )) ≡ � � ≤ α ∧ ≤ αb a β b aβ Right to left: I.H. gives ∃ y. L ( y ) ∧ U ( y ) . ARG lunch – p.7

✓ ✔ ✒ ✔ ✔ ✒ ✒ ✔ ✒ ✒ ✔ ✔ ✓ ✒ ✔ ✔ ✔ Multiple Constraints: Induction #2 n upper bounds, m lower bounds. Have: � ( ∃ x. L ( x ) ∧ U ( x )) ≡ ≤ α a β b Want ( ∃ x. a ≤ αx ∧ L ( x ) ∧ U ( x )) ≡ � � ≤ α ∧ ≤ αb a β b aβ Right to left: I.H. gives ∃ y. L ( y ) ∧ U ( y ) . Induction #1 gives ∃ z. a ≤ αz ∧ U ( z ) . ARG lunch – p.7

✗ ✗ ✕ ✗ ✗ ✕ ✕ ✗ ✕ ✕ ✗ ✗ ✖ ✕ ✗ ✗ ✖ Multiple Constraints: Induction #2 n upper bounds, m lower bounds. Have: � ( ∃ x. L ( x ) ∧ U ( x )) ≡ ≤ α a β b Want ( ∃ x. a ≤ αx ∧ L ( x ) ∧ U ( x )) ≡ � � ≤ α ∧ ≤ αb a β b aβ Right to left: I.H. gives ∃ y. L ( y ) ∧ U ( y ) . Induction #1 gives ∃ z. a ≤ αz ∧ U ( z ) . y and z both satisfy U . Take their maximum to satisfy L and the other lower bound constraint. ARG lunch – p.7

✘ ✚ ✚ ✘ ✙ ✚ ✘ ✘ ✚ Exact Shadow Elimination The formula � ≤ α a β b is known as the real shadow . If all of the α or all of the β are equal to 1, then we can use it to eliminate quantifiers over Z . ARG lunch – p.8

✛ ✛ ✜ ✢ ✛ ✢ ✛ ✢ ✢ Exact Shadow Elimination The formula � ≤ α a β b is known as the real shadow . If all of the α or all of the β are equal to 1, then we can use it to eliminate quantifiers over Z . The core theorem ( ∃ x. a ≤ αx ∧ βx ≤ b ) ≡ aβ ≤ αb is true over Z because. . . ARG lunch – p.8

✥ ✥ ✥ ✣ ✤ ✥ ✣ ✣ ✣ Exact Shadow Elimination The formula � ≤ α a β b is known as the real shadow . If all of the α or all of the β are equal to 1, then we can use it to eliminate quantifiers over Z . The core theorem ( ∃ x. a ≤ αx ∧ βx ≤ b ) ≡ aβ ≤ αb is true over Z because. . . left to right: transitivity still holds ARG lunch – p.8

★ ★ ★ ✦ ✧ ★ ✦ ✦ ✦ Exact Shadow Elimination The formula � ≤ α a β b is known as the real shadow . If all of the α or all of the β are equal to 1, then we can use it to eliminate quantifiers over Z . The core theorem ( ∃ x. a ≤ αx ∧ βx ≤ b ) ≡ aβ ≤ αb is true over Z because. . . left to right: transitivity still holds right to left: take x = b if β = 1 , x = a if α = 1 ARG lunch – p.8

✯ ✰ ✮ ✰ ✯ ✭✮ ✬ ✭ ✪ ✭ ✱ ✩ ✲ ✪ ✩ ✪ ✪ ✩ ✪ ✩ ✪ ✩ Shadows with Splinters Pugh claims that exact shadow eliminations occur frequently Otherwise, following theorem required: Let m be the maximum of all the β s. Then ( ∃ x. L ( x ) ∧ U ( x )) ≡ ( � ( α − 1)( β − 1) ≤ α − a ) b β ✪✄✫ ∨ � � ∃ x. ( α x = a + k ) ∧ L ( x ) ∧ U ( x ) =0 First disjunct known as dark shadow . Other disjuncts known as splinters ARG lunch – p.9

Proof of Core Omega Theorem Result is of form ( ∃ x. L ( x ) ∧ U ( x )) ≡ “dark shadow” ∨ “splinters” Proof has three cases: “dark shadow” ⇒ ∃ x. L ( x ) ∧ U ( x ) “splinters” ⇒ ∃ x. L ( x ) ∧ U ( x ) ( ∃ x. L ( x ) ∧ U ( x )) ∧ ¬ “dark shadow” ⇒ “splinters” ARG lunch – p.10

Core Omega Theorem—Case 1 � i,j ( α i − 1)( β j − 1) ≤ α i b j − a i β j ∃ x. L ( x ) ∧ U ( x ) ⇒ ARG lunch – p.11

Core Omega Theorem—Case 1 � i,j ( α i − 1)( β j − 1) ≤ α i b j − a i β j ∃ x. L ( x ) ∧ U ( x ) ⇒ Do singleton case, extend by two inductions as before: ( α − 1)( β − 1) ≤ αb − aβ ⇒ ∃ x. a ≤ αx ∧ βx ≤ b ARG lunch – p.11

Core Omega Theorem—Case 1 � i,j ( α i − 1)( β j − 1) ≤ α i b j − a i β j ∃ x. L ( x ) ∧ U ( x ) ⇒ Do singleton case, extend by two inductions as before: ( α − 1)( β − 1) ≤ αb − aβ ⇒ ∃ x. a ≤ αx ∧ βx ≤ b Assume opposite, so ¬∃ x. aβ ≤ αβx ≤ αb ARG lunch – p.11

Core Omega Theorem—Case 1 � i,j ( α i − 1)( β j − 1) ≤ α i b j − a i β j ∃ x. L ( x ) ∧ U ( x ) ⇒ Do singleton case, extend by two inductions as before: ( α − 1)( β − 1) ≤ αb − aβ ⇒ ∃ x. a ≤ αx ∧ βx ≤ b Assume opposite, so ¬∃ x. aβ ≤ αβx ≤ αb No multiple of αβ between aβ and αb , so ∃ i. αβi < aβ ≤ αb < αβ ( i + 1) ARG lunch – p.11

Core Omega Theorem—Case 1 � i,j ( α i − 1)( β j − 1) ≤ α i b j − a i β j ∃ x. L ( x ) ∧ U ( x ) ⇒ Do singleton case, extend by two inductions as before: ( α − 1)( β − 1) ≤ αb − aβ ⇒ ∃ x. a ≤ αx ∧ βx ≤ b Assume opposite, so ¬∃ x. aβ ≤ αβx ≤ αb No multiple of αβ between aβ and αb , so ∃ i. αβi < aβ ≤ αb < αβ ( i + 1) Have 0 < αβ ( i + 1) − αb ARG lunch – p.11