Improved Certification of Complexity Proofs for Term Rewrite Systems - PowerPoint PPT Presentation

Improved Certification of Complexity Proofs for Term Rewrite Systems René Thiemann IFIP WG 1.6, Dortmund, June 26 Supported by the Austrian Science Fund (FWF) project Y757

Overview • IsaFoR + CeTA: Certifying Termination and Complexity Proofs • Certifying Matrix Growth • Formalization of the Perron–Frobenius Theorem 1

Annual International Termination Competition automatic termination and complexity tools • – powerful, complex, unreliable 2004 ? TRS 1 Yes Yes TRS 2 Yes No TRS 3 Yes 2

Annual International Termination Competition automatic termination and complexity tools • – powerful, complex, unreliable 2004 2005 . . . ? TRS 1 Yes + HR-Proof Yes + HR-Proof TRS 4 No + HR-Proof No + HR-Proof TRS 3 No + HR-Proof 2

Annual International Termination Competition automatic termination and complexity tools • – powerful, complex, unreliable 2004 2005 . . . 2007 . . . ? TRS 1 Yes + HR-Proof + MR-Proof Yes + HR-Proof + MR-Proof TRS 4 Yes + HR-Proof + MR-Proof No + HR-Proof + MR-Proof TRS 5 Yes + HR-Proof + MR-Proof 2

Certification of Termination Proofs automatic termination and complexity tools • – powerful, complex, unreliable certifiers • – reliable, soundness proof in proof assistants – revealed errors in tools and papers • certified termination and complexity analysis okay / reject answer TRS certificate unsupported 3

Certification of Termination Proofs automatic termination and complexity tools • – powerful, complex, unreliable certifiers • – reliable, soundness proof in proof assistants – revealed errors in tools and papers • certified termination and complexity analysis okay / reject answer TRS certificate unsupported • CeTA: certifier for termination, complexity, confluence, .. • soundness of CeTA: Isabelle Formalization of Rewriting developed in collaboration with Christian Sternagel and . . . 3

Certification of Termination Proofs automatic termination and complexity tools • – powerful, complex, unreliable certifiers • – reliable, soundness proof in proof assistants – revealed errors in tools and papers • certified termination and complexity analysis okay / reject answer TRS certificate unsupported • CeTA: certifier for termination, complexity, confluence, .. • soundness of CeTA: Isabelle Formalization of Rewriting developed in collaboration with Christian Sternagel and . . . • this talk improvements of IsaFoR/CeTA for complexity proofs 3

Complexity of Term Rewrite Systems sort ( Cons ( x , xs )) → insort ( x , sort ( xs )) sort ( Nil ) → Nil insort ( x , Cons ( y , ys )) → Cons ( x , Cons ( y , ys )) | x � y insort ( x , Cons ( y , ys )) → Cons ( y , insort ( x , ys )) | x � � y insort ( x , Nil ) → Cons ( x , Nil ) Aim: bound on maximal number of rewrite steps starting from sort ( Cons ( x 1 , . . . Cons ( x n , Nil ))) 4

Running Automated Complexity tool Running TCT on TRS yields O ( n 2 ) + certificate   3 3 0   [ [ sort ] ]( xs ) =  · [ [ xs ] ] 0 0 1  0 0 1     1 1 2 2     [ [ insort ] ]( x , xs ) =  · [ [ xs ] ] + 0 0 1 1    0 0 1 2     1 1 0 0     [ [ Cons ] ]( x , xs ) = · [ [ xs ] ] + 0 0 1 1     0 0 1 2 � �� � A   1   [ [ Nil ] ] = 0   5 2

Certification — Step 1 • ensure termination: check strict decrease in every rewrite step • for rewrite rule sort ( Cons ( x , xs )) → insort ( x , sort ( xs )) check [ [ sort ( Cons ( x , xs ))] ] =         3 3 3 3 > 3 3 3 2         0 0 1  · [ [ xs ] ] + 2 ≥ 0 0 1  · [ [ xs ] ] + 1       ≥ 0 0 1 2 0 0 1 2 = [ [ insort ( x , sort ( xs ))] ] 6

Certification — Step 2 • bound initial interpretation [ [ sort ( Cons ( x 1 , . . . Cons ( x n , Nil )))] ] =         3 3 0 1 0 �  A n A i  ∈ O ( n · A n )          + 0 0 1 0 1      i < n 0 0 1 2 2 ⇒ key analysis: growth of values of A n depending on n = 7

Matrix Growth • input: non-negative real matrix   1 1 0   A = 0 0 1   0 0 1 • task: decide matrix growth how large do values in A n get for increasing n ? 8

Eigenvalues and eigenvectors Matrix A has eigenvector v � = 0 with eigenvalue λ if Av = λ v Consequences • A n v = λ n v • | A n v | = | λ | n | v | • if | λ | > 1 then A n grows exponentially 9

Eigenvalues and eigenvectors Matrix A has eigenvector v � = 0 with eigenvalue λ if Av = λ v Consequences • A n v = λ n v • | A n v | = | λ | n | v | • if | λ | > 1 then A n grows exponentially Theorem A n grows polynomially if and only if | λ | � 1 for all eigenvalues λ of A 9

Eigenvalues and eigenvectors Matrix A has eigenvector v � = 0 with eigenvalue λ if Av = λ v Consequences • A n v = λ n v • | A n v | = | λ | n | v | • if | λ | > 1 then A n grows exponentially Theorem A n grows polynomially if and only if | λ | � 1 for all eigenvalues λ of A Remark • λ is eigenvalue of A if and only if λ is root of characteristic polynomial χ A 9

Eigenvalues and eigenvectors Matrix A has eigenvector v � = 0 with eigenvalue λ if Av = λ v Consequences • A n v = λ n v • | A n v | = | λ | n | v | • if | λ | > 1 then A n grows exponentially Theorem A n ∈ O ( n d ) if and only if | λ | � 1 and | λ | = 1 − → max-size (Jordan Blocks λ ) � d + 1 for all eigenvalues λ of A Remark • λ is eigenvalue of A if and only if λ is root of characteristic polynomial χ A 9

Old certification algorithm for A n ∈ O ( n d ) Input: Matrix A and degree d Output: Accept or assertion failure 1 Compute all eigenvalues λ 1 , . . . , λ n of A (all complex roots of χ A ) 2 Compute spectral radius ρ A := max i | λ i | 3 Assert ρ A � 1 4 For each λ i with | λ i | = 1, and Jordan block of A and λ i with ������� ����� size s i , assert s i � d + 1 ��� 5 Accept ��� ��� �� ��� - ��� - ��� - ��� - ��� - ��� - ��� ��� ��� ��� ��� �� 10

Example of linear growth Input: Matrix A and degree d Output: Accept or assertion failure 1 Compute all eigenvalues λ 1 , . . . , λ n of A (all complex roots of χ A ) 2 Compute spectral radius ρ A := max i | λ i | 3 Assert ρ A � 1 4 For each λ i with | λ i | = 1, and Jordan block of A and λ i with size s i , assert s i � d + 1 5 Accept   1 1 0   Input: A = 0 0 1  , d = 1  0 0 1 1 . λ 1 = 1 , λ 2 = 0 2 . ρ A = 1 4 . s 1 = 2 � d + 1 11

Another example   2 0 0 0   0 0 0 1 Input: A = 1     2   0 1 0 1   0 0 1 1 1 . χ A = ( x − 1 ) ( 8 x 3 − 4 x 2 − 2 x − 1 ) 8 λ 1 = 1 λ 2 = ( root #1 of f 1 ) λ 3 = ( root #1 of f 2 ) + ( root #1 of f 3 ) i λ 4 = ( root #1 of f 2 ) + ( root #2 of f 3 ) i f 1 = 8 x 3 − 4 x 2 − 2 x − 1 f 2 = 32 x 3 − 16 x 2 + 1 f 3 = 1024 x 6 + 512 x 4 + 64 x 2 − 11 12

The problem and its solution • old algorithm requires precise calculations ( | λ i | = 1) • precise calculations are possible with algebraic numbers, but expensive • aim: avoid explicit computation of eigenvalues • solution: apply the Perron–Frobenius theorem 13

Perron–Frobenius, Part 1 Theorem (Perron–Frobenius) Let A be a non-negative real matrix • ρ A is an eigenvalue of A Consequence ������� ����� ������� ����� ��� ��� ��� ��� ��� ��� − → �� �� ��� ��� - ��� - ��� - ��� - ��� - ��� - ��� - ��� - ��� - ��� ��� ��� ��� ��� - ��� - ��� - ��� ��� ��� ��� ��� �� �� 14

Perron–Frobenius, Part 2 Theorem (Perron–Frobenius) Let A be a non-negative real and irreducible matrix • ρ A is an eigenvalue of A • ρ A has multiplicity 1 • ρ A is only eigenvalue with non-negative real eigenvector • ∃ f k . χ A = f · ( x k − ρ k A ) ∧ ( f ( y ) = 0 − → | y | < ρ A ) • . . . 15

Perron–Frobenius, Part 2 Theorem (Perron–Frobenius) Let A be a non-negative real and irreducible matrix • ρ A is an eigenvalue of A • ρ A has multiplicity 1 • ρ A is only eigenvalue with non-negative real eigenvector • ∃ f k . χ A = f · ( x k − ρ k A ) ∧ ( f ( y ) = 0 − → | y | < ρ A ) • . . . Consequences • non-negative real and irreducible matrices have constant or exponential growth • complexity proofs with irreducible matrices cannot prove runtime/derivational complexity O ( n d ) for d > 1 15