david delahaye cnam, paris, france micaela mayero université paris nord, villetaneuse, france
DESCRIPTION
Quantifier Elimination over Algebraically Closed Fields in a Proof Assistant using a Computer Algebra System. David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France. Introduction. We focus on: Theorem Proving Computer Algebra - PowerPoint PPT PresentationTRANSCRIPT
MAP’06 Castro Urdiales, Spain
January 9, 2006
[email protected]://cedric.cnam.fr/~delahaye/
[email protected]://www-lipn.univ-paris13.fr/~mayero/
Quantifier Elimination over Algebraically Closed Fieldsin a Proof Assistant using a Computer Algebra System
David Delahaye
CNAM, Paris, France
Micaela MayeroUniversité Paris Nord, Villetaneuse, France
2
MAP’06 Castro Urdiales, Spain
January 9, 2006
Introduction
• We focus on:
– Theorem Proving
– Computer Algebra
• In a Deduction System (DS):
hard to perform efficient computations.
In a Computer Algebra System (CAS):
no notion of consistency.
3
MAP’06 Castro Urdiales, Spain
January 9, 2006
Approaches
• CASs dedicated to computations
DSs dedicated to validation
Make them interact!
1. To import validation into CASs
2. To import computations into DSs
– Believing approach
– Skeptical approach
– Autarkic approach
3. To build a system with both
• Adams/Dunstan/Gottliebsen Kelsey/Martin/Owre: Maple/PVSMaple/PVS (2001)• Colton: Maple/OtterMaple/Otter (2002)
• Harrison/Théry: HOL/MapleHOL/Maple (1998)• Delahaye/Mayero: Coq/MapleCoq/Maple (2002)
• Focal Team: Focal systemFocal system (1997…)
4
MAP’06 Castro Urdiales, Spain
January 9, 2006
Contribution
• When importing CAS computations into DSs:
enhance the computational power of DSs.
• Our contribution:
Use a CAS to enhance the power of automation of a DS.
• Example:
– Quant. Elimination proc. over alg. closed fields (ACFs)
– In CoqCoq using MapleMaple
– Quite simple (one variable, skeptical appr.)
– Validation available (MapleMaple mode & ring/fieldring/field)
5
MAP’06 Castro Urdiales, Spain
January 9, 2006
Algebraically Closed Fields
• K is an ACF:
• Fundamental theorem of Algebra (D’Alembert’s theorem):
Every non-constant pol. of K[X] has n roots.
• Equation and inequation system:
.0 )( . 0 )deg( ].[ xPKxPXKP
0 , ,0
0 , ,0 )(
1
1
m
n
PPS
A method of quantifier elimination
6
MAP’06 Castro Urdiales, Spain
January 9, 2006
Quantifier elimination
• n = 0, m > 0: left (prop. 1)
• n > 0, m = 0: (prop. 2)
If P ≠ 1 then left (ACF) else right
• n > 0, m > 0:
– If P = 1 then right
– else G = gcd(P, Q):
If G = 1: (prop. 3)
else P = GP’: (prop. 4)
.0 . Qx
:0 ,
;0 ),(gcd
1
..1 ,
m
i i
nii
mQQ
nPP
0 . Px
0 . Px0 0 ' . GPx
Prop. 1: Q ≠ 0.
Prop. 2: P1 ≠ 0, P2 ≠ 0, G = gcd(P1, P2)..0 . iff 0 0 . 21 GxPPx
Prop. 3: P ≠ 0, Q ≠ 0, gcd(P, Q) = 1..0 . iff 0 0 . PxQPx
Prop. 4: P ≠ 0, Q ≠ 0, G = gcd(P, Q), P = GP1. iff 0 0 . QPx
.0 0 . 1 GPx
Φ ≡ “(S) has a sol.”:
7
MAP’06 Castro Urdiales, Spain
January 9, 2006
Extraction of an algorithm
Prop. 5: P ≠ 0, Q ≠ 0, G = gcd (P, Q), P = GP1.
If G ≠ 1 then deg(P1) < deg(P).
• We proved that “the system (S) has solutions or not” constructively
and using well-founded induction schemes:
the problem is decidable.
• Heyting-Kolmogorov’s semantics:
we can extract an algorithm from the previous proof.
8
MAP’06 Castro Urdiales, Spain
January 9, 2006
AlgorithmI. if n = 0 then go to III else compute
II. if m = 0 then apply prop. 1. Equivalent to
1. if P ≠ 1 then apply def. of ACF
2. else fail
III. if m ≠ 0:
1. compute
2. if n = 0 then apply prop. 2
3. else equivalent to
a. if P = 1 then fail
b. else compute G = gcd(P, Q):i. if G = 1 then apply prop. 3ii. else apply prop. 4 and re-apply the algorithm.
)(gcd ..1 , niiPP
:0 . Px
m
i iQQ1
:0 0 . QPx
9
MAP’06 Castro Urdiales, Spain
January 9, 2006
Validation of computations
• We have a skeptical approach.
Theorem (Bézout, converse): P ≠ 0, Q ≠ 0, G ≠ 0.
If G divides P and Q and if there exist A and B s.t. AP + BQ = G
then G = gcd(P, Q).
• The CAS must provide the gcd G, the quotients P1 and Q1,
as well as the cofactors A and B.
• The DS must verify: P = P1G, Q = Q1G and AP + BQ = G.
10
MAP’06 Castro Urdiales, Spain
January 9, 2006
Integration in CoqCoq using MapleMaple
• Why CoqCoq and MapleMaple?
existence of a MapleMaple mode for CoqCoq (Delahaye & Mayero, 2002).
• Work in CoqCoq:
– Theory of univariate polynomials
– Theory of ACFs (proofs of prop.)
– Systems of pol. with rational coefficients
• Work in MapleMaple: nothing to do (just use the gcd when needed).
11
MAP’06 Castro Urdiales, Spain
January 9, 2006
Extension of the MapleMaple mode for CoqCoq
• Initially:
– Algebraic operations over a field
– Validated automatically by the tactic fieldfield
• Extension:
– Import the gcd, the quotients and the cofactors
– Verify the 3 equalities (divisors and Bézout’s relation):
carried out by the tactics ringring (normalization)
and fieldfield (coefficients)
12
MAP’06 Castro Urdiales, Spain
January 9, 2006
Interface between CoqCoq and MapleMaple
CoqCoq MapleMaple
gcd(P, Q) Pm, Qm
Gm = gcdm(Pm, Qm)
with quot. P1, Q1
and cof. A, B
prove:P = P1G, Q = Q1Gand AP + BQ = G
G is the gcd of P and Q!
quotation
validation
13
MAP’06 Castro Urdiales, Spain
January 9, 2006
A simple example
• P = 3X 3 + 10X 2 + 5X + 6
Q = 2X 2 + 5X – 3
• We want to prove:
G = gcd(P, Q) = X + 3; equivalent to: (prop. 4),
where P = P’G. Re-apply the algorithm:
gcd(P’, G) = 1; equivalent to: (prop. 3),
proved by def. of ACF.
0 0 ' . GPx
0 ' . Px
.0 0 . QPx
14
MAP’06 Castro Urdiales, Spain
January 9, 2006
Running in Coq
Coq < Lemma lem1 : exists x : C, eval x P = C0 /\ eval x Q <> C0.
1 subgoal
============================
exists x : C, eval x P = C0 /\ eval x Q <> C0
lem1 < unfold P, Q.
1 subgoal
============================
exists x : C, eval x (PList C ((cte 3, 3) :: (cte 10, 2) :: (cte 5, 1) ::
(cte 6, 0) :: nil) sorted_p) = C0 /\ eval x (PList C ((cte 2, 2) ::
(cte 5, 1) :: (cte (-3), 0) :: nil) sorted_q) <> C0
lem1 < qelim.
Proof completed.
15
MAP’06 Castro Urdiales, Spain
January 9, 2006
Another example
• quartic = X 4 + X 3 + X 2 + X
cubic = X 3 + X 2 + X + 1
line = X + 1
• Points on the two curves but not on the line?
• i, -i and -1 satisfy quartic = 0 and cubic = 0;
-1 does not satisfy line ≠ 0 but i and -i do.
0 0 0 . linecubicquarticx
Coq < Lemma lem2 : exists x : C, eval x quartic = C0 /\ eval x cubic = C0 /\ eval x line <> C0.
lem2 < unfold quartic, cubic, line; qelim.
Proof completed.
16
MAP’06 Castro Urdiales, Spain
January 9, 2006
Conclusion
• CASs can enhance the computational power of DSs:
CASs can also enhance the power of automation of DSs.
• The skeptical approach is a good way to benefit
both efficiency and soundness.
• Extensions:
– Multivariate polynomials: validation vs autarkic computations?
– Real closed fields?
– Interactions with other CASs: MuPADMuPAD, …