david delahaye cnam, paris, france micaela mayero université paris nord, villetaneuse, france

16
MAP’06 Castro Urdiales, Spa January 9, 2006 [email protected] http://cedric.cnam.fr/~delahaye/ [email protected] http://www-lipn.univ-paris13.fr/~mayero/ Quantifier Elimination over Algebraically Closed Fields in a Proof Assistant using a Computer Algebra System David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

Upload: tierra

Post on 03-Feb-2016

21 views

Category:

Documents


0 download

DESCRIPTION

Quantifier Elimination over Algebraically Closed Fields in a Proof Assistant using a Computer Algebra System. David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France. Introduction. We focus on: Theorem Proving Computer Algebra - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

MAP’06 Castro Urdiales, Spain

January 9, 2006

[email protected]://cedric.cnam.fr/~delahaye/

[email protected]://www-lipn.univ-paris13.fr/~mayero/

Quantifier Elimination over Algebraically Closed Fieldsin a Proof Assistant using a Computer Algebra System

David Delahaye

CNAM, Paris, France

Micaela MayeroUniversité Paris Nord, Villetaneuse, France

Page 2: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

2

MAP’06 Castro Urdiales, Spain

January 9, 2006

Introduction

• We focus on:

– Theorem Proving

– Computer Algebra

• In a Deduction System (DS):

hard to perform efficient computations.

In a Computer Algebra System (CAS):

no notion of consistency.

Page 3: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

3

MAP’06 Castro Urdiales, Spain

January 9, 2006

Approaches

• CASs dedicated to computations

DSs dedicated to validation

Make them interact!

1. To import validation into CASs

2. To import computations into DSs

– Believing approach

– Skeptical approach

– Autarkic approach

3. To build a system with both

• Adams/Dunstan/Gottliebsen Kelsey/Martin/Owre: Maple/PVSMaple/PVS (2001)• Colton: Maple/OtterMaple/Otter (2002)

• Harrison/Théry: HOL/MapleHOL/Maple (1998)• Delahaye/Mayero: Coq/MapleCoq/Maple (2002)

• Focal Team: Focal systemFocal system (1997…)

Page 4: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

4

MAP’06 Castro Urdiales, Spain

January 9, 2006

Contribution

• When importing CAS computations into DSs:

enhance the computational power of DSs.

• Our contribution:

Use a CAS to enhance the power of automation of a DS.

• Example:

– Quant. Elimination proc. over alg. closed fields (ACFs)

– In CoqCoq using MapleMaple

– Quite simple (one variable, skeptical appr.)

– Validation available (MapleMaple mode & ring/fieldring/field)

Page 5: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

5

MAP’06 Castro Urdiales, Spain

January 9, 2006

Algebraically Closed Fields

• K is an ACF:

• Fundamental theorem of Algebra (D’Alembert’s theorem):

Every non-constant pol. of K[X] has n roots.

• Equation and inequation system:

.0 )( . 0 )deg( ].[ xPKxPXKP

0 , ,0

0 , ,0 )(

1

1

m

n

QQ

PPS

A method of quantifier elimination

Page 6: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

6

MAP’06 Castro Urdiales, Spain

January 9, 2006

Quantifier elimination

• n = 0, m > 0: left (prop. 1)

• n > 0, m = 0: (prop. 2)

If P ≠ 1 then left (ACF) else right

• n > 0, m > 0:

– If P = 1 then right

– else G = gcd(P, Q):

If G = 1: (prop. 3)

else P = GP’: (prop. 4)

.0 . Qx

:0 ,

;0 ),(gcd

1

..1 ,

m

i i

nii

mQQ

nPP

0 . Px

0 . Px0 0 ' . GPx

Prop. 1: Q ≠ 0.

Prop. 2: P1 ≠ 0, P2 ≠ 0, G = gcd(P1, P2)..0 . iff 0 0 . 21 GxPPx

Prop. 3: P ≠ 0, Q ≠ 0, gcd(P, Q) = 1..0 . iff 0 0 . PxQPx

Prop. 4: P ≠ 0, Q ≠ 0, G = gcd(P, Q), P = GP1. iff 0 0 . QPx

.0 0 . 1 GPx

Φ ≡ “(S) has a sol.”:

Page 7: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

7

MAP’06 Castro Urdiales, Spain

January 9, 2006

Extraction of an algorithm

Prop. 5: P ≠ 0, Q ≠ 0, G = gcd (P, Q), P = GP1.

If G ≠ 1 then deg(P1) < deg(P).

• We proved that “the system (S) has solutions or not” constructively

and using well-founded induction schemes:

the problem is decidable.

• Heyting-Kolmogorov’s semantics:

we can extract an algorithm from the previous proof.

Page 8: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

8

MAP’06 Castro Urdiales, Spain

January 9, 2006

AlgorithmI. if n = 0 then go to III else compute

II. if m = 0 then apply prop. 1. Equivalent to

1. if P ≠ 1 then apply def. of ACF

2. else fail

III. if m ≠ 0:

1. compute

2. if n = 0 then apply prop. 2

3. else equivalent to

a. if P = 1 then fail

b. else compute G = gcd(P, Q):i. if G = 1 then apply prop. 3ii. else apply prop. 4 and re-apply the algorithm.

)(gcd ..1 , niiPP

:0 . Px

m

i iQQ1

:0 0 . QPx

Page 9: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

9

MAP’06 Castro Urdiales, Spain

January 9, 2006

Validation of computations

• We have a skeptical approach.

Theorem (Bézout, converse): P ≠ 0, Q ≠ 0, G ≠ 0.

If G divides P and Q and if there exist A and B s.t. AP + BQ = G

then G = gcd(P, Q).

• The CAS must provide the gcd G, the quotients P1 and Q1,

as well as the cofactors A and B.

• The DS must verify: P = P1G, Q = Q1G and AP + BQ = G.

Page 10: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

10

MAP’06 Castro Urdiales, Spain

January 9, 2006

Integration in CoqCoq using MapleMaple

• Why CoqCoq and MapleMaple?

existence of a MapleMaple mode for CoqCoq (Delahaye & Mayero, 2002).

• Work in CoqCoq:

– Theory of univariate polynomials

– Theory of ACFs (proofs of prop.)

– Systems of pol. with rational coefficients

• Work in MapleMaple: nothing to do (just use the gcd when needed).

Page 11: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

11

MAP’06 Castro Urdiales, Spain

January 9, 2006

Extension of the MapleMaple mode for CoqCoq

• Initially:

– Algebraic operations over a field

– Validated automatically by the tactic fieldfield

• Extension:

– Import the gcd, the quotients and the cofactors

– Verify the 3 equalities (divisors and Bézout’s relation):

carried out by the tactics ringring (normalization)

and fieldfield (coefficients)

Page 12: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

12

MAP’06 Castro Urdiales, Spain

January 9, 2006

Interface between CoqCoq and MapleMaple

CoqCoq MapleMaple

gcd(P, Q) Pm, Qm

Gm = gcdm(Pm, Qm)

with quot. P1, Q1

and cof. A, B

prove:P = P1G, Q = Q1Gand AP + BQ = G

G is the gcd of P and Q!

quotation

validation

Page 13: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

13

MAP’06 Castro Urdiales, Spain

January 9, 2006

A simple example

• P = 3X 3 + 10X 2 + 5X + 6

Q = 2X 2 + 5X – 3

• We want to prove:

G = gcd(P, Q) = X + 3; equivalent to: (prop. 4),

where P = P’G. Re-apply the algorithm:

gcd(P’, G) = 1; equivalent to: (prop. 3),

proved by def. of ACF.

0 0 ' . GPx

0 ' . Px

.0 0 . QPx

Page 14: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

14

MAP’06 Castro Urdiales, Spain

January 9, 2006

Running in Coq

Coq < Lemma lem1 : exists x : C, eval x P = C0 /\ eval x Q <> C0.

1 subgoal

============================

exists x : C, eval x P = C0 /\ eval x Q <> C0

lem1 < unfold P, Q.

1 subgoal

============================

exists x : C, eval x (PList C ((cte 3, 3) :: (cte 10, 2) :: (cte 5, 1) ::

(cte 6, 0) :: nil) sorted_p) = C0 /\ eval x (PList C ((cte 2, 2) ::

(cte 5, 1) :: (cte (-3), 0) :: nil) sorted_q) <> C0

lem1 < qelim.

Proof completed.

Page 15: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

15

MAP’06 Castro Urdiales, Spain

January 9, 2006

Another example

• quartic = X 4 + X 3 + X 2 + X

cubic = X 3 + X 2 + X + 1

line = X + 1

• Points on the two curves but not on the line?

• i, -i and -1 satisfy quartic = 0 and cubic = 0;

-1 does not satisfy line ≠ 0 but i and -i do.

0 0 0 . linecubicquarticx

Coq < Lemma lem2 : exists x : C, eval x quartic = C0 /\ eval x cubic = C0 /\ eval x line <> C0.

lem2 < unfold quartic, cubic, line; qelim.

Proof completed.

Page 16: David Delahaye CNAM, Paris, France Micaela Mayero Université Paris Nord, Villetaneuse, France

16

MAP’06 Castro Urdiales, Spain

January 9, 2006

Conclusion

• CASs can enhance the computational power of DSs:

CASs can also enhance the power of automation of DSs.

• The skeptical approach is a good way to benefit

both efficiency and soundness.

• Extensions:

– Multivariate polynomials: validation vs autarkic computations?

– Real closed fields?

– Interactions with other CASs: MuPADMuPAD, …