Proving Properties of Constraint Logic Programs by Eliminating Existential Variables Alberto Pettorossi (Università di Roma “Tor Vergata”), Maurizio Proietti

Proving Propertiesof Constraint Logic Programs

by Eliminating Existential Variables

Alberto Pettorossi (Università di Roma “Tor

Vergata”),

Maurizio Proietti (IASI-CNR, Roma),

Valerio Senni (Università di Roma “Tor

Vergata”)CILC2006 – DIB – Università di Bari 26-27 June 2006

• Goal: proving first order properties ofCostraint Logic Programs (CLPs)

• Focus: CLPs on the domain of lists andreal numbers

• Technique: existential quantifiers elimination by meansof program transformation

1. Outline of the work

• Polynomials p ::= a | X | p1 + p2 | a X where a and X Var

• Constraints c ::= p1 = p2 | p1 < p2 | p1 ≤ p2 | c1 c2

• LR-programs

head terms h ::= X | [ ] | [X|L] where X Var and L VarL

body terms b ::= p | Lclauses cl ::= r1(h1,…,hn) c |

r1 (h1,…,hn) c r2 (b1,…,bn) |

r1 (h1,…,hn) c r2 (b1,…,bn)

Goal: given a program P and a property , verify whether or not

M(P)

2. Programs on lists of reals

• start from the pair < P, prop >

• transform the statement prop into a (stratified, finite) set of definitions D1…Dn

• add each of the D1…Dn to the inital program P obtaining at each step a new lr-program without existential variables

• If the transformation process terminates, then the definition of propis propositional(by definition of lr-programs)

3. Proof by transformation

4. An example

• Initial program P

member (X,[Y|L]) X=Y member (X,[Y|L]) member (X,L)

• Property : L U X ( X L X ≤ U )

we want to show that any list of reals has an upper bound

• Two steps :

1. First we transform the statement prop into a set of definitions

D1…Dn

2. By applying the Unfold/Fold rules we transform D1…Dn P into a

new program T such that the definition of prop is propositional

5. Clause-Form Transformation

: L U X ( X L X ≤ U )

prop L U X ( X L X > U )

D4: prop p

D3: p list (L) q (L)

D2: q (L) list (L) r (L,U)

D1: r (L,U) X > U list(L) member (X,L)

p

q

r

• not lr-clauses

• with existential variables

Step 1.

6. Unfold-Fold Transformation

D4 : prop p

D3 : p p1

p1 p1

D2 : q ([]) q ([X|T]) q1(X,T)

q1 (X,[Y|T]) X > Y q1 (X , L)

q1 (X,[Y|T]) X ≤ Y q1 (Y , L)

D1 : r ([X|T],U) X > U list (L) r ([X|T],U) r (T,U)

Step 2.

by repeated applications of the

• unfold, • fold and• constraint replacement

ruleswe obtain the final program

TT

For each initial predicate we have obtained a new definition, made of lr-clauses.

Possibly with the use of some auxiliary predicate (p1, q1)

The unfold/fold transformation is aimed at transforming the clausesobtained after the Step 1 into lr-clauses.


D4 : prop p

D3 : p p1

p1 p1

D2 : q ([]) q ([X|T]) q1(X,T)

q1 (X,[Y|T]) X > Y q1 (X , L)

q1 (X,[Y|T]) X ≤ Y q1 (Y , L)


Step 2.




TT





D4 : prop p

D3 : p p1

p1 p1

D2 : q ([]) q ([X|T]) q1(X,T)

q1 (X,[Y|T]) X > Y q1 (X , L)

q1 (X,[Y|T]) X ≤ Y q1 (Y , L)


Step 2.




TT





D4 : prop p

D3 : p p1

p1 p1

D2 : q ([]) q ([X|T]) q1(X,T)

q1 (X,[Y|T]) X > Y q1 (X , L)

q1 (X,[Y|T]) X ≤ Y q1 (Y , L)


Step 2.




TT




prop

7. The Unfold-Fold Strategy

A general Unfold/Fold strategy

Input: an lr-program P and a hierarchy <D1,...,Dn> of clauses

Output: an lr-program T

unfold +

replace-constraints *

define-fold *

for all D1,...,Dn :

Di

NewDefs =

i > n

noyes

no

yesT

the finalprogram

i := i + 1

8. The Unfold-Fold Strategy at work

start from clause D1 :

r (L,U) X > U list(L) member (X,L)

Unfold : r ([X|T],U) X > U list(T) r ([X|T],U) Y > U list(T) member (Y,T)

Fold : 1. r ([X|T],U) X > U list(T)

2. r ([X|T],U) r (T,U)

8. The Unfold-Fold Strategy at work

start from clause D1 :

r (L,U) X > U list(L) member (X,L)

Unfold : r ([X|T],U) X > U list(T) r ([X|T],U) Y > U list(T) member (Y,T)

Fold : 1. r ([X|T],U) X > U list(T)

2. r ([X|T],U) r (T,U)

We go on with the following definitions D2, D3, and D4

• lr-clauses

• without existential variables

9. Introduction of new Definitions

we cannot fold

clause D2 :

q (L) list (L) r (L,U)

Unfold : q ([ ]) q ([X|T]) X ≤ U list (T) r (T,U)


clause D2 :



Define : q1(X,T) X ≤ U list (T) r (T,U)

Fold : 3. q ([ ]) 4. q ([X|T]) q1(X,T)

Continue to apply the transformation rules to the new definition

Unfold : q1(X,[ ])

q1(X,[Y|T]) X ≤ U Y ≤ U list (T) r (T,U)

we cannot fold


need for newdefinitions

reduce theoccurrences of existential variables

clause D2 :



Define : q1(X,T) X ≤ U list (T) r (T,U)

Fold : 3. q ([ ]) 4. q ([X|T]) q1(X,T)

Continue to apply the transformation rules to the new definition

Unfold : q1(X,[ ])

q1(X,[Y|T]) X ≤ U Y ≤ U list (T) r (T,U)

we cannot fold

10. Constraint Replacement

: q1 (X,[Y|T]) X ≤ U Y ≤ U list (T) r (T,U)

U

X YX ≤ U Y ≤ U

U

X

Y

U

Y

X

X > Y X ≤ U X ≤ Y Y ≤ U



We substitute the clause for and

: q1 (X,[Y|T]) X > Y X ≤ U list (T) r (T,U)

: q1 (X,[Y|T]) X ≤ Y Y ≤ U list (T) r (T,U)

U

X YX ≤ U Y ≤ U

U

X

Y

U

Y

X

X > Y X ≤ U X ≤ Y Y ≤ U



We substitute the clause for and

: q1 (X,[Y|T]) X > Y X ≤ U list (T) r (T,U)

: q1 (X,[Y|T]) X ≤ Y Y ≤ U list (T) r (T,U)

after folding we obtain :

5. q1 (X,[Y|T]) X > Y q1 (X,T)

6. q1 (X,[Y|T]) X ≤ Y q1 (Y,T)

U

X YX ≤ U Y ≤ U

U

X

Y

U

Y

X

X > Y X ≤ U X ≤ Y Y ≤ U

which allowfor folding

11. Last part of the Trasformation

clause D3 : p list (L) q (L)

Unfold : p list(T) q1 (X,T)

Define : p1 list(T) q1 (X,T)

Fold : 7. p p1

Unfold : p1 X > Y list(T) q1

(X,T) p1 X ≤ Y list(T) q1

(Y,T)

ConstraintReplace : p1 list(T) q1 (Y,T)

Fold : 8. p1 p1

project theseconstraints out

12. Final Program

At the end of the transformation we obtain the following program:

1. r ([X|T],U) X > U list(T)

2. r ([X|T],U) r (T,U)3. q ([ ]) 4. q ([X|T]) newp1(X,T)

5. q1 (X,[Y|T]) X > Y q1 (X,T)

6. q1 (X,[Y|T]) X ≤ Y q1 (Y,T)

7. p p1

8. p1 p1

9. prop p

T :

By simple inspection of the program T we can decide that the property prop is true

13. Termination

A brief note on termination:

unfold +


define-fold *

for all D1,...,Dn :

Di

NewDefs =

i > n

noyes

no

yesT

the finalprogram

i := i + 1

13. Termination

A brief note on termination:

The only source for nontermination is the possibleintroduction of infinitely many new definitions

unfold +


define-fold *

for all D1,...,Dn :

Di

NewDefs =

i > n

noyes

no

yesT

the finalprogram

i := i + 1

14. Experimental results

We have run some experiments on the MAP system that implements

the Unfold/Fold transformation strategy.

• constraints handling: clp(r) module of SICStus prolog(implementing a variant of the Fourier-Motzkin algorithm for existential variables elimination)

• theorems in the theory of linear orders, lists, and sum

Property Time

L U Y ( YL Y U ) 140 ms

L Y ( (sumlist(L,Y) Y > 0) X (XL X > 0) ) 170 ms

L M N ( (ord(L) ord(M) sumzip(L,M,N)) ord(N) ) 160 ms

L M X Y ( (leqlist(L,M) sumlist(L,X) sumlist(M,Y)) X Y )

50 ms

15. Future work

• identify some theories of interest for which this strategy succeeds

• experiment on different data structures (e.g. trees) anddomains with a linear order and closed under projection

• investigate phenomena that lead to nontermination

• generalization techniques that allow for folding

Documents

Proving Properties of Constraint Logic Programs by Eliminating Existential Variables Alberto Pettorossi (Università di Roma “Tor Vergata”), Maurizio Proietti