1 / 52

Kleene Algebra with Tests

Kleene Algebra with Tests. Dexter Kozen Cornell University Workshop on Logic & Computation Nelson, NZ, January 2004. These Lectures. Tutorial on KA and KAT model theory complexity, deductive completeness relation to Hoare logic Practical applications compiler optimization

jela
Download Presentation

Kleene Algebra with Tests

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Kleene Algebra with Tests Dexter Kozen Cornell University Workshop on Logic & Computation Nelson, NZ, January 2004

  2. These Lectures • Tutorial on KA and KAT • model theory • complexity, deductive completeness • relation to Hoare logic • Practical applications • compiler optimization • scheme equivalence • static analysis • Theoretical applications • automata on guarded strings & BDDs • algebraic version of Parikh’s theorem • representation • dynamic model theory

  3. Kleene Algebra (KA)is the algebra of regular expressions pq + qp p*q {pq,qp} {q,pq,p2q,p3q, …} (p + q)* = (p*q)*p* (pq)*p = p(qp)* {all strings over p,q}{p,pqp,pqpqp,} (0 + 1(01*0)*1)* {multiples of 3 in binary} p p q q q p p,q q p 0 1 0 1 0 1

  4. Standard Interpretation Regular sets over  A+B = A  B AB = {xy | x  A, y  B} A* = Un0 An = A0 A1 A2 ... 1 = {} 0 =  p   interpreted as {p}

  5. Binary Relations R, S binary relations on a set X R+S = R  S RS = R ° S = {(u,v) | w (u,w)  R, (w,v)  S} R* = reflexive transitive closure of R = Un0 Rn = R  R1 R2  1 = identity relation = {(u,u) | u  X} 0 = 

  6. Applications • Automata and formal languages regular expressions • Program logic and verification Dynamic Logic program analysis protocol verification compiler optimization • Algorithms shortest paths connectivity computational geometry

  7. Prehistory • Definition, relation to finite automata Kleene 56 • No purely equational axiomatization Redko 64 • Axiomatization of equational theory Salomaa 66 • Algebraic theory Conway 71 • Equational theory PSPACE complete (Stock+1)Meyer 74

  8. def x  y  x + y = y Axioms of KA [K91] • K is an idempotent semiring under +, ·, 0, 1 (p + q) + r = p + (q + r) (pq)r = p(qr) p + q = q + p p1 = 1p = p p + p = p p0 = 0p = 0 p + 0 = p p(q + r) = pq + pr (p + q)r = pr + qr • p*q = least x such that q + px  x • qp* = least x such that q + xp  x

  9. Succinctly stated, A Kleene algebra is an idempotent semiring such that • p*qis the least fixpoint ofx.(q + px) • qp*is the least fixpoint ofx.(q + xp)

  10. This is a universal Horn axiomatization • p*q = least x such that q + px  x q + p(p*q) p*q q + px  x  p*q x • qp* = least x such that q + xp  x q + p(qp*) qp* q + px  x  qp* x Every system of linear inequalities a11x1 + ... + an1xn + b1 x1 . . . an1x1 + ... + annxn + bn xn has a unique least solution

  11. Complete semirings (quantales) i  I pi = supremum of {pi | i  I} with respect to  *-continuity pq*r = sup pqnr • infinitary • same equational theory Eq(KA) = Eq(KA*) n  0 Alternative Characterizations of *

  12. Some Useful Properties 1 + pp* = 1 + p*p = p* p*p* = p** = p* (pq)*p = p(qp)* sliding (p*q)*p* = (p + q)*denesting px = xq  p*x = xq* bisimulation qp = 0  (p + q)* = p*q* loop distribution qp = pq  (p + q)* = (pq)*(p* + q*)

  13. Proof of the Sliding Rule (ab)*a  a(ba)* a + aba(ba)* = a(1 + ba(ba)*) distributivity = a(ba)* 1 + pp* = p*. a + aba(ba)*  a(ba)* (ab)*a  a(ba)*q + px x  p*q x The reverse inequality  is symmetric.

  14. Completeness and Complexity • Deductively complete for the equational theory of regular sets of strings and relational models [K 94] • Complexity: Equational theory is PSPACE-complete [Meyer+Stockmeyer 74] • Hoare theory (Horn theory with premises p = 0) is PSPACE-complete [Cohen 93] • Horn theory is 1-complete for star-continuous & relational models [Hardin+K 03] 1

  15. Matrices over a KA a b c d e f g h a+e b+f c+g d+h def + = ae+bg af+bh ce+dg cf+dh a b c d e f g h · def = 1 0 0 1 0 0 0 0 def def = 0 = 1 a b c d * (a+bd*c)* (a+bd*c)*bd* (d+ca*b)*ca* (d+ca*b)* def =

  16. Matrices over a KA * a b c d (a+bd*c)* (a+bd*c)*bd* (d+ca*b)*ca* (d+ca*b)* def = b d a c

  17. Matrices over a KA Representation of finite automata Construction of regular expressions Solution of linear equations over a KA Connectivity and shortest path algorithms

  18. Solution of Linear Inequalities a11x1 + ... + an1xn + b1 x1 . . . an1x1 + ... + annxn + bn xn a11 ... an1 . . +  . an1 ... ann x1 . . . xn b1 . . . bn x1 . . . xn

  19. Shortest PathsThe min,+ algebra R+ {} r + s = min r,s rs = r + s r* = 0 0 =  1 = 0  =  .9 1.4 3.2 * 0 1.4 2.3 0 .9   0 0 1.4 3.2 0 .9   0 =

  20. Other Models Convex polyhedra [Iwano & Steiglitz 90] AB = {ax + by | x  A, y  B} A* = convex hull of A A B

  21. Other Models Convex polyhedra [Iwano & Steiglitz 90] AB = {ax + by | x  A, y  B} A* = convex hull of A A B

  22. Hoare LogicC. A. R. “Sir Tony” Hoare, 1969 • The first formal system for verification of well-structured programs • Initiated the field of program correctness • Inspiration of hundred of technical articles, books, book chapters, surveys • Turing Award 1980, knighted in 1999

  23. Partial Correctness Assertions {b}p{c} postcondition program precondition ‘‘If b holds in the current state, and if p is executed starting in the current state, then if p halts, c will be true of the halting state.’’

  24. {b}p{c},{c}q{d} {b}pq{d} b’  b, {b}p{c}, c  c’ {b’}p{c’} Rules of Hoare Logic assignment rule {b[x/e]} x:=e {b} composition rule {bc}p{d},{bc}q{d} {c}if b then p else q{d} conditional rule {bc}p{c} {c}while b do p{bc} while rule weakening rule

  25. Dynamic Logic[Pratt 76] <p>b “Starting from the current state, it is possible for p to halt in a state satisfying b.” [p]b “Starting from the current state, it is necessary that if p halts, it does so in a state satisfying b.” DL subsumes HL {b}p{c} b  [p]c

  26. Propositional Dynamic Logic (PDL)[Fischer & Ladner 1979] propositional modal logic + Kleene algebra Syntax • program operators ; + * • propositional operators    0 1 • mixed operators <p>b [p]b b? Semantics • binary relations (input/output)

  27. While programs in PDL[Fischer & Ladner 79] if b then p else q b?;p + b?;q while b do p (b?;p)*;b?

  28. Results about PDL • complete deductive system [Segerberg 77, Gabbay 77, Parikh 78] b [p*](b  [p]b)  [p*]b • EXPTIME-complete [Pratt 78]

  29. For many applications in CS (simple program manipulations, safety analysis, local optimizations) don’t need the full power of PDL—equational reasoning suffices BUT need tests to model conventional programming constructs (if-then-else, while-do, )

  30. Kleene Algebra with Tests (KAT) (K, B, +, ·, *, ¯, 0, 1) • (K, +, ·, *, 0, 1) is a Kleene algebra • (B, +, ·, ¯, 0, 1) is a Boolean algebra • B K • p,q,r, range over K • a,b,c, range over B

  31. Kleene Algebra with Tests (KAT) +, ·, 0, 1 serve double duty • applied to programs, denote choice, composition, fail, and skip, resp. • applied to tests, denote disjunction, conjunction, falsity, and truth, resp. • these usages do not conflict! bc = b  c b + c = b  c

  32. Models • Relational models K = binary relations on a set X B = subsets of the identity relation • Trace models K = sets of traces u0p0u1p1u2 … un-1pn-1un B = sets of traces of length 0 • Language-theoretic models K = regular sets of guarded strings over  B = atoms of a finite free Boolean algebra

  33. Guarded Strings [Kaplan 69] P atomic programs B atomic tests , , atoms (minimal nonzero elements) of the free Boolean algebra on generators B e.g. if B = {b1,...,b6}, then b1b2b3b4b5b6 is an atom guarded strings 0p01p12p23 n-1pn-1n A+B = A  B AB = {xy | x  A, y  B} A* = Un0 An 1 = {atoms} 0 = 

  34. Theorem [K & Smith 96] The family of regular sets of guarded strings over P,B is the free KAT on generators P,B. Corollary KAT is complete over relational models. Eq(GS) = Eq(KAT) = Eq(KAT*) = Eq(REL)

  35. Completeness and Complexity • Deductively complete for the equational theory of regular sets of guarded strings and relational models [K+Smith 96] • Complexity: Equational theory is PSPACE-complete [K+S 96, Cohen+K+S 97] • Hoare theory (Horn formulas with premises of form p=0) is PSPACE-complete [K+S 96] • Full Horn theory is still 1-complete 1

  36. Matrices over a KAT The n x n matrices over a KAT (K,B) forms a KAT (K’,B’) B’ = diagonal matrices over B

  37. Modeling Programssame as in PDL [Fischer & Ladner 79] p;q pq if b then p else q bp + bq while b do p (bp)*b

  38. Propositional Hoare Logic (PHL) Hoare Logic without the assignment rule {b[x/t]}x := t {b} Is a given rule • a logical consequence of the composition, conditional, while, and weakening rules? • relationally valid? {b1}p1{c1}, ..., {bn}pn{cn} {b}p{c}

  39. KAT subsumes PHL {b}p{c} is modeled by any of the following equivalent equations & inequalities: • bppc • bppc • bp=bpc • bpc= 0

  40. {b}p{c},{c}q{d} {b}pq{d} composition rule {bc}p{d},{bc}q{d} {c}if b then p else q{d} conditional rule {bc}p{c} {c}while b do p{bc} while rule

  41. {b}p{c},{c}q{d} {b}pq{d} composition rule bpc = 0  cqd = 0bpqd = 0 {bc}p{d},{bc}q{d} {c}if b then p else q{d} conditional rule bcpd = 0  bcqd = 0 c(bp+bq)d = 0 {bc}p{c} {c}while b do p{bc} while rule bcpc = 0c(bp)*b bc = 0

  42. {b1}p1{c1}, ..., {bn}pn{cn} {b}p{c} Theorem These are all theorems of KAT Completeness Theorem [K 99] All relationally valid rules of the form are derivable in KAT (not so for PHL)

  43. Counterexample {c}if b then p else p{c} {c}p{c} is trivially unprovable in Hoare Logic, but c(bp + bp)c = 0  cpc = 0 is easily provable in KAT

  44. Hoare formulas p1 = 0  p2 = 0  ... pn = 0q = r Theorem KAT is complete for the Hoare theory of relational algebras ... not for the Horn theory! Counterexample: p  1  p2 = p

  45. Complexity Theorem[Berstel 79] It is undecidable whether a given equation holds under a given set of commutativity conditions in all *-continuous Kleene algebras Theorem[K 99] ...  -complete ... 0 2

  46. Horn Theories Theorem [K 99, K + Hardin 03] The universal Horn theories of KA*, KAT*, REL are  -complete Q:Is there a natural example of a sentence in H(KA*)  H(KA)? Q:Is H(REL) finitely axiomatizable relative to H(KA*)? Q: What is the complexity of H(KA)? 1 1

  47. Complexity of KAT and PHL Theorem [Cohen 94] The Hoare theory of KA (Horn formulas with premises p = 0) is PSPACE-complete Theorem [Cohen, Kozen & Smith 96] The Hoare theory of KAT is PSPACE-complete Theorem PHL is PSPACE-complete

  48. Schematic KAT (SKAT) x:=s;y:=t= y:=t[x/s];x:=s yFV(s) x:=s;y:=t= x:=s;y:=t[x/s] xFV(s) x:=s;x:=t = x:=t[x/s] b[x/t];x:=t = x:=t;b x:=x = 1

  49. Special Cases x := s ; y := t  y := t ; x := s (x  Var(t), y  Var(s)) x := t ; bb ; x := t (x  Var(b)) x := s x := s ; x = s(x  Var(s)) x = sx = s ; x := s

  50. Relation to Hoare Assignment Rule [x/t];x:=t = x:=t; is equivalent to {[x/t]} x:=t {} {[x/t]} x:=t {}

More Related