This paper introduces constant probability programs, providing a decision procedure for their almost sure termination and an algorithm to compute their exact expected runtimes efficiently.
Contribution
It defines CP programs and offers a novel, straightforward method to determine their termination behavior and expected runtime, extending classical probability theory results.
Findings
01
Decidable almost sure termination for CP programs
02
Efficient computation of expected runtimes for CP programs
03
Asymptotically tight bounds on expected runtimes
Abstract
We introduce the class of constant probability (CP) programs and show that classical results from probability theory directly yield a simple decision procedure for (positive) almost sure termination of programs in this class. Moreover, asymptotically tight bounds on their expected runtime can always be computed easily. Based on this, we present an algorithm to infer the exact expected runtime of any CP program.
Equations222
f(x)=∑1≤j≤npcj(x)⋅f(x+cj)+p′(x)⋅f(d)+1for all x with a∙x>b.
f(x)=∑1≤j≤npcj(x)⋅f(x+cj)+p′(x)⋅f(d)+1for all x with a∙x>b.
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Expected Runtimes for Constant Probability Programs††thanks: Supported by the
DFG Research
Training Group 2236 UnRAVeL and
the London Mathematical Society (Grant 41662, Research in Pairs).
Jürgen Giesl
11
Peter Giesl
22
Marcel Hark
11
Abstract
We introduce the class of
constant probability (CP) programs and show that
classical results from probability theory
directly yield a simple decision procedure for
(positive) almost sure termination of programs in this
class.
Moreover, asymptotically tight bounds on their expected runtime can always be
computed easily.
Based on this,
we present an algorithm to infer the exact
expected runtime of any CP program.
Keywords:
Probabilistic Programs Expected Runtimes (Positive) Almost Sure Termination Complexity Decidability
1 Introduction
Probabilistic programs are used to describe randomized algorithms and probabil-distributions, with applications in many areas.
For example, consider the well-known program which
models the race between a tortoise and a hare (see, e.g.,[11, 24, 30]). As long as the
tortoise
(variable t) is not behind the hare (variable h),
it does one step in each iteration. With
probability 21, the hare stays at its position and with probability 21 it does
a random number of steps uniformly chosen between 0 and 10. The race ends
whenthe hare is in front of the tortoise.
Here, the hare wins with probability 1 and thetechnique of
[30] infers
the upper bound
32⋅max(t−h+9,0)
on the
expected num-ber of loop iterations. Thus, the program is
positively almost surely terminating.
Sect. 2 recapitulates
preliminaries on probabilistic programs and on the
connection between their expected runtime and
their
corresponding recurrence equation.
Then we show
in Sect. 3 and 4
that classical results on random walk theory directly yield a very simple decision
procedure for (positive) almost sure termination of CP programs like the
tortoise and hare
example.
In this way, we also obtain
asymptotically
tight bounds on the expected runtime of any CP program. Based on these bounds, in Sect. 5 we develop
the first algorithm to compute closed forms for
the exact
expected runtime of such programs.
In Sect. 6, we present its implementation
in our tool KoAT [10]
and discuss
related and future work.
We refer to the appendix
for a collection of examples to illustrate the application of our algorithm
and for all proofs.
2 Expected Runtimes of Probabilistic Programs
Example 1 (Tortoise and Hare)
The pro-
gram Prace on the right formulates the race of the tortoise and the hare
as a
CP program.
In the loop guard, we use the scalar product (1,−1)∙(t,h) which
stands for t−h.
Exactly one of
the instructions with numbers in brackets […] is executed in each loop iteration and the
number indicates the probability that the corresponding instruction is chosen.
We now define the kind of
probabilistic programs considered in this paper.
Definition 1 (Probabilistic Program)
A pro-
gram has the form on the right,
where x=(x1,…,xr) for some r≥1
is a tuple of pairwise different program variables,
a,c1,…,cn∈Zr are tuples
of integers, the
cj are pairwise distinct, b∈Z, ∙ is the scalar
product (i.e., (a1,…,ar)∙(x1,…,xr)=a1⋅x1+…+ar⋅xr), and d∈Zr
with a∙d≤b. We require pc1(x),…,pcn(x),p′(x)∈R≥0={r∈R∣r≥0} and ∑1≤j≤npcj(x)+p′(x)=1 for all x∈Zr. It is a program with direct termination if there is an
x∈Zr with
a∙x>b and p′(x)>0.
If all probabilities are constant, i.e., if there are
pc1,…,pcn,p′∈R≥0 such that pcj(x)=pcj and p′(x)=p′ for all
1≤j≤n and all x∈Zr, we call it a constant probability
(CP) program.
Such a
program means that the integer variables x are changed to x+cj
with
probability pcj(x). For inputs x with a∙x≤b the program terminates
immediately. Note that the program in Ex. 1 has no direct
termination (i.e., p′(x)=0 for all x∈Zr).
Since the values of the program variables only depend on their values
in the previous loop iteration, our programs correspond to Markov Chains
[32]
and they are related to random walks
[21, 33, 17], cf. the appendix for details.
Clearly, in
general
termination is undecidable and closed forms for the runtimes of programs are not
computable.
Thus,
decidability results can only be obtained for suitably restricted forms of programs.
Our class nevertheless includes many
examples that are often regarded in the literature on
probabilistic programs.
So while
other approaches are concerned with incomplete
techniques to analyze
termination and complexity,
we investigate classes of probabilistic programs where one can
decide
the termination behavior, always find complexity bounds, and even compute the expected runtime exactly.
Our decision
procedure could be integrated into general tools for termination and complexity analysis
of probabilistic programs:
As soon as one has to investigate a sub-program that falls
into our class, one can use the decision procedure to compute its exact runtime.
Our contributions provide a starting point for such results and
the considered class of programs can be extended further
in future work.
In probability theory (see, e.g., [2]), given a set Ω of possible events, the goal is to measure the
probability that events are in certain subsets of Ω. To this end,
one regards a set F of subsets of Ω, such that F contains the full set Ω and is closed under
complement and countable unions. Such a set F is called a σ-field, and
a pair of Ω and a corresponding
σ-field F is called a measurable space.
A probability space(Ω,F,P) extends
a measurable space (Ω,F) by
a *probabil-*ity measureP which
maps every set
from F to a number between 0 and 1, withP(Ω)=1, P(∅)=0, and P(⨄j≥0Aj)=∑j≥0P(Aj) for any pairwise disjoint sets A0,A1,…∈F.
So P(A) is the probability that an event from Ω is in
the subset A.
In our setting, we use the probability space ((Zr)ω,FZr,Px0P) arising from the standard cylinder-set construction of MDP
theory, cf. App. 0.B. Here,
(Zr)ωcorresponds to
all
infinite sequences of program states and
Px0P is the
probability measure induced by the program P when starting in the state
x0∈Zr. For example, if A⊆(Z2)ω consists of all
infinite sequences starting with (5,1), (6,1),(7,6),
then P(5,1)Prace(A)=116⋅221=1213. So, if one starts with (5,1), then
1213 is the
probability that the next two states are (6,1) and (7,6). Once a
state is reached that violates the loop guard, then the probability to remain
in this state is 1. Hence, if B contains all infinite sequences starting with
(7,8), (7,8), then P(7,8)Prace(B)=1. In the following, for any set of numbers M let
M=M∪{∞}.
Definition 2 (Termination Time)
For a program P as in Def. 1, its termination time is the random
variable
TP:(Zr)ω→N that maps
every infinite sequence ⟨z0,z1,…⟩
to the first index j where zj violates P’s loop guard.
Thus, TPrace(⟨(5,1),(6,1),(7,8),(7,8),…⟩)=2
and
TPrace(⟨(5,1),(6,1),(5,6),\linebreak(8,6),(9,6),…⟩)=∞ (i.e., this sequence always satisfies Prace’s loop guard as the jth entry is (5+j,6) for j≥3).
Now we can define the different notions of termination and the expected runtime of
a probabilistic program. As usual, for any random variable
X on a probability space (Ω,F,P), P(X=j) stands for
P(X−1({j})). So Px0P(TP=j) is the probability that a sequence has termination time j. Similarly,
Px0P(TP<∞)=∑j∈NPx0P(TP=j). The expected valueE(X) of a random variable X:Ω→N
for a probability space (Ω,F,P)
is the weighted average under the probability measure
P, i.e., E(X)=∑j∈Nj⋅P(X=j), where
∞⋅0=0 and ∞⋅u=∞ for all u∈N>0.
Definition 3 (Termination and Expected Runtime)
A program P as in Def. 1 is almost surely
terminating (AST) if
Px0P(TP<∞)=1 for any initial value x0∈Zr.
For any x0∈Zr, its expected runtimertx0P
(i.e., the expected number of loop iterations)
is defined as the expected
value of the random variable TP under the probability measure Px0P,
i.e.,
rtx0P=Ex0P(TP)=\linebreak∑j∈Nj⋅Px0P(TP=j) if Px0P(TP<∞)=1, and rtx0P=Ex0P(TP)=∞
otherwise.
The program P is positively almost surely terminating (PAST) if
for any initial value x0∈Zr, the expected runtime of P is finite, i.e.,
if rtx0P=Ex0P(TP)<∞.
Example 2 (Expected Runtime for Prace)
By the observations
in Sect. 4 we will infer
that 32⋅(t−h+1)≤rt(t,h)Prace≤32⋅(t−h+1)+316 holds whenever t−h>−1,
cf. Ex. 7. So the expected number of steps
until termination is finite (and
linear in the input variables) and thus, Prace is PAST. The algorithm in Sect. 5 will
even be able to compute rt(t,h)Prace exactly, cf. LABEL:ExactExpected_Runtime_of_Tortoise_and_Hare.
If the initial values x0 violate the loop guard,
then the runtime is trivially 0.
Corollary 1 (Expected Runtime for Violating Initial Values)
For any program P as in Def. 1 and any
x0∈Zr with
a∙x0≤b, we have
rtx0P=0.
To obtain our results, we use
an alternative, well-known characterization of the expected
runtime, cf. e.g.,
[25, 4, 34, 26, 27, 16, 9, 24, 32]. To
this end, we search for the smallest (or “least”) solution
of the
recurrence equation that describes the runtime of the program as 1 plus the sum
of the runtimes in the next loop iteration, multiplied with the corresponding
probabilities.
Here,
functions are compared pointwise, i.e.,
for f,g:Zr→R≥0 we have f≤g if f(x)≤g(x) holds for all x∈Zr.
So we search for
the smallest function f:Zr→R≥0 that satisfies
[TABLE]
Equivalently,
we can search for the least fixpoint of
the “expected runtime trans-former” LP which
transforms the left-hand side of (1) into its right-hand side.
For P as in Def. 1, we define the expected
runtime transformerLP:(Zr→R≥0)→(Zr→R≥0), where for any f:Zr→R≥0:
[TABLE]
Example 3 (Expected Runtime Transformer for Prace)
For Prace from Ex. 1, LPrace maps any function f:Z2→R≥0 to LPrace(f), where
LPrace(f)(t,h)=
[TABLE]
Thm. 2.1
recapitulates that the least fixpoint of LP
indeed yields an equivalent characterization of the expected runtime.
In the following, let
0:Zr→R≥0 be the function with 0(x)=0 for all
x∈Zr.
Theorem 2.1 (Connection Between Expected Runtime and Least Fixpoint of
For any P as in Def. 1, the expected runtime transformer
LP is continuous. Thus, it
has a least fixpoint lfp(LP):Zr→R≥0 with lfp(LP)=sup{0,LP(0),(LP)2(0),…}.
Moreover, the least fixpoint of LP is the expected runtime of P, i.e., for any x0∈Zr, we have
lfp(LP)(x0)=rtx0P.
So the expected runtime rt(t,h)Prace can also be characterized as the smallest
function f:Z2→R≥0 satisfying f(t,h)=\eqrefrhsofertexample, i.e.,
as the least fixpoint of LPrace.
3 Expected Runtime of Programs with Direct Termination
We start with stating a decidability
result for the case where for all x with
a∙x>b,
the probability
p′(x) for
direct termination is at least p′ for some p′>0. Intuitively, these programs have a termination time whose distribution is closely related to the geometric distribution with parameter p′ (which has expected value p′1). By using the alternative characterization of rtx0P
from
Thm. 2.1,
one obtains that
such programs
are always PAST and their expected runtime
is indeed bounded by the constantp′1.
This result will be used in Sect. 5 when computing the exact expected
runtime of such programs.
The more involved case where p′(x)=0 is
considered in Sect. 4.
Theorem 3.1 (PAST and Expected Runtime for Programs With Direct Termination)
Let P be a program as in Def. 1
where there is a p′>0 such that
p′(x)≥p′ for all x∈Zr with a∙x>b.
Then P is PAST and its expected runtime is at most p′1, i.e.,
rtx0P≤p′1 if a∙x0>b, and rtx0P=0 if a∙x0≤b.
Consider the variant Pdirect of Prace on the right,
where in each iteration, the hare
either does nothing with probability 109 or one directly reaches a
configuration where the hare is ahead of the tortoise.
By Thm. 3.1 the program is PAST and its expected runtime is at most
1011=10,
i.e., independent of the initial state it
takes at most 10 loop iterations on average.
In Sect. 5
it will turn
out that
10 is indeed the
exact expected runtime, cf. Ex. 13.
4 Expected Runtimes of Constant Probability Programs
Now we present a very simple decision procedure for termination
of CP programs (Sect. 4.2) and show how to infer their asymptotic expected runtimes
(Sect. 4.3). This will be needed
for the computation of exact expected runtimes
in Sect. 5.
4.1 Reduction to Random Walk Programs
As a first step, we show
that we can restrict ourselves to random walk programs, i.e.,
programs with
a single program variable x and the loop condition
x>0.
Definition 5
(Random Walk Program).A CP program P is called a random walk program if there exist m,k∈N and d∈Z with d≤0 such that P
has the form on the right.
Here, we require that m>0 implies pm>0 and that k>0 implies p−k>0.
Def. 6
shows how to transform any
CP program as
in Def. 1
into a random walk program.
The idea is to replace the tuple x by a single
variable x that stands for a∙x−b. Thus, the loop condition
a∙x>b now becomes x>0. Moreover, a change from x to
x+cj now becomes a change from x to x+a∙cj.
Definition 6
(Transforming CP Programs to Random Walk
Programs).Let P be the CP program on the left with
x=(x1,…,xr) and a∙d≤b. Let rdwP denote the
affine map rdwP:Zr→Z with rdwP(z)=a∙z−b for
all z∈Zr.
Thus, rdwP(d)≤0. Let kP,mP∈N be minimal
such that −kP≤a∙cj≤mP holds
for all 1≤j≤n.
For all −kP≤j≤mP, we define
pjrdw=∑1≤u≤n,a∙cu=jpcu. This results in the random walk program
Prdw on the right.
Example 5 (Transforming Prace)
For the program Prace
of Ex. 1, the mapping rdwPrace:Z2→Z is
rdwPrace(t,h)=(1,−1)∙(t,h)+1=t−h+1. Hence we obtain the random walk program Pracerdw on the right, where
x=rdwPrace(t,h) represents the distance between the tortoise and
the hare.
Approaches based on
supermartingales
(e.g., [5, 11, 14, 18, 13, 1])
use mappings similar to rdwP in order to infer a
real-valued term which over-approximates
the expected runtime.
However, in the following (non-trivial) theorem we show
that our transformation is not only an over- or
under-approximation, but
the termination behavior and the expected
runtime of P and Prdw
are identical.
Let P be a CP program as in Def. 1. Then the termination
times TP and TPrdw
are identically distributed w.r.t. rdwP,
i.e., for all
x0∈Zr with x0=rdwP(x0) and all
j∈N we have
Px0P(TP=j)=Px0Prdw(TPrdw=j). So in particular, Px0P(TP<∞)=Px0Prdw(TPrdw<∞)
and rtx0P=Ex0P(TP)=Ex0Prdw(TPrdw)=rtx0Prdw. Thus,
the expected runtimes of
P on the input x0
and of Prdw
on x0
coincide.
The following definition identifies pathological programs that can be disregarded.
Definition 7 (Trivial Program)
Let P be
a CP pro-
gram as in Def. 1. We call Ptrivial
if a=0=(0,0,…,0) or if Prdw is the program on the right.
Note that a random walk program P is trivial iff it has the form while(x>0){x=x[1];}, since P=Prdw holds for random walk programs
P.
From now on, we will exclude trivial programs P as their termination behavior is
obvious: for inputs x0 that satisfy
the loop condition a∙x0>b, the program never terminates
(i.e., rtx0P=∞) and for inputs x0
with a∙x0≤b we have
rtx0P=0.
Note that if a=0, then
the termination behavior just depends on b: if b<0, then
rtx0P=∞ for all x0 and if
b≥0, then
rtx0P=0 for all x0.
4.2 Deciding Termination
We now present a simple decision procedure for (P)AST of random walk programs P.
By the results of
Sect. 4.1, this also yields a
decision procedure for arbitrary CP programs.
If p′>0, then Thm. 3.1 already shows that P is PAST
and its expected runtime is bounded by the constant p′1. Thus, in the
rest of Sect. 4 we regard
random walk programs without direct termination, i.e., p′=0.
Def. 8 introduces the drift of a random walk program, i.e., the expected
value of the change of the program variable in one loop iteration, cf. [5].
Definition 8 (Drift)
Let P be a random walk program P as in
Def. 5.
Then
its drift is μP=∑−k≤j≤mj⋅pj.
Thm. 4.2
shows that
to decide (P)AST,
one just has to compute the
drift.
Theorem 4.2 (Decision Procedure for (P)AST of Random Walk Programs)
Let P be a non-trivial random walk program without direct termination.
∙
If μP>0, then the program is not AST.
2. ∙
If μP=0,
then the program is AST but not PAST.
3. ∙
If μP<0, then the program is PAST.
Example 6 (Prace is PAST)
The drift of Pracerdw in Ex. 5
is μPracerdw=1⋅116+221⋅∑−9≤j≤0j=−23<0.
So on average the distance x between
the tortoise and the hare decreases in each loop iteration. Hence by
Thm. 4.2, Pracerdw is PAST and the following Cor. 2 implies that
Prace is PAST as well.
Corollary 2 (Decision Procedure for (P)AST of CP programs)
For a non-trivial CP program P, P is (P)AST iff
Prdw is (P)AST.
Hence, Thm. 4.1 and 4.2 yield a decision
procedure for
AST and PAST of CP programs.
In the appendix, we show that
Thm. 4.2
follows from classical results on random
walks [33].
Alternatively, Thm. 4.2 could also be proved
by combining several recent results on probabilistic programs: The approach of
[28] could be used to show that μP=0 implies
AST. Moreover, one could prove that μP<0 implies PAST by
showing that x is a ranking supermartingale of the program
[5, 11, 14, 18].
That the program is not PAST if μP≥0 and not AST if μP>0 could be proved by showing that −x
is a μP-repulsing supermartingale [13].
While the proof of Thm. 4.2 is based on known results, the formulation of
Thm. 4.2 shows that there is an extremely simple decision procedure
for (P)AST of CP programs, i.e.,
checking the sign of the drift is much simpler than applying existing (general)
techniques for termination analysis of probabilistic
programs.
4.3 Computing Asymptotic Expected Runtimes
It turns out that for random walk programs (and thus by
Thm. 4.1, also for CP programs),
one can not only decide termination, but one can also infer
tight bounds on the expected runtime. Thm. 4.3
shows that the computation of the bounds is again very
simple.
Theorem 4.3 (Bounds on the Expected Runtime of CP
Programs)
Let P be a non-trivial CP program as in
Def. 1
without direct
termination which is PAST (i.e.,
μPrdw<0).
Moreover, let kP be obtained according to the transformation from Def. 6.
If rdwP(x0)≤0, then
rtx0P=0. If rdwP(x0)>0, then P’s expected runtime is asymptotically linear
and
we have
[TABLE]
Example 7 (Bounds on the Runtime of Prace)
In Ex. 6 we saw that the program
Pracerdw from Ex. 5
is PAST as it has the drift μPracerdw=−23<0. Note that here k=9. Hence by
Thm. 4.3 we get that whenever
rdwPrace(t,h)=t−h+1 is positive, the
expected runtime rt(t,h)Prace is between −μPracerdw1⋅rdwPrace(t,h)=32⋅(t−h+1) and −μPracerdw1⋅rdwPrace(t,h)+μPracerdw1−k=32⋅(t−h+1)+316.The same upper bound 32⋅(t−h+1)+316
was inferred in [30]
by an incomplete technique
based on several inference rules and linear programming solvers. In contrast, Thm. 4.3 allows us to
read off such bounds directly from the program.
Our proof of Thm. 4.3 in
the appendix
again uses the connection to random
walks and shows that
the classical Lemma of Wald
[21, Lemma 10.2(9)]
directly yields both the upper and the lower bound for the expected
runtime.
Alternatively, the upper bound in Thm. 4.3 could also be proved by considering that rdwP(x0)+(1−kP) is a
ranking supermartingale [5, 11, 14, 18, 1] whose expected decrease in each loop iteration is μP.
The lower bound could also be inferred by considering the difference-bounded submartingale−rdwP(x0) [20, 8].
5 Computing Exact Expected Runtimes
While Thm. 3.1 and 4.3
state how to deduce the asymptotic expected runtime, we
now show that based on these results one can compute the runtime of CP programs
exactly.
In general, whenever it is possible, then inferring the exact
runtimes of programs is preferable to asymptotic
runtimes which ignore the
“coefficients” of the runtime.
Again, we first consider random walk programs and
generalize our technique to CP programs
using Thm. 4.1 afterwards.
Throughout Sect. 5,
for any random walk program P
as in Def. 5,
we require that P is PAST,
i.e., that p′>0 (cf. Thm. 3.1) or that the drift μP is
negative if p′=0 (cf. Thm. 4.2). Note that whenever k=0 and P
is PAST, then p′>0.111If p′=0 and k=0 then μP≥0.
To compute P’s expected runtime
exactly, we use its characterization as the least fixpoint of the expected runtime transformer LP (cf. Thm. 2.1), i.e., rtxP is the smallest
function f:Z→R≥0 satisfying the
constraint
[TABLE]
cf. 1.
Since P is PAST, f never returns ∞, i.e.,
f:Z→R≥0.
Note that the smallest function f:Z→R≥0 that
satisfies (3) also satisfies
[TABLE]
Therefore, as d≤0, the constraint (3) can be simplified to
[TABLE]
In Sect. 5.1 we recapitulate how to compute all solutions of
such inhomogeneous
recurrence equations (cf., e.g., [15, Ch. 2]).
However, to compute rtxP, the challenge is
to find the smallest solution f:Z→R≥0
of the equation (5).
Therefore, in Sect. 5.2 we will exploit the knowledge gained in
Thm. 3.1 and 4.3 to show that there is only a
single function f that satisfies both (4) and
(5) and is bounded by a constant (if p′>0, cf. Thm. 3.1)
resp. by a linear function (if p′=0,
cf. Thm. 4.3).
This observation then allows us to compute rtxP
exactly.
So the crucial prerequisites for this result are Thm. 2.1 (which
characterizes the expected runtime as the smallest solution of the equation
(5)), Thm. 4.2 (which allows the restriction
to negative drift if p′=0), and in particular
Thm. 3.1 and 4.3 (since LABEL:sec:smallestsolution will show that the results of
Thm. 3.1 and 4.3 on the asymptotic runtime can be
translated into suitable conditions on the solutions of (5)).
5.1 Finding All Solutions of the Recurrence Equation
Example 8 (Modification of Pracerdw)
To illustrate our ap-
proach, we use a modified version of
Pracerdw
from Ex. 5 to ease readability.
In Sect. 6, we will consider the original program Pracerdw resp. Prace from
Ex. 5
resp. Ex. 1 again and
show its exact expected runtime inferred by the implementation of our approach.
In the modified program Pracemod on the right, the distance
between the tortoise and the hare still increases with probability 116, but the
probability of decreasing by more than two is distributed to the cases where it stays the same and
where it decreases by two.
We have p′=0 and
the drift is μPracemod=1⋅116+0⋅111−1⋅221−2⋅227=−223<0. So by Thm. 4.2,
Pracemod
is PAST.
By Thm. 2.1, rtxPracemod is the smallest function f:Z→R≥0 satisfying
[TABLE]
Instead of searching for the smallestf:Z→R≥0
satisfying (5),
we first calculate the set of all functions f:Z→C that satisfy
(5), i.e.,
we also consider functions returning negative
or complex numbers. Clearly, 5 is equivalent to
[TABLE]
The set
of solutions on Z→C
of this
linear, inhomogeneous recurrence equation
is an affine space which can be written as an arbitrary particular
solution of the inhomogeneous equation plus any linear combination of k+m
linearly independent solutions of the corresponding homogeneous recurrence equation.
We start with computing a solution to the inhomogeneous equation
7. To this end, we use the bounds for rtxP from Thm. 3.1 and 4.3 (where we
take the upper bound
p′1 if p′>0 and the lower bound −μP1⋅x if p′=0). So we define
[TABLE]
One easily shows that if
p′>0, then f(x)=Cconst
is a solution
of the inhomogeneous recurrence equation 7 and if p′=0, then
f(x)=Clin⋅x solves 7.
In the program Pracemod of Ex. 8, we have p′=0 and
μPracemod=−223. Hence Clin=322 and
Clin⋅x is a solution of 6.
After having determined one particular solution of the inhomogeneous recurrence
equation
7, now we compute the solutions of the
homogeneous recurrence equation which
results from 7 by replacing the add-on “+ 1” with 0. To this end, we
consider the corresponding characteristic polynomialχP:222If m=0 then
χP(λ)=(p0−1)⋅λk+p−1⋅λk−1+…+p−k, and if
k=0 then χP(λ)=pm⋅λm+…+p1⋅λ+(p0−1).
Note that
p0=1 since P is PAST
and in Def. 5
we required
that m>0 implies pm>0 and k>0 implies p−k>0.
Hence, the characteristic polynomial has exactly the degree k+m, even if m=0 or
k=0.
[TABLE]
Let λ1,…,λc
denote the pairwise different (possibly complex) roots of the characteristic
polynomial χP.
For all 1≤j≤c, let
vj∈N∖{0} be the multiplicity of the root
λj.
Thus, we have v1+…+vc=k+m.
Then we obtain the following k+m linearly independent solutions of the homogeneous
recurrence equation resulting from (7):
[TABLE]
So f:Z→C is a solution of
5 (resp. (7)) iff there exist coefficients aj,u∈C
with
[TABLE]
where C(x)=Cconst=p′1 if
p′>0 and C(x)=Clin⋅x=−μP1⋅x if p′=0.
The reason for requiring (9) for all x>−k is that −k+1 is the smallest
argument where f’s value is taken into account in 5.
The characteristic polynomial for the program Pracemod of Ex. 8
has the degree k+m=2+1=3 and is given by
[TABLE]
Its roots are λ1=1, λ2=−21, and λ3=67. So
here, all roots are real numbers and they all have the multiplicity 1. Hence, three linearly
independent solutions of the homogeneous part of 6 are the
functions 1x=1, (−21)x, and
(67)x. Therefore, a function f:Z→C
satisfies 6 iff there are
a1,a2,a3∈C such that
[TABLE]
5.2 Finding the Smallest Solution of the Recurrence Equation
In Sect. 5.1, we recapitulated
the standard approach for solving inhomogeneous recurrence
equations
which shows
that any function f:Z→C that satisfies the constraint (5)
is of the form (9).
Now we will present a novel
technique to compute
rtxP, i.e.,
the smallest non-negative solution f:Z→R≥0 of 5.
By
Thm. 3.1 and 4.3, this function f is bounded by a constant
(if p′>0) resp. linear (if p′=0). So, when representing
f in the form (9), we must have
aj,u=0 whenever
∣λj∣>1.
The following lemma shows how many roots with absolute value less or equal
to 1 there are (i.e., these are the only roots that we have to consider).
It is proved using Rouché’s Theorem
which allows us to infer the number of roots whose absolute value is below a certain bound.
Note that 1 is a root of the characteristic polynomial iff p′=0, since
∑−k≤j≤mpj=1−p′.
Lemma 1 (Number of Roots With Absolute Value ≤1)
Let P be a random walk program as in
Def. 5 that is
PAST.
Then the characteristic
polynomial χP has k
roots λ∈C (counted with multiplicity) with ∣λ∣≤1.
In Pracemod of Ex. 8 we have k=2. So
by LABEL:Numberof_Roots_Lemma, χP has exactly two roots with absolute value ≤1. Indeed, the roots of χP are
λ1=1, λ2=−21, and λ3=67, cf. Ex. 10. So ∣λ3∣>1, but
∣λ1∣≤1 and ∣λ2∣≤1.
Based on Lemma 1,
the following lemma shows that when imposing
the restriction that
aj,u=0 whenever
∣λj∣>1,
then there is only a single function of the form (9) that also satisfies the constraint (4).
Hence, this must be the function that we are searching for, because
the
desired smallest solution f:Z→R≥0 of (5) also satisfies
(4).
Let P be a
random walk program as in
Def. 5
that is PAST.
Then there is exactly one function f:Z→C which satisfies both (4) and
(5) (thus, it has the form (9)) and
has
aj,u=0 whenever
∣λj∣>1.
The main theorem of
Sect. 5 now shows how to compute the expected runtime exactly.
By Thm. 3.1 and 4.3
on the bounds for the expected
runtime
and by Lemma 2,
we no longer have to search for the smallest function
that satisfies (4) and (5), but we just search for
any solution of
(4) and (5) which has
aj,u=0 whenever ∣λj∣>1
(because there is
just a single such solution).
So one only has to
determine the values of the remaining k coefficients aj,u for ∣λj∣≤1, which can be done by
exploiting that f(x) has to satisfy both (4) for all x≤0 and it has to be of the form
(9) for all x>−k. In other words,
the function in
(9) must be 0 for −k+1≤x≤0.
Theorem 5.1 (Exact Expected Runtime for Random Walk Programs)
Let P be a random walk program as
in Def. 5 that is PAST and let
λ1,…,λc be the roots of its characteristic polynomial
with multiplicities v1,…,vc. Moreover, let C(x)=Cconst=p′1 if
p′>0 and C(x)=Clin⋅x=−μP1⋅x if p′=0. Then the
expected runtime of P is rtxP=0 for x≤0 and
[TABLE]
where
the coefficients
aj,u are the unique solution of the k linear equations:
[TABLE]
So in the special case where k=0, we have rtxP=C(x)=Cconst=p′1 for x>0.
Thus for x>0, the expected runtime rtxP can be computed by summing up the bound C(x) and an add-on
∑1≤j≤c,∣λj∣≤1∑0≤u≤vj−1…
Since
C(x) is an upper bound for rtxP if p′>0 and a lower
bound for rtxP if p′=0,
this add-on is non-positive if p′>0 and non-negative if p′=0.
By Thm. 5.1, the expected runtime
of the program Pracemod from Ex. 8 is
rtxPracemod=0 for x≤0 and
[TABLE]
The coefficients a1 and a2 are the unique solution of the k=2 linear
equations
[TABLE]
So a1=922, a2=−922, and hence
rtxPracemod=322⋅x+922−922⋅(−21)x for x>0.
By Thm. 4.1,
we can lift
Thm. 5.1 to arbitrary CP programs P
immediately.
Corollary 3 (Exact Expected Runtime for CP Programs)
For any CP program, its expected runtime can be
computed exactly.
Note that irrespective of the degree of the
characteristic polynomial, its roots can always
be approximated numerically with any chosen precision. Thus, “exact computation”
of the expected runtime in the corollary above
means that a closed form for rtxP
can also be computed with any desired precision.
Example 13 (Exact Expected Runtime of Pdirect)
Reconsi-
der the program Pdirect of
Ex. 4 with
the probability p′=101 for direct termination. Pdirect is PAST
and its expected runtime is at mostp′1=10, cf. Ex. 4.
The random walk
program Pdirectrdw on the right is obtained by
the transformation of Def. 0Univariate Transformation.
As k=0, by Thm. 5.1 we obtain rtxPdirectrdw=p′1=10 for x>0.By
Thm. 4.1, this implies
rt(t,h)Pdirect=rtrdwPdirect(t,h)Pdirectrdw=10 if rdwPdirect(t,h)=t−h+1>0, i.e., 10 is indeed
the exact expected runtime of Pdirect.
Note that Thm. 5.1 and 3 imply that for any x0∈Zr,
the expected runtime rtx0P of a CP
program P that is PAST and has only rational probabilities pc1,…,pcn,p′∈Q
is always an algebraic number.
Thus, one could also compute a closed form for the
exact expected runtime rtxP using a representation with algebraic numbers
instead of numerical approximations.
Nevertheless,
Thm. 5.1 may yield a
representation of rtxP which contains complex numbers aj,u and λj,
although rtxP is always real. However, one can easily obtain a
more intuitive representation of rtxP without complex numbers:
Since the characteristic polynomial χP only has real coefficients, whenever χP has
a complex root λ of multiplicity v, its conjugate λ is also a root
of χP with the same multiplicity v.
So the pairwise different roots λ1,…,λc
can be distinguished into pairwise different real roots λ1,…,λs, and into pairwise different non-real complex roots λs+1,λs+1,…,λs+t,λs+t, where c=s+2⋅t.
For any coefficients aj,u,aj,u′∈C
with j∈{s+1,…,s+t} and
u∈{0,…,vj−1} let
bj,u=2⋅Re(aj,u)∈R and bj,u′=−2⋅Im(aj,u)∈R.
Then aj,u⋅λjx+aj,u′⋅λjx=bj,u⋅Re(λjx)+bj,u′⋅Im(λjx).
Hence, by Thm. 5.1 we get the following representation of the expected runtime
which only uses real numbers:
[TABLE]
To compute Re(λjx) and Im(λjx),
take the polar representation of the non-real roots
λj=wj⋅eθj⋅i.
Then
Re(λjx)=wjx⋅cos(θj⋅x) and
Im(λjx)=wjx⋅sin(θj⋅x).
Therefore, we obtain the following algorithm to deduce the exact expected
runtime automatically.
6 Conclusion, Implementation, and Related Work
We presented decision procedures for termination and complexity
of classes of probabilistic programs.
They are based on the connection between the expected runtime of a program
and the smallest solution of its corresponding recurrence equation, cf. Sect. 2.
For our notion of
probabilistic programs, if the probability for leaving the loop directly is at least p′
for some p′>0, then the program is always PAST and its expected runtime is
asymptotically constant, cf. Sect. 3.
In Sect. 4 we showed that a very simple decision procedure
for AST and PAST of CP programs can be obtained by
classical results from random walk theory and that
the expected runtime is asymptotically linear
if the program is
PAST. Based on these results,
in Sect. 5 we presented our algorithm to
automatically infer a closed form for
the exact expected runtime of CP programs
(i.e., with arbitrarily high precision). All proofs and a collection of examples to
demonstrate our algorithm can be found in the appendix.
Implementation.
We implemented Sect. 5.2 in our tool KoAT [10],
which was
already one of the leading tools for complexity analysis of (non-probabilistic) integer
programs. The implementation is written in OCaml and
uses the Python libraries MpMath [22]
and SymPy [29] for solving linear equations and for finding the roots of the characteristic polynomial.
In addition to the closed form for the exact expected runtime, our implementation can also
compute the concrete number of expected loop iterations if the user specifies the
initial values of the variables.
For further details, a set of benchmarks, and to download our implementation, we refer
to
https://aprove-developers.github.io/recurrence/.
Example 14 (Computing the Exact Expected Runtime of Prace Automatically)
For the tortoise and hare program Prace from Ex. 1, our
implementation in KoAT computes the following expected runtime within 0.49 s on an Intel Core i7-6500 with 8 GB memory (when selecting a precision of 2 decimal places):
[TABLE]
So when starting in a state with t=1000 and h=0, according to our implementation
the number of expected loop iterations is rt(1000,0)Prace=670.
Related Work.
Many techniques to
analyze (P)AST
have been developed, which mostly rely on ranking supermartingales, e.g.,
[5, 11, 18, 28, 1, 30, 14, 13, 20]. Indeed, several of these works (e.g., [5, 18, 1, 20]) present
complete criteria for (P)AST, although (P)AST is undecidable. However, the
corresponding automation of these techniques is of course incomplete.
In [14] it is shown that for
affine probabilistic programs, a superclass of our CP programs, the existence of a linear ranking supermartingale is decidable. However,
the existence of a linear ranking supermartingale is sufficient but not necessary
for PAST or an at most linear expected
runtime.
Classes of programs where termination is decidable have already been
studied for deterministic programs. In [35] it was shown that for a
class of linear loop programs over the reals, the halting problem is decidable.
This result was transferred to the rationals [6] and under certain
conditions to integer programs [6, 31, 19]. Termination analysis for probabilistic programs is
substantially harder than for non-probabilistic ones
[23]. Nevertheless, there is some previous work on classes of
probabilistic programs where termination is decidable and asymptotic bounds on the
expected runtime are computable. For instance,
in
[7]
it was shown that AST is decidable for certain stochastic games and
[12] presents an automatic approach for inferring asymptotic upper bounds
on the expected runtime by considering
uni- and bivariate recurrence equations.
However, our algorithm is the first
which computes a general formula (i.e., a closed form) for the exact expected runtime of arbitrary CP
programs. To our
knowledge,
up to now such a formula was only known for the very restricted special
case of
bounded simple random walks
(cf. [17]),
i.e., programs of the
form on the right for some 1≥p≥0 and some b∈Z. Note that due to the
two boundary conditions x>0 and b>x, the resulting recurrence equation for
the expected runtime of the program only
has a single solution f:Z→R≥0 that also satisfies f(0)=0
and f(b)=0. Hence, standard techniques for solving recurrence equations suffice to
compute this solution. In contrast,
we developed an
algorithm to compute the exact expected runtime of unbounded arbitrary CP programs
where the loop condition only has one boundary condition x>0, i.e., x can
grow infinitely large. For that reason, here the challenge is to find an algorithm which
computes the smallest solution f:Z→R≥0 of the resulting
recurrence equation. We showed that this can be done using the information on
the asymptotic bounds of the expected runtime from Sect. 3 and 4.
Future Work.
There are several directions for future work.
In Sect. 4.1 we reduced
CP programs to
random walk programs.
In future work, we will consider more advanced
reductions in order to extend the class of probabilistic programs where termination and
complexity are decidable. Moreover, we want to develop techniques
to automatically over- or under-approximate the runtime of a program P by the runtimes of corresponding CP
programs P1 and P2 such that rtxP1≤rtxP≤rtxP2 holds for all
x∈Zr.
Furthermore, we will integrate the easy inference of runtime bounds for
CP programs into existing techniques for analyzing more general probabilistic
programs.
Acknowledgments
We would like to thank Nicos Georgiou and
Vladislav Vysotskiy for drawing our attention to Wald’s Lemma and to the work of Frank
Spitzer on random walks, and Benjamin Lucien Kaminski and Christoph Matheja for many
helpful discussions. Furthermore, we thank Tom Küspert who helped
with the implementation of our technique in our tool KoAT.
Appendix 0.A Case Studies
In
this section, we demonstrate
our approach for the computation of the exact expected runtime on further examples.
Example 15 (Example with Direct Termination and Non-Constant Exact Runtime)
As an example with p′>0 where the exact expected runtime is not constant,
consider the following program P.
[TABLE]
The
characteristic polynomial is
χP(λ)=81⋅λ2−21⋅λ+41. It has the
k+m=1+1=2 roots 2±2. So the only root with absolute value ≤1 is
2−2.
By Thm. 5.1 we obtain rtxP=0 for x≤0 and
[TABLE]
Here, a1 is the unique solution of the linear equation 0=8+a1⋅(2−2)0⋅00=8+a1, i.e., a1=−8.
So for x>0 we have
[TABLE]
i.e., here the negative add-on −8⋅(2−2)x
is added to the upper bound 8.
Example 16 (Example with Complex Roots)
To show that complex roots are indeed possible,
we apply Sect. 5.2
to the
following program P, where
p′=0 and μP=−3013. Thus, Clin=1330
and C(x)=1330⋅x.
[TABLE]
The characteristic polynomial
χP(λ) has the roots 1, 3, and the two complex roots
5−1±3i.
Hence, the k=3 roots with absolute value ≤1 are 1 and 5−1±3i.
By Thm. 5.1 we obtain the following general solution:
[TABLE]
The coefficients a1,a2,a3 are determined by the three
linear equations 0=f(x) for −2≤x≤0, cf. 11.
They have the unique solution a1=169180, a2=−16990−1692⋅3i, and a3=−16990+1692⋅3i. Thus, b2=2⋅Re(a2)=−169180, and b2′=−2⋅Im(a2)=1694⋅3.
The polar representation of λ=5−1+3i is 52⋅e32π⋅i. Hence,
Re(λx)=(52)x⋅cos(32π⋅x) and
Im(λx)=(52)x⋅sin(32π⋅x).
Thus, we get rtxP=0 for x≤0 and for x>0 we have
[TABLE]
Example 17 (Example with Root of Higher Multiplicity)
As an example where the characteristic polynomial has a root with multiplicity greater
than 1, consider the following program P.
[TABLE]
We use the approach of Sect. 5.2 to infer the exact expected runtime. Step
1 is not necessary, since we already have a random walk program.
We have p′=0, μP=−17512, and thus, Clin=12175.
2. 3.
The characteristic polynomial has the
degree k+m=3+1=4 and is given by
χP(λ)=215⋅λ4−73⋅λ3+353⋅λ2+757⋅λ+1752. It
has
the roots λ1=1 with multiplicity
1, λ2=56 with multiplicity 1, and λ3=−51 with multiplicity 2.
Hence,
the three roots with absolute value ≤1 are 1 and −51
with multiplicity 2. As proved in Lemma 1 we have 1+2=3=k such roots counted with multiplicity.
3. 4.
The coefficients
a1,0, a2,0, and a2,1 are determined by the following linear equations,
cf. 11:
[TABLE]
They have the unique solution
a1,0=36175, a2,0=−36175, and a2,1=−1235.
Hence, rtxP=0 for x≤0 and for x>0 we have
[TABLE]
Example 18 (Negative Binomial Loop from [28, Sect. 5.1])
Consider the following program P from [28, Sect. 5.1].
[TABLE]
The drift of this program is μP=−21<0 and by Thm. 4.2
we can conclude that the negative binomial loop is positive almost surely
terminating. Furthermore, as k=1 and m=0 we obtain that the expected runtime rtxP
of this program satisfies 2⋅x≤rtxP≤2⋅x for all x>0 by Thm. 4.3, i.e.,
[TABLE]
So with our approach, the expected runtime of
this example can be determined with clearly less effort than with the technique
presented in [28]. On the other hand, the reasoning of
[28] can be applied to arbitrary probabilistic
programs which may even include non-determinism.
Example 19 (Symmetric Random Walk)
Consider the following program P.
[TABLE]
One easily calculates the drift μP=21−21=0. So by
Thm. 4.2 we immediately obtain the well-known result that this program is almost
surely terminating but not positive almost surely terminating, i.e., the expected
runtime is infinite.
Example 20 (Example with Irrational Runtime from [14, Ex. 5.1])
Consider the following program P which was presented
in [14, Ex. 5.1] to show that expected runtimes can be irrational.
[TABLE]
Its drift is μP=21⋅1+21⋅(−2)=−21<0,
so by Thm. 4.2 this program is indeed PAST. As k=2, we obtain
the following bounds on the expected runtime by Thm. 4.3 for any
positive initial value x>0:
[TABLE]
The characteristic polynomial of this program is χP(x)=21⋅x3−x2+21. It has the three roots 1, 21+5, and
21−5. So the k=2 roots of absolute value ≤1 are
1 and 21−5.
By Thm. 5.1, the general solution is
[TABLE]
The coefficients a1 and a2 are determined by the following equations:
[TABLE]
They have the unique solution a1=3−5 and a2=5−3. Hence,
we infer the following exact expected
runtime for
x>0:
[TABLE]
So in particular, rt1P=1+5.
The expected runtime obtained in
[14, Ex. 5.1] is
slightly different (they obtain 2⋅(5+5)), because [14] counts the number of executed
statements whereas we count loop iterations.
Consider the following program P. It was used in
[30, Sect. 3.1] to show how one can infer the expected runtime
of a probabilistic program by solving a recurrence equation.
However, the authors of [30]
conclude that
recurrence equations are not well suited for runtime analyses, while our paper shows that
for CP programs, an automated runtime analysis based on recurrence equations is
feasible.
[TABLE]
Its drift is μP=41⋅1+43⋅(−1)=−21<0, so by Thm. 4.2 this program is indeed PAST.
By Thm. 4.3,
we can infer the following bounds on the expected runtime for any positive initial value x>0:
[TABLE]
Hence, in this example we can directly conclude that for any x>0 the expected runtime is
rtxP=2⋅x,
without having to solve the corresponding recurrence equation with
Thm. 5.1 resp. Sect. 5.2.
We begin with introducing some auxiliary definitions that will be needed in the
proofs. To define the
run of a program,
we use the “Kronecker-Delta”
where for any y,z∈Zr with y=z we have δy,z=0 and δy,y=1.
Definition 9 (Run of a Program)
For any program P as in Def. 1,
a run is an infinite sequence
⟨z0,z1,z2,…⟩∈(Zr)ω and a
prefix run is a finite sequence
⟨z0,z1,…,zj⟩∈(Zr)j+1 for
some j∈N.
For a prefix run π, its cylinder setCylZr(π)⊆(Zr)ω
consists of all runs with prefix π.
For any initial value x0∈Zr of the program variables, we define a function
prx0P
that maps any prefix run π to its probability
(i.e., 0≤prx0P(π)≤1).
Thus, for any prefix run ⟨z0,z1,…,zj⟩,
let
prx0P(⟨z0⟩)=δx0,z0 and if j≥1, we define:
[TABLE]
Example 22 (Run in Prace)
For Prace from Ex. 1 and a start configuration where
the tortoise is 10 steps ahead of the hare (e.g., x0=(11,1)), the
prefix run ⟨(11,1),(12,1),(13,6)⟩ has the probability pr(11,1)Prace(⟨(11,1),(12,1),(13,6)⟩)=δ(11,1),(11,1)⋅p(12,1)−(11,1)(11,1)⋅p(13,6)−(12,1)(12,1)=p(1,0)(11,1)⋅p(1,5)(12,1)=116⋅221=1213.
So we take into account
whether the prefix run starts with x0=(11,1) and multiply the probability to get
from x=(11,1) to x=(12,1) with the probability to get from x=(12,1) to x=(13,6).
In our setting, we regard a measurable space (Ω,F) where
Ω is the set of runs (Zr)ω and we want to measure the
probability that a run starts with a certain sequence π of numbers. So we
regard the smallest σ-field FZr that contains all cylinder sets
CylZr(π) for all prefix runs π. Moreover, we consider the
probability space ((Zr)ω,FZr,Px0P). Here,
the probability measure Px0P for a program P is defined
such that the probability that a run is in CylZr(π) is the probability
prx0P(π) of the prefix run π.
Definition 10 (Probability Measure for a Program)
For any program P as in Def. 1 and any x0∈Zr,
let Px0P:FZr→[0,1] be the unique
probability measure such that we have
Px0P(CylZr(π))=prx0P(π) for any prefix run π.
Example 23 (Probability Measure for Prace)
CylZ2(⟨(11,1),(12,1),(13,6)⟩) consists of all runs
that start with (11,1), (12,1), (13,6). If the initial
value is x0=(11,1),
then the
probability that a run is in CylZ2(⟨(11,1),(12,1),(13,6)⟩) is
[TABLE]
Now we introduce a stochastic process
XZr (i.e., a family of random variables XjZr) which
corresponds to the values of the program variables during a run.
Definition 11 (Stochastic Process XZr)
For r≥1, let XZr=(XjZr)j∈N where
XjZr:(Zr)ω→Zr is defined as XjZr(⟨z0,…,zj,…⟩)=zj,
i.e., when applied to a run, XjZr returns the values of the
program variables after the j-th loop iteration.
So
X0Z2(⟨(11,1),(12,1),…⟩)=(11,1)
and X1Z2(⟨(11,1),(12,1),…⟩)=(12,1).
Using XZr, the termination time of a program
(cf. Def. 2) can
also be defined as TP(π)=inf{j∈N∣a∙XjZr(π)≤b} for any π∈(Zr)ω. As shown in Def. 3, the
termination time is needed to define the expected runtime of a program.
We first prove that if the initial values x0 violate the loop guard,
then the expected
runtime is trivially 0.
We have
Px0P(X0Zr=x0)=Px0P((X0Zr)−1({x0}))=Px0P(CylZr(x0))=prx0P(x0)=δx0,x0=1.
Thus, for x0 with a∙x0≤b, we obtain Px0P(TP=0)=Px0P(a∙X0Zr≤b)≤Px0P(X0Zr=x0)=1 and hence
rtx0P=Ex0P(TP)=0.
∎
To prove Thm. 2.1 we show how to translate any probabilistic
program into a Markov Decision Process (MDP) and then reuse existing corresponding
results for MDPs [32].
In this section we recapitulate the needed concepts for MDPs and after the introduction of
any concept, we show how it is related to the corresponding notions for probabilistic programs.
We consider infinite time horizon MDPs, where we restrict ourselves to deterministic MDPs
without final states, i.e., to
Discrete Time Markov Chains (DTMCs). So there is one unique action for every state
of the MDP.
Definition 12 (Discrete Time Markov Chain)
A Discrete Time Markov Chain (DTMC)
without final states
M=(S,P,rew) consists of
the following components:
∙
S is a set of states.
∙
P:S×S→[0,1] is a transition
probability function such that for all states s∈S we have
∑s′∈SP(s,s′)=1.
∙
rew:S→R is the reward function.
Def. 13 shows how to translate any
probabilistic program P to a corresponding DTMC MP. This is possible for our
notion of probabilistic programs, because
the values of the program variables only depend on their values
in the previous loop iteration.
To ease notation,
let the probabilities pc(x) be constant zero for all c∈Zr∖{c1,…,cn}.
Definition 13 (Translating Probabilistic Programs to DTMCs)
Let P be a program as in Def. 1. Its corresponding
DTMCMP=(S,P,rew) is given by
∙
S=Zr
∙
For states satisfying the loop guard, the probability function P is induced by the probabilities pcj,
and for states that do not satisfy the loop guard, the probability to remain in the state is 1:
[TABLE]
∙
The reward function is given by rew(s)={1,0,if a∙s>bif a∙s≤b
For a DTMC M=(S,P,rew) and each initial state x0∈S, we examine a stochastic process
XS using a probability measure Px0M for the measurable
space
(Sω,FS).
The definitions of FS, Px0M,
and XS
are generalizations of the corresponding definitions
from Sect. 2 to
arbitrary state spaces.
Moreover, instead of (prefix) runs we now regard histories resp. sample
paths and instead of the probability prx0P of a run with the
initial variable assignment x0 we regard the probability prx0M of a
sample path with the initial state x0.
Definition 14 (Probability Measure for a DTMC)
Let M=(S,P,rew) be a DTMC.
∙
A sample path is an infinite sequence
⟨s0,s1,s2,…⟩∈Sω and a
history is a finite sequence ⟨s0,s1,…,sj⟩∈Sj+1 for some j∈N.
The cylinder setCylS(π) of a history π consists of all sample paths with
prefix π.
∙
For any x0∈S, prx0M:⋃j∈NSj+1→[0,1] is the function that maps any history
⟨s0,…,sj⟩
to its probability if
x0 is the initial state. Thus, let
prx0M(⟨s0⟩)=δx0,s0 and
if j≥1, we define:
[TABLE]
∙
The (canonical) measurable space for a DTMC is
(Sω,FS), where FS is the smallest
σ-field containing all cylinder sets
CylS(π) for all
histories π.
∙
For any x0∈S, the probability measureprx0M:FS→[0,1]for the DTMC M and the initial state x0
is the unique probability measure such that for any history π we have
Px0M(CylS(π))=prx0M(π).
∙
The stochastic process XS=(XjS)j∈N is defined as
XjS:Sω→S, where
XjS(s0,…,sj,…)=sj.
The following corollary shows that for any probabilistic program P, the probability
spaces for P and for its corresponding DTMC MP
are
the same.
Corollary 4 (P and MP Have the Same Probability Measure)
For any program P as in Def. 1 and its corresponding DTMC MP, the corresponding probability
spaces are the same. So in particular, we have
Px0P=Px0MP for
any x0∈Zr.
Proof
By Def. 13 and 14, the measurable
space for MP is ((Zr)ω,FZr), which is also the measurable space for
P.
Moreover, Def. 14 implies prx0P=prx0MP and thus,
Px0P=Px0MP for
any x0∈Zr.
∎
For
DTMCs, one is interested in the expected total reward.
For a DTMC M=(S,P,rew) and the stochastic process XS, the expected
total reward maps any initial state s0∈S to the expected value of
∑j∈Nrew(XjS)
under the probability measure Ps0M (if this expected value exists).
Note that if rew(s)≥0 for all s∈S, then
the sum ∑j∈Nrew(XjS):Sω→R≥0
is a non-negative333The non-negativity of rew
ensures that the infinite sum of all rew(XjS) is a value in
R≥0. In contrast, if we have positive and negative rewards, then
the infinite sum might diverge and neither converge to −∞ nor to ∞.
random variable. Hence, its expected value under the probability measure
Ps0M is well defined.
In particular, this holds for the DTMCs MP corresponding to programs P,
because for any run π=⟨z0,z1,…⟩∈(Zr)ω, rew(XjZr(π))=rew(zj) is 1 if the
j-th tuple zj in the run does not violate
the loop condition a∙zj>b
and 0, otherwise (i.e., rew(z)∈{0,1}
for all z∈Zr).
Definition 15 (Expected Total Reward)
Let M=(S,P,rew) be aDTMC. For any s0∈S,
the expected total rewardtrs0M∈R∪{−∞,∞}
of M is
[TABLE]
whenever this limit exists in R∪{−∞,∞}.
As argued above, the limit always exists in the special case of non-negative
rewards.
Therefore, in the case where rew(s)∈{0,1} for all s∈S, we have
[TABLE]
The following lemma shows the connection between the
termination time and the total reward of a run. In the following, we say that a run π=⟨z0,z1,…⟩ is
constant on violating states if a∙zj≤b implies zj=zj+1 for all j∈N.
Lemma 3 (Total Reward is Termination Time)
Let P be a program as in Def. 1.
For every run π that is constant on violating states, we have
∑j∈Nrew(XjZr(π))=TP(π).
Proof
First, we show that the equality holds for runs π=⟨z0,z1,…⟩
where TP(π)=u<∞. So a∙zj>b for all j<u and since π is constant on violating states, we
have a∙zj≤b for all j≥u. Here we obtain
[TABLE]
Now we consider a run π=⟨z0,z1,…⟩ such that
TP(π)=∞, i.e., a∙zj>b for all j∈N. Then we have
[TABLE]
With Cor. 4 and 3
we can show that the expected runtime of a program P is identical to the
expected total reward of its corresponding DTMC MP. This is the crucial theorem which allows us to
apply results on DTMCs also for probabilistic programs.
Theorem 0.B.1 (Expected Total Reward is Expected Runtime)
For any program P as in Def. 1, the expected runtime of P and the expected total reward of the
corresponding DTMC
MP are the same, i.e., for any x0∈Zr we have
rtx0P=trx0MP.
Proof
Due to Def. 15
we have
trx0MP=∑u∈Nu⋅Px0MP(Au),
where Au={π∈(Zr)ω∣∑j∈Nrew(XjZr(π))=u}. Note that prx0MP(π)=0 if π is not
constant on violating states. Thus, Px0MP(Au)=Px0MP(Au′) where
[TABLE]
Hence, we obtain
[TABLE]
Note that prx0P(π)=0 if π is not
constant on violating states. Thus, Px0P(Au′)=Px0P(Au′′) where
Au′′={π∈(Zr)ω∣TP(π)=u}.
So we get
[TABLE]
Now we introduce the transformer L that is used for DTMCs and corresponds to the expected
runtime transformer for probabilistic programs. In the following, we restrict ourselves to
DTMCs with non-negative rewards to ensure that the expected total reward
exists.
Let M=(S,P,rew) be a DTMC with only non-negative
rewards.
We define the mapping
LM:(S→R≥0)→(S→R≥0) such that for every function f:S→R≥0 and every s∈S, we have
[TABLE]
The following corollary shows that the expected runtime transformer LP of a
program P is the same as the transformer LMP of the corresponding DTMC MP.
Corollary 5 (LMP is Expected Runtime Transformer LP)
For any program P, the expected runtime transformer
LP from Def. 4 is identical to the transformer
LMP from Def. 16.
Proof
Let P be a program as in Def. 1 and let MP=(Zr,P,rew). Consider an arbitrary function f:Zr→R≥0 and an s∈Zr. If a∙s≤b
then rew(s)=0, P(s,s)=1, and
P(s,s′)=0 for s′=s.
Hence
[TABLE]
If a∙s>b then
[TABLE]
Now that we know that the transformers LP and LMP are the same, we
can use existing results on DTMCs to obtain results for programs
P. More precisely, for any DTMC M=(S,P,rew) with only non-negative rewards,
it is known that the expected total reward function trM:S→R≥0 with trM(s0)=trs0M for any s0∈S
is a fixpoint of M’s
transformer LM.
Theorem 0.B.2 (Expected Total Reward is Fixpoint)
Let M be a DTMC with only non-negative rewards. Then
trM is a fixpoint of LM.
Proof
The proof can be found in [32, Thm. 7.1.3]. Note that it requires the
assumption that the expected total reward exists [32, Assumption
7.1.1] which is ensured by a non-negative reward function.
∎
Moreover, the expected total reward function is smaller or equal than any other fixpoint of LM
(and than every function f which satisfies the inequality f≥LM(f)).
Theorem 0.B.3 (Expected Total Reward is Smaller Than Other Fix-points)
Let M=(S,P,rew) be a DTMC with only non-negative
rewards and let there be a function f:S→R≥0 such that f≥LM(f). Then f≥trM.
Proof
The proof of the finite case, i.e., f(s)<∞ for all s∈S,
can be found in [32, Thm. 7.2.2]. Note that in our case there is a
unique strategy (since we restrict ourselves to DTMCs)
and we have only non-negative rewards. Therefore, the proof holds for functions f that
map to
infinity as well.
∎
Thm. 0.B.2 and 0.B.3 imply that the expected total reward function trM
is the least fixpoint
of the transformer LM.
Corollary 6 (Expected Total Reward is Least Fixpoint)
Let M=(S,P,rew) be a DTMC with only non-negative rewards. Then
trM is the least fixpoint of LM, i.e., for
any s0∈S we have lfp(LM)(s0)=trs0M.
The following theorem shows that LM is continuous for any DTMC M with
only non-negative rewards. This is needed to apply
Kleene’s Fixpoint Theorem, i.e., to show that the least fixpoint of LM is sup{0,LM(0),(LM)2(0),…}.
Theorem 0.B.4 (Continuity of LM, cf. [32, Lemma 7.1.5.c])
Let M be a DTMC with only non-negative
rewards. Then LM is continuous.
Proof
Let S={f0,f1,…} be a chain in
S→R≥0,
i.e.,
we have fj≤fj+1
for all j∈N.
Then (supS) is the function (supS):S→R≥0 with
(supS)(s)=j∈Nsup(fj(s)) for all s∈S. Therefore,
for any s∈S we have
[TABLE]
where LM(S)={LM(f0),LM(f1),…}.
∎
Now we can prove Thm. 2.1 which states that the expected runtime of a program P
is the least fixpoint of its expected runtime transformer LP and that it can be
obtained as the supremum of {0,LP(0),(LP)2(0),…}.
As usual, a function f:Zr→R≥0 is a fixpoint of
LP if LP(f)=f. Such a fixpoint f is the
least fixpoint of LP (i.e., f=lfp(LP)) if f≤g
for any other fixpoint g of LP.
By Thm. 0.B.1,
the expected runtime of P is the same as the expected total reward
of the corresponding
DTMC MP.
Cor. 6 showed that
the expected total reward is the least
fixpoint of the transformer LMP,
and
LMP is the same as the expected runtime transformer LP
due to Cor. 5.
As the continuity of LMP=LP was shown in
Thm. 0.B.4, by Kleene’s Fixpoint Theorem we have
lfp(LP)=sup{0,LP(0),(LP)2(0),…}.
∎
The expected runtime transformer LP is continuous (and thus, monotonic) by
Thm. 2.1. Hence, by
induction on j one can show that
f≥LP(f) implies f≥(LP)j(0)
for any function f:Zr→R≥0 and
any j∈N.
So f≥LP(f) implies
f≥sup{0,LP(0),(LP)2(0),…}=lfp(LP). By Thm. 2.1, this means that f(x0)≥lfp(LP)(x0)=rtx0P for all x0∈Zr.
Hence, to prove Thm. 3.1, it suffices to show f≥LP(f) for the
function f:Zr→R≥0 with f(x)=p′1 if a∙x>b and
f(x)=0 if a∙x≤b.
For x with a∙x≤b, we have
LP(f)(x)=f(x). If a∙x>b, then we get
In this section we present the proofs of Sect. 4. It is divided into three subsections in which we will give the proofs for the respective subsections of Sect. 4.
Let P be a CP program as in Def. 1 and let
rdwPω be the function which applies rdwP
componentwise to runs. Then we have:
(a)
TPrdw∘rdwPω=TP**
2. (b)
Let
x0∈Zr.
Then for any prefix run ⟨y0,…,yj⟩∈Zj+1 we have:
[TABLE]
Here, for any M⊆Zω we have (rdwPω)−1(M)={π∈(Zr)ω∣rdwPω(π)∈M}.
Proof
(a)
Let
⟨z0,z1,…⟩∈(Zr)ω such
that TP(⟨z0,z1,…⟩)=j∈N. So if j∈N, then
rdwP(z0),…,rdwP(zj−1)>0 and
rdwP(zj)≤0.
Similarly, if j=∞, then rdwP(zj)>0 for
every j∈N. So in both cases, we have
[TABLE]
2. (b)
First note that
for any prefix run ⟨y0,…,yj⟩∈Zj+1, we have
[TABLE]
As usual, “⊎” denotes the disjoint union, i.e., we have
CylZr(π)∩CylZr(π′)\linebreak=∅ for prefix runs π=π′ of the same length.
Note that both sides of the
equality 13 can be empty, i.e.,
there might not be any zu with rdwP(zu)=yu for some 1≤u≤j. For x0=rdwP(x0),
we prove that
[TABLE]
The result then follows by
13.
For the left-hand side we get
Px0Prdw(CylZ(⟨y0,\linebreak…,yj⟩)=0 if y0=x0 and
otherwise, we have
[TABLE]
For the right-hand side recall that rdwP(x0)=x0 and that we only regard
tuples z0 where rdwP(z0)=y0. So if
y0=x0, then
all of these tuples z0 are different from x0. Hence, then the right-hand
side is also 0. Otherwise, we have the following, where dP=rdwP(d):
[TABLE]
For Equation (†), note that rdwP(x0+cv1)=a∙(x0+cv1)−b=a∙x0+a∙cv1−b=rdwP(x0)+a∙cv1=y0+a∙cv1.
Hence,
rdwP(x0+cv1)=y1 means that
y1−y0=a∙cv1. Similarly, rdwP(x0+cv1+cv2)=y0+a∙cv1+a∙cv2=y1+a∙cv2. So
rdwP(x0+cv1+cv2)=y2 means that y2−y1=a∙cv2, etc. ∎
For the proof of Thm. 4.2, we use results on random walks
[21, 33, 17].
We first recapitulate the required notions from probability
theory.
Consider a probability space (Ω,F,P) (i.e., for every A∈F⊆2Ω, P(A) is the probability
that an event from the set Ω is in the subset A) and a stochastic process
Y=(Yj)j∈N where each Yj:Ω→Z
is a random variable. Y is independent and identically distributed(i.i.d.) on
(Ω,F,P) if for all
j,j′∈N with j=j′ and all y,z∈Z:
∙
Yj and Yj′ are identically distributed, i.e.,
P(Yj=z)=P(Yj′=z)
∙
Yj and Yj′ are independent, i.e.,
P(Yj=y,Yj′=z)=P(Yj=y)⋅P(Yj′=z)
Here, P(Yj=y,Yj′=z)=P(Yj−1({y})∩Yj′−1({z})) is the probability that an event π∈Ω satisfies
both Yj(π)=y and Yj′(π)=z.
So independence means that
one random variable does not influence the value
of the other.
Now we recapitulate the notion of a random walk created by an i.i.d. stochastic process.
Let Y=(Yj)j∈N be an i.i.d. stochastic process for a probability space (Ω,F,P)
with Yj:Ω→Z
and let X0:Ω→Z be a random variable
such that P(X0=x0)=1 for some x0∈Z.
The (one-dimensional)
random walk for(Ω,F,P) induced by Y with
starting point X0 is the sequence S=(Sj)j∈N
of random variables444Note that we define Sj=X0+∑0≤u≤j−1Yu instead of Sj=x0+∑0≤u≤j−1Yu. In this way, the random variables X0,Y0,Y1,…
only generate a single random walk that does not depend on x0. Instead, the different
possible initial
values x0 are taken care of by choosing different probability spaces (Ω,F,Px0) where Px0(X0=x0)=1.
Sj=X0+∑0≤u≤j−1Yu.
We denote the random walk S by (X0,Y).
Analogous to the termination time for programs from Def. 2,
the hitting time is the time when the random walk “hits” a
certain subset of Z for the first time.
Definition 18 (Hitting Time)
The hitting time
for a random walk
(Sj)j∈N
is the random variable Thit:Ω→N with
Thit(π)=inf{j∈N∣Sj(π)≤0}.
If Y=(Yj)j∈N
is i.i.d., then E(Y0)=E(Yj) for all j∈N. Hence, we define
μ=E(Y0) to be the drift, i.e., the expected change in each
step of the random walk. For such random walks, a result similar to Thm. 4.2 is
already known.
Lemma 5 (Drift and Hitting Time [33, Thm. 17.1, Prop. 18.1])
Let Y be i.i.d. for a probability space (Ω,F,P) and let
(X0,Y) be a random walk for (Ω,F,P) such that μ=E(Y0)<∞ (note that the drift
μ does not depend on X0). Let Thit be the hitting time for
(X0,Y). Then we have:
∙
If μ>0, then P(Thit=∞)>0.
∙
If μ=0 and P(Y0=0)=1, then P(Thit=∞)=0 but E(Thit)=∞.
∙
If μ<0, then E(Thit)<∞.
In order to use Lemma 5 to prove Thm. 4.2,
our aim is to represent
the stochastic process XZ
from Def. 11 (for r=1)
as a random walk XZ=(X0Z,YZ) for a suitable stochastic
process YZ.
To this end,
we take the stochastic process YZ=(YjZ)j∈N with YjZ=(Xj+1Z−XjZ) for all j∈N, i.e., YjZ is the change of the program variable in
the (j+1)-th loop iteration.
Then XZ can be obtained as the random walk
(X0Z,YZ), since Px0P(X0Z=x0)=1 and
XjZ=X0Z+∑0≤u≤j−1(Xu+1Z−XuZ)=X0Z+∑0≤u≤j−1YuZ for all j∈N.
Unfortunately, YZ is not i.i.d. for
the probability measure Px0P, because the probability that YjZ=0
(i.e., that Xj+1Z=XjZ holds)
depends on j. More precisely, the probability for
Xj+1Z=XjZ is p0 plus
the probability that the program has already reached a value x≤0 (i.e., that the
program’s termination time is at most j). The reason is that according to the
probability measure Px0P,
the value of x remains
unchanged as soon as x≤0. Thus, we obtain
Px0P(YjZ=0)=p0+Px0P(TP≤j), where Px0P(TP≤j) clearly depends on j.
Therefore, we now introduce a new adapted probability measure Px0P
such that
YZ is i.i.d. on the
probability space (Zω,FZ,Px0P)
and at the same time,
Ex0P(TP)\linebreak=Ex0P(TP), where Ex0P(TP) denotes the
expected value of
the termination time TP under the probability measure Px0P.
In the following definition, qx0P corresponds to the function prx0P from
Def. 9 that maps any prefix run to its probability if x0 is the initial value of
the program variable. When defining prx0P,
the probability for a prefix run ⟨z0,…,zj−1,zj⟩ where zj−1≤0
and zj−1=zj was 0. In contrast, for qx0P we
continue to execute the program also if x≤0.
This corresponds to a variant of the program where the loop
condition x>0 is replaced by true.
Definition 19 (Probability Measure Px0P)
For any
random walk program
P as in Def. 5 without direct termination,
any x0∈Z,
and any prefix run ⟨z0,z1,…,zj⟩,
let qx0P(⟨z0⟩)=δx0,z0
and if j≥1, we define:
[TABLE]
Px0P is the
probability measure with
Px0P(CylZ(π))=qx0P(π) for any prefix run π.
Example 24 (Adapted Probability Measure for Pracerdw)
Consider runs that start with 1, −2, and −6. Here, we have Y0Z(⟨1,−2,−6,…⟩)=(−2)−1=−3 and Y1Z(⟨1,−2,−6,…⟩)=(−6)−(−2)=−4. For Pracerdw of
Ex. 5, when
using the probability measure P1Pracerdw from Def. 10, we obtain
P1Pracerdw(CylZ(⟨1,−2,−6⟩))=pr1Pracerdw(⟨1,−2,−6⟩)=p−3rdw⋅p−4rdw⋅δ−2,−6=0, since the value of x
should not change anymore after reaching the non-positive value −2.
In contrast, the adapted probability measure P1Pracerdw from Def. 19 yields
P1Pracerdw(CylZ(⟨1,−2,−6⟩))=q1Pracerdw(CylZ(⟨1,−2,−6⟩))=p−3rdw⋅p−4rdw=221⋅221=4841.
For the termination time TP one only regards the time that it takes until the
program variable x is
non-positive for the first time. Thus, it does not matter whether x is kept
unchanged afterwards (as in the probability measure Px0P) or whether the
loop body is
executed further afterwards (as in Px0P). So the expected
runtime is the same, no matter whether one uses Ex0P or Ex0P.
Lemma 6 (TP is Identically Distributed Under Px0P and Px0P)
For any
random walk program P without direct termination,
any x0∈Z, and any j∈N, we have
Px0P(TP=j)=Px0P(TP=j).
Thus, Ex0P(TP)=Ex0P(TP).
Proof
First of all, by the definition of TP, for any j∈N we have
[TABLE]
First, we consider x0≤0. Then any cylinder set with positive probability
w.r.t. Px0P resp. Px0P has the form CylZ(π) where π starts with
x0≤0. But for any run τ∈CylZ(π) we have TP(τ)=0. Therefore, we
conclude Px0P(TP=0)=1=Px0P(TP=0).
Now we show that the process YZ with YjZ=Xj+1Z−XjZ is
i.i.d. w.r.t. the probability measure Px0P
and thus, (X0Z,YZ) is a random walk for (Zω,FZ,Px0P).
So the expected value of YjZ
under Px0P,
is the
same for all j. In fact, this expected value is the drift μP of the
program, irrespective of the start value x0.
Lemma 7 (Y is i.i.d. and its Expected Value is the Drift of the Program)
Let XZ be the stochastic
process as in Def. 11.
We define the process YZ=(YjZ)j∈N by YjZ=Xj+1Z−XjZ for all j∈N. Then for any random walk program P without direct termination and any
x0∈Z, YZ is
i.i.d. w.r.t. (Zω,FZ,Px0P) and thus,
(X0Z,YZ) is a random walk for this probability space.
Furthermore, for any x0∈Z and any j∈N, we
have Ex0P(YjZ)=μP.
Proof
We first show that the YjZ are identically distributed. More precisely, we
prove that for all u,x0∈Z and all j∈N we have
Px0P(YjZ=u)=pu. Similar to our handling of multivariate programs in
App. 0.B,
for any random walk program P as in
Def. 5
we
define pv=0 for v>m or v<−k.
[TABLE]
[TABLE]
As pu is independent of j, the YjZ are identically distributed. Furthermore, the expected value of YjZ under
Px0P is
[TABLE]
which is the drift of the program.
It remains to show the independence of the random variables. Let j=j′∈N and w.l.o.g. assume j′>j.
[TABLE]
[TABLE]
Now we can prove Thm. 4.2 based on the results of Lemma 5 for random walks.
Due to Lemma 7, YZ is i.i.d. w.r.t. (Zω,FZ,Px0P)
and thus,
SZ=(X0Z,YZ) is a random walk w.r.t. this probability
space for any x0∈Z. By Def. 17 we have
SjZ=X0Z+∑0≤u≤j−1YuZ=XjZ for any j∈N. Hence, the
hitting time Thit for the random walk SZ as defined in Def. 18 is exactly the
termination time TP. As we proved in Lemma 7 that
Ex0P(Y0)=μP holds independent of x0∈Z, we can use Lemma
5 for all x0. So we get for all x0∈Z:
∙
If μP>0, then
Px0P(TP=∞)=Lemma\refertunaffectedPx0P(TP=∞)>0,
i.e., P is not AST.
∙
Note that as P is non-trivial (i.e.,
p0=1), we have Px0P(Y0Z=0)=1.
So if μP=0, then
Lemma 5 implies
Px0P(TP=∞)=Lemma\refertunaffectedPx0P(TP=∞)=0
but Ex0P(TP)=Lemma\refertunaffectedEx0P(TP)=∞,
i.e., P is AST but not PAST.
∙
If μP<0, then
Ex0P(TP)=Lemma\refertunaffectedEx0P(TP)<∞,
i.e., P is PAST. ∎
Example 25 (Termination of Variations of Pracerdw)
We showed already in Sect. 4.2 that the drift of the program Pracerdw in Ex. 5
is
−23<0.
So by
Thm. 4.2 this program is PAST, i.e., the hare is expected
to overtake the
tortoise in a finite number of iterations.
Now consider the modified program P:
[TABLE]
The distance still increases with probability 116 but it decreases by at most 4.
Its drift is μP=1⋅116+0⋅113+(−2)⋅111+(−4)⋅111=0. Hence, on average
the distance x between the tortoise and the hare remains unchanged after each loop
iteration. By Thm. 4.2 this program is AST but not PAST.
Hence, the hare wins with probability 1, but the expected number of required loop iterations
is infinite.
Finally, we change the probabilities to obtain the program P′:
[TABLE]
Its drift is μP′=1⋅116+0⋅113+221⋅∑−4≤j≤−1j=111>0.
Thus, P′ is not AST by Thm. 4.2. So
there is a positive probability that the hare never catches up with the tortoise
and the race takes forever.
If P has direct termination (i.e., p′=0), then P and Prdw are PAST by
Thm. 3.1.
Otherwise, by
Thm. 4.1 we can reduce the
termination of P to the termination of Prdw on inputs which are in the
image of rdwP. Note
that the termination behavior of Prdw is the same for all x>0.
Hence, to show that P is (P)AST iff Prdw (P)AST, we
prove that rdwP’s image also includes positive values.
To see this,
note that
a=0 implies a∙a>0.
Hence, for any natural number u>a∙ab
we obtain rdwP(u⋅a)=u⋅a∙a−b>a∙ab⋅a∙a−b=0.
∎
We now show that for CP programs P without direct termination, one can not only
decide termination, but the construction for the proof of Thm. 4.2
also directly yields
asymptotically exact bounds on
their expected runtime. More precisely, we show that rtx0P
is asymptotically linear whenever
P is PAST
(and we even provide actual upper and
lower bounds).
To prove this result, we
use Wald’s Lemma from probability theory. Again, we first consider random walk
programs and then use the reduction of Sect. 4.1 to
lift
our result to arbitrary CP programs.
Recall that if a stochastic process Y=(Yj)j∈N on a probability space (Ω,F,P)
is i.i.d., then E(Y0)=E(Yj) for all j∈N. Thus, we obtain
[TABLE]
By Wald’s Lemma, a similar statement
even holds if instead of the constant c we use a random variable T, provided that T
is independent from the stochastic process Y.
We use a consequence of Wald’s Lemma where T does not need to be independent from the
whole process Y but
for every j,
the random variable Yj is independent of whether T is greater or equal to j+1.
The required independence can be expressed formally by demanding that
Yj must be independent
of I{T≥j+1}:Ω→{0,1}, where I{T≥j+1}(π)=1 if
T(π)≥j+1 and
I{T≥j+1}(π)=0 otherwise.
Then,
to compute E(∑0≤j≤T−1Yj), by Wald’s Lemma one
can apply E to both T and Yn separately, i.e.,
one can compute E(T)⋅E(Y0).
Lemma 8 (Consequence of Wald’s Lemma, cf. [21, Lemma
10.2(9)])
Let Y=(Yj)j∈N be a stochastic process on a probability
space (Ω,F,P) which is i.i.d. and let T:Ω→N be a random
variable.
Define the random variable (∑0≤j≤T−1Yj):Ω→R,π↦∑0≤j≤T(π)−1Yj(π).
If E(Y0)<∞, E(T)<∞, and
the random variables Yj and I{T≥j+1} are independent for all j∈N,
then
i.e., the expected value of ∑0≤j≤T−1Yj exists.
The proof of Lemma 8 is similar to the proof
of
[21, Lemma (9) in Sect. 10.2], but
it is done under different preconditions.
[TABLE]
[TABLE]
In
our setting, we consider the stochastic process YZ from Lemma 7
and the termination time TP. When
regarding Px0P, Yj (i.e., the difference between the
(j+1)-th and the j-th element of a run)
is clearly not independent of the question whether
the run already terminated in (or before) the j-th element.
The reason is that under the probability measure Px0P,
the elements of a run do not change anymore after
termination. However, Lemma 9 shows that when
regarding Px0P instead, the independence requirement
of Lemma 8 is fulfilled.
Lemma 9 (Independence of YjZ and I{TP≥j+1})
Let YZ=(YjZ)j∈N be the stochastic process from Lemma 7.
Then for any random walk program P without direct termination, any
x0∈Z,
and any j∈N, the random variables YjZ and I{TP≥j+1} are
independent w.r.t. the probability measure Px0P.
Proof
We show that for any x,y∈Z, we have
[TABLE]
Note that the left- and the right-hand side are both zero whenever y∈/{0,1}. Thus,
it is enough to show the claim for y=0 and y=1.
Case 1: y=0
[TABLE]
[TABLE]
Case 2: y=1
[TABLE]
[TABLE]
Now we can use Lemma 8 to infer linear upper and lower bounds for the expected
runtime if the random walk program P is PAST (i.e., if μP<0).
Theorem 0.D.1 (Bounds on the Expected Runtime of Random Walk Programs)
Let P be a random walk program as in
Def. 5 without direct
termination where
μP<0. Then
rtx0P=0 for x0≤0 and
for x0>0, we have
[TABLE]
So for x0>0, P’s expected runtime is asymptotically linear, i.e., rtx0P∈Θ(x0).
Proof
All prerequisites are satisfied to apply Wald’s Lemma (Lemma 8) for the
stochastic process YZ on the probability space (Zω,FZ,Px0P) and the termination time TP:
By Lemma 7, YZ is i.i.d. w.r.t. (Zω,FZ,Px0P)
and Ex0Z(Y0Z)=μP<∞.
Since μP<0, Thm. 4.2 yields
that P is PAST and hence rtx0P=Ex0P(TP)<∞.
By Lemma 6 this implies Ex0P(TP)=Ex0P(TP)<∞.
Furthermore, YjZ and I{TP≥j+1} are independent by
Lemma 9. Thus,
Lemma 8 yields
[TABLE]
Let the random variable XTP:Ω→Z map every run π to the
first non-positive value in π, i.e., to the value of the program variable when P
terminates, or 0 otherwise. So
XTP(π)=XTP(π)(π) if TP(π)<∞
and XTP(π)=0 if TP(π)=∞.
To infer linear bounds on the expected value of the termination time
Ex0P(TP) resp. Ex0P(TP),
we first infer bounds on Ex0P(XTP).
Clearly, we have XTP(π)≤0 for every π∈Ω by the definition of
the termination time and of XTP.
Hence, this implies Ex0P(XTP)≤0, i.e., 0 is an upper bound for
Ex0P(XTP).
To infer a lower bound for Ex0P(XTP),
note that if x0>0, then for every run π=⟨z0,…,zj−1,zj,…⟩ where Px0P(CylZ(π))=qx0P(π)>0 and zj is
the first non-positive value in π, we have j≥1 and zj is at most k smaller
than zj−1. Thus, zj−1≥1 implies zj≥zj−1−k≥1−k. Hence, for
all these runs we have XTP(π)=zj≥1−k.
Moreover, for runs π without non-positive values, we also have
XTP(π)≥1−k,
since XTP(π)=0 and since μP<0 implies k≥1. Thus, we obtain
Ex0P(XTP)≥1−k whenever x0>0.
So to summarize, we get the following upper and lower bounds for
Ex0P(XTP) if x0>0:
[TABLE]
Recall that for every j≥0 we have
XjZ=X0Z+∑0≤u≤j−1YuZ.
Hence, we also have
XTP=X0Z+∑0≤u≤TP−1YuZ. This implies:
[TABLE]
Hence, by 18 we obtain
−μP1⋅x0≤Ex0P(TP)≤−μP1⋅x0+μP1−k for any x0>0.
This implies the theorem, since rtx0P=Ex0P(TP).
∎
We
use Rouché’s Theorem: For a univariate polynomial
av⋅xv+…+a1⋅x+a0, if there is a number w∈R>0 and an index u∈N with 0≤u≤v
such that
[TABLE]
then the polynomial has exactly u (possibly complex) roots (counted with multiplicity)
of absolute value less than w.
We now apply Rouché’s Theorem to the characteristic polynomial
and proceed by case analysis. First, we consider the case where p′>0. Here, we choose w=1 and u=k.
Then 19 becomes
[TABLE]
As ∣p0−1∣=1−p0 and ∣pj∣=pj for all j, this is equivalent to
[TABLE]
which is true since p′>0.
So by Rouché’s Theorem, the characteristic polynomial χP has k roots λ with
∣λ∣<1.
However, we would like to conclude that there are no more than k roots λ with
∣λ∣≤1. Thus, we still need to show that χP has no root λ with
∣λ∣=1.
Clearly, 0=χP(λ) is equivalent to 0=∑−k≤j≤mpj⋅λk+j−λk.
If ∣λ∣=1 were true, then
1=∑−k≤j≤mpj⋅λj and
[TABLE]
by using ∣pj∣=pj. However, this is a contradiction to p′>0.
Now we consider the case where
p′=0 and thus ∑−k≤j≤mpj=1.
Our goal is to show that for all small enough ε>0, the inequality 19
holds if we set w=1+ε and u=k. Then 19 becomes
[TABLE]
As ∣p0−1∣=1−p0, w=1+ε, and ∣pj∣=pj for all j, this is equivalent to
[TABLE]
Note that555This notation means that (1+ε)j=1+j⋅ε+f(ε) for a function f with f(x)∈O(x2). Here, k, m, and the pj are
considered to be constants, i.e.,
we write O(ε2) instead of (1−p0)⋅O(ε2) or ∑−k≤j≤m,j=0pj⋅O(ε2).
(1+ε)j=1+j⋅ε+O(ε2) for any j≥0. Hence, we obtain
[TABLE]
By using
∑−k≤j≤mpj=1, this simplifies to
[TABLE]
When dividing by ε>0, we get
[TABLE]
To satisfy this, it is sufficient to have
[TABLE]
This is equivalent to
[TABLE]
Since μP<0 as P is PAST (cf. Thm. 4.2), this is true for
all sufficiently small ε. Hence, there are exactly k roots of absolute value less than 1+ε, where ε is sufficiently small, so in particular k roots of absolute value ≤1.
∎
To
encode the requirement on the aj,u,
we modify
(5) into a new constraint (20) which ensures aj,u=0 whenever
∣λj∣>1.
More precisely, this new constraint (20) is a recurrence equation such
that the
characteristic polynomial χ0 of its homogeneous part has all the roots of χP except those whose absolute
value is greater than 1, i.e., χ0(λ)=∏1≤j≤c,∣λj∣≤1(λ−λj)vj.
Thus, we can define the coefficients qj∈C by
[TABLE]
Note that the degree of the polynomial χ0 is indeed k, because by Lemma 1 we have
∑1≤j≤c,∣λj∣≤1vj=k.
Moreover, the constant add-on of the new recurrence equation is
constructed in such a way that the particular solutions Cconst resp. Clin⋅x of (5) are also solutions of the inhomogeneous recurrence equation. Thus,
let Dconst=Cconst⋅(1−∑−k≤j≤−1qj) and
Dlin=−Clin⋅∑−k≤j≤−1j⋅qj.
Instead of (5), we now consider the constraint
[TABLE]
where we choose D=Dconst if p′>0 and D=Dlin if p′=0.
We show the following two claims:
(a)
There is exactly one function f:Z→C which satisfies
4 and 20.
2. (b)
A function f:Z→C satisfies 20 iff
f satisfies 5 (thus, it has
the form (9)) where aj,u=0 whenever
∣λj∣>1.
These two claims imply the statement of the lemma. To see this, note
that by (a) there exists a function which satisfies 4 and 20
and by (b) this function also satisfies 5 and it has aj,u=0 whenever
∣λj∣>1. This function is unique, because if there were two different functions f1 and
f2 that satisfy 4 and 5 and have aj,u=0 whenever
∣λj∣>1, then by (b) these two functions would also both satisfy
20. But this would be a contradiction to the uniqueness stated in (a).
We now prove the claims (a) and (b). For (a),
note that
the recurrence equation (20) is formulated in such a way that f(x)
only depends on the values of f on the smaller values x−1,…,x−k (i.e., it is a
recurrence of order k). By
the constraint (4), the initial value of f on
negative values is uniquely determined (i.e., f(0)=f(−1)=…=f(−k+1)=0). Hence, by induction on x, one can easily prove that there is a single unique function f:Z→C that satisfies both
(4) and (20).
For the claim (b), we only have to show that Cconst is a solution of the inhomogeneous
recurrence equation 20 if p′>0 and Clin⋅x is a solution of
20 if p′=0.
Once this is shown, it is clear that all solutions of 20 result from
adding the particular solution Cconst resp. Clin⋅x of the
inhomogeneous equation to a solution of the homogeneous variant of 20
(where D is replaced by 0). Any solution of this homogeneous variant can be represented
as a linear combination of the solutions λjx⋅xu
where ∣λj∣≤1 and u∈{0,…,vj−1}. That these are linearly independent solutions
of the homogeneous variant of 20 follows from the fact that χ0 is
the corresponding characteristic polynomial. Thus, the solutions of
20 are all functions of the form
(9) where aj,u=0 whenever
∣λj∣>1, which proves (b).
It remains to show that Cconst resp. Clin⋅x are particular solutions
of the inhomogeneous
recurrence equation 20. If p′>0, then the definition of Dconst
indeed implies
Cconst=Cconst⋅∑−k≤j≤−1qj+Dconst. If p′=0, then we have to show
[TABLE]
Since 1 is a root of χP (i.e., one of the λj with ∣λj∣≤1 is λj=1), 1 is also a root of χ0. So we have 0=χ0(1)=1−∑−k≤j≤−1qj, which implies ∑−k≤j≤−1qj=1.
So (21) is equivalent to
By Thm. 2.1, the expected runtime rtxP
is the least fixpoint of the expected runtime transformer
LP, i.e.,
the smallest function
f(x):Z→R≥0
which satisfies 3, or equivalently,
the smallest function
which satisfies 4 and 5.
Since f satisfies 5, it is a function of the form 9,
i.e., there exist coefficients aj,u∈C such that for all x>−k we have
[TABLE]
If we had aj,u=0 for a coefficient where
∣λj∣>1, then
f(x) would not be bounded by a constant (if p′>0) resp. by a linear function
(if p′=0).
Thus, this would contradict
Thm. 3.1 (if p′>0) resp. Thm. 4.3 (if p′=0).
By Lemma 2 there is a single unique function f:Z→C which satisfies both
4 and 5
and has aj,u=0 whenever
∣λj∣>1. So this function must be the expected runtime (and hence, it maps any integer
to a non-negative real number). Due to 5 the function must be of the form
9 for all x>−k but at the same time it also has to satisfy f(x)=0 for all x≤0 due to 4. Therefore, it must satisfy the linear
equations (11).
On the other hand, the linear equations (11)
cannot have more than one solution because otherwise this would yield
two different functions
that satisfy both
4 and 5
and have aj,u=0 whenever
∣λj∣>1, in contradiction to Lemma 2.
If k=0, then p′>0 as P is PAST. Lemma 1
implies that χP has no root with ∣λ∣≤1 and thus, rtxP=Cconst+∑1≤j≤c,∣λj∣≤1…=Cconst
for x>0.
∎
If P is trivial, then its expected runtime is obvious. Otherwise, by Cor. 2 one can
decide if
P is PAST and in that case, Prdw is PAST as well.
For any CP program P, we have
rtxP=rtrdwP(x)Prdw due to
Thm. 4.1.
As rtrdwP(x)Prdw can be computed exactly by Thm. 5.1,
this also holds for rtxP. ∎
As mentioned in Sect. 5,
Thm. 5.1 and 3 imply that for any x0∈Zr,
the expected runtime rtx0P of a CP
program P that is PAST and has only rational probabilities pc1,…,pcn,p′∈Q
is always an algebraic number.
This is due to the fact that rtx0P can be represented as a
linear combination of algebraic numbers (the roots of the characteristic polynomial χPrdw). The
coefficients of this linear combination are the solution of a linear equation system 11 over algebraic
numbers and hence, they are algebraic numbers themselves.
Therefore, one could also compute a closed form for the
exact expected runtime rtxP using a representation with algebraic numbers
instead of numerical approximations.
As also discussed in Sect. 5, while the
exact computation of the expected runtime of a random walk program
P according to Thm. 5.1 may yield a
representation of rtxP with possibly complex number, one can easily obtain a
more intuitive representation of rtxP that uses real numbers only.
As stated before, for any coefficients aj,u,aj,u′∈C
with j∈{s+1,…,s+t} and
u∈{0,…,vj−1} there exist coefficients bj,u and
bj,u′ such that
[TABLE]
holds for all x∈Z. More precisely, bj,u=aj,u+aj,u′
and bj,u′=(aj,u−aj,u′)⋅i.
So any linear combination of the functions λjx⋅xu and λjx⋅xu can be replaced by a linear combination of the
functions Re(λjx)⋅xu and Im(λjx)⋅xu.
In this way, one obtains k+m linearly independent real solutions of the
corresponding homogeneous recurrence equation.
Hence, by Thm. 5.1 we now get the representation of the expected runtime in
(12):
[TABLE]
Since rtxP is real-valued,
λjx∈R for j∈{1,…,s}, and Re(λjx),Im(λjx)∈R for j∈{s+1,…,s+t}, all aj,u for j∈{1,…,s} and all bj,u,bj,u′ for j∈{s+1,…,s+t} are real numbers.
As bj,u=aj,u+aj,u′, this means that aj,u′ is the conjugate
of aj,u, i.e., aj,u′=aj,u and thus, bj,u=2⋅Re(aj,u) and bj,u′=−2⋅Im(aj,u).
As mentioned, to compute Re(λjx) and Im(λjx),
we consider the polar representation of the non-real roots
λj, i.e., for j∈{s+1,…,s+t} let λj=wj⋅eθj⋅i
with wj∈R>0 and θj∈(0,2π).
Then λjx=wjx⋅eθj⋅i⋅x,
and Re(λjx)=wjx⋅cos(θj⋅x) and
Im(λjx)=wjx⋅sin(θj⋅x).
Note that in Sect. 5.2, one could
also already use the representation in 12
with Re(λjx)=wjx⋅cos(θj⋅x) and
Im(λjx)=wjx⋅sin(θj⋅x) here. Then one would only
have to solve a system of linear equations over the reals and can compute bj,u
and bj,u′ directly.
Bibliography35
The reference list from the paper itself. Each links out to its DOI / PubMed record.
1[1] Agrawal, S., Chatterjee, K., Novotný, P.: Lexicographic ranking supermartingales: an efficient approach to termination of probabilistic programs. Proc. ACM Program. Lang. 2 (POPL), 34:1–34:32 (2018), https://doi.org/10.1145/3158122 · doi ↗
2[2] Ash, R.B., Doleans-Dade, C.A.: Probability and Measure Theory. Elsevier/Academic Press (2000)
3[3] Bauer, H.: Probability Theory. Walter de Gruyter & Co. (1996)
4[4] Bazzi, L., Mitter, S.: The solution of linear probabilistic recurrence relations. Algorithmica 36 (1), 41–57 (2003), https://doi.org/10.1007/s 00453-002-1003-4 · doi ↗
5[5] Bournez, O., Garnier, F.: Proving positive almost-sure termination. In: Proc. RTA ’05. pp. 323–337. LNCS 3467 (2005), https://doi.org/10.1007/978-3-540-32033-3_24 · doi ↗
6[6] Braverman, M.: Termination of integer linear programs. In: Proc. CAV ’06. pp. 372–385. LNCS 4144 (2006), https://doi.org/10.1007/11817963_34 · doi ↗
7[7] Brázdil, T., Brozek, V., Etessami, K.: One-counter stochastic games. In: Proc. FSTTCS ’10. pp. 108–119. LIP Ics 8 (2010), https://doi.org/10.4230/LIP Ics.FSTTCS.2010.108 · doi ↗
8[8] Brázdil, T., Kucera, A., Novotný, P., Wojtczak, D.: Minimizing expected termination time in one-counter Markov decision processes. In: Proc. ICALP ’12. pp. 141–152. LNCS 7392 (2012), https://doi.org/10.1007/978-3-642-31585-5_16 · doi ↗