1 / 38

A Combination Method for Generating Interpolants

A Combination Method for Generating Interpolants. by G. Yorsh and M. Masuvathi. Presentation by: Emilia Katz. The Goal. restrictions on T 1 and T 2 will be seen later…. Given: theory T – combination of T 1 and T 2 A and B – two logical T-formulas A ⋀ B is unsatisfiable in T

cachet
Download Presentation

A Combination Method for Generating Interpolants

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Combination Method for Generating Interpolants by G. Yorsh and M. Masuvathi Presentation by: Emilia Katz

  2. The Goal restrictions on T1 and T2 will be seen later… • Given: • theory T – combination of T1 and T2 • A and B – two logical T-formulas • A ⋀ B is unsatisfiable in T • efficient interpolant-generation procedures exist for T1 and T2 • Find: • interpolant for <A,B> if both sub-procedures are polynomial, the resulting procedure will also be polynomial

  3. The Idea • How to find an interpolant efficiently? • Derive it from unsatisfiability proof • But how? And how to get the proof? • We don’t want to make further assumptions about T1 and T2, so • We don’t know how their interpolant-generation procedures work • We don’t know how their decision procedures work • The idea: use them as black boxes • Combine d.p.-s for T1 and T2 into a d. p. for T. • Use the proof and the interpolant-generation procedures for T1 and T2 to derive an interpolant in T. Nelson-Oppen framework…

  4. Example T1 = UIF (uninterpreted functions theory) T2 = LI (linear equalities theory) A ≝ (f(x1)+x2=x3)  (f(y1)+y2=y3) (y1x1) B ≝ (x2=g(b))(y2=g(b))(x1  y1)(x3 < y3) • UIF and LI satisfy the requirements [assume it meanwhile, we’ll return to it later] • A  B is unsatisfiable [we’ll see this in a couple of minutes]

  5. Nelson – Oppen framework … for combining decision procedures • Given: • theory T – combination of T1 and T2 • A and B – two conjunctions of literals in T • Goal: is A ⋀ B satisfiable in T ? • Assumptions: • Σ = Σ1Σ2 (denote: Σ = ΣT, Σi= ΣTi) • Σ1Σ2 = {=} • T1, T2 are stably-infinite • T1, T2 have decision procedures for satisfiability of conjunctions of Σi literals = every quantifier-free Σi-formula is satisfiable in Ti iff it is satisfied by a Ti-interpretation with infinite domain

  6. N.-O. framework applicationexample T1 = UIF (uninterpreted functions theory) T2 = LI (linear equalities theory) A ≝ (f(x1)+x2=x3)  (f(y1)+y2=y3) (y1x1) B ≝ (x2=g(b))(y2=g(b))(x1  y1)(x3 < y3) • Purification: ALI = (a1+x2=x3)  (a2+y2=y3) (y1x1) AUIF = ((a1 = f(x1))  (a2 = f(y1)) BLI = (x1  y1)(x3 < y3) BUIF = (x2=g(b))(y2=g(b)) replace: f(x1) by a1, f(y1) by a2 add equalities for a1, a2 no replacements needed

  7. ApplicationExample – contd. 2. Equality propagation: under the line: EqUIF under the line: EqLI (10) x1 = y1 (11) a1 = a2 (12) x2 = y2 Unsatisfiable! Theory: LI Eq = (a1=a2 x2=y2)

  8. Nelson – Oppen framework in T adding new variables to replace objects of the “wrong” type, and equalities “defining” them A  B Purification in T1 in T2 A1 B1 A2 B2 F2:= A2 B2 F1:= A1 B1 Equality propagation Unsatisfiable! (found by Ti, with Eq) Dec. proc. for T1 Dec. proc. for T2 Unsat. Unsat. Sat. Sat. Equality derivation in T2 (Eq2) Equality derivation in T1 (Eq1) F1 := F1Eq2 F2 := F2Eq1 no more new equalities Satisfiable!

  9. Theory-specific Interpolant Given: • T – first order theory of signature Σ • L – class of quantifier-free Σ-formulas • ΣTΣ – interpreted symbols in T • A, B ∈L such that A ⋀ B ⊦T ⊥ Then theory-specific interpolant for <A,B> is I∈L such that: • A ⊦TI • I⋀ B ⊦T ⊥ • V(I )  (V(A)V(B)) ΣT not necessary for the method to work properly new requirement: quantifier-free interpolants (for completeness of SAT-checks with interpolants [in subsequent analysis stages]) less strict requirement: I can contain not only AB-common symbols set of symbols that appear in the formula

  10. Requirement (3) Change Motivation contradiction with B! Example: A ≝ c2 = car(c1) ⋀ c3 = cdr(c1) ⋀ atom(c1) B ≝c1 = cons(c2 ,c3) In theory of Lisp structures • ci – s are lists • car(c) = “head” element of the list c • cdr(c) = “tail” of the list c • cons(c,d) = concatenation of d after c • ΣT = {car, cdr, cons, atom} • A ⋀ B ⊦T ⊥ Axiom of T: ∀x(atom(x) ⇒ cons(car(x),cdr(x))=x) Apply to x=A: A ⇒ (c1 = cons(c2 ,c3)) Interpolant (by new def.) c1 = cons(c2 ,c3) “cons” is not AB–common; “cons”, “atom”, “cdr”, “car” not alowed in I => no interpolant for <A,B>!

  11. Interpolants Generation Method first-order theories Input: <Ai,Bi> - conjunctions of Σi literals; output – interpolant as Li formula Assumptions: • T – combination of T1, T2 • Σ = Σ1Σ2 • efficient interpolant-generation procedures exist for T1 and T2 • Restrictions from Nelson-Oppen framework: • Σ1Σ2 = {=} • T1, T2 are stably-infinite • T1, T2 have decision procedures for satisfiability of conjunctions of Σi literals • T1, T2 are equality-interpolating • T1, T2 are convex Guarantee: • Output: theory-specific interpolant for <A,B> in T to be explained ( (xi = yi)) ⇒ ∃k. (xk=yk)

  12. Simple Case Arise from the use of the Nelson-Oppen framework Constraints to be relaxed later: • A, B – conjunctions of literals Constraints possible to relax • T1, T2 are convex theories Relaxed in another work of the authors…

  13. Naïve approach Given: AB ⊦T⊥ in T A  B Nelson-Oppen framework for <T1,T2> “Satisfiable!” “Unsatisfiable!” + Eq (propagated equalities) + P (proof of AiBi ⊦Ti⊥) Ai Eq|Ai P Bi Eq|Bi ? Interpolant generation procedure for Ti Interpolant Ifor <A,B>

  14. The problem - example A ≝ (f(x1)+x2=x3)  (f(y1)+y2=y3) (y1x1) B ≝ (x2=g(b))(y2=g(b))(x1  y1)(x3 < y3) • Contradiction found by LI between A’ = ALI(a1=a2); B’ = BLI(x1=y1)(x2=y2) • Interpolant found for <A’,B’> in LI: I = (x2-y2=x3-y3) • Is I interpolant for <A,B> in T? • I B T ⊥ • But A  I: (f(x1)+x2=x3)  (f(y1)+y2=y3) (y1x1)  (x2-y2=x3-y3) • A → A’ doesn’t have to hold => A  I additional information from B might appear in A’

  15. Proposed solution: Partial Interpolants Attach one to each equality propagated in the unsatisfiability proof in Nelson-Oppen framework Definition: Projection Given Θ – conjunction of AB-pure literals Define Θ|A – conjunction of A-local literals, Θ|B – conjunction of B-local and AB-common literals Note: Θ = Θ|A Θ|B Example: A = (a1=f(x1)  a2 = f(y1)), B = (a1=f(x1)  a3 = f(y1)) Θ = A  B = (a2 = f(y1)  a1=f(x1)  a3 = f(y1)) Θ|A Θ|B

  16. Partial Interpolant – defn. in our case, V(A’)V(A), V(B’)V(B) => interpolant for e contains only AB-common symbols Definition: Theory-specific partial interpolant A’,B’ - conjunctions of pure literals in Σi, e – AB-pure atomic formula generated by decision procedure for the theory Ti: A’B’Ti e Then: Theory-specific partial interpolant for e w.r.t. <A’,B’>, φiA’,B’(e), is the interpolant generated for <A’(e|A’), B’(e|B’)> by Ti’s procedure thus, A’B’ e Ti ⊥

  17. LI-Partial Interpolant Example • First equality propagated: e=(x1=y1); A’ = ALI, B’ = BLI • (7)  ALI, (8)  BLI • e|A’= true, e|B’= (x1=y1) • Interpolant for < y1x1 , (x1y1) (x1=y1) >:φLIA’,B’(x1=y1)= y1  x1 (10) x1 = y1 x1, y1 are AB-common

  18. Partial Interpolant – contd. reason for restriction to equality-interpolating theories Definition: Partial interpolant • e – AB-pure equality derived from AB in Nelson-Oppen framework by a theory Ti: AiBiEqTi e • Ai, Bi – conjunctions of pure literals • Eq – a set of AB-pure equalities Partial interpolant for e w.r.t. <A,B>, φA,B(e), is defined inductively: • Base: • e  Ai⇒ φA,B(e) = ⊥, • e  Bi⇒ φA,B(e) = ⊤ • Inductive step: Let A’ ≝ AiEq|A, B’ ≝ BiEq|B φA,B(e) = (φiA’,B’(e)  ⋁aA’ φA,B(a))  ⋀bB’ φA,B(b) derived from AB by Nelson-Oppen procedure… a, b - equalities

  19. Partial interpolant - example • Find partial interpolant for <A,B>, φA,B(⊥), from the running example: • Follow the proof step-by-step • Step1:deriving (x1=y1) • Ti = LI • Eq = ⊤, thus: • A’ = ALI = (a1+x2=x3)  (a2+y2=y3) (y1x1) • B’ = BLI = (x1  y1)(x3 < y3) • φA,B(x1=y1) = φLIA’,B’(x1=y1) = y1  x1

  20. Partial interpolant example – contd. • Step2:deriving (a1=a2) • Ti = UIF • Eq = (x1=y1) • Eq|A = ⊤, Eq|B = (x1=y1), thus: • A’ = AUIF = ((a1 = f(x1))  (a2 = f(y1)) • B’ = BUIF(x1=y1) = (x2=g(b))(y2=g(b)) (x1=y1) • φA,B(a1=a2) = (φUIFA’,B’(a1=a2)  ⊥)  ⋀bB’ φA,B(b) • φUIFA’,B’(a1=a2)= (x1=y1) • φA,B(a1=a2) = (x1=y1)(y1  x1) = (y1 < x1) propagated eq. used to derive a1=a2 A’=AUIF => we have results only from the base case = φA,B(x1=y1) = (y1  x1) interpolant-generation proc. of UIF the rest is True from the base case

  21. Partial interpolant example – contd. • Step3:deriving (x2=y2) • Ti = UIF • Eq = ⊤, thus: • A’ = AUIF = ((a1 = f(x1))  (a2 = f(y1)) • B’ = BUIF = (x2=g(b))(y2=g(b)) • φA,B(x2=y2) = φUIFA’,B’(x2=y2) = = interpolant, derived by UIF’s procedure for <A’(x2=y2)|A’, B’  (x2=y2)|B’> = =interpolant for < ((a1 = f(x1))  (a2 = f(y1)), (x2=g(b))(y2=g(b))  (x2=y2) > no propagated eq. needed to derive x2=y2 = ⊤ = (x2=y2) => Internal contradiction => φA,B(x2=y2) = ⊤

  22. Partial interpolant example – contd. • Step4:deriving ⊥ • Ti = LI • Eq = (x2=y2) (a1=a2) • Eq|A = (x2=y2) (a1=a2), Eq|B = ⊤, thus: • A’ = ALI(x2=y2)(a1=a2) = ((a1 = f(x1))(a2 = f(y1)) (x2=y2)(a1=a2) • B’ = BLI = (x2=g(b))(y2=g(b)) • φA,B(⊥) = (φLIA’,B’(⊥)  (φA,B(x2=y2) φA,B(a1=a2)))  ⊤ => φA,B(⊥) = ((x2-y2=x3-y3))  (y1 < x1) propagated eq.-s used to derive ⊥ ⋀bB’ φA,B(b) = ⊤ from the base case = (y1<x1) = ⊤ = (x2-y2=x3-y3) interpolant-generation proc. of UIF

  23. Correctness Lemma 1: The partial interpolant, φA,B(e), is an interpolant for < A (e|A), B (e|B) > in the combined theory T. φA,B(⊥) is an interpolant for < A, B >

  24. Equality-interpolating theories • Restriction on T1, T2 : they should be equality-interpolating Definition: Theory T is equality-interpolating if whenever • A, B  T • AB T (a=b) • a V(A)-V(B), b V(B)-V(A) => Exists a term t s.t. • AB T (a=t)  (b=t) • V(t)  V(A) V(B) t is called equality-interpolating term for (a=b) with respect to <A,B> thus propagation of AB-pure equalities only in the Nelson-Oppen framework is enough indeed

  25. Equality-interpolating theories (contd.) • LI, UIF, Lisp are equality-interpolating theories • Not all the theories are equality-interpolating. Example: • theory with two relation symbols, P and Q • axiom: abc P(a,c)Q(c,b) ⇒ (a=b) • let A ≝ P(a,c), B ≝ Q(c,b) • A  B (a=b) • But: no equality-interpolating term for (a=b) !

  26. Relaxing constraints • Constraints to be relaxed: • A, B – conjunctions of literals • The idea: use • Extended Pudlák’s algorithm => propositional interpolants for a pair of clause sets • Lazy Proof-Explication framework (using SAT-slover) => checking satisfiability of arbitrary quantifier-free FOL formulas i.e., CNF formulas

  27. variant of the seen before Pudlák’s algorithm partial interpolant for c • Input: • A, B – pair of clause sets • A ⋀ B ⊦T ⊥ • T – proof of unsatisfiability for A ⋀ B • For each clause c in T, define p(c): • (a) cA ⇒ p(c) := ⊥ (b) cB ⇒ p(c) := ⊤ • otherwise, x,c1,c2.(c = resolvex(c1,c2)) (a) xA and xB ⇒ p(c) := p(c1)p(c2) (b) xB and xA ⇒ p(c) := p(c1)p(c2) (c) x - AB-common ⇒ p(c) := (x  p(c1))(x  p(c2)) • p(⊥) is the interpolant for <A,B> c is a result of resolution; x - pivot x – A-local x – B-local

  28. Pudlák’s algorithm correctness • Invariant: For each clause c T, p(c) is an interpolant for <gA(c), gB(c)> gA(c) =A(c)|A, gB(c)=B(c)|B • Thus: (c = ⊥) ⇒ gA(⊥) = A, gB(⊥) = B ⇒[invariant] p(⊥) is the interpolant for <A,B>

  29. Lazy Proof-Explication framework • Our input – quantifier-free FOL formulas • Nelson-Oppen framework works on conjunctions of literals • How to bridge the gap? • Use SAT-solver!

  30. Lazy Proof-Explication framework φ=A  B atomic formulas replaced by boolean variables L.P.E. SAT-solver propositional abstraction result: φ’ “Unsatisfiable!” + C (conflict clauses set) Unsat. satisfiability check Sat. s = conjunction of literals; satisfies φpropositionally satisfying ass. s for φ’ Nelson-Oppen Sat. framework for <T1,T2> “Satisfiable!” Unsat. s = new conflict clause φ’:= φ’ s; C:= C  {s}

  31. Obtaining the interpolant • We would like to : • give Pudlák’s algorithm the proof obtained from L.P.E. framework • obtain interpolant • Problem: the base case! (a) cA ⇒ p(c) := ⊥ (b) cB ⇒ p(c) := ⊤ • Now possible: cA and cB • Conflict clauses appear in the proof, and a conflict clause may involve local literals from both A and B

  32. L.P.E. framework - observations • For each conflict clause cC, c is a conjunction of literals • c is unsatisfiable (proven by N.-O.) • c contains only literals from A and B => every literal in c is AB-pure • Thus we can apply previously described method (“simple case”) to find an interpolant between (c)|A and(c)|B

  33. Partial Interpolant for Clauses Definition: Partial interpolant for clauses • ABT ⊥ • C – corresponding set of conflict clauses • ABC – propositionally unsatisfiable • c  C Partial interpolant for c, φA,B(c), is defined inductively: • Base: • c  A⇒ φA,B(c) = ⊥, • c  B⇒ φA,B(c) = ⊤ • Inductive step: φA,B(c) = interpolant for <c|A ,c|B> in T can be calculated by the “simple case” method

  34. Extended Pudlák’s algorithm C – set of conflict clauses • Input: • <A,B; C> where A, B, C – clause sets • A ⋀ B ⊦T ⊥ • T – proof of unsatisfiability for A ⋀ B • For each clause c in T, define p(c): • c is not a resolution result ⇒ p(c):= φA,B(c) • otherwise, x,c1,c2.(c = resolvex(c1,c2)) (a) xA and xB ⇒ p(c) := p(c1)p(c2) (b) xB and xA ⇒ p(c) := p(c1)p(c2) (c) x - AB-common ⇒ p(c) := (x  p(c1))(x  p(c2)) • p(⊥) is the interpolant for <A,B> No change needed here…

  35. Extended algorithm correctness • Enough to show the invariant is maintained, i.e., c T, p(c) is an interpolant for <gA(c), gB(c)> gA(c) =A(c)|A, gB(c)=B(c)|B • Observation: in the base case, • cA ⇒ φA,B(c) = ⊥ ⇒ p(c) := ⊥ (as in the original algorithm) ⇒ old proof works • cB ⇒ φA,B(c) = ⊤ ⇒ p(c) := ⊤ (as in the original algorithm) ⇒ old proof works • new case: cA and cB ⇒ need new proof

  36. Extended algorithm correctness(2) • Base case: • left to prove for the case cA and cB • thenφA,B(c) is interpolant for <c|A ,c|B> (by definition) ⇒ ((c)|A  φA,B(c)) ⇒ ((A(c)|A)  φA,B(c)) ⇒ (φA,B(c) (c)|B  ⊥)⇒ ((B (c)|B)  φA,B(c)  ⊥) • thus p(c)=φA,B(c) is indeed an interpolant for <A (c)|A,B (c)|B > in T • Induction step: • the proof relied only on the fact that the invariant holds in the base case => the old proof stays correct

  37. Conclusions • Presented: efficient and modular method for interpolant-generation • Generic, and not theory-specific method • Easy to incrementally extend interpolation-generation to additional theories • Uses Nelson-Oppen framework in a modular way, and in case of its improvement can easily connect to the new version

  38. Thank you!

More Related