1 / 44

Efficient Craig Interpolation for Linear Diophantine (Dis)Equations & Linear Modular Equations

Efficient Craig Interpolation for Linear Diophantine (Dis)Equations & Linear Modular Equations. Jain, Clarke & Grumberg CAV08. 5. 4. 2. 3. …. 1. x:=ctr. ctr:=ctr+1. y:=ctr. x=m. x≠m. y≠m+1. y=m+1. ERR. These predicates are of the form of linear (dis)equations:.

mae
Download Presentation

Efficient Craig Interpolation for Linear Diophantine (Dis)Equations & Linear Modular Equations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Efficient Craig InterpolationforLinear Diophantine (Dis)Equations& Linear Modular Equations Jain, Clarke & Grumberg CAV08

  2. 5 ... 4 2 3 … 1 x:=ctr ctr:=ctr+1 y:=ctr x=m x≠m y≠m+1 y=m+1 ERR These predicates are of the form of linear (dis)equations: c1x1+c2x2+… + cnxn = (≠) c0 We saw (in Yael’s talk): Interpolants are used in abstraction refinement for finding a set of predicates in order to rule out spurious counterexamples

  3. We first discuss equations of the types: Rational c1x1+c2x2+… + cnxn = c0 Integral variable a Linear Diophantine Equation (LDE) Rational c1x1+c2x2+… + cnxn ≡ c0(mod m) a Linear Modular Equation (LME)

  4. A system of LMEs can be written as: A X C ≡m A system of LDEs can be written as: A X C =

  5. (A1X = C1) ^ (A2X = C2) A system of LDEs as a conjunction: A1 A2 X C1 C2 =

  6. Example: x+y=1 x-y=1 1 1 0 1 -1 0 0 2 2 x y z 1 1 3 A1 X C1 y=0 = z=2.5 2*0+2z=3 A2 C2 We say that (A1X = C1) ^ (A2X = C2)== false A system of LDEs CX=B is unsatisfiable if it has no integral solution for X

  7. Example: 1 -1 1 RA = 1 -2 0 1 0 -2 x y z 0 1 = AX=B := RB = 0.5 R := 0.5 -0.5 AX=B == false • Theorem:AX=B == false • iff there exists a rational vector R such that: • RA is integral • RB is not an integer We call R a proof of unsatisfiability for AX=B

  8. For instance, A1X=C1 UA1X=UC1 for a rational vector U (A1X = C1)(AX=C) (A1X = C1)^(A2X = C2)== false An interpolant for is a system AX=Csuch that: Every integral solution for A1X=C1is also an integral solution for AX=C X has no integral solution in (AX=C) and (A2X = C2) (AX=C)^(A2X = C2) == false Only toxi who have coefficients ≠ 0 in A1 and in A2 AX=C refers only to xicommon toA1, A2.

  9. 0.5 -0.5 1 1 0 1 -1 0 x y z 0.5 -0.5 1 1 = An interpolant ^ 0 2 2 x y z 3 == false = = 0 1 0 x y z 0 Example: ^ 0 2 2 x y z = 3 1 1 0 1 -1 0 x y z 1 1 = == false

  10. Example: ^ = = 1 -2 0 x y z 0 1 0 -2 x y z 1 == false X is even X is odd An unsatisfiable system of LDEs does not always have an LDE as an interpolant. proof: Lemma: AX=B implies CX=D iff AX=B is unsatisfiable or there exists a vector R such that C = RA and D=RB

  11. r=0 But 0=0 is not an interpolant: (x-2z)=1^(0=0) is satisfiable However, there exists an LME as an interpolant: 1 0 0 x y z ≡2 0 If the system has an LDE as an interpolant then it is of the form: r(x-2y)=0 It can only contain x as a common variable There always exists an LME as an interpolant

  12. = R1AX+R2BX R1 R2 X R1 R2 A’ R1A’+R2B’ A B R1A’+R2B’ is not an integer B’ R1A+R2B is integral R1AX=R1A’ == variables occuring only in AX=A’ variables occuring in both AX=A’ and in BX=B’ An algorithm for finding interpolants Let AX=A’ ^ BX=B’ == false Let R = [R1 R2]be a proof of unsatisfiability: The LDER1AX=R1A’ is a partial interpolant for the system

  13. An algorithm for finding interpolants Lemma: ai is an integer R1AX+R2BX = R1A’+R2B’ The LDER1AX=R1A’ is a partial interpolant for the system R1AX=R1A’ == variables occuring only in AX=A’ variables occuring in both AX=A’ and in BX=B’ These variables do not appear inR2BX, and R1AX+R2BX is integral

  14. An algorithm for finding interpolants 1. AX=A’ R1AX=R1A’ (R1AX=R1A’)^(BX=B’) == false 2. Proof: X R1A’ R1A = (R1AX=R1A’)^(BX=B’) B B’ 1 R2 = R1A’+R2B’ 1 R2 = R1A+R2B R1A’ R1A B’ B not an integer integral [1 R2]is a proof of unsatisfiability Lemma: The partial interpolant R1AX=R1A’ satisfies:

  15. An algorithm for finding interpolants R1AX=R1A’ == If all ai=0, then the partial interpolant is also an interpolant for AX=A’ ^ BX=B’: We saw the first two conditions hold. In case ai=0 , thenR1AX=R1A’is over variables common to AX=A’ and to BX=B’.

  16. An algorithm for finding interpolants A proof of unsatisfiability: 0.5 -0.5 0.5 1 1 0 1 -1 0 0 2 2 x y z 1 1 3 = The partial interpolant: = x y z 0.5 -0.5 1 1 = 0 1 0 x y z 0 0.5 -0.5 1 1 0 1 -1 0 Only over y , common to both LDEs. the partial interpolant is also an interpolant. ^ Example: 0 2 2 x y z = 3 == false 1 1 0 1 -1 0 x y z 1 1 =

  17. An algorithm for finding interpolants X is even X is odd A proof of unsatisfiability: 0.5 0.5 1 -2 0 1 0 -2 x y z 0 1 = The partial interpolant: = x y z 0.5 0 = 0.5 -1 0 x y z 0 0.5 1 -2 0 Only over x and y , not common to both LDEs. the partial interpolant is not aninterpolant. ^ Doesn’t always work: 1 -2 0 x y z 0 1 0 -2 x y z 1 = = == false flashback: This system does not have an LDE interpolant

  18. An algorithm for finding interpolants The partial interpolant: α := gcd of ai aiis an integer αis an integer is an interpolant Then Obtaining an LME interpolant By removing variables not common to AX=A’ and BX=B’ β := integer such that β|α

  19. An algorithm for finding interpolants Proof: 1. AX=A’ R1AX=R1A’ R1AX ≡β R1A’ ^ 2. Suppose that xi=gi has an integral solution BX=B’ xi=gi is a solution forR2BX=R2B’ R2BX=R2B’ BX=B’ R2BG=R2B’ == is an interpolant β|α, α|ai

  20. An algorithm for finding interpolants + R1AG ≡β R1A’ R1A’+R2B’ an integer an integer an integer ^ A contradiction BX=B’ == false AX=A’ and BX=B 3. The expression is over variables common to An interpolant! R2BG=R2B’ = not an integer R1A+R2B is integral

  21. 3. if R1AX=R1A’ is not only over VAB : 3.1 compute the gcd α of coefficients of xi’s in VA/B 3.2 compute β that divides α 3.3 return An algorithm for finding interpolants (summary): Given an unsatisfiable system of LDEs AX=A’ and BX=B’: How? still to come... 1. compute a proof of unsatisfiability [R1 R2] 2. compute the partial interpolant R1AX=R1A’ else return R1AX=R1A’

  22. A X C ≡m RA = -1 0 Example: mR = 2 -4 -1 ≡8 2 2 2 1 4 0 x y 4 4 4 AX ≡mB := RB = -3/2 1/4 -1/2 -1/8 R := AX ≡mB == false Interpolants for LMEs c1x1+c2x2+… + cnxn ≡ c0(mod m) • Theorem: • AX ≡m B == false iff there exists a rational vector R such that: • RA is integral • mR is integral • RB is not an integer We call R a proof of unsatisfiability for AX ≡mB

  23. Interpolants for LMEs For each equation:ci1x1+ci2x2+ … + cinxn≡m di Add a new variable:ci1x1+ci2x2+ … + cinxn + mvi= di x1 . xn v1 . vt The new system C’Z=D: c11 …… c1n m 0 … 0 c21 …… c2n 0 m … 0 cn1 …… ctn 0 0 … m d1 d2 dt = Proof: An LME CX≡m D: c11 …… c1n c21 …… c2n cn1 …… ctn x1 x2 xn d1 d2 dt ≡m The two equations are equi-satisfiable

  24. Interpolants for LMEs RC’= r1 r2…… rt c11 …… c1n m 0 … 0 c21 …… c2n 0 m … 0 cn1 …… ctn 0 0 … m CX ≡m D has an integral solution iff C’Z=D has one. • CX ≡mD has no integral solution iff • C’Z=D has no integral solution iff • There exists a vector R such that RC’ is integral and • RD is not an integer Let R=[r1 r2 … rt] Integral =[RC[1] RC[2] … RC[n]mr1 mr2 …. mrt] = [RC mR]

  25. Interpolants for LMEs R1AX = If T=Φ interpolant: 0≡m0 (m/βR1)AX ≡m(m/βR1)A’ is an interpolant Let (AX ≡mA’)^ (BX ≡mB’) == false Let R = [R1 R2]be a proof of unsatisfiability: Let S={ai | ai≠0} mR1 =[d1 d2 d3 ... dk] LetT={di | di≠0} Otherwise: Let α = gcd SUT Let β:=integer such that β|α

  26. Interpolants for LMEs R1 R2 X R1 R2 A’ A ≡m B B’ • R1A+ R2B is integral The coefficients of xi only in A are integral • mR = [mR1 mR2]is integral mR1 is integral Proof: (AX ≡mA’)^ (BX ≡mB’) == false Let R = [R1 R2]be a proof of unsatisfiability: • R1A’+ R2B’ is not an integer

  27. Interpolants for LMEs If T=Φ R1 =0 R2B is integral, R2B’ is not an integer (BX ≡m B’) ==false interpolant: 0≡m0 (==true) S and T are integral α := gcd SUT is an integer R1AX = Let S={ai | ai≠0} mR1 =[d1 d2 d3 ... dk] LetT={di | di≠0} If T≠Φ:

  28. Interpolants for LMEs 1/β mR1 = m/βR1is integral (mark it U) AX ≡mA’implies (m/βR1)AX ≡m(m/βR1)A’ β:=integer such that β|α need to prove: (m/βR1)AX ≡m(m/βR1)A’ is an interpolant Lemma: For every integral vector U the system CX ≡m DimpliesUCX ≡m UD 1. mR1 is integral. βdivides every element of mR1.

  29. Interpolants for LMEs X UA’ UA ≡m B B’ β/m R2 =β/m m/βR1A+R2B = R1A+R2B UA B Integer Integral β/m R2 =β/m m/βR1A’+R2B’ = R1A’+R2B’ UA’ B’ UAX≡mUA’ ^ BX ≡m B’==false 2. UAX≡mUA’ ^ BX ≡m B’ [β/m,R2]is a proof of unsatisfiability: Integral m[β/m,R2]= [β,mR2] not an Integer

  30. Interpolants for LMEs (m/βR1)AX (m/βR1)A’ ai/βis integral 3. (m/βR1)AX ≡m(m/βR1)A’ is over common variables: βdivides ai’s

  31. Interpolants for LMEs A proof of unsatisfiability: ≡8 1/4 -1/2 -1/8 2 2 2 1 4 0 x y 4 4 4 ¼ -1/2 2 2 2 1 x y -1/20 x y = -1/2x R1AX = = 2 -4 S = Φ T = {2, -4} α = 2 β = 2 or β = 1 mR1 = for β = 1: ≡8 1 2 -4 2 2 2 1 x y 1 2 -4 -4 0 x y ≡8 -8 4 4 == for β = 2: ½ ≡8 2 -4 2 2 2 1 x y ½ 2 -4 -2 0 x y ≡8 -4 4 4 == ^ Example: == false ≡8 4 0 x y ≡8 4 2 2 2 1 x y 4 4

  32. Interpolants for LMEs m=lcm(m1,m2) standard moduli operations (AX ≡m1A’)^(BX ≡m2B’) ≡ (m2AX ≡mm2A’)^(m1BX ≡mm1B’) What if the moduli is different? (AX ≡m1A’)^(BX ≡m2B’) == false For more than two formulas, use m=lcm(m1,m2, m3,…,), For the i’th formula use m/mi

  33. First, use Gaussian elimination Hermite Normal Form Every full row rank matrix A[mxn] can be represented as: mxm mx(n-m) E0 Lower triangular Invertible Maximal element lies on the diagonal All entries non-negative Obtaining Proofs of Unsatisfiability If AX=B has no rational solution, it has no integral solution. There exists a unimodular (invertible, integral, closed under product and inversion) matrix U such that AU=[E 0] The HNF form can be obtained by using the three basic column operations on A

  34. Obtaining proofs of unsatisfiability R’B is not an integer, R’A is integral Proof: AU = [E 0] E-1AU = E-1[E 0] = [I 0] Integral E-1AUU-1= E-1A = [I 0] U-1 Lemma: AX=B has no integral solution iff E-1B is not integral To obtain R, a proof of unsatisfiability: 1. Compute [E 0] 2. If E-1B is not integral: 2.1. E-1B[i] is not an integer. R’ = the i’th row in E-1 Integral

  35. Obtaining proofs of unsatisfiability Each equation ti≡mbi can be written as an equi-satisfiable LDE ti + mvi = bi . New integer variable AX ≡mB is reduced to an equi-satisfiable system A’Z = B The proof of unsatisfiability is the same for both systems. Proofs of Unsatisfiability for LMEs: AX ≡mB

  36. Theorem: A system AX=B^CX ≠D has no integral solution Iff AX=B^CX ≠D has no rational solution or AX=B has no integral solution Can be done in polynomial time Can be determined in polynomial time Handling Disequations c1x1+c2x2+… + cnxn≠ c0 Disequations can also be represented by a matrix: CX ≠ D A system of equations and disequations: AX=B^CX ≠ D

  37. Handling Disequations LDE LDD F=F1^F2 andG=G1^G2 If F^G is unsatisfiable because F1^F2^G1^G2 has no rational solution, an interpolant can be computed. If F^G is unsatisfiable because F1^G1 has no integral solution, an interpolant for F1^G1can be computed.

  38. Two variables for zi: xi, xi’ V V V ¬(xi ≡4 xi’) ¬(xi ≡4 2) ¬(xi ≡4 3) L1= V V i i i V V ¬(xi’ ≡4 2) ¬(xi’ ≡4 3) V V i i Handling Disequations For LMD’s , the problem is NP-hard By reduction from 3-SAT: Variables in 3-SAT: {z1, z2, …zi, …, zn} One for zi, one for ¬zi Express the constraints: xi≡4 0 and xi’ ≡4 1 or xi ≡4 1 and xi’ ≡4 0

  39. V L2= ¬(u+v+w≡40) clauses(u VvVw) V L=L1 L2 Handling Disequations For each clause (u VvVw): ¬(u+v+w≡40) This is only falsified whenu,v,ware all assigned 0(mod 4) The 3-SAT formula is satisfiable iff L is satisfiable.

  40. Interpolants for LMEs, LDEs and LDDs can be computed in polynomial time using algebraic techniques The existing tools based on predicate abstraction and CEGAR can not discover the predicates computed by these techniques. Experimental results show that little unwinding is needed due to the early discovery of appropriate LMEs.

  41. TodaRaba!

  42. Handling Disequations If F^G is unsatisfiable because F1^F2^G1^G2 has no rational solution, an interpolant can be computed. Proof: Lemma: A system AX=Bhas no rational solution iff there exists a vector R such that RA=0 and RB≠0 • If F^G is unsatisfiable because F1^F2==AX=B^A’X=B’has no rational solution, then R=[R1 R2] exists, • and R1AX=R1B is an interpolant.

  43. AX=B^A’X=B’ => Vcix, • and R1AX=R1B is an interpolant.

  44. Handling Disequations Rational row vector Lemma: AX=BEX=F iff AX=B ==false or E=RA and F=RB AX=B V(CiX=Di) iff AX=BCkX=Dk for some k Lemma: להוריד שקף?

More Related