1 / 39

Ground Interpolation for the Theory of Equality

Ground Interpolation for the Theory of Equality. A. Fuchs 1 , A. Goel 2 , J. Grundy 2 , S. Krstic 2 , C. Tinelli 1 1 The University of Iowa 2 Intel Corporation. Logical Interpolation in Formal Methods. Logical interpolants are useful in model checking, e.g., to

regina-johnston
Download Presentation

Ground Interpolation for the Theory of Equality

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ground Interpolation for the Theory of Equality A. Fuchs1, A. Goel2, J. Grundy2, S. Krstic2, C. Tinelli1 1 The University of Iowa 2 Intel Corporation

  2. Logical Interpolation in Formal Methods Logical interpolants are useful in model checking, e.g., to • accelerate the computation of reachability relations • improve predicate abstraction We will focus on ground interpolants

  3. Ground Interpolation in First-order Theories A theory T admits ground interpolation iff every two ground formulas A and B inconsistent in T have a ground T -interpolant, a ground formula I s.t. • I’s symbols are shared by A and B • A |=T I • I, B are inconsistent in T ( I, B |=T false )

  4. Contribution of This Work A new ground interpolation procedure for EUF Highlights: • Interpolants are extracted from colored congruence graphs (CCGs) • A CG represents compactly a proof of inconsistency for sets of ground literals • CGs are easily produced by usual congruence closure algorithms for deciding ground satisfiability in EUF

  5. Contribution of This Work A new ground interpolation procedure for EUF Highlights: • Our interpolants are: • conjunctions of ground Horn clauses • in simplest possible form for EUF • smaller and simpler than in previous method by McMillan [McM05]

  6. Simplifying Assumptions We consider only conjunctions of literals • Any interpolation procedure for such formulas, in any theory, can be uniformly extended to arbitrary ground formulas [e.g., McM05, CGS08]

  7. (Only?) Previous Work • Interpolation procedure for EUF by McMillan [MCM03] • Based on a inference system for EUF with 6 rules (for reflexivity, symmetry, etc. of = ) • Rules extended with annotations [u, v, , ] for premises and conclusions, and increased to 11 • If A, B derives false[u, v, , ] then    is an interpolant of A, B

  8. Our view: Interpolation as a Cooperative Game u1 = f(x, v0) B = v1 = f(x, u0) u = h(v), u2 v2 u0 = v0 A = u2= g(u1, u) v2=g(v1, h(v))

  9. Ground Interpolation as a Cooperative Game u1 = f(x, v0) B = v1 = f(x, u0) u = h(v), u2 v2 u0 = v0 A = u2= g(u1, u) v2=g(v1, h(v))

  10. Ground Interpolation as a Cooperative Game u1 = f(x, v0) B = v1 = f(x, u0) u = h(v), u2 v2 u0 = v0 A = u2= g(u1, u) v2=g(v1, h(v))

  11. Ground Interpolation as a Cooperative Game u1 = f(x, v0) B = v1 = f(x, u0) u = h(v), u2 v2 u0 = v0 A = u2= g(u1, u) v2=g(v1, h(v))

  12. Ground Interpolation as a Cooperative Game u1 = f(x, v0) B = v1 = f(x, u0) u = h(v), u2 v2 u0 = v0 A = u2= g(u1, u) v2=g(v1, h(v)) Interpolant: u0 = v0  (u1 = v1 u = h(v)  u2 = v2)

  13. Ground Interpolation as a Cooperative Game Concrete Result for EUF: A procedure to retrofit the interpolation game to congruence graphs

  14. Basic edge Derived edge Congruence Graph: Example L = {x1 = z1, z1 = z2, z2 = x2, z3 = f(x1), f(x2) = z4, x3 = z5, z5 = f(z3), f(z4) = z6, z6 = x4, y1 = z7, z7 = f(x3), f(x4) = z8, z8 = y2} T= {terms in L} z1 x1 z2 x2 z4 z3 f(x1) f(x2) z6 x4 x3 z5 f(z3) f(z4) z8 y2 y1 z7 f(x3) f(x4)

  15. Congruence Graphs and EUF Fact: decision procedures for EUF essentially compute congruence graphs Prop. LetL = {equalities and disequalities}, T = {all terms in L}. L is inconsistent in EUF iff there is a CG (T, ) and s  t  L s.t. s * t

  16. Congruence Graphs and EUF • Let G be any CG showing that L is inconsistent in EUF • Let L = A B We can extract an interpolant of A, Bfrom G by first suitably coloring G with{A, B} The interpolant can be seen as generated from a run of the interpolation game between an A-prover and a B-prover

  17. z1 x1 z2 x2 z4 z3 f(x1) f(x2) z6 x4 x3 z5 f(z3) f(z4) z8 y2 y1 z7 f(x3) f(x4) Colored Congruence Graph: Example A = {x1= z1, z2 = x2, z3 = f(x1), f(x2) = z4, x3= z5, z6 = x4, z7 = f(x3), f(x4) = z8} B = { z1 = z2, z5 = f(z3) , f(z4) = z6, y1= z7, z8 = y2 } Coloring scheme: • Nodes in A \B colored A • ” ” B \ A ” B • ” ” A B ” AB • Basic edgesin A colored A • ” ” ” B ” B • Derived edges colored A (B) if both endpoints are A (B)

  18. z1 x1 z2 x2 z4 z3 f(x1) f(x2) z6 x4 x3 z5 f(z3) f(z4) z8 y2 y1 z7 f(x3) f(x4) Colored Congruence Graph: Example A = {x1= z1, z2 = x2, z3 = f(x1), f(x2) = z4, x3= z5, z6 = x4, z7 = f(x3), f(x4) = z8} B = { z1 = z2, z5 = f(z3) , f(z4) = z6, y1= z7, z8 = y2 } Coloring scheme: • Nodes in A \B colored A • ” ” B \ A ” B • ” ” A B ” AB • Basic edgesin A colored A • ” ” ” B ” B • Derived edges colored A (B) if both endpoints are A (B)

  19. Fixing Uncolorable Graphs • It is possible (and easy) to modify the graph to remove uncolorable edges • Reason: EUF is equality interpolating Lemma. [YM05]If A, B |= s = t one can compute a AB-term u s.t. A, B |= s = u  u = t

  20. s5 v6 u6 r5 u5 s6 v5 r2 s4 v3 u3 v4 u4 r4 r2 s2 u1 s1 v1 r1 s3 u2 v2 r3 s7 v7 u7 r7 u v s r Extracting Interpolants from Colored Congruence Graphs CCG for A, B with s  r B : Notation: let xy denote a path from node x to node y

  21. s5 v6 u6 r5 s6 u5 v5 r2 s7 v7 u7 r7 s4 v3 u3 v4 u4 r4 s2 r2 s1 u1 v1 r1 s3 u2 v2 r3 u s v r I(sr) = I(su)  I(uv)  I(vr) = I(s1r1)  I(uv)  = I(s1u1)  I(u1v1)  I(v1r1)  I(uv) =  {u1=v1}   I(uv)

  22. s5 v6 u6 r5 s6 u5 v5 r2 s7 v7 u7 r7 s4 v3 u3 v4 u4 r4 s2 r2 s1 u1 v1 r1 s3 u2 v2 r3 u s v r I(sr) = {u1=v1}  I(uv) = {u1=v1}  { v3 =u3  v6 =u6  v4 =u4  u2 =v2  u = v}  I(v3 =u3)  I(v6 =u6)  I(v4 =u4)  I(u2 =v2)

  23. s5 v6 u6 r5 s6 u5 v5 r2 s7 v7 u7 r7 s4 v3 u3 v4 u4 r4 s2 r2 s1 u1 v1 r1 s3 u2 v2 r3 u s v r I(sr) = {u1=v1}  I(uv) = {u1=v1}  { v3 =u3  v6 =u6  v4 =u4  u2 =v2  u = v}      I(u2 =v2)

  24. s5 v6 u6 r5 s6 u5 v5 r2 s7 v7 u7 r7 s4 v3 u3 v4 u4 r4 s2 r2 s1 u1 v1 r1 s3 u2 v2 r3 u s v r I(sr) = {u1=v1}  { v3 =u3  v6 =u6  v4 =u4  u2 =v2  u = v}  I(u2 =v2)

  25. s5 v6 u6 r5 s6 u5 v5 r2 s7 v7 u7 r7 s4 v3 u3 v4 u4 r4 s2 r2 s1 u1 v1 r1 s3 u2 v2 r3 u s v r I(sr) = {u1=v1}  { v3 =u3  v6 =u6  v4 =u4  u2 =v2  u = v}  I(s7 =r7)

  26. s5 v6 u6 r5 s6 u5 v5 r2 s7 v7 u7 r7 s4 v3 u3 v4 u4 r4 s2 r2 s1 u1 v1 r1 s3 u2 v2 r3 u s v r I(sr) = {u1=v1}  { v3 =u3  v6 =u6  v4 =u4  u2 =v2  u = v}  {u5 =v5  u7 = v7} Note:A |= I(sr) andB, I(sr) |= s = r but s  r  B

  27. Interpolation Function:Formal Definition {I() |  is a factor of st} if st has ≥ 2 factors I(st) = {I() |  is a parent of a link in st} if st is a B-path {I() |   P(st)}{J(st)} if st is a A-path {P() |  is a factor of st} if st has ≥ 2 factors P(st) = {st} if st is a B-path {P() |  is a parent of a link in st} if st is a A-path J(st) = {u = v | uv  P(st)}  s = t

  28. Main Theoretical Result Lemma. Function I is well defined and computable over any CCG, and returns a set of ground Horn clauses. Theorem. Let G be a CCG for A, B. If sr is a path in G s.t. s  r  B, then I(sr) is an EUF-interpolant ofAandB. Note: The paper also defines an I’ for when s  r  A.

  29. Interpolation Procedure Given a literal set L inconsistent in EUF and a partition A, B of L • run CC to find a CG G over L connecting s, r for some s  r  L • modify G as needed to make it colorable and color it (in any allowed way) • If s  r B return I(sr) else returnI’(sr)

  30. Main Differences with McMillan’s Procedure • CGs condense inferences by reflexivity, symmetry and transitivity into paths (big step vs. small step proof) Ex:z1= x1 = z2 = x2 = f(z3) = x3 = z4z1 Our interpolant: z1 = z4 McMillan’s: z1 = z2 z2 = f(z3)  f(z3) = z4

  31. Main Differences with McMillan’s Procedure • Interpolants with simple Boolean structure Ex. 7,10 in our paper: Our interpolant: (z1 = z2 z3 = z4)  (z5 = z6 z7 = z8) McMillan’s: (z1 = z2 (z3 = z4 z5 = z6))  z3 = z4  z7 = z8

  32. Main Differences with McMillan’s Procedure • Minimal number of new, auxiliary terms vs. many new terms produced on-the-fly • Non-deterministic coloring step (2) vs. fully specified annotation mechanism • Overall smaller and simpler interpolants

  33. Experimental Results • Interpolation procedure implemented in SMT-solver DPT • Compared with state-of-the-art implementation of McMillan’s procedure in MathSAT [Cim08] • Both systems extend interpolation to general ground EUF formulas in the same way (relying on similar DPLL-style SAT engines) • Resolution proofs from the two DPLL engines are comparable in size • Same benchset as in [Cim08]

  34. Experimental Results DTP vs. MathSAT on 45 benchmarks derived from SMT-LIB Runtimes: Comparable Interpolant size: DPT’s 3.8 times smaller on average

  35. Conclusion • New interpolation procedure for EUF • Easy to implement on top of CC procedures within SMT solvers • Generates smaller and simpler interpolants • Provides basis for further refinements and implementations • Its flexibility could be useful when the notion of interpolant quality is better understood

  36. Theories with Ground Interpolation • Equality over uninterpreted function symbols (EUF) • Real arithmetic • Linear Integer Arithmetic with divisibility operator • … • Any FOL theory admitting quantifier elimination

  37. Theories with Ground Interpolation • Equality over uninterpreted function symbols (EUF) • Real arithmetic • Linear Integer Arithmetic with divisibility operator • … • Any FOL theory admitting quantifier elimination

  38. Coloring Congruence Graph Let A, B be disjoint sets of literals Every symbol of A (B) is A-colorable (B-colorable) A term is A-colorable (B-colorable) if all of its symbols are To color a CG for A B, color • a node withA (resp., B) if it occurs inA (resp., B) • a basic edge with A (resp.,B) if it occurs inA (resp.,B) • a derived edge with A(alternatively, with B) if its end-points are both colored with A (with B)

  39. Congruence Graph for L Any undirected graph G built during this procedure Input:L= {ground literals}, T= {ground terms} Let G := (T, ) with  :=  Repeat as long as possible For each(s, t)  TT \ * such that s = t  L or t = s  L or s is f(s1,…,sn), t is f(t1,…,tn) and s1* t1, …, sn* tn do add (s, t) to 

More Related