Daniel Kroening and Ofer Strichman 1 Decision Procedures for Equality Logic 1

Decision Procedures An algorithmic point of view 2 Equality logic Def. An equality logic formula is defined by the following grammar: formula ::= formula ^ formula | : formula | atom atom ::= term = term term ::= identifier | constant where the identifiers are variables over a single infinite domain like the reals or integers. Constants are elements from the same domain as identifiers.

Decision Procedures An algorithmic point of view 3 Complexity Equality logic and propositional logic are both NP- complete. Thus they model the same decision problems. Why to study both? - convenience of modeling - efficiency Extensions: different domains, Boolean variables

Decision Procedures An algorithmic point of view 4 Basic assumptions and notations Input formulas are in NNF Input formulas are checked for satisfiability Equality formula:  E

Decision Procedures An algorithmic point of view 5 Removing constants:A simplification Thm. Given an equality logic formula  E, there is an algorithm that generates an equisatisfiable formula  E' without constants, in polynomial time. Algorithm: Input: An equality logic formula  E with constants c 1,...,c n Output: An equality logic formula  E' such that  E and  E' are equisatisfiable and  E' has no constants.

Decision Procedures An algorithmic point of view 6 Removing constants:A simplification 1.  E' :=  E 2. In  E', replace each constant c i, 1 · i · n, with a new variable C ci. 3. For each pair of constants c i, c j such that 1 · i<j · n, add the constraint C ci  C cj to  E'. In the following we assume that the input equality formulas do not have constants.

Decision Procedures An algorithmic point of view 7 Uninterpreted functions Def. An equality logic formula with uninterpreted functions and uninterpreted predicates is defined by the following grammar: formula ::= formula ^ formula | : formula | (formula) | atom atom ::= term = term | predicate-symbol(list of terms) term ::= identifier | function-symbol(list of terms)‏ Example: F(x)=F(G(x)) Congruence: x=G(x) ) F(x) = F(G(x))

Decision Procedures An algorithmic point of view 8 Usage of uninterpreted functions Replacing functions by uninterpreted functions in a given formula is a common technique to make reasoning easier. Makes the formula weaker: |=  UF ) |=  Ignore the semantics of the function, but: Functional congruence: Instances of the same function return the same value for equal arguments.

Decision Procedures An algorithmic point of view 9 From uninterpreted functions to equality logic Two possible reductions: - Ackermann's reduction - Bryant's reduction Ackermann's reduction: Given an input formula  UF, add explicit constraints for functional congruence and transform the formula to an equality logic formula   of the form     FC E ) flat E where FC E is a conjunction of functional-consistency constraints, and flat E is a flattening of  UF.

Decision Procedures An algorithmic point of view 10 Algoritm: Ackermann's reduction Input:  UF with m instances of an uninterpreted function F Output:   such that   is valid iff  UF is valid 1. Assign indices to the UF-instances. 2. flat E = T (  UF ) where T replaces each F i by a fresh f i 3. FC E := ^ i=1..m-1 ^ j=i+1..m ( T (arg(F i )) = T (arg(F j ))) ) f i =f j 4. Return   := FC E ) flat E

Decision Procedures An algorithmic point of view 11 Ackermann's reduction:Example (x1  x2) _ (F(x1) = F(x2)) _ (F(x1)  F(x3))‏ flat E = (x1  x2) _ (f1 = f2) _ (f1  f3))‏ FC E = (x1=x2 ) f1=f2) ^ (x1=x3 ) f1=f3) ^ (x2=x3 ) f2=f3)   := FC E ) flat E

Decision Procedures An algorithmic point of view 12 Ackermann's reduction: validity vs. satisfiability   := FC E ) flat E  is valid iff  UF is valid Validity check of  UF : check   for validity or :   for unsatisfiability What if we want to check satisfiability of  UF ? Ackermann's reduction in the above form maintains validity, not satisfiability! Solution: check satisfiability of   := FC E ^ flat E

Decision Procedures An algorithmic point of view 13 Bryant's reduction Case expression: F i * = case x 1 =x i : f 1 x 2 =x i : f 2... true : f i where x i is the argument arg(F i ) of F i for all i Semantics: _ j=1,...,i (F i * = f j ^ (x j =x i ) ^ ^ k=1,...,j-1 (x k  x i ))‏

Decision Procedures An algorithmic point of view 14 Bryant's reduction:Algorithm Input: An EUF formula  UF with m instances of an uninterpreted function F Output: An EF formula   such that   is valid iff  UF is valid 1. Assign indices to the uninterpreted-function instances from subexpressions outwards. 2. Return  E := T * (  UF ) where T * replaces each F i (arg(F i )) by case T * (arg(F 1 )) = T * (arg(F i )) : f 1... T * (arg(F i-1 )) = T * (arg(F i )) : f i-1 true : f i

Decision Procedures An algorithmic point of view 15 Bryant's reduction: Example int power3_con (int in) { int i, out; out = in; for (i = 0; i < 2; i++) out = out * in; return out; } int power3_con_new (int in) { return ((in * in) * in); }

Decision Procedures An algorithmic point of view 16 Bryant's reduction: Example int power3_con (int in) { int i, out; out = in; for (i = 0; i < 2; i++) out = out * in; return out; } int power3_con_new (int in) { return (in * in) * in; }   := out0 = in ^ out1 = out0 * in ^ out2 = out1 * in  2 := out0_new = (in * in) * in   ^    ) out2 = out0_new

Decision Procedures An algorithmic point of view 17  := (out0 = in ^ out1 = out0 * in ^ out2 = out1 * in ^  out0_new = (in * in) * in) ) out2 = out0_new  UF := (out0 = in ^ out1 = G(out0,in) ^ out2 = G(out1,in) ^ out0_new = G(G(in,in),in)) ) out2 = out0_new

Decision Procedures An algorithmic point of view 18  UF := (out0 = in ^ out1 = G(out0,in) ^ out2 = G(out1,in) ^  out0_new = G(G(in,in),in)) ) out2 = out0_new  E := (out0 = in ^ out1 = G 1 * ^ out2 = G 2 * ^  out0_new = G 4 * ) out2 = out0_new with G 1 * = g 1 G 2 * = case out0=out1 ^ in=in : g 1 true : g 2 G 3 * = case out0=in ^ in=in : g 1 case out1=in ^ in=in : g 2 true : g 3

Decision Procedures An algorithmic point of view 19  UF := (out0 = in ^ out1 = G(out0,in) ^ out2 = G(out1,in) ^  out0_new = G(G(in,in),in)) ) out2 = out0_new  E := (out0 = in ^ out1 = G 1 * ^ out2 = G 2 * ^  out0_new = G 4 * ) out2 = out0_new and with G 4 * = case out0=G 3 * ^ in=in : g 1 case out1= G 3 * ^ in=in : g 2 case in= G 3 * ^ in=in : g 3 true : g 4

Decision Procedures An algorithmic point of view 20 EUF: where are we now? We introduced equality logic and uninterpreted functions We showed how to eliminate constants We used Ackermann's and Bryant's algorithms to reduce the validity question in equality logic with uninterpreted functions to validity questions in equality logic Next: Decision procedures for equality logic and uninterpreted functions