Technion 1 Generating minimum transitivity constraints in P-time for deciding Equality Logic Ofer Strichman and Mirron Rozanov Technion, Haifa, Israel

Technion2 Deciding Equality Logic (T E ) The eager approach: T E ! Pr Bryant & Velev [BV-CAV’00] – Boolean satisfiability with transitivity constraints. Meir and Strichman [MS-CAV’05] – Yet another decision procedure for equality logic. This work: a ‘closure’ on [MS-CAV’05]

Technion3 Basic notions  E : x = y Æ y = z Æ z  x x y z (non-polar) Equality Graph:

Technion4 From Equality to Propositional Logic [BV-CAV'00] – the Sparse method  E : x 1 = x 2 Æ x 2 = x 3 Æ x 1  x 3  sk : e 1,2 Æ e 2,3 Æ :e 1,3 Encode all edges with Boolean variables Add transitivity constraints e 1,3 e 1,2 e 2,3 x1x1 x2x2 x3x3

Technion5 From Equality to Propositional Logic [BV-CAV'00] – the Sparse method  E : x 1 = x 2 Æ x 2 = x 3 Æ x 1  x 3  sk : e 1,2 Æ e 2,3 Æ :e 1,3 Transitivity Constraints: For each cycle of size n, forbid a true assignment to n -1 edges T S = ( e 1,2 Æ e 2,3 ! e 1,3 ) Æ ( e 1,2 Æ e 1,3 ! e 2,3 ) Æ ( e 1,3 Æ e 2,3 ! e 1,2 ) Check:  sk Æ T S e 1,3 e 1,2 e 2,3 x1x1 x2x2 x3x3

Technion6 Thm-1: It is sufficient to constrain chord-free simple cycles There can be an exponential number of chord-free simple cycles… e1e1 e2e2 e3e3 e4e4 e5e5 From Equality to Propositional Logic [BV-CAV'00] – the Sparse method

Technion7 Make the graph ‘chordal’. In a chordal graph, it is sufficient to constrain only triangles. Polynomial # of edges and constraints. # constraints = 3 £ #triangles From Equality to Propositional Logic [BV-CAV'00] – the Sparse method

Technion8 An improvement [MS-CAV’05] – the RTC method So far we did not consider the polarity of the edges. Assuming  E is in Negation Normal Form  E : x = y Æ y = z Æ z  x x y z (polar) Equality Graph: = = 

Technion9 Here, T R = e 3 Æ e 2 ! e 1 is sufficient This is only true because of monotonicity of NNF An improvement Reduced Transitivity Constraints (RTC) e1e1 e2e2 e3e3 x z y = =  Allowing e.g.  x = z, x = y, z  y F T T T  ’: x = z, x = y, z = y

Technion10 Definitions Dfn-1: A contradictory cycle is a cycle with exactly one disequality edge. Dfn-2: A contradictory Cycle C is constrained under T  if T does not allow such an assignment. C = F T T T T 

Technion11 Main theorem [MS-CAV’05] Let T R be a conjunction of transitivity constraints. If T R constrains all simple contradictory cycles then  E is satisfiable iff  sk Æ T R is satisfiable The Equality Formula

Technion12 Transitivity: 5 constraints RTC: 0 constraints Transitivity: 5 constraints RTC: 1 constraint F T T T T

Technion13 Proof strategy for the main theorem (  ) Proof strategy:  Let  R be a satisfying assignment to  sk Æ T R  Show how to construct  S that satisfies  sk Æ T S  From this we will conclude that  E is satisfiable

Technion14 Applying RTC How can we use the theorem without enumerating contradictory cycles ? Answer:  Consider the chordal graph.  Still – which triangles ? which constraints?

Technion15 x0x0 x1x1 x2x2 x3x3 x4x4 The RTC solution [MS-CAV’05] 1) Exp # cycles to traverse 2) Not all cycles are simple.  Solution to 1): Stop before adding an existing constraint  Solution to 2): Explore only simple cycles These solutions cannot be combined. cache: e 0,2 Æ e 1,2  e 0,1 e 1,3 Æ e 2,3  e 1,2 e 2,4 Æ e 3,4  e 2,3 e 0,2 Æ e 0,4  e 2,4

Technion16 x0x0 x1x1 x2x2 x3x3 x6x6 x4x4 x5x5 The constraint e 3,6 Æ e 3,5  e 5,6 is not added Constraining simple contradictory cycles cache: … e 5,6 Æ e 4,6  e 4,5 Open problem: constrain simple contradictory cycles in P time

Technion17 x0x0 x1x1 x2x2 x3x3 x6x6 x4x4 x5x5 the constraint e 3,6 Æ e 3,5  e 5,6 is not added, though needed Suppose the graph has 3 more edges Constraining simple contradictory cycles cache: … e 5,6 Æ e 4,6  e 4,5 Here we will stop, although … Open problem: constrain simple contradictory cycles in P time

Technion18 x0x0 x1x1 x2x2 x3x3 x6x6 x4x4 x5x5 Constraining simple contradictory cycles eses x7x7 1.Focus on each solid edge e s separately - (find its dashed Bi-connected component) 2. Make the graph chordal Do we need: e 5,6 Æ e 3,6 ! e 3,5 ? Do we need: e 3,5 Æ e 3,6 ! e 5,6 ?

Technion19 x0x0 x1x1 x2x2 x3x3 x6x6 x4x4 x5x5 Constraining simple contradictory cycles 3. Remove a vertex x k that leans on an edge ( x i, x j ) 4. Is ( x i, x j ) on a simple cycle with e s ? O(|E|) 5. If yes, add (e k,i Æ e k,j ! e i,j ) eses e 5,6 Æ e 3,6  e 3,5

Technion20 x0x0 x1x1 x2x2 x3x3 x6x6 x4x4 x5x5 Constraining simple contradictory cycles 3. Remove a vertex v k that leans on an edge (v i,v j ) 4. Does (v i,v j ) on the same simple cycle with e s ? 5. If yes, add (e k,i Æ e k,j ! e i,j ) eses e 5,6 Æ e 3,6  e 3,5

Technion21 Correctness The set of generated constraints is sufficient. The set of generated constraints is necessary.

Technion22 Random graphs (Satisfiable) [MS-CAV’05]

Technion23 Results – random graphs V=200, E=800, 16 random topologies # constraints: reduction of 17% Run time: reduction of 32%

Technion24 Results – random graphs V=200, E=800, 16 random topologies # constraints: reduction of 17% Run time: reduction of 32%

Technion25 SMT benchmarks Never really finished the implementation…  Our 4-5 experiments with them showed that  We still have a small advantage comparing to the Sparse method.  Yet Yices is much better….  A result of the Uninterpreted functions. Are there formulas for which the eager approach still wins? Generating meaningful equality formulas is hard…

Technion26 A crafted example 2 n assignments satisfy  sk. None satisfy the theory.

Technion27 Thank you

Technion28 Results Uclid benchmarks* (all unsat) * Results strongly depend on the reduction method of Uninterpreted Functions.

Technion29 Monotonicity of NNF Thm-2: NNF formulas are monotonically satisfied (in CNF this is simply the pure literal rule)  ’’ Satisfied literals  ²  !  ’ ²   :  ’: 1 1  : ( x 1 Æ : x 2 ) Ç ( x 2 Ç ( x 3 Æ x 1 ))

Technion30 Should we constrain this triangle? In which direction ? T T T T T T T

Technion31 1. Focus on Bi-connected dashed components built on top of a solid edge  Includes all contradictory cycles involving this edge 2. Make the graph chordal

Technion32 Possible refutations of CNF’s generated by Sparse T R T S – T R B P3 P1 P0 P4 Thm: B is satisfiable ! B Æ ( T S – T R ) is satisfiable T S B Æ P2 Constraints of the form e 1 Æ e 2 ! e 3 Hypothesis: ( T S – T R ) clauses hardly participate in the proof P2 Boolean Encoding Transitivity constraints A P3 proof exists according to the main theorem.

Technion33 T S - T R T R B T S - T R T R B Average on: 10 graphs, ~890K clauses All Unsat Sparse: ~ 22 sec. RTC: ~ 12 Sec. B – Boolean encoding T R – RTC constraints T S – Sparse constraints

Technion34 Summary The RTC method is ~dominant over the Sparse method. Open issue: find a P-time algorithm that exploits the full power of the main theorem.

Technion35 vkvk vivi vjvj eses 1. Consider each solid edge e s separately 2. Remove a vertex v k that leans on an edge (v i,v j ) 3. Does (v i,v j ) on the same simple cycle with e s ? 4. If yes, add (e k,i Æ e k,j ! e i,j )

Technion36 Focus on Bi-connected dashed components built on top of a solid edge  Includes all contradictory cycles involving this edge

Technion37 Make the component chordal (by adding edges).

Technion38 The RTC algorithm For each vertex v:  remove v

Technion39 Constrains all contradictory cycles Constraints cache:  e 2 Æ e 3 ! e 1  e 4 Æ e 7 ! e 2  e 6 Æ e 3 ! e 4 Expanding only simple cycles requires the removal of the cache condition. Can it still be done in P time ?

Technion40 Example: Circuit Transformations A pipeline processes data in stages Data is processed in parallel – as in an assembly line Formal Model: Stage 1 Stage 3 Stage 2

Technion41 Example: Circuit Transformations The maximum clock frequency depends on the longest path between two latches Note that the output of g is used as input to k We want to speed up the design by postponing k to the third stage

Technion42 Validating Circuit Transformations = ?

Technion43 Validating a compilation process Source program z = ( x 1 + y 1 )  ( x 2 + y 2 ); Target program u 1 = x 1 + y 1 ; u 2 = x 2 + y 2 ; z = u 1  u 2 ; Need to prove that: ( u 1 = x 1 + y 1  u 2 = x 2 + y 2  z = u 1  u 2 ) $ z = ( x 1 + y 1 )  ( x 2 + y 2 ) Compilation Target Source

Technion44 Validating a compilation process Need to prove that: ( u 1 = x 1 + y 1  u 2 = x 2 + y 2  z = u 1  u 2 ) $ z = ( x 1 + y 1 )  ( x 2 + y 2 ) f1f1 f2f2 g1g1 g2g2 f1f1 f2f2 Source program z = ( x 1 + y 1 )  ( x 2 + y 2 ); Target program u 1 = x 1 + y 1 ; u 2 = x 2 + y 2 ; z = u 1  u 2 ; Compilation

Technion45 Need to prove that: ( u 1 = x 1 + y 1  u 2 = x 2 + y 2  z = u 1  u 2 ) $ z = ( x 1 + y 1 )  ( x 2 + y 2 ) f1f1 f2f2 g1g1 g2g2 f1f1 f2f2 Instead, prove: under functional consistency: for every uninterpreted function f x = y ! f ( x ) = f ( y ) Which translates to (via Ackermann’s reduction): Validating a compilation process

Technion46 Dfn: A graph is chordal iff every cycle of size 4 or more has a chord. How to make a graph chordal ? eliminate vertices one at a time, and connect their neighbors. From Equality to Propositional Logic [BV-CAV'00] – the Sparse method

Technion47 Definitions for the proof… A Violating cycle under an assignment  R  This assignment violates T S but not necessarily T R eFeF e T2 e T1 T T F Either dashed or solid

Technion48 More definitions for the proof… An edge e = ( v i, v j ) is equal under an assignment  iff there is an equality path between v i and v j all assigned T under  Denote: T T F T T v1v1 v2v2 v3v3

Technion49 More definitions for the proof… An edge e = ( v i, v j ) is disequal under an assignment  iff there is a disequality path between v i and v j in which the solid edge is the only one assigned false by  Denote: T T F T T v1v1 v2v2 v3v3

Technion50 Proof… Observation 1: The combination is impossible if  =  R (recall:  R ² T R ) Observation 2: if ( v 1, v 3 ) is solid, then F T T v1v1 v2v2 v3v3

Technion51 ReConstructing  S Type 1: It is not the case that Assign  S ( e 23 ) = F Type 2: Otherwise it is not the case that Assign  ( e 13 ) = T F T T In all other cases  S =  R F T T  F  T v1v1 v2v2 v3v3 v1v1 v2v2 v3v3

Technion52 ReConstructing  S Starting from  R, repeat until convergence:   ( e T ) := F in all Type 1 cycles   ( e F ) := T in all Type 2 cycles All Type 1 and Type 2 triangles now satisfy T S B is still satisfied (monotonicity of NNF) Left to prove: all contradictory cycles are still satisfied

Technion53 Proof… Invariant: contradictory cycles are not violating throughout the reconstruction. contradicts the precondition to make this assignment… F T T v1v1 v2v2 v3v3  F T T

Technion54 Proof… Invariant: contradictory cycles are not violating throughout the reconstruction. contradicts the precondition to make this assignment… F T T v1v1 v2v2 v3v3  T T F

Technion55 x0x0 x1x1 x2x2 x3x3 x6x6 x4x4 x5x5 The constraint e 3,6 Æ e 3,5  e 5,6 is not added Constraining simple contradictory cycles cache: … e 5,6 Æ e 4,6  e 4,5 Open problem: constrain simple contradictory cycles in P time

Technion56 x0x0 x1x1 x2x2 x3x3 x6x6 x4x4 x5x5 the constraint e 3,6 Æ e 3,5  e 5,6 is not added, though needed Suppose the graph has 3 more edges Constraining simple contradictory cycles cache: … e 5,6 Æ e 4,6  e 4,5 Here we will stop, although … Open problem: constrain simple contradictory cycles in P time

Technion57 Equality Logic  E :( x 1 = x 2 Æ ( x 2  x 3 Ç x 1  x 3 )) A: Mainly when combined with Uninterpreted Functions f ( x, y ), g ( z ),… Uninterpreted Functions can be reduced to Equality Logic via e.g. Ackermann’s reduction. Mainly used in proving equivalences, but not only

Technion58 Thm-1: It is sufficient to constrain simple cycles only e1e1 e2e2 e3e3 e4e4 e5e5 e6e6 T TT TT F From Equality to Propositional Logic [BV-CAV'00] – the Sparse method

Technion59 Still, there can be an exponential number of chord- free simple cycles… Solution: make the graph ‘chordal’ by adding edges. …. From Equality to Propositional Logic [BV-CAV'00] – the Sparse method

Technion60 Basic notions Equality Path: a path made of equalities. we write x =* z Disequality Path: a path made of equalities and exactly one disequality. We write x  * y Contradictory Cycle: two nodes x and y, s.t. x= * y and x  * y form a contradictory cycle x y z

Technion61 Basic notions Thm-4: Every contradictory cycle is either simple or contains a simple contradictory cycle