Daniel Kroening and Ofer Strichman 1 Decision Proceduresfoe Equality Logic 4 Range Allocation
Decision Procedures An algorithmic point of view 2 Range allocation The small model property Range allocation
Decision Procedures An algorithmic point of view 3 The Small Model Property Equality Logic enjoys the Small Model Property This means that if a formula in this logic is satisfiable, then there is a finite, bounded in size, model that satisfies it. It gets better: in Equality Logic we can compute this bound, which suggests a decision procedure. What is this bound?
Decision Procedures An algorithmic point of view 4 Adequacy Def. A domain is adequate for a formula if the formula either is unsatisfiable or has a model within this domain. Def. A domain is adequate for a set of formulas if it is adequate for each formula in the set. An adequate domain D: var( ) ! 2 N for a formula computable in polynomial time, maps each variable to a finite set of integers such that is satisfiable iff there exists a satisfying assignment in which each variable x is assigned an integer from D(x).
Decision Procedures An algorithmic point of view 5 Small-domain instantiation Given an adequate domain, we can encode each variable x as an enumerated type over its finite domain D(x). Construct a corresponding propositional formula and use SAT-solving to check its satisfiability.
Decision Procedures An algorithmic point of view 6 The Small Model Property Claim: the range 1.. n is adequate, where n is the number of variables in Proof: Every satisfying assignment defines a partition of the variables Every assignment that results in the same partitioning also satisfies the formula The range 1..n allows all partitionings
Decision Procedures An algorithmic point of view 7 Complexity We need log n variables to encode the range 1… n For n variables we need n d log ne bits. This is already better than the worst-case O( n 2 ) bits required by the Boolean encoding method …
Decision Procedures An algorithmic point of view 8 The Small Model Property Claim: the range 1..i for each variable x i is adequate Proof: Every satisfying assignment defines a partition of the variables Every assignment that results in the same partitioning also satisfies the formula Each partition has a variable with smallest index i Assign the value i to all variables in the partition
Decision Procedures An algorithmic point of view 9 Instead of giving the range [1..11], analyze connectivity: x1x1 x2x2 y1y1 y2y2 g1g1 g2g2 zu1u1 f1f1 f2f2 u2u2 x 1, y 1, x 2, y 2 :{0-1} u 1, f 1, f 2, u 2 : {0-3} The state-space: from to ~10 5 Finite Instantiations revisited z, g 1, g 2 : {0-2}
Decision Procedures An algorithmic point of view 10 Or even better: x1x1 x2x2 y1y1 y2y2 g1g1 g2g2 zu1u1 f1f1 f2f2 u2u2 x 1, y 1, g 1, u 1 : {0} {0}{0}{0-1} An Upper-bound: State-space n! x 2, y 2, g 2, f 1 : {0-1} u 2 : {0-3} f 2, z: {0-2} The state-space: from ~10 5 to 576
Decision Procedures An algorithmic point of view 11 Choosing a minimal range for the integer variables 0. a,b,c,d,e : { 1 } ( 1 )(normal) 1.a,b,c,d,e : {1..5} (3125)(1..n) 2. a,b,c: {1..3}(connectivity d,e: {1..2} (108) analysis) 3. a: {1}, b:{1-2}, c: {1-3}(factorial d: {1}, e: {1-2} (12) reduction) E : :((a = b)_ :(b = c)) !((d e))
Decision Procedures An algorithmic point of view 12 Before and after, in SMV