AN INTERPOLATING THEOREM PROVER K.L. McMillan Cadence Berkley Labs

Agenda  Concepts  Inerpolants from Proofs  Linear Inequalities (LI)  Equality and Uninterpreted Functions (EUF)  Combining LI and EUF  An Interpolating Prover  Generating Proofs  Interpolants for Structured Formulas  Applications 2

Agenda  Concepts  Inerpolants from Proofs  Linear Inequalities (LI)  Equality and Uninterpreted Functions (EUF)  Combining LI and EUF  An Interpolating Prover  Generating Proofs  Interpolants for Structured Formulas  Applications 3

Concepts  term - linear combination: c 0 +c 1 v 1 +…+c n v n  v 1 …v n : distinct individual variables  c 0 …c n : rational constants, c 1 …c n ≠0  x,y terms:  x is 1+a, y is b-2a => 2x+y is term 2+b  atomic predicate  0 ≤ x (x is term)  propositional variable 4

Concepts Cont.  literal - atomic predicate or its negation  clause - (l 1 v …v l n ) : l 1..n : literals   - set of literals  - clause from literal of   <> - empty clause = False  sequent -  ├  : ,  set of clauses  conjunctions of  entails disjunction of .  lower case letters - formulas  upper case letters - sets of formulas  Example: ,  ├ ,A   U {  } ├ {  } U A 5

Concepts cont.  ┴ - 0≤-1 (False)   : is “interpolant“ (deduction of ) 6

Agenda  Concepts  Inerpolants from Proofs  Linear Inequalities (LI)  Equality and Uninterpreted Functions (EUF)  Combining LI and EUF  An Interpolating Prover  Generating Proofs  Interpolants for Structured Formulas  Applications 7

Proof Rules for LI 8

Proof Example  Yael’s example: This is a refutation proof 9

Motivation for interpolant definition  A - 0 ≤ w-x, 0 ≤ x-y  B - 0 ≤ y-z  F = A+B = 0 ≤ w-y  Contribution from A: F A = 0 ≤ w-y  A |= F A  F A,B |= F  Coefficient of w is the same in A and F A  When F= 0 ≤ -1 then F A B 10

Inequality Interpolation Definition 1: (A,B) |- 0 ≤ x [x’, ,  ] – A, B : clause sets – x, x’ : terms – ,  : formulas such that 1. A,  |= 0 ≤ x’  2. B |=  and B,  |= 0 ≤ x - x’ 3. ,  B x’, ρ,  A (x-x’) B For the current system, the formulas  and  are always T. 11

Hypotheses 12

Hypotheses 13

Soundness     Comb:     Condition 3 is trivial 14

Example  We want to derive an interpolant for (A,B) where:  A - (0≤y-x),(0≤z-y)  B - (0≤x-z-1)  In example: 15

Solution  A - (0≤y-x),(0≤z-y)  B - (0≤x-z-1)  Step 1,2:  Step 3:  Step 4:  Step 5: 16

Interpolation syntax for clauses Definition 2: (A,B) |- [  ] – A, B : clause sets –  : literal set –  : formula 1. A |= φ v 2. B, φ |= 3.  B and  A If  is empty,  is an interpolant for (A,B). 17

Hypotheses 18

Resolution Rules 19

Resolution(A) Soundness  Condition 1,2: 20

Resolution(B) Soundness  Condition 1,2: 21

Contradiction Rule 22

Soundness   Condition 1:  Definition 1:  DeMorgan: 23

Soundness  Condition 2:  Definition 1 (condition 2):  Previous + DeMorgan:  Condition 3:  Third condition of definition 1 guaranties that. Because coefficient of every must be 0. 24

Example  We want to derive an interpolant for (A,B) where:  Step 1:  Step 2: 25

Example (Cont.)  Step 3:  Step 4:  Result: 26

Agenda  Concepts  Inerpolants from Proofs  Linear Inequalities (LI)  Equality and Uninterpreted Functions (EUF)  Combining LI and EUF  An Interpolating Prover  Generating Proofs  Interpolants for Structured Formulas  Applications 27

Proof rules for EUF  terms are: x 1 …x n f n (x 1 …x n ) 28

Proof rules for EUF  CONTRA and RES rules the same as in previous system. 29

Motivation for interpolant definition   =>(x=t 1 )(t 1 =t 2 )…(t n =y)  All equalities  (A,B)  At least one global term in   ‘  - leftmost global term in  (A,B)   ’ - right most global term in  (A,B)  A |= x=‘  and y=  ’ (everything from the left and right are from A)  There are (t k =…=t m ) only from A can be summarized by a single (t k =t m ) such that ‘  ≤ t k and t m ≤  ’ by location.  t k, t m =are common between A,B 30

Motivation for interpolant definition   - will present conjunction of such subchains  A |=   B,  |= ‘  =  ’   consists only from common variables from (A,B)   is interpolant for x=y  If  not contains global terms  degenerate case  ‘  =x and  ’=y   = T 31

Equality Interpulation Definition 3: (A,B) |- x=y [x’, y’, ,  ] – A,B : clause sets – x, y, x’, y’ : terms – ,  : formulas 1. A,  |= x=x’ y=y’  2. B |=  and a. x’ y and y’ x (the degenerate case), or b. x‘,y’ B and B,  |=x’=y’ 3. ,  B and ,  B, and if x B then x’ x else x’ A (similarity for y,y’) 32

More Concepts  ‘(x,y) or : if x B then x else y  (x,y)’ or : if y B then y else x  : if then else T  : if then T else x=y  x(y/z) : if then y else x  : syntactic equality, equality pass contains global variable 33

Hypotheses 34

Hypotheses 35

Transitivity Rule 36

Transitivity Rule - Motivation  Solid lines = equalities from A  Dotted lines = equalities from B,   Not degenerate case  x‘= z’  x = z  If y is local then y’,y’’ A else y’ y’’ 37

Transitivity Sound Prove  Condition 1: 38

Transitivity Sound Prove (cont.)  Condition 2: Suppose B, ,  ’, y’=y’’ 39

Transitivity Sound Prove (cont.)  Condition 3: Trivial 40

Transitivity degenerate  Now y’’=z’ is solution for x=z  B,  |= y’’=z’ 41

Transitivity Rule (degenerate) - Sound  Condition 1: Suppose A, ,  ’  Same for z=z’(y’/y) 42

Transitivity Rule (degenerate) - Sound  Condition 2: Suppose B, ,  ’ 43

Transitivity Rule (degenerate) - Sound  Condition 3: 44

Cong-Rule 45

Cong-Rule Soundness  Condition 1: 46

Cong-Rule Soundness  Condition 2: 47

Cong-Rule Soundness  Condition 3: 48

EqNeq Rules 49

Example  We want to derive an interpolant for f(x)=f(y) A : x=y B : y=z Step 1,2: Two hypotheses Step 3: Step 4: 50

Agenda  Concepts  Inerpolants from Proofs  Linear Inequalities (LI)  Equality and Uninterpreted Functions (EUF)  Combining LI and EUF  An Interpolating Prover  Generating Proofs  Interpolants for Structured Formulas  Applications 51

Combining LI and EUF - Rules  Pass from equality to inequality:  From inequality to equality: 52

Interpolating Rules  From equality to inequality: 53

LeqEq - Soundness  Condition 1:  Condition 2:  Condition 3: 54

Interpolating Rules  From inequality to euality: 55

EqLeq - Soundness  Condition 1: Trivial  Condition 2:  Condition 3: 56

Soundness and Completeness  Definition 4:  is interpolant for (A,B) 1. A|=  2. B,  |= False 3.  A and  B  Theorem 1: (Soundness): If a clause interpolation of the form (A,B)|- <> [ φ ] is derivable, then φ is an interpolant for (A,B).  Theorem 2: (Completeness): For any derivable sequent A,B |- ψ, there is a derivable interpolation of the form (A,B) |- ψ [X]. 57

Agenda  Concepts  Inerpolants from Proofs  Linear Inequalities (LI)  Equality and Uninterpreted Functions (EUF)  Combining LI and EUF  An Interpolating Prover  Generating Proofs  Interpolants for Structured Formulas  Applications 58

Generating Proofs  Use combination of DPLL based SAT solver (propositional reasoning) + Nelson-Oppen style ground decision procedure (theory reasoning) using “lazy” approach. 59

Interpolants for structured formulas  Problem: A, B have arbitrary nesting of Boolean operators and not CNF structure.  We will transfer general (A,B) into (A c,B c ) where A c, B c are in clause form.  Tseitin encoding is used for convert to CNF structure.  Theorem 3: An interpolant for (A c,B c ) is also an interpolant for (A,B). 60

Applications  Using Interpolation for Predicate Refinement.  Model Checking with Interpolation 61

Contribution  Development of combined proof system for LI and EUF.  Interpolant extraction from combination of two theories LI+EUF based on proof system rools. 62

Thank you 63