1/20 Arrays Changki PSWLAB Arrays Daniel Kroening and Ofer Strichman Decision Procedure
2/20 Arrays Changki PSWLAB Array logic Arrays are a basic data structure that is used in most software programs modeling memories and caches in hardware design. Array logic permits expressions over arrays. Arrays can be formalized as maps from an index type to an element type. Array logic has two basic operations Reading Writing
3/20 Arrays Changki PSWLAB Contents Introduction Arrays as uninterpreted function A reduction algorithm for array logic Conclusion
4/20 Arrays Changki PSWLAB Array logic Array is the set of functions that map an index value to an element. Index type T I Element type T E Array type Let denote an array. Two basic operations on arrays: 1. Reading : reads an element with index from a. The value of the element of index i is denoted by a[i]. 2. Writing : writes an element with. Let denote the value to be written. The array a where element i has been replaced by e is denoted by a { i e }.
5/20 Arrays Changki PSWLAB Index logic Index logic The index logic should permit existential and universal quantification. Existential quantification “There exists an array element that is zero” Universal quantification “All elements of the array are greater than zero” Array logic is defined by index logic and element logic Validity for array logic is undecidable, since index logic permits existential and universal quantification. First-order-logic is undecidable.
6/20 Arrays Changki PSWLAB The syntax of array logic atom I denotes an atom in the index logic atom E denotes an atom in the element logic
7/20 Arrays Changki PSWLAB Read-over-write axiom Read-over-write axiom McCarthy proposed. After the value e has been written into array a at index i, the value of this array at index i is e. The value at any index j ≠ i matches that in the array before the write operation at index j :
8/20 Arrays Changki PSWLAB Example The main step of correctness argument is to show that the invariant in the line 7 is maintained by the assignment in line 6. A common way to do so is to generate verification conditions.
9/20 Arrays Changki PSWLAB Example (cond.) We can obtain the following verification condition for the claim: Proving validity of this formula shows that the loop invariant is maintained. Prove by means of read-over-write axiom
10/20 Arrays Changki PSWLAB Arrays as uninterpreted functions Here we consider a method to check satisfiability of array logic formula whose quantifications are removed by a reduction mechanism. We will see the reduction scheme. array logic formula with quantification array logic formula without quantification Here array logic formula without quantification equality formula with uninterpreted functions How to reduce? array type uninterpreted function index type function argument
11/20 Arrays Changki PSWLAB Example Array logic without quantification Equality formula with an uninterpreted function Apply Bryant’s reduction
12/20 Arrays Changki PSWLAB A reduction algorithm for array logic We define here a restricted class of array logic formulas in order to obtain decidability. Recall arbitrary formula of original array logic is undecidable. From hereon we will learn how to reduce given an array logic formula to the decidable array logic formula. We consider formulas that are Boolean combinations of array property. The reduced decidable array logic formula has array property.
13/20 Arrays Changki PSWLAB Array property Def. An array logic formula is called an array property if and only if it is of the form and satisfies the following conditions: 1. The predicate, called the index guard, must follow the grammar. 2. The predicate is called the value constraint. The “ integer-identifier ” used in “ term ” must not be.
14/20 Arrays Changki PSWLAB Extensionality rule Def. Extensionality rule is the elementwise equality of two arrays. Extensionality is an array property: index guard is simply TRUE in this case. is the value constraint of Extensionality rule.
15/20 Arrays Changki PSWLAB Example Array logic formula Array property formula Only second conjunct is not array property formula Write-rule : Array updates can be handled by replacing each expression of the form by a fresh variable a’ of array type, and by adding two constraints that correspond directly to the two cases of the read-over-write axiom: 1. for the value that is written, 2. for the values that are unchanged.
16/20 Arrays Changki PSWLAB A reduction algorithm Array-Reduction Input : An array property formula Output : A formula with uninterpreted functions 1. Apply the write rule to remove all array updates from. 2. Replace all existential quantifications of the form by P(j), where j is a fresh variable. 3. Replace all universal quantifications of the form by 4. Replace the array read operations by uninterpreted functions and obtain. 5. return.
17/20 Arrays Changki PSWLAB A reduction algorithm In step 3 The universal quantifiers replaced by the conjunction, where the set denotes the index variables that i might possibly be equal to in the formula. set contains the following element : 1. All variables used as an array index in that are not quantified variables. 2. All variables used inside index guards in that are not quantified variables. 3. If contains none of the above, is {0} in order to obtain a nonempty set of index variables.
18/20 Arrays Changki PSWLAB Example We want to check satisfiability of 1. Apply the write rule to remove all array updates from. 2. Replace all existential quantifications of the form by P(z), where z is a fresh variable. == =
19/20 Arrays Changki PSWLAB Example (cond.) 3. Replace all universal quantifications of the form by, where = { i, z } 4. Remove trivially satisfied conjuncts. 5. Replace the two arrays a and a’ by uninterpreted functions F a and F a ’.
20/20 Arrays Changki PSWLAB Conclusion Validity of an array logic formula without any reduction is undecidable. Reduction algorithm needed. Reduction algorithm outputs a formula with uninterpreted functions