Presentation is loading. Please wait.

Presentation is loading. Please wait.

Interpolants [Craig 1957] G(y,z) F(x,y)

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Interpolants [Craig 1957] G(y,z) F(x,y)"— Presentation transcript:

0 Efficient Craig Interpolation For Subsets of Integer Linear Arithmetic
Himanshu Jain, CMU Edmund M. Clarke, CMU Orna Grumberg, Technion

1 Interpolants [Craig 1957] G(y,z) F(x,y)
Given formulas F, G such that F Æ G is unsatisfiable An interpolant for (F,G) is a formula I: 1. F ) I 2. I Æ G is unsatisfiable 3. I contains only common variables of F and G I(y) G(y,z) F(x,y)

2 Interpolants Example Example 1 (propositional logic):
F := p Æ q G := : q Æ r Æ s I := q Example 2 (linear arithmetic): F := x + 2y ≤ 3 Æ –x - y ≤ -1 G := y ≥ 3 F ) y ≤ 2 I := y ≤ 2

3 Interpolants in Verification [McMillan 2003]
Useful in symbolic model checking Interpolant based image Reach1(S) S Computing Reach1(S) requires existential quantification (costly using BDDs or SAT)

4 Interpolants in Verification [Jhala et al. 2004]
Useful for Property Directed Invariant Generation Program P Predicate Abstraction Invariants for P expressible in terms of S Predicates S Interpolants help in finding right set of predicates

5 How are Interpolants Obtained
proof of unsatisfiability of F Æ G F Æ G F, G Interpolant for (F, G)

6 Existing Work on Computing Interpolants Pudlak, McMillan, Jhala et al
Existing Work on Computing Interpolants Pudlak, McMillan, Jhala et al., Yorsh et al., Kapur et al., Rybalchenko et al., Kroening et al., Cimatti et al., Beyer et al. Can efficiently compute interpolants For rational/real linear arithmetic For equality with uninterpreted function symbols Propositional logic (using SAT solvers) No efficient interpolation algorithms for Integer linear arithmetic Bit-vector arithmetic Decision problem for conjunctions is itself NP-hard We make progress in this direction.

7 Difference between rational and integer linear arithmetic
Let H := x=2y Æ x=2z+1 If x, y, z are rational variables H is satisfiable (take x=1,y=1/2, z=0) If x, y, z are integer variables H is unsatisfiable

8 Our results Polynomial time interpolation algorithms
For useful subsets of integer linear arithmetic Integer (Diophantine) linear equations E.g. x = 3y Æ 5x = 3z+u+2 Æ … Integer linear congruences (modular equations) E.g. 4x = 2y + 9 (mod 3) Æ 2z + 5x –y = 7 (mod 4) Æ … Integer linear equations and disequations E.g. : (4x + 5y = 8) Æ x = 3y Æ …

9 Outline Introduction Integer Linear Equations
Craig Interpolation Related Work Integer Linear Equations Integer Linear Congruences Integer Linear Equations+Disequations Experimental results New interpolation algorithms We will only give intuition and examples in the talk. See paper for precise description of results.

10 Interpolation for Integer Linear Equations
F, G be conjuctions of integer linear equations We show that interpolant for (F,G) is always: An integer linear equation or An integer linear congruence F := (x = 2y) and G := (x=2z+1) An interpolant is x = 0 (mod 2)

11 Interpolation Algorithm Step 1
Obtain a proof of unsatisfiability of F Æ G (How to get a contradiction from F Æ G) F := (30 x + 4y = 2) G := ( y + 5z = 2) [1/5, 1/5] 1/5 F + 1/5 G is equal to 6x+y+z=4/5 (Contradiction)

12 Interpolation Algorithm Step 2
Sum the equations from F according to the proof of unsatisfiability F G 1/5 (30 x + 4y = 2) + 1/5 (y + 5z = 2) 6 x + 4/5 y = 2/5 Partial interpolant We do not want x

13 Interpolation Algorithm Step 3
Remove variables not common to F and G 6 x + 4/5 y = 2/5 4/5 y -2/5 = -6x ) 4/5 y – 2/5 is divisible by 6 ) 4/5 y – 2/5 = 0 (mod 6) ) 4y-2=0 (mod 30) 4y - 2 = 0 (mod 30) is an interpolant for (F, G) We have proved the correctness of above algorithm

14 Complexity of the Algorithm
Obtain proof of unsatisfiability (step 1) Polynomial time using Hermite Normal Form Overall algorithm is polynomial time Can also use modern SMT solvers Multiple interpolants can be obtained

15 Multiple Interpolants
G := y+5z=2 F := 30x+4y=2 4y – 2 = 0 (mod 10) 4y – 2 = 0 (mod 30) 4y – 2 = 0 (mod 15) 4y – 2 = 0 (mod 5)

16 Outline Introduction Integer Linear Equations
Craig Interpolation Related Work Integer Linear Equations Integer Linear Congruences Integer Linear Equations+Disequations Experimental results New interpolation algorithms

17 Integer Linear Congruences
a = b (mod m) iff m divides (a-b) a, b, m can be rational numbers Integer Linear Congruence: i ai xi = b (mod m) xi are integer variables Example: 3x+2y+5z = 0 (mod 6) SATISFIABLE (x=2,y=0,z=0)

18 Interpolation for Integer Linear Congruences
F, G be conjuctions of integer linear congruences We show that interpolant for (F,G) is always: An integer linear congruence Basic steps same as before Proof of unsatisfiability is more interesting

19 Proof of Unsatisfiability
Congruences may not hold with rational multipliers 9 = 5 (mod 2). But 9/4 ≠ 5/4 (mod 2) We show get a proof of unsatisfiability With integer multipliers for equations Congruence hold with integer multipliers

20 Proof of Unsatisfiability for Congruences
2 (2x + 2y = 4) (mod 8) + -4 (2x + y = 4) (mod 8) + 1 (4x = 4) (mod 8) 0 = -4 (mod 8) 2x + 2y = 4 (mod 8) Æ 2x + y = 4 (mod 8) Æ 4x = 4 (mod 8) Both proofs of unsatisfiability and (multiple) interpolants can be obtained in polynomial time

21 Outline Introduction Integer Linear Equations
Craig Interpolation Related Work Integer Linear Equations Integer Linear Congruences Integer Linear Equations+Disequations Experimental results New interpolation algorithms

22 Integer Linear Equations + Disequations
Example: (x+2y+z=1) Æ :(x=1) Æ … All integer variables Let F = Feq Æ Fneq We show F has no integral solution iff F has no rational solution, OR Feq has no integral solution

23 Interpolation for Integer Linear Equations + Disequations
Given F = Feq Æ Fneq , G = Geq Æ Gneq , F Æ G is unsat F Æ G has no rational solution Interpolant as integer linear eqn/disequation Feq Æ Geq has no integral solution Interpolant as integer linear eqn/congruence

24 Outline Introduction Integer Linear Equations
Craig Interpolation Related Work Integer Linear Equations Integer Linear Congruences Integer Linear Equations+Disequations Experimental results New interpolation algorithms

25 Predicate Discovery Loop invariant: x+y is divisible by 4
void main() { int x=0, y=0; while(*) x = x + 4*nondet(); y = y + 8*nondet(); assert(x+y != 1); assert(x+y != 2); assert(x+y != 3); } Loop invariant: x+y is divisible by 4 That is, x+y=0 (mod 4) Such predicates can be found using our interpolation algorithms C program

26 Predicate Discovery Experiments
Existing state-of-the-art tools such as BLAST, SATABS, VCEGAR cannot verify these programs. With the help of predicates found by our algorithms they can (VCEGAR). Predicate Discovery Experiments Example Predicates/Interpolants Time (secs) ex1 y = 1 (mod 2) 2.72 ex2 x + y = 0 (mod 2) 0.83 ex4 x + y + z = 0 (mod 4) 0.95 ex5 x=0 (mod 4), y=0 (mod 4) 1.1 ex6 4x+2y+z = 0 (mod 8) 0.93 ex7 4x-2y+z = 0 (mod 222) 0.54 forb1 x + y = 0 (mod 3) 0.1

27 Conclusion Efficient Interpolation Algorithms Easy to implement
Integer linear equations Integer linear congruences Integer linear equations and disequations Easy to implement Proofs of unsatisfiability

28 Future Work Full integer linear arithmetic Bit-vector arithmetic
Cutting-plane proofs/Pudlak’s algorithm Bit-vector arithmetic Boolean Combinations using SMT

29 Questions

Download ppt "Interpolants [Craig 1957] G(y,z) F(x,y)"

Similar presentations

Model Checking Base on Interoplation

Model Checking Base on Interoplation
Assertion Checking over Combined Abstraction of Linear Arithmetic and Uninterpreted Functions Sumit Gulwani Microsoft Research, Redmond Ashish Tiwari SRI.

Assertion Checking over Combined Abstraction of Linear Arithmetic and Uninterpreted Functions Sumit Gulwani Microsoft Research, Redmond Ashish Tiwari SRI.
Combining Abstract Interpreters Sumit Gulwani Microsoft Research Redmond, Group Ashish Tiwari SRI RADRAD.

Combining Abstract Interpreters Sumit Gulwani Microsoft Research Redmond, Group Ashish Tiwari SRI RADRAD.
A Randomized Satisfiability Procedure for Arithmetic and Uninterpreted Function Symbols Sumit Gulwani George Necula EECS Department University of California,

A Randomized Satisfiability Procedure for Arithmetic and Uninterpreted Function Symbols Sumit Gulwani George Necula EECS Department University of California,
Logical Abstract Interpretation Sumit Gulwani Microsoft Research, Redmond.

Logical Abstract Interpretation Sumit Gulwani Microsoft Research, Redmond.
50.530: Software Engineering

50.530: Software Engineering
Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.

Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.
Satisfiability Modulo Theories (An introduction)

Satisfiability Modulo Theories (An introduction)
SMT Solvers (an extension of SAT) Kenneth Roe. Slide thanks to C. Barrett & S. A. Seshia, ICCAD 2009 Tutorial 2 Boolean Satisfiability (SAT) ⋁ ⋀ ¬ ⋁ ⋀

SMT Solvers (an extension of SAT) Kenneth Roe. Slide thanks to C. Barrett & S. A. Seshia, ICCAD 2009 Tutorial 2 Boolean Satisfiability (SAT) ⋁ ⋀ ¬ ⋁ ⋀
Linked List Implementation class List { private List next; private Object data; private static List root; private static int size; public static void addNew(Object.

Linked List Implementation class List { private List next; private Object data; private static List root; private static int size; public static void addNew(Object.
Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 

Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 
Software Engineering & Automated Deduction Willem Visser Stellenbosch University With Nikolaj Bjorner (Microsoft Research, Redmond) Natarajan Shankar (SRI.

Software Engineering & Automated Deduction Willem Visser Stellenbosch University With Nikolaj Bjorner (Microsoft Research, Redmond) Natarajan Shankar (SRI.
1 Cover Algorithms and Their Combination Sumit Gulwani, Madan Musuvathi Microsoft Research, Redmond.

1 Cover Algorithms and Their Combination Sumit Gulwani, Madan Musuvathi Microsoft Research, Redmond.
Program Analysis as Constraint Solving Sumit Gulwani (MSR Redmond) Ramarathnam Venkatesan (MSR Redmond) Saurabh Srivastava (Univ. of Maryland) TexPoint.

Program Analysis as Constraint Solving Sumit Gulwani (MSR Redmond) Ramarathnam Venkatesan (MSR Redmond) Saurabh Srivastava (Univ. of Maryland) TexPoint.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
1 Don´t Care Minimization of *BMDs: Complexity and Algorithms Christoph Scholl Marc Herbstritt Bernd Becker Institute of Computer Science Albert-Ludwigs-University.

1 Don´t Care Minimization of *BMDs: Complexity and Algorithms Christoph Scholl Marc Herbstritt Bernd Becker Institute of Computer Science Albert-Ludwigs-University.
Using Statically Computed Invariants Inside the Predicate Abstraction and Refinement Loop Himanshu Jain Franjo Ivančić Aarti Gupta Ilya Shlyakhter Chao.

Using Statically Computed Invariants Inside the Predicate Abstraction and Refinement Loop Himanshu Jain Franjo Ivančić Aarti Gupta Ilya Shlyakhter Chao.
Assertion Checking Unified Sumit Gulwani Microsoft Research, Redmond Ashish Tiwari SRI.

Assertion Checking Unified Sumit Gulwani Microsoft Research, Redmond Ashish Tiwari SRI.
Class Presentation on Binary Moment Diagrams by Krishna Chillara Base Paper: “Verification of Arithmetic Circuits using Binary Moment Diagrams” by.

Class Presentation on Binary Moment Diagrams by Krishna Chillara Base Paper: “Verification of Arithmetic Circuits using Binary Moment Diagrams” by.
Congruence class arithmetic. Definitions: a ≡ b mod m iff a mod m = b mod m. a  [b] iff a ≡ b mod m.

Congruence class arithmetic. Definitions: a ≡ b mod m iff a mod m = b mod m. a  [b] iff a ≡ b mod m.

Similar presentations

Ads by Google