Download presentation
Presentation is loading. Please wait.
1
Ofer Strichman, Technion 1 Decision Procedures in First Order Logic Part III – Decision Procedures for Equality Logic and Uninterpreted Functions
2
Technion2 Part I - Introduction Reminders - What is Logic Proofs by deduction Proofs by enumeration Decidability, Soundness and Completeness Some notes on Propositional Logic Deciding Propositional Logic SAT tools BDDs
3
Technion3 Part II – Introduction to Equality Logic and Uninterpreted Functions Introduction Definition, complexity Reducing Uninterpreted Functions to Equality Logic Using Uninterpreted Functions in proofs Simplifications Introduction to the decision procedures The framework: assumptions and Normal Forms General terms and notions Solving a conjunction of equalities Simplifications
4
Technion4 Part III – Decision Procedures for Equality Logic and Uninterpreted Functions Algorithm I – From Equality to Propositional Logic Adding transitivity constraints Making the graph chordal An improved procedure: consider polarity Algorithm II – Range-Allocation What is the small-model property? Finding a small adequate range (domain) to each variable Reducing to Propositional Logic
5
Technion5 We will first investigate methods that solve Equality Logic. Uninterpreted functions are eliminated with one of the reduction schemes. Our starting point: the E-Graph G E ( E ) Recall: G E ( E ) represents an abstraction of E: It represents ALL equality formulas with the same set of equality predicates as E Decision Procedures for Equality Logic
6
Technion6 From Equality to Propositional Logic Bryant & Velev 2000 E = x 1 = x 2 Æ x 2 = x 3 Æ x 1 x 3 enc = e 1 Æ e 2 Æ :e 3 Encode all edges with Boolean variables (note: for now, ignore polarity) This is an abstraction Transitivity of equality is lost! Must add transitivity constraints! e3e3 e2e2 e1e1
7
Technion7 From Equality to Propositional Logic E = x 1 = x 2 Æ x 2 = x 3 Æ x 1 x 3 enc = e 1 Æ e 2 Æ :e 3 For each cycle add a transitivity constraint trans = ( e 1 Æ e 2 ! e 3 ) Æ ( e 1 Æ e 3 ! e 2 ) Æ ( e 3 Æ e 2 ! e 1 ) Check: enc Æ trans e3e3 e2e2 e1e1
8
Technion8 From Equality to Propositional Logic There can be an exponential number of cycles, so let’s try to make it better. Thm: it is sufficient to constrain simple cycles only e1e1 e2e2 e3e3 e4e4 e5e5 e6e6 T TT TT F
9
Technion9 From Equality to Propositional Logic Still, there is an exponential number of simple cycles. Thm: It is sufficient to constrain chord-free simple cycles e1e1 e2e2 e3e3 e4e4 e5e5 T T T F T F
10
Technion10 Still, there can be an exponential number of chord- free simple cycles… Solution: make the graph ‘chordal’! From Equality to Propositional Logic ….
11
Technion11 From Equality to Propositional Logic Dfn: A graph is chordal iff every cycle of size 4 or more has a chord. How to make a graph chordal ? eliminate vertices one at a time, and connect their neighbors.
12
Technion12 From Equality to Propositional Logic Once the graph is chordal, we can constrain only the triangles. Note that this procedure adds not more than a polynomial # of edges, and results in a polynomial no. of constraints. T T T T F TT Contradiction!
13
Technion13 Improvement So far we did not consider the polarity of the edges. Claim: in the following graph trans = e 3 Æ e 2 ! e 1 is sufficient This is only true because of monotonicity of NNF e1e1 e2e2 e3e3
14
Technion14 Definitions Let C = ( e s, e 1,…, e n ) where e s is solid and e 1,…, e n are dashed be a simple (contradictory) cycle. Let be a formula over the Boolean variables encoding C We say that C is constrained in with respect to e s iff every assignment s.t. ( e s ) = F and ( e 1 ) = …= ( e n ) = T contradicts
15
Technion15 A theorem Let ’ trans constrain all simple contradictory cycles with respect to their solid edges. Thm: E is satisfiable iff enc Æ ’ trans is satisfiable. Proof strategy: Let ’ be a satisfying assignment to enc Æ ’ trans We will construct that satisfies enc Æ trans
16
Technion16 Definitions for the proof… A Violating Triangle under an assignment ’ This assignment violates trans but not necessarily ’ trans eFeF e T2 e T1 T T F Either dashed or solid
17
Technion17 More definitions for the proof… An edge e = ( v 1, v 2 ) is conducting under an assignment ’ iff there is a dashed path between v 1 and v 2 all assigned T under ’ We denote such an edge by E EFEF E T2 E T1 T T F T T v1v1 v2v2 Conducting under ’ v3v3 Observe: if two edges of a triangle are conducting under an assignment ’, then so is the third.
18
Technion18 Proof… This shape cannot be a violating triangle under ’ : eFeF E T2 E T1 F So either: Type 1: e T1 (or e T2, or both) is NOT conductive under ’, or Type 2: Not Type 1 and e F is dashed T T Solid Conducting under ’
19
Technion19 Constructing Type 1: e T1 is not conductive under ’ Assign ( e T1 ) = F Type 2: Otherwise, E F is dashed and conductive under ’ Assign ( e F ) = T eFeF E T2 e T1 F T T Solid, not conductive In all other cases = ’ EFEF E T2 E T1 F T T Dashed, conductive F T
20
Technion20 Constructing Starting from ’, repeat until convergence: ( e T1 ) := F in all Type 1 triangles ( e F ) := T in all Type 2 triangles Termination is guaranteed: we only flip assignments in one direction (solids to F and dashed to T) enc is still satisfied due to monotonicity of NNF All Type 1 and Type 2 triangles now satisfy trans by construction Left to prove: all contradictory cycles are still satisfied
21
Technion21 A supporting lemma Let 0, 1,…, n be the intermediate assignments in the reconstruction procedure, where 0 = ’ and n = Lemma: For every edge e, e is conductive in i, 0 < i ≤ n, iff it is conductive in i -1. Proof ( ) Type 1: not relevant (substituting T to F cannot make a path conductive). Type 2: i ( e ) = T and i -1 ( e ) = F only if e is conductive in step i -1. Proof ( ) Type 1: not relevant (applied only to solid edges, which do not effect conductivity). Type 2: making an edge T can only make more edges conductive.
22
Technion22 satisfies all contradictory cycles: proof 1. Falsely assume that a contradictory cycle ( e s, e i, e j ), where e s is solid, is assigned (F,T,T) under the constructed . 2. This contradicts ’. Hence, one or more of these assignments are a result of the reconstruction. ( e i ) = ( e j ) = T and they are dashed, hence they are conductive. Due to the lemma then they were conductive in ’ as well. 4. Conclusion: ’( e s ) = 1 ( ’( e s )=0 contradicts ’ trans ) 5. Therefore reconstruction applied Type 1 to e s. 6. Type 1 can only be applied to e s if either one of e i, e j is not conductive with respect to ’. Contradiction. QED
23
Technion23 Correctness of the improved procedure eded e1e1 e2e2 T T F T T F contradiction! cannot satisfy this cycle e2e2 e1e1 eses T F F T T T Dashed violating cycle Solid violating cycle
24
Technion24 Improved procedure How can we use the theorem without enumerating contradictory cycles ? Answer: Consider the chordal graph. Add constraints to triangles only if necessary to enforce transitivity of contradictory cycles How?... read the lecture notes.
25
Technion25 Part III – Decision Procedures for Equality Logic and Uninterpreted Functions Algorithm I – From Equality to Propositional Logic Adding transitivity constraints Making the graph chordal An improved procedure: consider polarity Algorithm II – Range-Allocation What is the small-model property? Finding a small adequate range (domain) to each variable Reducing to Propositional Logic
26
Technion26 Range allocation The small model property Range Allocation
27
Technion27 To a formula with uninterpreted functions Uninterpreted functions From a general formula:
28
Technion28 From a formula with uninterpreted functions: To a formula in the theory of equality Ackerman’s reduction
29
Technion29 The Small Model Property Equality Logic enjoys the Small Model Property This means that if a formula in this logic is satisfiable, then there is a finite, bounded in size, model that satisfies it. It gets better: in Equality Logic we can compute this bound, which suggests a decision procedure. What is this bound?
30
Technion30 The Small Model Property Claim: the range 1.. n is adequate, where n is the number of variables in Proof: Every satisfying assignment defines a partition of the variables Every assignment that results in the same partitioning also satisfies the formula The range 1..n allows all partitionings
31
Technion31 Complexity We need log n variables to encode the range 1… n For n variables we need n log n bits. This is already better than the worst-case O( n 2 ) bits required by the Boolean encoding method …
32
Technion32 Instead of giving the range [1..11], analyze connectivity: x1x1 x2x2 y1y1 y2y2 g1g1 g2g2 zu1u1 f1f1 f2f2 u2u2 x 1, y 1, x 2, y 2 :{0-1} u 1, f 1, f 2, u 2 : {0-3}g 1, g 2, z: {0-2} The state-space: from 11 11 to ~10 5 Finite Instantiations revisited
33
Technion33 Or even better: x1x1 x2x2 y1y1 y2y2 g1g1 g2g2 zu1u1 f1f1 f2f2 u2u2 x 1, y 1, g 1, u 1 : {0} {0}{0}{0-1} An Upper-bound: State-space n! x 2, y 2, g 2, f 1 : {0-1} u 2 : {0-3} f 2, z: {0-2} The state-space: from ~10 5 to 576
34
Technion34 Choosing a minimal range for the integer variables 0. a,b,c,d,e : { 1 } ( 1 )(normal) 1.a,b,c,d,e : {1..5} (3125)(1..n) 2. a,b,c: {1..3}(connectivity d,e: {1..2} (108) analysis) 3. a: {1}, b:{1-2}, c: {1-3}(factorial d: {1}, e: {1-2} (12) reduction) 4.......... E : :((a = b) Ç :(b = c)) !((d e))
35
Technion35 Before and after, in SMV
36
Technion36 The Range-Minimization Problem Given an Equality formula E, find in polynomial time a small domain D* sufficient to preserve its satisfiability In other words: find D* such that E is satisfiable under an infinite domain D ! E is satisfiable under the finite domain D*
37
Technion37 The strategy 1. Determine a range allocation R, mapping each variable x i E into a small set of integers, s.t. E is satisfiable iff it is satisfiable over some R -interpretation. 2. Encode each variable x i as an enumerated type over R ( x i ), and use a standard satisfiability checker as a decision procedure.
38
Technion38 What range is adequate ? Recall that a subgraph of an E-Graph G E ( E ) is unsatisfiable iff it contains a contradictory cycle. Dfn: A Range Allocation R is adequate for G E ( E ) if every satisfiable subgraph can be satisfied under R. Now we need an algorithm to find adequate ranges
39
Technion39 Examples: The price of a polynomial procedure: The predicates of E hold less information than E.
40
Technion40 x1x1 x2x2 y1y1 y2y2 g1g1 g2g2 zu1u1 f1f1 f2f2 u2u2 Building the E-Graph E : E = : Note: 1. Inconsistent subsets appear as contradictory cycles 2. Some of the vertices are mixed
41
Technion41 The Range-Allocation Algorithm A. Remove all solid edges not belonging to contradictory cycles. B. Add a single unique value to singleton vertices, and remove them from the graph. x1x1 x2x2 y1y1 y2y2 g1g1 g2g2 zu1u1 f1f1 f2f2 u2u2 {0}{0}{1}{1}{3}{3}{2}{2} Step I - pre-processing:
42
Technion42 Step II - Set construction: A. For each mixed vertex x i : 1. Add a unique value u i to R ( x i ) 2. Broadcast u i on G = 3. Remove x i from the graph B. Add a unique value to each remaining G = component g1g1 g2g2 z {4}{4} {4}{4} {4}{4} g1g1 z {4, } g1g1 g2g2 z {4}{4} 1.2.
43
Technion43 u1u1 f1f1 f2f2 u2u2 {6}{6}{6}{6}{6}{6} {6}{6} f1f1 f2f2 u2u2 {6,7}{6,7} {6,7}{6,7} {6,7}{6,7} u2u2 {6,7, } u1u1 f1f1 f2f2 u2u2 {6}{6}{6,7}{6,7} 1. 2. 3. f1f1 {6,7, }
44
Technion44 x1x1 x2x2 y1y1 y2y2 g1g1 g2g2 zu1u1 f1f1 f2f2 u2u2 {3}{3}{2}{2} {4}{4} {4, } {6}{6}{6,7}{6,7} {6,7, } {1}{1} {0}{0} Is the allocated range adequate? We have to satisfy every consistent subset B : For all x B, assign the smallest value allocated in step A to a mixed vertex which is G = (B) connected to x. If there isn’t any, choose the value given in step B.
45
Technion45 Further optimizations The order in which mixed vertices are eliminated has a strong effect. Not all mixed vertices need to start from a unique value. An analysis that involves solving a coloring problem can help here… … (see lecture notes)
46
Technion46 x1x1 x2x2 y1y1 y2y2 g1g1 g2g2 zu1u1 f1f1 f2f2 u2u2 {3}{3}{2}{2} {4}{4} {4,5}{4,5} {4,5}{4,5} {6,7}{6,7} {6}{6}{6}{6}{6,8}{6,8} {1}{1} {0}{0} A state-space story 11 11! 16 1..n1..ibasic ordercolor 4872? 576 connectivity
47
Technion47 Interlude… So far we solved UF in three steps: 1. Reduce UF to Equality Logic E, and 2. Reduce E to Propositional Logic formula enc Æ trans OR 2. Find a small domain to each variable. 3. Solve propositional formula Next, we improve the small-domain method by constructing smaller E-graphs.
48
Technion48 Smaller E-graphs So far we first reduced UF to E and only then constructed the E-graph. The Clique problem: n function instances in UF n -clique between f 1... f n, and a similar clique between their arguments in G E ( E ) New strategy: add to graph functional consistency constraints ‘as needed’
49
Technion49 Constructing smaller E-graphs Let flat ( UF ) be a formula derived from UF by replacing each UF instance F i with a new variable f i Example: UF : F 1 ( G 1 ( x 1 ) F 2 ( G 2 ( x 2 )) Æ x 1 = x 2 flat ( UF ): f 1 f 2 Æ x 1 = x 2
50
Technion50 Constructing smaller E-graphs Recall: to check the satisfiability of UF 1 : F 1 ( x 1 ) F 2 ( x 2 ) Æ (( x 1 = x 2 ) Ç true) We need to check, according to Bryant’s reduction: The following optimization only works with Bryant’s reduction E1:E1:
51
Technion51 Constructing smaller E-graphs Attempt #1: construct G E ( E ) according to flat ( UF ) Note - build G E ( E ) before Bryant’s reduction! UF 1 : F 1 ( x 1 ) F 2 ( x 2 ) Æ (( x 1 = x 2 ) Ç true) flat ( UF 1 ): f 1 f 2 Æ (( x 1 = x 2 ) Ç true) f1f1 f2f2 x2x2 x1x1 {1}{1} {2}{2} {0}{0}{0}{0}
52
Technion52 Constructing smaller E-graphs Does the single assignment we have: x 1 = 0, x 2 = 0, f 1 = 1, f 2 = 2 satisfy E1:E1:
53
Technion53 Constructing smaller E-graphs Does the single assignment we have: x 1 = 0, x 2 = 0, f 1 = 1, f 2 = 2 satisfy E1:E1:
54
Technion54 Constructing smaller E-graphs Does the single assignment we have: x 1 = 0, x 2 = 0, f 1 = 1, f 2 = 2 satisfy So what is missing ? Answer: the graph fails to represent the fact that, due to functional consistency implies x 1 x 2 unsatisfied! E1:E1:
55
Technion55 Constructing smaller E-graphs Suggestion: if there is a solid edge between f i and f j, add a solid edge between their arguments Now the assignment x 1 = 0, x 2 = 1, f 1 = 2, f 2 = 3 satisfies E 1 But is this enough ? f1f1 f2f2 x2x2 x1x1 {2}{2} {3}{3} {0}{0}{0,1}
56
Technion56 Constructing smaller E-graphs Consider: x 1 = 0, x 2 = 0, f 1 = 1, z = 1, f 2 = 2 does not satisfy E 2 So the suggested rule in not enough. So what is the rule ? f1f1 f2f2 {1}{1} {2}{2} x2x2 x1x1 {0}{0}{0}{0} z {1}{1}
57
Technion57 Constructing smaller E-graphs Rule 1: if f i * f j and x i =* x j add a solid edge between x i and x j x 1 = 0, x 2 = 1, f 1 = 2, z = 2, f 2 = 3 satisfies E 2 Anything else ? f1f1 f2f2 x2x2 x1x1 z {2}{2} {3}{3} {0}{0}{0,1} {2}{2}
58
Technion58 Constructing smaller E-graphs Now consider: for which the graph is the same: But there is no satisfying assignment here for E 3 ! So what is missing ? f1f1 f2f2 {2}{2} {3}{3} x2x2 x1x1 {0}{0}{0,1} z {2}{2}
59
Technion59 Constructing smaller E-graphs So what is missing ? x 1 = x 2 implies f 1 = f 2 But with Bryant’s reduction we are not supposed to worry about this: But… we still cannot satisfy E 3 from the current graph. So still, what is missing ? When x 1 = x 2 this value is not important
60
Technion60 Constructing smaller E-graphs Recall: If is assigned the value of f 1, we need to make sure f 1 can satisfy the constraints over We can do it in two ways: Either add an edge f 1 = f 2 (Range-Allocation will do the rest) Copy all constraints over to f 1.
61
Technion61 Constructing smaller E-graphs Recall: Both options satisfy E 3. So what is the rule ? f1f1 f2f2 x2x2 x1x1 z {2,3} {0}{0}{0,1} {2}{2} f1f1 f2f2 x2x2 x1x1 z {2,3} {4}{4} {0}{0} {0,1} {2}{2}
62
Technion62 Constructing smaller E-graphs Rule 2: For f i, f j, i < j, if x i =* x j do one of the following: Add equality edge ( f i, f j ) Copy all constraints over f j to f i, i.e. For every Equality Edge ( f j, w ) add equality edge ( f i, w ) For every Disequality Edge ( f j, w ) add Disequality edge ( f i, w ) Choose between the two options heuristically: typically adding less equality edges is better. Q: why is this not symmetric ?
63
Technion63 Constructing smaller E-graphs Consider According to Rule 1 we add a Disequality edge between x 1 and x 2 only if x 1 =* x 2 But here we need to allow x 1 x 2 nevertheless f1f1 f2f2 x2x2 x1x1
64
Technion64 Constructing smaller E-graphs Rule 3: if both u =* v and u * v do not hold, add a disequality path between u and v. These edges are ‘free’: they do not add anything to the allocated ranges. Do not add them; ensure diversity in Range- Allocation instead f1f1 f2f2 x2x2 x1x1
65
Technion65 Constructing smaller E-graphs 1. Built the E-Graph corresponding to flat E ( UF ) 2. Repeat until no edges are added: For every pair F i ( x i ), F j ( x j ) s.t. i < j 1. (Rule 1) if f i * f j and x i =* x j add a solid edge between x i and x j 2. (Rule 2) if x i =* x j either add a dashed edge between f i and f j or copy all constraints from f j to f i 3. (Rule 3) add free edges 4. Allocate adequate ranges for the graph 5. Solve E derived from Bryant’s reduction
66
Technion66 Small E-Graph: Example f1f1 f2f2 x1x1 x2x2 f3f3 f4f4 {0}{0} {1}{1} {1,2} {3}{3} {4}{4} {5}{5} State-space=2
67
Technion67 How would the E-graph look like otherwise? {5}{5} {0,4} {0}{0} {0,1} {0,1,2,3} {0,1,2} f1f1 f2f2 x1x1 x2x2 f3f3 f4f4 Originally, we first reduced UF to E. This added all functional consistency constraints a- priori State-space=48
68
Technion68 Bryant’s vs. Ackermann’s reduction Why only Bryant’s reduction works in this case? The short answer: Bryant’s: when the arguments are equal, it doesn’t matter if f 1 and f 2 are equal. Ackermann’s: giving unique values to f 1, f 2 makes the formula unsatisfiable when x 1 = x 2 ( x 1 = x 2 ! f 1 = f 2 ) Æ flat ( UF ) The long answer: see lecture notes
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.