Post on 25-Feb-2016
description
1/66 Decision Procedure Changki Hong @ PSWLAB
Decision Procedures for Equality Logic and Uninterpreted Functions
Daniel Kroening and Ofer StrichmanDecision Procedure
2/66 Decision Procedure Changki Hong @ PSWLAB
Last talk.. We learnt about Equality logic and Equality
logic with uninterpreted functions.
There were two reduction schemes to trans-form Equality logic with uninterpreted func-tions into Equality logic.
Today, we will cover how to determine satisfi-ability of the Equality logic.
3/66 Decision Procedure Changki Hong @ PSWLAB
Contents Decision procedure for the Equality logic and
UFs
Decision procedure for the Equality logic Transform equality logic to propositional logic Range allocation algorithm
4/66 Decision Procedure Changki Hong @ PSWLAB
Basic assumptions and notations Assumptions
Input formulas are in NNF (Negation Normal Form) Input formulas are checked for satisfiability
Notations Equality formula with Uninterpreted Functions: UF
Equality formula: E
5/66 Decision Procedure Changki Hong @ PSWLAB
Decision procedure for conjunction of equali-ties Input: A conjunction of equalities and dise-
qualities
1. Define an equivalence class for each vari-able. For each equality x = y, unite the equivalence classes of x and y. Repeat until convergence.
2. For each disequality u v if u is in the same equivalence class as v return 'UNSAT'.
3. Return 'SAT'.
6/66 Decision Procedure Changki Hong @ PSWLAB
Example x1 = x2 ∧ x2 = x3 ∧ x4 = x5 ∧ x5 x1
x1 ,x
2 ,x3 x 4,x 5
Equivalence class Equivalence class
Is there a disequality between members of the same class ?No, so return SAT
7/66 Decision Procedure Changki Hong @ PSWLAB
Decision procedure for conjunction of equalities with uninterpreted functions x1 = x2 ∧ x2 = x3 ∧ x4 = x5 ∧ x5 x1 ∧ F(x1)
F(x2)
x1 ,x
2 ,x3 x 4,x 5
Equivalence class Equivalence class
F(x1 )
F(x2 )
Equivalence class
Equivalence class
8/66 Decision Procedure Changki Hong @ PSWLAB
Compute the Congruence Closure x1 = x2 ∧ x2 = x3 ∧ x4 = x5 ∧ x5 x1 ∧ F(x1)
F(x2)x1 ,x
2 ,x3 x 4,x 5
Equivalence classEquivalence class
Given two terms t1, t2 that are in the same class and that F(t1) and F(t2) are terms in for some uninterpreted function F, merge the classes of F(t1) and F(t2). Repeat until there are no more such instances.
If there exists a disequality t1 t2 in UF such that t1 and t2 are in the same equivalence class, return “Unsatisfiable”. Otherwise return “Satisfiable”
F(x1 ),F(x
2 )
Equivalence class
9/66 Decision Procedure Changki Hong @ PSWLAB
Consider a Boolean structure x1 = x2 ∨ (x2 = x3 ∧ x4 = x5 ∧ x5 x1 ∧ F(x1)
F(x2))
x 4,x 5x 2,x 3
case 1 case 2
Syntactic case splitting: This can work well as long as there are not too many cases to consider.
x1 ,x
2
Equivalence class Equivalence classes
F(x 1) F(x 2)
10/66 Decision Procedure Changki Hong @ PSWLAB
Basic notions From here on that uninterpreted functions have al-
ready been eliminated that we are solving the sat-isfiability problem for equality logic without unin-terpreted functions.
E: x = y ∧ y = z ∧ z x The Equality predicates: {x = y, y = z, z x}
which we can break to two sets: equality edge : E= ={x = y, y = z}, disequality edge :
E = {z x} The Equality Graph GE(E) = (V,E=,E) (a.k.a “E-
graph”)x
y
z
11/66 Decision Procedure Changki Hong @ PSWLAB
Basic notions 1
E: (x = y ∧ y = z)∧ z x unsatisfiable2
E: (x = y ∧ y = z)∨ z x satisfiable
The graph GE(E) represents an abstraction of E
It ignores the Boolean structure of E
x
y
z
12/66 Decision Procedure Changki Hong @ PSWLAB
Basic notions
Dfn: a path made of E= edges is an Equality
Path.we write x =*z.
Dfn: a path made of E= edges + exactly one edge from E is a Disequality Path. We write x *y.
x
y
z
13/66 Decision Procedure Changki Hong @ PSWLAB
Basic notions
Dfn. A cycle with one disequality edge is a Contradictory Cycle.
In a Contradictory Cycle, for every two nodes x, y it holds that x =* y and x * y.
x
y
z
14/66 Decision Procedure Changki Hong @ PSWLAB
Basic notions
Dfn: A subgraph is called satisfiable iff the conjunction of the predicates represented by its edges is satisfiable.
Thm: A subgraph is unsatisfiable iff it contains a Contradictory cycle
x
y
z
15/66 Decision Procedure Changki Hong @ PSWLAB
Simplifications
Let S be the set of edges that are not part of any Contradictory Cycle
Thm: replacing all solid edges in S with False, and all dashed edges in S with True, preserves satisfiability
16/66 Decision Procedure Changki Hong @ PSWLAB
Simplification: example
x1
x2
x3
x4
(x1 = x2 ∨ x1 = x4) ∧(x1 x3 ∨ x2 = x3)
(x1 = x2 ∨ True) ∧(x1 x3 ∨ x2 = x3)
(¬False ∨ True) = True Satisfiable!
True
True
False
17/66 Decision Procedure Changki Hong @ PSWLAB
Decision procedures for Equality logic and UFs From hereon we are going to look at algorithms which
transform Equality logic into propositional logic and use decision procedure for propositional logic.
Algorithm I – From Equality to Propositional Logic Adding transitivity constraints Making the graph chordal
Algorithm II – Range-Allocation What is the small-model property? Finding a small adequate range (domain) to each variable Reducing to Propositional Logic
18/66 Decision Procedure Changki Hong @ PSWLAB
We will first investigate methods that solve Equality Logic. Uninterpreted functions are eliminated with one of the reduction schemes.
Our starting point: the E-Graph GE(E)
Recall that GE(E) represents an abstraction of E.It represents ALL equality formulas with the same set of equality predicates as E.
Decision Procedures for Equality Logic
19/66 Decision Procedure Changki Hong @ PSWLAB
From Equality to Propositional LogicBryant & Velev 2000: the Sparse method
E : x1 = x2 ∧ x2 = x3 ∧ x1 x3
enc : e1 ∧ e2 ∧ ¬e3
Encode all edges with Boolean variables (note: for now, ignore polarity) This is an abstraction Transitivity of equality is lost! Must add transitivity constraints!
e 3
e2
e1
20/66 Decision Procedure Changki Hong @ PSWLAB
From Equality to Propositional Logic E : x1 = x2 ∧ x2 = x3 ∧ x1 x3
enc : e1 ∧ e2 ∧ ¬e3
For each cycle add a transitivity constraint trans = (e1 ∧ e2 ⇒ e3) ∧
(e1 ∧ e3 ⇒ e2) ∧ (e3 ∧ e2 ⇒ e1)
Check: enc ∧ trans
e 3
e2
e1
21/66 Decision Procedure Changki Hong @ PSWLAB
From Equality to Propositional Logic
e1
e2
e3
e4
e5
T
TF
T
F
T
There can be an exponential number of cycles, so let’s try to make it better.
Dfn: A chord of a cycle is an edge connecting two non-adjacent nodes of the cycle. If a cycle has no chords in a given graph, it is called a chord-free cycle.
Thm [Bryant & Velev]: It is sufficient to constrain chord-free simple cycles
From Bryant’s slide
22/66 Decision Procedure Changki Hong @ PSWLAB
Still, there can be an exponential number of chord-free simple cycles…
Solution: make the graph ‘chordal’ by adding edges.
….
From Equality to Propositional Logic
From Bryant’s slide
23/66 Decision Procedure Changki Hong @ PSWLAB
From Equality to Propositional Logic
Dfn: A graph is chordal iff every cycle of size 4 or more has a chord.
How to make a graph chordal ? eliminate ver-tices one at a time, and connect their neigh-bors.
From Bryant’s slide
24/66 Decision Procedure Changki Hong @ PSWLAB
From Equality to Propositional Logic
T
T
TT
FTTContradiction!
Once the graph is chordal, we can constrain only the triangles.
Note that this procedure adds no more than a polynomial # of edges, and results in a poly-nomial # of constraints.
25/66 Decision Procedure Changki Hong @ PSWLAB
Decision Procedures for Equality logic and UFs Algorithm I – From Equality to Propositional
Logic Adding transitivity constraints Making the graph chordal
Algorithm II – Range-Allocation Small-model property Finding a small adequate range (domain) to each
variable Reducing to Propositional Logic
26/66 Decision Procedure Changki Hong @ PSWLAB
The small model property We show a method for solving equality logic formulas
by relying on the Small model property. This means that if a formula in this logic is satisfiable,
then there is a finite, bounded in size, model that sat-isfies it.
In Equality Logic, we can compute this bound. Solution strategy for checking whether a given equality
formula is satisfiable, can be summarized as follows: 1. Determine, a domain allocation by mapping each variable xi
into a finite set of intergers.2. Encode each variable xi as an enumerated type over its fi-
nite domain. Construct a propositional formula representing E under this finite domain, and use either BDDs or SAT to check if this formula is satisfiable.
27/66 Decision Procedure Changki Hong @ PSWLAB
The small model property Claim: the range 1..n is adequate, where n is
the number of variables in Proof:
Every satisfying assignment defines a partition of the variables
Every assignment that results in the same partitioning also satisfies the formula
The range 1..n allows all partitionings Complexity
We need log n variables to encode the range 1…n For n variables we need n log n bits
28/66 Decision Procedure Changki Hong @ PSWLAB
Reducing state-space
Instead of giving the range [1..11], analyze connectivity:x1 x2 y1 y2 g1 g2
zu1 f1 f2 u2
x1, y1, x2, y2 :{0-1} u1, f1, f2, u2 : {0-3}g1, g2, z: {0-2}
The state-space: from 1111 to ~ 110592
2
12211
212211
212121
gzgzfufu
ggfufuffyyxx
=
=========
29/66 Decision Procedure Changki Hong @ PSWLAB
Reducing state-space (Cond.)Or even better:
x1 x2 y1 y2 g1 g2
zu1 f1 f2 u2
x1, y1, g1 , u1 : {0}
{0} {0-1}
x2, y2 , g2 , f1 : {0-1}u2 : {0-3} f2, z : {0-2}
The state-space: from 110592 to 576
30/66 Decision Procedure Changki Hong @ PSWLAB
Range minimization problem Given an Equality formula E, find in polyno-
mial time a small domain D* sufficient to pre-serve its satisfiability
In other words: find D* such that E is satisfiable under an infinite domain D →
E is satisfiable under the finite domain D*
31/66 Decision Procedure Changki Hong @ PSWLAB
The strategy1. Determine a range allocation R, mapping
each variable xiE into a small set of integers, such that E is satisfiable iff it is satisfiable over some R-interpretation.
2. Encode each variable xi as an enumerated type over R(xi), and use a standard satisfiabil-ity checker as a decision procedure.
32/66 Decision Procedure Changki Hong @ PSWLAB
What range is adequate ? Recall that a subgraph of an E-Graph GE(E) is
unsatisfiable iff it contains a contradictory cy-cle.
Dfn: A Range Allocation R is adequate for GE(E) if every satisfiable subgraph can be sat-isfied under R.
Now we need an algorithm to find adequate ranges
33/66 Decision Procedure Changki Hong @ PSWLAB
Example Building the E-graph
x1 x2 y1 y2 g1 g2
zu1 f1 f2 u2
)}(),(),(),(),({ 221 212121 zgfufuyyxx
)}(),(),(),(),{( 121121 212 zgfufuggff =====
E :E= :
Note: 1. Inconsistent subsets appear as contradictory cycles2. Some of the vertices are mixed
34/66 Decision Procedure Changki Hong @ PSWLAB
The range allocation algorithm
A. Remove all solid edges not belonging to con-tradictory cycles.
B. Add a single unique value to singleton ver-tices, and remove them from the graph.
x1 x2 y1 y2 g1 g2
zu1 f1 f2 u2
{0} {1} {3}{2}
Step I - pre-processing:
35/66 Decision Procedure Changki Hong @ PSWLAB
The range allocation algorithmStep 2 – Set construction:
A. For each mixed vertex xi: 1. Add a unique value ui to R(xi) 2. Broadcast ui on G=
3. Remove xi and its adjacent edges from the graph B. Add a unique value to each remaining G=
componentg1 g2
z
{4}{4}
{4}
g1
z
{4, }
{4, }
g1 g2
z
{4}
{4, }
{4, }
A. B.
5
5
5
5
36/66 Decision Procedure Changki Hong @ PSWLAB
The range allocation algorithm
u1 f1 f2 u2
{6} {6} {6} {6}
f1 f2 u2
{6,7}{6,7}{6,7}
u2{6,7, }
u1 f1 f2 u2
{6} {6,7}
1.
2.
3. f1
{6,7, }
{6,7, } {6,7, }
8
8
9
9
37/66 Decision Procedure Changki Hong @ PSWLAB
The range allocation algorithm
The state-space is reduced to 72.
1111 721..n better connectiv-
ity 576110592connectivity range allocation
algo.
38/66 Decision Procedure Changki Hong @ PSWLAB
Conclusion Decision procedure for the equality logic with
UFs, which uses syntactic case splitting method, is inefficient if the formula has many disjunctions.
There are two algorithms which transform the original equality logic formula into the corre-sponding propositional logic formula and then check satisfiability using BDDs or SAT solver.
39/66 Decision Procedure Changki Hong @ PSWLAB
Linear Arithmetic
Daniel Kroening and Ofer StrichmanDecision Procedure
40/66 Decision Procedure Changki Hong @ PSWLAB
Linear Arithmetic
Feasible region
Linear program consists of the ob-jective function and the constraints.
We are interested in the decision problem rather than the optimiza-tion problem.
41/66 Decision Procedure Changki Hong @ PSWLAB
Simplex algorithm The simplex algorithm is developed by Danzig in 1947 but it
still efficiently used. The simplex algorithm can decide satisfiability of a conjunc-
tion of linear inequalities. The set of constraints is normally accompanied by a linear
objective functions in terms of the variables of the formula. If the set of constraints is satisfiable, the simplex algorithm
provides a satisfying assignment that maximizes the value of the objective function.
As we are concerned with the decision problem rather than the optimization problem, we are going to cover a variant of the simplex algo. called general simplex that does not re-quire an objective function.
42/66 Decision Procedure Changki Hong @ PSWLAB
General simplex algorithm The general simplex algorithm accepts two types
of constraints as input:1. Equalities of the form
2. Lower and upper bounds on the variables:
where li and ui are constants representing the lower and upper bounds on xi, respectively.
We call this representation of input formula as general form.
0...11 = nnxaxa
iii uxl
43/66 Decision Procedure Changki Hong @ PSWLAB
General simplex algorithm We can transform an linear constraint L F R with F2
{=, ·, ¸} into the general form as follows: Let m be the number of constraints. For the i-th con-
straints, 1· i · m 1. Move all addends in R to the left-hand side to obtain L’ F b,
where b is a constant.2. Introduce a new variable si. Add the constraints F b
The original and the transformed conjunctions of constraints are obviously equisatisfiable.
L0¡ si = 0 and si
44/66 Decision Procedure Changki Hong @ PSWLAB
Example
The new variables s1, … , sm are called the additional vari-ables.
The variables x1, … , xn in the original constraints are called problem variables.
45/66 Decision Procedure Changki Hong @ PSWLAB
General simplex algorithm It is common and convenient to view linear con-
straints satisfaction problem as geometrical prob-lems.
The shaded region rep-resents satisfiable area.
The red circled points il-lustrate the progress that the simplex algo-rithm makes.
46/66 Decision Procedure Changki Hong @ PSWLAB
General simplex algorithm The general form of the constraints can be repre-
sented as follows:
A : m by (n+m) metrics x : 1 by (n+m)metrics (x1, … , xn, s1,… , sm)
47/66 Decision Procedure Changki Hong @ PSWLAB
General simplex algorithm The tableau is simply a different representation of
A. Additional variables such as s1, … , sm are also called
the basic variable and denoted by B. Problem variables such as x1, … , xn are also called the
nonbasic variable and denoted by N. Tableau is written into
Example
48/66 Decision Procedure Changki Hong @ PSWLAB
General simplex algorithm
49/66 Decision Procedure Changki Hong @ PSWLAB
General simplex algorithm The algorithm initializes its data structure as
follows: The set of basic variables B is the set of additional
variables. The set of nonbasic variables N is the set of prob-
lem variables. For any xi with i 2 {1, … , n+m}, ®(xi) = 0.
Pivot operation Swaps xi with xj (xi is from the column of the
tableau and xj is from the row of the tableau). The process of the pivot operation is explained in
the following example.
50/66 Decision Procedure Changki Hong @ PSWLAB
Example
We initialize ®(xi) = 0. The lower bound of s1 is 2 and it is violated.
Since the variable x has a positive coefficient, it is suitable for the pivot operation.
We need to increase s1 by 2 in order to meet the lower bound, which means that x has to increase by 2 as well.
51/66 Decision Procedure Changki Hong @ PSWLAB
Example The first step of the pivot operation is to solve the row of s1
for x:
This equality is now used to replace x in the other two rows:
Written as a tableau, the result of the pivot operation is:
52/66 Decision Procedure Changki Hong @ PSWLAB
Example
The lower bound of s3 is violated. The only suitable variable for pivoting is y.
This equality is now used to replace y in the other two rows:
The final tableau is: This assignment ® satisfies the bounds, and thus {x 1, y 1} is a satisfying as-signment.
3113
31
313 ssyyss ==
31212
311
3231
32
sssyss
ssxysx
==
==
53/66 Decision Procedure Changki Hong @ PSWLAB
Integer Linear Programming Problem formulation
max cxAx · bx ¸ 0 and integer
Where A is an m £ n coefficients matrixc is an n-dimensional row vectorb is an m - dimensional column vectorx is an n - dimensional column vector of variables.
54/66 Decision Procedure Changki Hong @ PSWLAB
Feasibility of a linear system The decision problem associated with ILP is
NP-hard. But once again, we are not actually interested
in ILP: we do not have an objective function. All we want to know is whether a given sys-
tem is satisfiable.Ax · b
x ¸ 0 and integer
Still, NP-hard…
55/66 Decision Procedure Changki Hong @ PSWLAB
How different can it be from LP ? The LP problem can be feasible, whereas its
ILP version is not.
x1
x2
Feasible region
56/66 Decision Procedure Changki Hong @ PSWLAB
From hereon we will assume that all variables are finite.
Enumerate all solutions with a tree
Guaranteed to find a feasible solution if it ex-ists
But, exponential growth in the size of the tree / computation time
A naïve solution strategy
x1=0
x2=0 x2=2x2=1
x1=1 x1=2
x2=0 x2=2x2=1x2=0 x2=2x2=1
57/66 Decision Procedure Changki Hong @ PSWLAB
A family of algorithms: Branch & Bound Probably the most popular method for solving
Integer Linear Programming (ILP) problems (First presented in 1960) is B & B.
It is the optimization problem. However, we are interested in deciding feasi-
bility of a linear system.
58/66 Decision Procedure Changki Hong @ PSWLAB
Branch and Bound The main idea:
Solve the ‘relaxed’ problem, i.e. no integrality con-straints.
If the relaxed problem is infeasible – backtrack (there is no integer solution in this branch)
If the solution is integral – terminate (‘feasible’). Otherwise split on a variable for which the as-
signment is non-integral, and repeat for each case.
More details to come…
59/66 Decision Procedure Changki Hong @ PSWLAB
Splitting on non-integral LP solutions.
x1
x2
x1
x2
x2≤1
Solve LP relaxation to get fractional solutions Create two sub-branches by adding constraints
x2≥2
Feasible real solution
60/66 Decision Procedure Changki Hong @ PSWLAB
Example Suppose our system A has variables x1… x4,
and that the LP solver returned a solution (1, 0.7, 2.5, 3).
Choose one of x2, x3. Suppose we choose x2. Solve two new problems:
A1 = A [ {x2 · 0} A2 = A [ {x2 ¸ 1}
Clearly A1 or A2 are satisfiable iff A is.
61/66 Decision Procedure Changki Hong @ PSWLAB
x2≤2
Splitting on non-integral LP solutions.
x1
x2
x1
x2
Sub-branches can be pruned if it has no integral so-lution.
x2≥3
Feasible real solution This branch is not feasible
62/66 Decision Procedure Changki Hong @ PSWLAB
The branch and bound treeA
A2 A1
A12 A11
(1,0 .7,2.5,3)
(1,-1.5,1.5,4.1)
x2 · 0 x2 ¸ 1
x3 ¸ 1
(1,3,0.5,2)
(1,3,0.5,2)
x3 · 0
(1,3,4,1)x
Sub trees can be pruned away before reaching a leaf…
Each leaf is a feasible solution.
Pruned due to infeasibility
63/66 Decision Procedure Changki Hong @ PSWLAB
Conclusion General simplex algorithm can check satisfia-
bility of LP constraints.
ILP is NP-hard but Branch and bound algorithm works efficiently in practice.