Beyond Quantifier-Free Interpolation in Extensions of Presburger - - PowerPoint PPT Presentation

beyond quantifier free interpolation in extensions of
SMART_READER_LITE
LIVE PREVIEW

Beyond Quantifier-Free Interpolation in Extensions of Presburger - - PowerPoint PPT Presentation

Mar 07, 2023 157 likes •501 views

Beyond Quantifier-Free Interpolation in Extensions of Presburger Arithmetic Angelo Brillout, 1 Daniel Kroening, 2 ummer, 3 Thomas Wahl 2 Philipp R 1 ETH Zurich 2 Oxford University 3 Uppsala University Deduction at Scale, March 10th, 2011 1 /

slide-1
SLIDE 1

Beyond Quantifier-Free Interpolation in Extensions of Presburger Arithmetic

Angelo Brillout,1 Daniel Kroening,2 Philipp R¨ ummer,3 Thomas Wahl2

1ETH Zurich 2Oxford University 3Uppsala University

Deduction at Scale, March 10th, 2011

1 / 22

slide-2
SLIDE 2

Motivation: invariant inference

i n t a [ ] , i ; max = a [ 0 ] ; f o r ( i = 1; i < n ; ++i ) i f ( a [ i ] > max) max = a [ i ] ; a s s e r t (max >= a [ i / 2 ] ) ;

Goal: infer post conditions of loop executions Instrument: inductive loop invariant φ pre ⇒ φ {φ} body {φ} φ ⇒ post {pre} body∗ {post} φ can be found using Craig interpolation + fixed-point iteration [McMillan, 2003]

2 / 22

slide-3
SLIDE 3

Interpolation: definition

Definition (Craig interpolant)

Given FO formulae A,B such that A ⇒ B is valid, an interpolant is a formula I such that

  • 1. A ⇒ I, I ⇒ B
  • 2. symb(I) ⊆ symb(A) ∩ symb(B)

Example: p is an interpolant for p ∧ q ⇒ p ∨ r . If A,B are FO formulas with A ⇒ B, there is an interpolant. [W. Craig, 1957]

3 / 22

slide-4
SLIDE 4

In this talk . . .

Starting point:

❼ Interpolation in quantifier-free Presburger Arithmetic (PA)

[IJCAR, 2010]

We investigate combination with:

❼ Quantifiers ❼ Uninterpreted predicates (UP) ❼ Uninterpreted functions (UF) ❼ Theory of arrays (AR) ❼ ❼

4 / 22

slide-5
SLIDE 5

In this talk . . .

Starting point:

❼ Interpolation in quantifier-free Presburger Arithmetic (PA)

[IJCAR, 2010]

We investigate combination with:

❼ Quantifiers ❼ Uninterpreted predicates (UP) ❼ Uninterpreted functions (UF) ❼ Theory of arrays (AR) ❼ Paper: [VMCAI, 2011] ❼ Earlier version: [VERIFY, 2010]

4 / 22

slide-6
SLIDE 6

Interesting questions

❼ Decidability of validity

❼ PA is decidable (also with quantifiers ⇒ QPA) ❼ PA+UP, PA+UF, PA+AR are decidable ❼ QPA+* is undecidable

❼ Closure under interpolation ❼ Practical interpolation procedures

5 / 22

slide-7
SLIDE 7

Fragments of extensions of Presburger Arithmetic

φ ∶∶= t = t ∣ t ≤ t ∣ α ∣ t ∣ p(¯ t) ∣ φ ∧ φ ∣ φ ∨ φ ∣ ¬φ ∣ ∀x.φ ∣ ∃x.φ t ∶∶= α ∣ c ∣ x ∣ αt + ⋯ + αt ∣ f (¯ t) where φ is a formula t is a term α is an integer literal c/p/f is a constant/UP/UF (uninterpreted) x is an integer variable

6 / 22

slide-8
SLIDE 8

Fragments of extensions of Presburger Arithmetic

φ ∶∶= t = t ∣ t ≤ t ∣ α ∣ t ∣ p(¯ t) ∣ φ ∧ φ ∣ φ ∨ φ ∣ ¬φ ∣ ∀x.φ ∣ ∃x.φ t ∶∶= α ∣ c ∣ x ∣ αt + ⋯ + αt ∣ f (¯ t) gives rise to various fragments/logics:

❼ PA: no UP, UF, quantifiers ❼ QPA: PA + quantifiers ❼ PA+UP, PA+UF ❼ QPA+UP, QPA+UF ❼ PA+AR: PA + distinguished functions select,store

6 / 22

slide-9
SLIDE 9

Which fragments are closed under interpolation?

Definition

Fragment F is closed under interpolation if for all A,B ∈ F such that A ⇒ B, there is an interpolant expressible in F. [Kapur et al, 2006: “F is interpolating”]

7 / 22

slide-10
SLIDE 10

Known results

(Q)PA ⇒ closed under interpolation (as it allows quantifier elimination) QPA+AR ⇒ closed (add quantifiers for local variables) PA+AR ⇒ not closed (not even without PA, [Kapur et al, 2006]) QPA+UP QPA+UF ⇒ not closed (since interpolation could simulate second-order quantifier elimination)

8 / 22

slide-11
SLIDE 11

Is PA+UP closed under interpolation?

9 / 22

slide-12
SLIDE 12

Is PA+UP closed under interpolation?

Consider example: φ ∶∶ (2c = y ∧ p(c)) ⇒ (2d = y ⇒ p(d))

9 / 22

slide-13
SLIDE 13

Is PA+UP closed under interpolation?

Consider example: φ ∶∶ (2c = y ∧ p(c)) ⇒ (2d = y ⇒ p(d)) “Feels-like interpolant”: p(y

2)

9 / 22

slide-14
SLIDE 14

Is PA+UP closed under interpolation?

Consider example: φ ∶∶ (2c = y ∧ p(c)) ⇒ (2d = y ⇒ p(d)) “Feels-like interpolant”: p(y

2)

Really: strongest: I1 ∶ ∃c.(2c = y ∧ p(c)) weakest: I2 ∶ ∀d.(2d = y ⇒ p(d)) Can we eliminate ∃,∀ in the φ example?

9 / 22

slide-15
SLIDE 15

Is PA+UP closed under interpolation?

Consider example: φ ∶∶ (2c = y ∧ p(c)) ⇒ (2d = y ⇒ p(d)) “Feels-like interpolant”: p(y

2)

Really: strongest: I1 ∶ ∃c.(2c = y ∧ p(c)) weakest: I2 ∶ ∀d.(2d = y ⇒ p(d)) Can we eliminate ∃,∀ in the φ example? No!

❼ I1,I2 cannot be expressed in PA+UP (i.e., without quantifiers)

9 / 22

slide-16
SLIDE 16

New negative result

Theorem

PA+UP is not closed under interpolation. (Similarly for PA+UF)

10 / 22

slide-17
SLIDE 17

Closure results

(Q)PA ⇒ closed under interpolation (as it allows quantifier elimination) QPA+AR ⇒ closed (add quantifiers for local variables) PA+AR ⇒ not closed (not even without PA, [Kapur et al, 2006]) QPA+UP QPA+UF ⇒ not closed (since interpolation could simulate second-order quantifier elimination) PA+UP ⇒ not closed PA+UF ⇒ not closed

11 / 22

slide-18
SLIDE 18

Closure results

(Q)PA ⇒ closed under interpolation (as it allows quantifier elimination) QPA+AR ⇒ closed (add quantifiers for local variables) PA+AR ⇒ not closed (not even without PA, [Kapur et al, 2006]) QPA+UP QPA+UF ⇒ not closed (since interpolation could simulate second-order quantifier elimination) PA+UP ⇒ not closed PA+UF ⇒ not closed Anything positive?

11 / 22

slide-19
SLIDE 19

Positive results

Lemma (interpolants with quantifiers)

If A ⇒ B is a valid PA+UP formula, then there is a QPA+UP interpolant A ⇒ I ⇒ B. (Similarly for PA+UF, PA+AR.)

Theorem (extension of PA+UP)

There is a (natural) extension of PA+UP that is

❼ decidable, and ❼ closed under interpolation.

(Similarly for PA+UF.)

12 / 22

slide-20
SLIDE 20

Decidability by stack of encodings

Theory of arrays QPA+UF (unint. functions) QPA+UP (unint. predicates) QPA (Presburger Arithmetic) + array axioms + functionality axioms + consistency axioms ⇒ Decision proc. for PA+AR, PA+UF, PA+UP ⇒ “Similar” to standard implementation in SMT solvers

13 / 22

slide-21
SLIDE 21

Interpolation by stack of encodings

PA+* calculus = PA calculus + (ground) quantifier handling + theory axioms

❼ ❼ ❼

14 / 22

slide-22
SLIDE 22

Interpolation by stack of encodings

PA+* calculus = PA calculus } Interpolating version in VMCAI paper + (ground) quantifier handling + theory axioms

Interpolants from proofs

❼ recursively annotate proof with partial interpolants,

according to interpolating rules

❼ “total” interpolants extracted from closed proofs ❼ proves existence of QPA+* interpolants.

14 / 22

slide-23
SLIDE 23

How to close PA+UP under interpolation

15 / 22

slide-24
SLIDE 24

How to close PA+UP under interpolation

Need ability to use witness for α ∣ t in terms: φ ∶∶ (2c = y ∧ p(c)) ⇒ (2d = y ⇒ p(d)) with strongest interpolant ∃x.(2x = y ∧ p(x))

15 / 22

slide-25
SLIDE 25

How to close PA+UP under interpolation

Need ability to use witness for α ∣ t in terms: φ ∶∶ (2c = y ∧ p(c)) ⇒ (2d = y ⇒ p(d)) with strongest interpolant ∃x.(2x = y ∧ p(x))

Definition

PAID+UP = PA+UP plus guarded quantification: ∃x.(αx = t ∧ φ) ∀x.(αx = t ⇒ φ)

(α / = 0, x not in t) 15 / 22

slide-26
SLIDE 26

How to close PA+UP under interpolation

Need ability to use witness for α ∣ t in terms: φ ∶∶ (2c = y ∧ p(c)) ⇒ (2d = y ⇒ p(d)) with strongest interpolant ∃x.(2x = y ∧ p(x))

Definition

PAID+UP = PA+UP plus guarded quantification: ∃x.(αx = t ∧ φ) ∀x.(αx = t ⇒ φ)

(α / = 0, x not in t)

Is this just to accommodate φ’s interpolant??

15 / 22

slide-27
SLIDE 27

Interpolating in PAID+UP

Theorem

PAID+UP is closed under interpolation. (Similarly for PAID+UF) Proof:

  • 1. Define a restricted version of our calculus that only generates

PAID+UP interpolants

❼ Only unify atoms p(¯

s),p(¯ t) or terms f (¯ s),f (¯ t) if ¯ s = ¯ t has been derived

  • 2. Show that the restricted calculus is still complete for

PAID+UP

16 / 22

slide-28
SLIDE 28

Expressiveness of guarded quantifiers

They encode integer division: ∃x.(αx = t ∧ φ ) ≡ (α ∣ t) ∧ φ[x → (t ÷ α)] ∃x.(αx = t ∧ true) ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ

α∣t

≡ α ⋅ (t ÷ α) = t

17 / 22

slide-29
SLIDE 29

PA+UP can be closed!

PA

QPA PA+UP ⇓ PAID+UP ⇓ QPA+UP

Legend: decidable undecidable

ABCD = closed

under interpolation ⇓ = subset

18 / 22

slide-30
SLIDE 30

What do we have?

❼ Sound + complete interpolating calculus for

PAID+UP, PAID+UF, PAID+AR

❼ Generated interpolants stay within

PAID+UP, PAID+UF, QPA+AR

❼ Calculus is close to procedures used in SMT solvers

Future directions:

❼ Extensions of PAID+AR closed under interpolation?

(+ decidable)

❼ Implementations ❼ Integration in Yorsh + Musuvathi’s combination framework?

19 / 22

slide-31
SLIDE 31

Related work: integer arithmetic interpolation

❼ Reduction to FOL

[Kapur, Majumdar, Zarba, 2006]

❼ Simplex-based

[Lynch, Tang, 2008]

❼ Sequent calculus-based

[Brillout, Kroening, R¨ ummer, Wahl, 2010]

❼ Again Simplex-based

[Kroening, Leroux, R¨ ummer, 2010]

❼ Simplex-based, targetting SMT

[Griggio, Le, Sebastiani, 2011]

20 / 22

slide-32
SLIDE 32

Related work: interpolation beyond integer arithmetic

❼ Uninterpreted functions

[McMillan, 2005], [Fuchs, Goel, Grundy, Krsti´ c, Tinelli, 2009]

❼ Theory of arrays

[Kapur, Majumdar, Zarba, 2006], [McMillan, 2008]

❼ First-order logic

[Hoder, Kov´ acs, Voronkov, 2010]

❼ Quantifiers

[Christ, Hoenicke, 2010]

❼ Combination of interpolation procedures

[Yorsh, Musuvathi, 2005]

21 / 22

slide-33
SLIDE 33

End of Talk.

22 / 22