Decision Procedures An Algorithmic Point of View Equalities and - PowerPoint PPT Presentation

Decision Procedures An Algorithmic Point of View Equalities and Uninterpreted Functions D. Kroening O. Strichman ETH/Technion Version 1.0, 2007

Part III Equalities and Uninterpreted Functions

Outline 1 Introduction to Equality Logic Definition, complexity 2 Reducing uninterpreted functions to Equality Logic 3 Using uninterpreted functions in proofs 4 Simplifications D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 3 / 47

Equality Logic A Boolean combination of Equalities and Propositions x 1 = x 2 ∧ ( x 2 = x 3 ∨ ¬ (( x 1 = x 3 ) ∧ b ∧ x 1 = 2)) We always push negations inside (NNF): x 1 = x 2 ∧ ( x 2 = x 3 ∨ (( x 1 � = x 3 ) ∧ ¬ b ∧ x 1 � = 2)) D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 4 / 47

Syntax of Equality Logic formula : formula ∨ formula | ¬ formula | atom : term - variable = term - variable atom | term - variable = constant | Boolean - variable The term - variables are defined over some (possible infinite) domain. The constants are from the same domain. The set of Boolean variables is always separate from the set of term variables D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 5 / 47

Expressiveness and complexity Allows more natural description of systems, although technically it is as expressible as Propositional Logic. Obviously NP-hard. In fact, it is in NP, and hence NP-complete, for reasons we shall see later. D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 6 / 47

Equality logic with uninterpreted functions formula : formula ∨ formula | ¬ formula | atom : term = term atom | Boolean - variable term : term - variable | function ( list of term s ) The term - variables are defined over some (possible infinite) domain. Constants are functions with an empty list of terms. D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 7 / 47

Uninterpreted Functions Every function is a mapping from a domain to a range. Example: the ’ + ’ function over the naturals N is a mapping from � N × N � to N . D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 8 / 47

Uninterpreted Functions Suppose we replace ’ + ’ by an uninterpreted binary function f ( a, b ) Example: x 1 + x 2 = x 3 + x 4 is replaced by f ( x 1 , x 2 ) = f ( x 3 , x 4 ) We lost the ’semantics’ of ’ + ’, as f can represent any binary function. ’Loosing the semantics’ means that f is not restricted by any axioms or rules of inference. But f is still a function! D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 9 / 47

Uninterpreted Functions The most general axiom for any function is functional consistency. Example: if x = y , then f ( x ) = f ( y ) for any function f. Functional consistency axiom schema: x 1 = x ′ 1 ∧ . . . ∧ x n = x ′ f ( x 1 , . . . , x n ) = f ( x ′ 1 , . . . , x ′ = ⇒ n ) n Sometimes, functional consistency is all that is needed for a proof. D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 10 / 47

Example: Circuit Transformations Latch R 1 Circuits consist of I combinational gates and Combi- latches (registers) national part D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 11 / 47

Example: Circuit Transformations Latch R 1 Circuits consist of I combinational gates and Combi- latches (registers) national part The combinational gates can be modeled using f ( x, y ) := x ∨ y functions R ′ = f ( R 1 , I ) The latches can be 1 modeled with variables D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 11 / 47

Example: Circuit Transformations in F L 1 G H K L 2 L 3 L 4 C D 1 0 L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 12 / 47

Example: Circuit Transformations ✛ in : a primary input of the circuit in F L 1 G H K L 2 L 3 L 4 C D 1 0 L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 12 / 47

Example: Circuit Transformations ✛ in : a primary input of the circuit in ✐ P P F P P P P P P P F, G, H, K, D : some functions ✏ L 1 ✏ ✏ ✏ over bit-vectors ✏ ✏ ✮ G H K L 2 L 3 L 4 C D 1 0 L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 12 / 47

Example: Circuit Transformations ✛ in : a primary input of the circuit in P ✐ P F P P P P P P P F, G, H, K, D : some functions ✏ L 1 ✏ ■ ❅ ❅ ✏ ✏ over bit-vectors ✏ ✏ ✮ ❅ ❅ G ❅ ❅ H L 1 , . . . , L 5 : latches (registers) ✑ ✁ ✑ K ✑ ✁ ✑ ✁ ✑ ✰ ✑ ✁ L 2 L 3 L 4 ✁ ✁ ✁ C D ✁ 1 0 ✁ ✁ ✁ ☛ L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 12 / 47

Example: Circuit Transformations ✛ in : a primary input of the circuit in P ✐ P F P P P P P P P F, G, H, K, D : some functions ✏ L 1 ✏ ❅ ■ ❅ ✏ ✏ over bit-vectors ✏ ✏ ✮ ❅ ❅ G ❅ ❅ H L 1 , . . . , L 5 : latches (registers) ✑ ✁ ✑ K ✑ ✁ ✑ ✁ ✑ ✰ ✑ ✁ L 2 L 3 L 4 ✁ ✁ ✛ C : a predicate over bit-vectors ✁ C D ✁ ✛ a multiplexer (case-split) 1 0 ✁ ✁ ✁ ☛ L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 12 / 47

Example: Circuit Transformations in F A pipeline processes data in stages L 1 Data is processed in parallel – as in an assembly line G Formal model: H K = f ( I ) L 1 L 2 = L 1 L 2 L 3 L 4 = k ( g ( L 1 )) L 3 C D = h ( L 1 ) L 4 1 0 L 5 = c ( L 2 ) ? L 3 : l ( L 4 ) L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 13 / 47

Example: Circuit Transformations Stage 1 in F A pipeline processes data in stages L 1 Data is processed in parallel – as in an assembly line G Formal model: H K = f ( I ) L 1 L 2 = L 1 L 2 L 3 L 4 = k ( g ( L 1 )) L 3 C D = h ( L 1 ) L 4 1 0 L 5 = c ( L 2 ) ? L 3 : l ( L 4 ) L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 13 / 47

Example: Circuit Transformations in F A pipeline processes data in stages L 1 Data is processed in parallel – as in an Stage 2 assembly line G Formal model: H K = f ( I ) L 1 L 2 = L 1 L 2 L 3 L 4 = k ( g ( L 1 )) L 3 C D = h ( L 1 ) L 4 1 0 L 5 = c ( L 2 ) ? L 3 : l ( L 4 ) L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 13 / 47

Example: Circuit Transformations in F A pipeline processes data in stages L 1 Data is processed in parallel – as in an assembly line G Formal model: H K = f ( I ) L 1 L 2 = L 1 L 2 L 3 L 4 = k ( g ( L 1 )) L 3 C D = h ( L 1 ) L 4 1 0 L 5 = c ( L 2 ) ? L 3 : l ( L 4 ) Stage 3 L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 13 / 47

Example: Circuit Transformations in F L 1 The maximum clock frequency depends on the longest path between two latches G Note that the output of g is used as input H to k K We want to speed up the design by postponing k to the third stage L 2 L 3 L 4 C D 1 0 L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 14 / 47

Example: Circuit Transformations in F L 1 The maximum clock frequency depends on the longest path between two latches G Note that the output of g is used as input H to k K We want to speed up the design by postponing k to the third stage L 2 L 3 L 4 Also note that the circuit only uses one of L 3 or L 4 , never both C D ⇒ We can remove one of the latches 1 0 L 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 14 / 47

Example: Circuit Transformations in in F F L ′ L 1 1 G C G H H 1 0 K ? ? = = L 2 L 3 L 4 L ′ L ′ 2 3 C D K D 1 0 1 0 L 5 L ′ 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 15 / 47

Example: Circuit Transformations L 1 = f ( I ) L ′ = f ( I ) 1 = L 2 L 1 L ′ c ( L ′ = 1 ) 2 L 3 = k ( g ( L 1 )) L ′ c ( L ′ 1 ) ? g ( L ′ 1 ) : h ( L ′ = 1 ) 3 = h ( L 1 ) L 4 L ′ L ′ 2 ? k ( L ′ 3 ) : l ( L ′ = 3 ) 5 L 5 = c ( L 2 ) ? L 3 : l ( L 4 ) ? = L ′ L 5 5 D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 16 / 47

Example: Circuit Transformations L 1 = f ( I ) L ′ = f ( I ) 1 = L 2 L 1 L ′ c ( L ′ = 1 ) 2 L 3 = k ( g ( L 1 )) L ′ c ( L ′ 1 ) ? g ( L ′ 1 ) : h ( L ′ = 1 ) 3 = h ( L 1 ) L 4 L ′ L ′ 2 ? k ( L ′ 3 ) : l ( L ′ = 3 ) 5 L 5 = c ( L 2 ) ? L 3 : l ( L 4 ) ? = L ′ L 5 5 Equivalence in this case holds regardless of the actual functions Conclusion: can be decided using Equality Logic and Uninterpreted Functions D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 16 / 47

Transforming UFs to Equality Logic using Ackermann’s reduction Given: a formula ϕ UF with uninterpreted functions For each function in ϕ UF : ✲ F 2 ( F 1 ( x ) ) = 0 1. Number function instances (from the inside out) D. Kroening, O. Strichman (ETH/Technion) Decision Procedures Version 1.0, 2007 17 / 47