Technion 1

Generating minimum transitivity constraints in P-time for deciding Equality Logic

Ofer Strichman and Mirron Rozanov

Technion, Haifa, Israel

Technion 2

Deciding Equality Logic (TE)

The eager approach: TE ! Pr

Bryant & Velev [BV-CAV’00] – Boolean satisfiability with transitivity constraints.

Meir and Strichman [MS-CAV’05] – Yet another decision procedure for equality logic.

This work: a ‘closure’ on [MS-CAV’05]

Technion 3

Basic notions

E: x = y Æ y = z Æ z x

x

y

z

(non-polar) Equality Graph:

Technion 4

From Equality to Propositional Logic[BV-CAV'00] – the Sparse method

E : x1 = x2 Æ x2 = x3 Æ x1 x3

sk : e1,2 Æ e2,3 Æ :e1,3

Encode all edges with Boolean variables Add transitivity constraints

e 1,3

e1,2

e 2,3

x1

x2

x3

Technion 5

From Equality to Propositional Logic[BV-CAV'00] – the Sparse method

E : x1 = x2 Æ x2 = x3 Æ x1 x3

sk : e1,2 Æ e2,3 Æ :e1,3

Transitivity Constraints: For each cycle of size n, forbid a true assignment to n-1 edges

T S = (e1,2 Æ e2,3 ! e1,3) Æ (e1,2 Æ e1,3 ! e2,3) Æ

(e1,3 Æ e2,3 ! e1,2)

Check: sk Æ T S

e 1,3

e1,2

e 2,3

x1

x2

x3

Technion 6

Thm-1: It is sufficient to constrain chord-free simple cycles

There can be an exponential number of chord-free simple cycles…

e1

e2

e3

e4

e5

From Equality to Propositional Logic[BV-CAV'00] – the Sparse method

Technion 7

Make the graph ‘chordal’.

In a chordal graph, it is sufficient to constrain only triangles. Polynomial # of edges and constraints. # constraints = 3 £ #triangles

From Equality to Propositional Logic[BV-CAV'00] – the Sparse method

Technion 8

An improvement[MS-CAV’05] – the RTC method

So far we did not consider the polarity of the edges.

Assuming E is in Negation Normal Form

E: x = y Æ y = z Æ z x

x

y

z

(polar) Equality Graph:

= =

Technion 9

Here, T R = e3 Æ e2 ! e1 is sufficient

This is only true because of monotonicity of NNF

An improvementReduced Transitivity Constraints (RTC)

e1

e2

e3

x

z

y

=

=

Allowing e.g. x = z, x = y, z y

F

T

T

T

’:x = z, x = y, z = y

Technion 10

Definitions Dfn-1: A contradictory cycle is a cycle with exactly

one disequality edge.

Dfn-2: A contradictory Cycle C is constrained under T if T does not allow such an assignment.

C =

F

T

T T

T

Technion 11

Main theorem [MS-CAV’05]

Let T R be a conjunction of transitivity constraints.

If T R constrains all simple contradictory cycles

then E is satisfiable iff sk Æ T R is satisfiable

The Equality Formula

Technion 12

Transitivity: 5 constraintsRTC: 0 constraints

Transitivity: 5 constraintsRTC: 1 constraint

F

T

T

T

T

Technion 14

Applying RTC

How can we use the theorem without enumerating contradictory cycles ?

Answer: Consider the chordal graph. Still – which triangles ? which constraints?

Technion 15

x0

x1

x2

x3

x4

The RTC solution [MS-CAV’05]

1) Exp # cycles to traverse 2) Not all cycles are simple. Solution to 1): Stop before adding an existing constraint Solution to 2): Explore only simple cycles

These solutions cannot be combined.

cache:

e0,2 Æ e1,2 e0,1e1,3 Æ e2,3 e1,2

e2,4 Æ e3,4 e2,3

e0,2 Æ e0,4 e2,4

Technion 18

x0

x1

x2

x3 x6

x4

x5

Constraining simple contradictory cycles

es

x71. Focus on each solid edge es separately

- (find its dashed Bi-connected component)

2. Make the graph chordal

Do we need: e5,6 Æ e3,6 ! e3,5 ?Do we need: e3,5 Æ e3,6 ! e5,6 ?

Technion 19

x0

x1

x2

x3 x6

x4

x5

Constraining simple contradictory cycles3. Remove a vertex xk that leans on an edge (xi,xj)

4. Is (xi,xj) on a simple cycle with es? O(|E|)

5. If yes, add (ek,i Æ ek,j ! ei,j)

es

e5,6 Æ e3,6 e3,5

Technion 20

x0

x1

x2

x3 x6

x4

x5

Constraining simple contradictory cycles3. Remove a vertex vk that leans on an edge (vi,vj)

4. Does (vi,vj) on the same simple cycle with es?

5. If yes, add (ek,i Æ ek,j ! ei,j)

es

e5,6 Æ e3,6 e3,5

Technion 21

Correctness

The set of generated constraints is sufficient. The set of generated constraints is necessary.

Technion 22

Random graphs (Satisfiable)[MS-CAV’05]

Technion 23

Results – random graphs

V=200, E=800, 16 random topologies

0

50000

100000

150000

200000

250000

300000

350000

400000

10 30 50 70

% dashed

Co

nst

rain

ts

RTC

RTCS

# constraints: reduction of 17%Run time: reduction of 32%

Technion 24

Results – random graphs

V=200, E=800, 16 random topologies

# constraints: reduction of 17%Run time: reduction of 32%

0

50

100

150

200

250

300

350

400

450

10 30 50 70

% dashed

run

-tim

e

RTC

RTCS

Technion 25

SMT benchmarks

Never really finished the implementation… Our 4-5 experiments with them showed that

We still have a small advantage comparing to the Sparse method. Yet Yices is much better…. A result of the Uninterpreted functions.

Are there formulas for which the eager approach still wins? Generating meaningful equality formulas is hard…

Technion 26

A crafted example

2n assignments satisfy sk. None satisfy the theory.

Technion 27

Thank you

Technion 28

ResultsUclid benchmarks* (all unsat)

* Results strongly depend on the reduction method of Uninterpreted Functions.

Technion 32

Possible refutations of CNF’s generated by Sparse

T R

T S – T R

BP3

P1

P0 P4

Thm: B is satisfiable ! B Æ (T S – T R) is satisfiable

T SB Æ

P2

Constraints of the form e1 Æ e2 ! e3Hypothesis: (T S – T R) clauses hardly participate in the proof

P2

Boolean Encoding

Transitivity constraints

A P3 proof exists according to the main theorem.

Technion 33

CNF

T S- T R

T R B

Core

T S- T R

T R B

Average on:10 graphs, ~890K clausesAll UnsatSparse: ~ 22 sec.RTC: ~ 12 Sec.

B – Boolean encodingT R – RTC constraintsT S – Sparse constraints

Technion 34

Summary

The RTC method is ~dominant over the Sparse method.

Open issue: find a P-time algorithm that exploits the full power of the main theorem.

Technion 40

Example: Circuit Transformations

A pipeline processes data in stages Data is processed in parallel – as in an

assembly line Formal Model:

Stage 1Stage 1

Stage 3Stage 3

Stage 2Stage 2

Technion 41

Example: Circuit Transformations

The maximum clock frequency depends on the longest path between two latches

Note that the output of g is usedas input to k

We want to speed up the design by postponing k to the third stage

Technion 42

Validating Circuit Transformations

==??

Technion 43

Validating a compilation process Source program

z = (x1 + y1) (x2 + y2);

Target program u1 = x1 + y1;u2 = x2 + y2;z = u1 u2 ;

Need to prove that:(u1 = x1 + y1 u2 = x2 + y2 z = u1 u2) $ z = (x1 + y1) (x2 + y2)

Compilation

Target Source

Technion 44

Validating a compilation process

Need to prove that:(u1 = x1 + y1 u2 = x2 + y2 z = u1 u2) $ z = (x1 + y1) (x2 + y2)

f1 f2g1

g2

f1 f2

Source program z = (x1 + y1) (x2 + y2);

Target program u1 = x1 + y1;u2 = x2 + y2;z = u1 u2 ;

Compilation

Technion 45

Need to prove that:(u1 = x1 + y1 u2 = x2 + y2 z = u1 u2) $ z = (x1 + y1) (x2 + y2)

f1 f2g1

g2

f1 f2

Instead, prove:

under functional consistency: for every uninterpreted function f x = y ! f(x) = f(y)

Which translates to (via Ackermann’s reduction):

Validating a compilation process

Technion 47

Definitions for the proof…

A Violating cycle under an assignment R

This assignment violates T S but not necessarily T R

eF

eT2

eT1

T

TF

Either dashed or

solid

Technion 48

More definitions for the proof… An edge e = (vi,vj) is equal under an assignment iff

there is an equality path between vi and vj all assigned T under Denote:

T

TF

TTv1 v2

v3

Technion 49

More definitions for the proof… An edge e = (vi,vj) is disequal under an assignment iff

there is a disequality path between vi and vj in which the solid edge is the only one assigned false by Denote:

T

TF

TTv1 v2

v3

Technion 50

Proof… Observation 1:

The combinationis impossible if = R

(recall: R ² T R)

Observation 2: if (v1,v3) is solid, then

FT

Tv1 v2

v3

Technion 51

ReConstructing S

Type 1:

It is not the case that

Assign S (e23) = F

Type 2:

Otherwise it is not the case that

Assign (e13) = T

FT

T

In all other cases S = R

FT

T

F T

v1 v2

v3

v1 v2

v3

Technion 52

ReConstructing S

Starting from R, repeat until convergence: (eT) := F in all Type 1 cycles

(eF) := T in all Type 2 cycles

All Type 1 and Type 2 triangles now satisfy T S B is still satisfied (monotonicity of NNF) Left to prove: all contradictory cycles are still

satisfied

Technion 53

Proof…

Invariant: contradictory cycles are not violating throughout the reconstruction.

contradicts the precondition to make this assignment…

FT

Tv1 v2

v3

F

T

T

Technion 54

Proof…

Invariant: contradictory cycles are not violating throughout the reconstruction.

contradicts the precondition to make this assignment…

FT

Tv1 v2

v3

TT

F

Technion 55

x0

x1

x2

x3 x6

x4

x5

The constraint e3,6 Æ e3,5 e5,6 is not added

Constraining simple contradictory cycles

cache:…e5,6 Æ e4,6 e4,5

Open problem: constrain simple contradictory cycles in P time

Technion 56

x0

x1

x2

x3 x6

x4

x5

the constraint e3,6 Æ e3,5 e5,6 is not added, though needed Suppose the graph has 3 more edges

Constraining simple contradictory cycles

cache:…e5,6 Æ e4,6 e4,5

Here we will stop, although …

Open problem: constrain simple contradictory cycles in P time