Deciding the First-Order Theory of an Algebra of Feature Trees with Updates Nicolas Jeannerod Ralf Treinen IJCAR’18 – July 16, 2018 1/20
Features Trees ⊲ Unranked unordered trees. d d g f g f i i h d d d d d d d g f i d d d ⊲ Least fixpoint of: � � FT = D × F � FT Decorations Infinite set Partial function (left abstract) of features with finite domain 2/20
Origin of Feature Trees ⊲ Computational linguistics [eg. Smolka, ’92] ⊲ Artificial intelligence [A¨ ıt-Kaci] ⊲ (Constraint) (logic) programming [A¨ ıt-Kaci, Backofen, Podelski, Smolka, Treinen, ’94] 3/20
Our Use Case – The Unix Filesystem / usr home etc jack lib share 4/20
First Order Logics of Feature Trees Tree associated Model of all Variables ranging with y in ρ the feature trees over feature trees x . FT , ρ | = = y ρ ( x ) = ρ ( y ) Equality iff FT , ρ | = x [ f ] y ρ ( x )( f ) = ρ ( y ) Feature iff FT CFT FT , ρ | = x [ f ] ↑ f / ∈ dom ( ρ ( x )) Absence iff FT , ρ | = x [ F ] dom ( ρ ( x )) ⊂ F Fence iff Feature constant Valuation from variables to feature trees Finite set of feature constants 5/20
Known Decidability of First Order Logics x . ⊲ FT: = y x [ f ] y x [ f ] ↑ [Backofen, Smolka, ’92] x . ⊲ CFT: = y x [ f ] y x [ f ] ↑ x [ F ] [Backofen, ’94] [Backofen, Treinen, ’94] ⊲ FT with first-class features proven undecidable [Treinen, ’93] 6/20
Why We Need More • • home home mkdir /home/jack • • jack jack × • ∅ r [ home ] x ∧ x [ jack ] ↑ ∧ r ′ [ home ] x ′ ∧ x ′ [ jack ] y ′ ∧ y ′ [ ∅ ] C ( r, r ′ ) = ∃ x, x ′ , y ′ ∧ r ′ is r with home → x ′ ∧ x ′ is x with jack → y ′ 7/20
How To Reason About Update Constraints? ⊲ Problem: It is completely asymmetric. y is x with f → v Source tree Subtree Resulting tree ⊲ Hard to simplify when we have several of them: � � y is x with f → v ∃ x · ∧ z is x with g → w 8/20
Equivalent Presentation – The Similarity FT , ρ | = x ∼ F y ρ ( x ) | c F = ρ ( y ) | c F iff Finite set of feature constants ⊲ Same expressivity: y is x with f → z ↔ y ∼ { f } x ∧ y [ f ] z � � z is x with f → v x ∼ { f } y ↔ ∃ z, v · ∧ z is y with f → v ⊲ Convenient to manipulate: ⊲ Equivalence relation for every F . ⊲ But also: x ∼ F y ∧ y ∼ G z → x ∼ F ∪ G z x ∼ F y ∧ x ∼ G y ↔ x ∼ F ∩ G y ⊲ Similar technique found in arrays. [Stump, Barrett, Dill, Levitt, 2001] 9/20
Our Contribution Theorem The first order theory of feature trees with update is decidable. 10/20
First Step: Existential Fragment � � ∃ x, z · y [ f ] x ∧ ¬ ( x ∼ { h,i } y ) ∧ · · · Existential Positive and Conjunctive quantification negative clause on the outside literals 11/20
Principle of the Algorithm ⊲ We have a set of transformation rules l ⇒ r . ⊲ function normalize(c: clause ): while some rule r applies to c: c = apply r to c return c ⊲ The rules are equivalences in our model. ⊲ The system terminates. ⊲ Irreducible forms have nice properties. ⊲ eg. they are either ⊥ or satisfiable. 12/20
Examples of Rules Associative Replacement commutative Equivalences of z by y in c conjunction in our model Simplification : features � � � � ∃ X, z · x [ f ] y ∧ x [ f ] z ∧ c ⇒ ∃ X · x [ f ] y ∧ c { z �→ y } Quantifications (Not shown) (omitted when irrelevant) side-conditions for termination Clash : feature with absence x [ f ] y ∧ x [ f ] ↑ ∧ c ⇒ ⊥ Propagation : feature ( f / ∈ F ) x ∼ F y ∧ x [ f ] z ∧ c ⇒ x ∼ F y ∧ x [ f ] z ∧ y [ f ] z ∧ c 13/20
Satisfiability of Irreducible Clauses Theorem Every irreducible clause that is not ⊥ is satisfiable. ⊲ We need something stronger: Literals that do not talk about X Lemma (Garbage collection) Literals that mention ∃ X · ( g ∧ l ) at least one variable of X ⊲ irreducible, ⊲ such that there is no y [ f ] x with y / ∈ X and x ∈ X . Then FT | = ( ∃ X · ( g ∧ l )) ↔ g 14/20
First Order ∀ ∃ ∧ ∨ ¬ 15/20
Quantifier Elimination ⊲ Problem: our theory does not have the quantifier elimination property ⊲ What is the meaning for y of: ∃ x · ( y [ f ] x ∧ x [ g ] ↑ ) ⊲ Two possible solutions: ⊲ Make the language richer [Presburger, ’29] ⊲ with path constraints: y [ f ][ g ] ↑ ⊲ potentially leads to complex simplification rules. ⊲ Weak Quantifier Elimination [Malc’ev, ’71] ⊲ with a procedure: ∃ Y · c ⇒ ∀ Z · d ⊲ we can eliminate all the quantifier blocks except one. 16/20
Switching Quantifiers z [ g ] ↑ can ⊲ With the lemma and an extra rule [Treinen, ’97]. propagate through x ∼ { h } z ∃ x, z · ( y [ f ] x ∧ x ∼ { h } z ∧ z [ g ] ↑ ) Apply the system There is no u and ∃ x, z · ( y [ f ] x ∧ x ∼ { h } z ∧ x [ g ] ↑ ∧ z [ g ] ↑ ) i such that u [ i ] z : remove z Apply the lemma ∃ x · ( y [ f ] x ∧ x [ g ] ↑ ) Switch remaining ∃ to ∀ There can be ¬ y [ f ] ↑ ∧ ∀ x · ( y [ f ] x → x [ g ] ↑ ) only one such x ⊲ We can turn all ∃ into ∀ which allows us to go for Weak Quantifier Elimination. 17/20
Weak Quantifier Elimination [Malc’ev, ’71] ⊲ With a procedure: ∃ Y · c ⇒ ∀ Z · d ∀ · · · ∀ · ∃ · · · ∃ · · · ∀ X · ∃ Y · d Disjunctive normal form �� � ∀ · · · ∀ · ∃ · · · ∃ · · · ∀ X · ∃ Y · i c i Quantifier-free Distribute ∃ over ∨ �� � ∀ · · · ∀ · ∃ · · · ∃ · · · ∀ X · i ∃ Y · c i Apply procedure �� � ∀ · · · ∀ · ∃ · · · ∃ · · · ∀ X · i ∀ Z i · d i Quantifier-free Prenex normal form conjunction with renaming i Z ′ i d ′ ∀ · · · ∀ · ∃ · · · ∃ · · · ∀ ( X ∪ � i ) · ( � i ) ⊲ Eliminate one quantifier alternation at a time. 18/20
Full Procedure Closed formula PNF + DNF + ... Apply a rule on Reducible the innermost part formula Formula with Must be closed. quantifiers Irreducible Otherwise, the formula formula is not quantifier-free. Eliminate and switch existential quantifiers Quantifier-free formula 19/20
Conclusion ⊲ Contribution: ⊲ Feature tree with update. ⊲ Decidability of first order theory. Theorem The first order theory of feature trees with update is decidable. ⊲ Procedure parametrized by a theory of node decorations. ⊲ Complexity: non-elementary lower bound. [Vorobyov, ’96] ⊲ Perspectives: ⊲ Implementation. ⊲ Efficient implementation of a smaller fragment. ⊲ Symbolic execution of Shell scripts. ⊲ “Correctness of Linux Scripts” ( http://colis.irif.fr ). 20/20
Recommend
More recommend
