Effectively Propositional Interpolants Samuel Drews and Aws - PowerPoint PPT Presentation

Effectively Propositional Interpolants Samuel Drews and Aws Albarghouthi

Effectively Propositional Logic (EPR) Quantifier-free No function symbols

EPR Decidable satisfiability!

EPR Decidable satisfiability! Expressive: ● Linked lists [Itzhaky et al. 2014] ● Software-defined networks [Ball et al. 2014] ● Parameterized distributed protocols [Padon et al. 2016] ● …

Interpolants Given A and B such that A A ∧ B is unsatisfiable B

Interpolants Given A and B such that A A ∧ B is unsatisfiable B Find I such that I A → I is valid I ∧ B is unsatisfiable I is in shared vocabulary ( A , B )

Restricted Logics for Invariants is valid, or is unsat

Restricted Logics for Invariants is valid, or is unsat

Restricted Logics for Invariants is valid, or is unsat ∃ * ∀ * φ decidable, but ∀ * ∃ * φ undecidable

Restricted Logics for Invariants is valid, or is unsat ∃ * ∀ * φ decidable, but ∀ * ∃ * φ undecidable Bummer

Restricted Logics for Invariants 1. ∃ -logic: ∃ * φ 2. ∀ -logic: ∀ * φ is valid, or 3. AF-logic: boolean combinations of is unsat ∃ -logic and ∀ -logic ex: ( ∃ * φ 1 ∧ ∀ * φ 2 ) ∨ ∀ * φ 3 ∃ * ∀ * φ decidable, but ∀ * ∃ * φ undecidable Bummer

Models and Diagrams

Models and Diagrams Model c 1 c 2

Models and Diagrams Model Diagram c 1 c 2

Models and Diagrams

UITP: for ∃ -Logic Interpolants A A B B

UITP: for ∃ -Logic Interpolants m 1 A A B B

UITP: for ∃ -Logic Interpolants diag ( m 1 ) m 1 A A B B

UITP: for ∃ -Logic Interpolants diag ( m 1 ) m 2 m 1 A A B B

UITP: for ∃ -Logic Interpolants diag ( m 1 ) diag ( m 2 ) m 2 m 1 A A B B

UITP: for ∃ -Logic Interpolants diag ( m 1 ) diag ( m 2 ) m 2 m 1 A A m 3 B B

UITP: for ∃ -Logic Interpolants diag ( m 1 ) diag ( m 2 ) m 2 m 1 A A m 3 B B diag ( m 3 )

UITP: for ∃ -Logic Interpolants A A B B

UITP: for ∃ -Logic Interpolants m 1 A A B B

UITP: for ∃ -Logic Interpolants diag ( m 1 ) m 1 A A B B

UITP: for ∃ -Logic Interpolants diag ( m 1 ) m 1 m 2 A A B B

UITP: for ∃ -Logic Interpolants diag ( m 1 ) m 1 m 2 A A B B diag ( m 2 )

UITP: for ∃ -Logic Interpolants diag ( m 1 ) m 1 m 2 A A B B diag ( m 2 ) diag ( m 2 ) ∧ B is sat

UITP: for ∃ -Logic Interpolants diag ( m 1 ) No ∃ -logic Interpolant m 1 m 2 A A B B diag ( m 2 ) diag ( m 2 ) ∧ B is sat

UITP Soundness ● Returning I : interpolant by construction ● Returning none is sound: diag ( m ) is the strongest ∃ -logic formula that m models

UITP Soundness ● Returning I : interpolant by construction ● Returning none is sound: diag ( m ) is the strongest ∃ -logic formula that m models A m B

UITP Soundness ● Returning I : interpolant by construction ● Returning none is sound: diag ( m ) is the strongest ∃ -logic formula that m models ∃ * φ A m B

UITP Soundness ● Returning I : interpolant by construction ● Returning none is sound: diag ( m ) is the strongest ∃ -logic formula that m models ∃ * φ ∃ * φ ∧ B still sat A m B

UITP Termination (and Completeness) EPR small model property: All EPR A have a bound k such that m ⊧ A → ∃ m small : ● m small ⊧ A ● m small ⊆ m ● | m small | ≤ k

UITP Termination (and Completeness) EPR small model property: So m ⊧ diag ( m small ) All EPR A have a bound k such that m ⊧ A → ∃ m small : ● m small ⊧ A ● m small ⊆ m ● | m small | ≤ k

UITP Termination (and Completeness) EPR small model property: So m ⊧ diag ( m small ) All EPR A have a bound k such that m ⊧ A → ∃ m small : ● m small ⊧ A ● m small ⊆ m ● | m small | ≤ k

UITP: for ∀ -Logic Interpolants A B

UITP: for ∀ -Logic Interpolants A B B A

BITP: for AF-Logic Interpolants A B

BITP: for AF-Logic Interpolants m 1 A B

BITP: for AF-Logic Interpolants m 1 A B

BITP: for AF-Logic Interpolants m 1 A m 2 B

BITP: for AF-Logic Interpolants m 1 A A m 2 B B

BITP: for AF-Logic Interpolants ∃ * φ 1 ∧ ∀ * φ 2 m 1 A A m 2 B B

BITP Soundness and Relative Completeness Soundness: returned I is interpolant by construction Rel. Compl.: Existence of AF-logic interpolant → termination A B

BITP Soundness and Relative Completeness Soundness: returned I is interpolant by construction Rel. Compl.: Existence of AF-logic interpolant → termination A B

BITP Soundness and Relative Completeness Soundness: returned I is interpolant by construction Rel. Compl.: Existence of AF-logic interpolant → termination A B

BITP Soundness and Relative Completeness Soundness: returned I is interpolant by construction Rel. Compl.: Existence of AF-logic interpolant → termination A B

BITP Soundness and Relative Completeness Soundness: returned I is interpolant by construction Rel. Compl.: Existence of AF-logic interpolant → termination A … B

BITP Soundness and Relative Completeness Soundness: returned I is interpolant by construction Rel. Compl.: Existence of AF-logic interpolant → termination A If φ ∈ AF-logic And A → φ … Then φ ∧ B is sat B

BITP Soundness and Relative Completeness Soundness: returned I is interpolant by construction Rel. Compl.: Existence of AF-logic interpolant → termination No AF-logic A If φ ∈ AF-logic Interpolant And A → φ … Then φ ∧ B is sat B

Experiments ITPV: an interpolation-based verifier Compared to PDR ∀ [Itzhaky et al., 2014] on linked-list programs

Experiments ITPV: an interpolation-based verifier Compared to PDR ∀ [Itzhaky et al., 2014] on linked-list programs Mostly comparable in finding ∀ -logic invariants ITPV can find AF-logic invariants

Experiments ITPV: an interpolation-based verifier Compared to PDR ∀ [Itzhaky et al., 2014] on linked-list programs Mostly comparable in finding ∀ -logic invariants ITPV can find AF-logic invariants WOW!

Conclusion UITP and BITP interpolate EPR formulae UITP: sound/complete finding interpolants in ∃ - and ∀ -logic BITP: sound/rel.comp. finding interpolants in AF-logic