Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Reasoning About Set Comprehensions Edmund S. L. Lam Iliano Cervesato sllam@qatar.cmu.edu iliano@cmu.edu Carnegie Mellon University Supported by grant NPRP 09-667-1-100, Effective Programming for Large Distributed Ensembles SMT’14 Vienna, Austria, July 2014
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Outline Introduction 1 Encoding SC ( LIA ) into U + LIA 2 Implementation and Future Work 3
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Motivation Automated support for reasoning about sets (multisets) Cardinality constraints [Piskac and Kuncak, 2010, Suter et al., 2011] Aggregate constraints [Leino and Monahan, 2009] But what about set comprehensions? Is { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X satisfiable? Is { x | x < 4 } x ˙ ∈ X ∩ { x | x ≥ 4 } x ˙ ∈ X � = ∅ satisfiable? We want automated support for reasoning about set comprehensions as well!
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Motivation Automated support for reasoning about sets (multisets) Cardinality constraints [Piskac and Kuncak, 2010, Suter et al., 2011] Aggregate constraints [Leino and Monahan, 2009] But what about set comprehensions? Is { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X satisfiable? Yes! Possible solutions: X = { 1 , 2 , 3 } or X = { 1 , 2 , 3 , 4 } or . . . Is { x | x < 4 } x ˙ ∈ X ∩ { x | x ≥ 4 } x ˙ ∈ X � = ∅ satisfiable? We want automated support for reasoning about set comprehensions as well!
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Motivation Automated support for reasoning about sets (multisets) Cardinality constraints [Piskac and Kuncak, 2010, Suter et al., 2011] Aggregate constraints [Leino and Monahan, 2009] But what about set comprehensions? Is { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X satisfiable? Yes! Possible solutions: X = { 1 , 2 , 3 } or X = { 1 , 2 , 3 , 4 } or . . . Is { x | x < 4 } x ˙ ∈ X ∩ { x | x ≥ 4 } x ˙ ∈ X � = ∅ satisfiable? No! No such X exists We want automated support for reasoning about set comprehensions as well!
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work This work, at a Glance Reasoning about set comprehensions: Source language: set comprehensions over some base theory Th — SC ( Th ) We encode formulas of SC ( Th ) into formulas of Th , plus an uninterpreted domain U — U + Th Uninterpreted domain U represents the domain of sets of Th U + Th formulas are fed to an off-the-shelf SAT checker (e.g., Z3) For simplicity, we demonstrate this encoding for Th = LIA (Linear Integer Arithmetic’s)
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Outline Introduction 1 Encoding SC ( LIA ) into U + LIA 2 Implementation and Future Work 3
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work SC ( LIA ) and U + LIA SC ( LIA ): Set Comprehensions over Linear Integer Arithmetic Arithmetic Term t ::= x | v | t op t ::= t . Arithmetic Formula = t | t < t | ¬ T | T ∧ T T | { ¯ Set Term s ::= X t } | { t | T } x ˙ | s ∪ s | s ∩ s | s \ s ∈ s ∈ s | s . S ::= t ˙ Set Formula = s | s ⊆ s | ¬ S | S ∧ S U + LIA : Linear Integer Arithmetic and Uninterpreted Sets Arithmetic Term t ::= x | v | t op t ::= t . Arithmetic Formula = t | t < t T Uninterpreted Set Term s ::= X S ::= t ˙ Uninterpreted Set Formula ∈ s Formula ::= S | T | ¬ F | F ∧ F | ∃ x . F | ∀ x . F F , C Set comprehensions: { t x | T x } x ˙ ∈ s t x : range pattern T x : guard condition s : comprehension domain Scope of x is t x and T x
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Encoding SC ( LIA ) into U + LIA — an Example � S � = F is the encoding in U + LIA of SC ( LIA ) formula S An example: � { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X � =
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Encoding SC ( LIA ) into U + LIA — an Example � S � = F is the encoding in U + LIA of SC ( LIA ) formula S An example: � { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X � ∈ X 2 ↔ ( y . = 10 ∨ y . = 20 ∨ y . ∀ y . y ˙ = 30) − F 1 : X 2 = { 10 , 20 , 30 } = Encode set term { 10 , 20 , 30 } as uninterpreted variable X 2 Relation ˙ ∈ is treated as an uninterpreted binary predicate Formula F 1 provides the interpretation of X 2 and ˙ ∈
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Encoding SC ( LIA ) into U + LIA — an Example � S � = F is the encoding in U + LIA of SC ( LIA ) formula S An example: � { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X � ∈ X 2 ↔ ( y . = 10 ∨ y . = 20 ∨ y . ∀ y . y ˙ = 30) − F 1 : X 2 = { 10 , 20 , 30 } ∀ x . ( x ∗ 10 ˙ ∈ X 3 ) ↔ ( x ˙ = ∈ X ∧ x < 4) − F 2 : X 3 = { x ∗ 10 | x < 4 } x ˙ ∈ X Same for { x ∗ 10 | x < 4 } x ˙ ∈ X with X 3 and F 2 Given { t x | T x } x ˙ ∈ s , we encode with X 3 ∀ x . ( t x ˙ ∈ X 3 ) ↔ ( x ˙ ∈ s ∧ T x ) This is a special case though . . .
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Encoding SC ( LIA ) into U + LIA — an Example � S � = F is the encoding in U + LIA of SC ( LIA ) formula S An example: � { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X � ∈ X 2 ↔ ( y . = 10 ∨ y . = 20 ∨ y . ∀ y . y ˙ = 30) − F 1 : X 2 = { 10 , 20 , 30 } ∀ x . ( x ∗ 10 ˙ ∈ X 3 ) ↔ ( x ˙ = ∈ X ∧ x < 4) − F 2 : X 3 = { x ∗ 10 | x < 4 } x ˙ ∈ X ∀ z . z ˙ ∈ X 2 ↔ z ˙ ∈ X 3 − F 3 : X 2 = X 3 Finally, F 3 states that X 2 and X 3 are extensionally equal
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Encoding SC ( LIA ) into U + LIA — an Example � S � = F is the encoding in U + LIA of SC ( LIA ) formula S An example: � { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X � ∈ X 2 ↔ ( y . = 10 ∨ y . = 20 ∨ y . ∀ y . y ˙ = 30) − F 1 : X 2 = { 10 , 20 , 30 } ∀ x . ( x ∗ 10 ˙ ∈ X 3 ) ↔ ( x ˙ = ∈ X ∧ x < 4) − F 2 : X 3 = { x ∗ 10 | x < 4 } x ˙ ∈ X ∀ z . z ˙ ∈ X 2 ↔ z ˙ ∈ X 3 − F 3 : X 2 = X 3 { 10 , 20 , 30 } . = { x ∗ 10 | x < 4 } x ˙ ∈ X is satisfiable iff F 1 ∧ F 2 ∧ F 3 is satisfiable (i.e., M | = F 1 ∧ F 2 ∧ F 3 ) M | = F 1 ∧ F 2 ∧ F 3 can be checked by many off-the-shelf SMT solvers (e.g., Z3)
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Set Comprehension Encoding (Special Case) This was a special case ∈ s as ∀ x . ( t x ˙ ∈ X 3 ) ↔ ( x ˙ Encode { t x | T x } x ˙ ∈ s ∧ T x ) Here’s why: � { 0 , 2 } . = { x %3 | ⊤} x ˙ ∈{ 3 , 6 , 8 } � ∈ X 2 ↔ ( y . = 0 ∨ y . ∀ y . y ˙ = 2) − F 1 : X 2 = { 0 , 2 } ∀ x . ( x %3 ˙ ∈ X 3 ) ↔ ( x ˙ ∈ X 4 ) − F 2 : X 3 = { x %3 | ⊤} x ˙ ∈ X 4 = ∈ X 4 ↔ ( z . = 3 ∨ z . = 6 ∨ z . ∀ z . z ˙ = 8) − F 3 : X 4 = { 3 , 6 , 8 } ∀ w . w ˙ ∈ X 2 ↔ w ˙ ∈ X 3 − F 3 : X 2 = X 3
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Set Comprehension Encoding (Special Case) This was a special case ∈ s as ∀ x . ( t x ˙ ∈ X 3 ) ↔ ( x ˙ Encode { t x | T x } x ˙ ∈ s ∧ T x ) Here’s why: � { 0 , 2 } . = { x %3 | ⊤} x ˙ ∈{ 3 , 6 , 8 } � ∈ X 2 ↔ ( y . = 0 ∨ y . ∀ y . y ˙ = 2) − F 1 : X 2 = { 0 , 2 } ∀ x . ( x %3 ˙ ∈ X 3 ) ↔ ( x ˙ ∈ X 4 ) − F 2 : X 3 = { x %3 | ⊤} x ˙ ∈ X 4 = ∈ X 4 ↔ ( z . = 3 ∨ z . = 6 ∨ z . ∀ z . z ˙ = 8) − F 3 : X 4 = { 3 , 6 , 8 } ∀ w . w ˙ ∈ X 2 ↔ w ˙ ∈ X 3 − F 3 : X 2 = X 3 We expect { 0 , 2 } . = { x %3 | ⊤} x ˙ ∈{ 3 , 6 , 8 } to be satisfiable . . . but F 1 ∧ F 2 ∧ F 3 ∧ F 4 is not!
Introduction Encoding SC ( LIA ) into U + LIA Implementation and Future Work Set Comprehension Encoding (Special Case) This was a special case ∈ s as ∀ x . ( t x ˙ ∈ X 3 ) ↔ ( x ˙ Encode { t x | T x } x ˙ ∈ s ∧ T x ) Here’s why: � { 0 , 2 } . = { x %3 | ⊤} x ˙ ∈{ 3 , 6 , 8 } � ∈ X 2 ↔ ( y . = 0 ∨ y . ∀ y . y ˙ = 2) − F 1 : X 2 = { 0 , 2 } ∀ x . ( x %3 ˙ ∈ X 3 ) ↔ ( x ˙ ∈ X 4 ) − F 2 : X 3 = { x %3 | ⊤} x ˙ ∈ X 4 = ∈ X 4 ↔ ( z . = 3 ∨ z . = 6 ∨ z . ∀ z . z ˙ = 8) − F 3 : X 4 = { 3 , 6 , 8 } ∀ w . w ˙ ∈ X 2 ↔ w ˙ ∈ X 3 − F 3 : X 2 = X 3 The problem: F 2 is “malfunctioning” on the → case A counterexample 9%3 = 0, but 0 ˙ ∈ X 3 �→ 9 ˙ ∈ X 4
Recommend
More recommend
