Presburger Arithmetic and Its Use in Verification

More documents

Recommendations

Info

CHAPTER 4. THEORY OF PRESBURGER ARITHMETIC Check real shadow No integer solution UNSAT Possible integer solution Check dark shadow Integer solution SAT No integer solution in DARK shadow Check gray shadow Integer solution SAT No integer solution UNSAT Figure 4.1. Overview of the Omega Test [18]. Dark Shadow The Dark shadow is an underapproximating projection; therefore, it is used to check satisfiability of the problem [18]: bγ − cβ ≥ (c − 1)(b − 1) =⇒ ∃x. β≤ bz ∧ cz ≤ γ Notice that the Dark shadow i.e. the equation bγ − cβ ≥ (c − 1)(b − 1) guarantees the existence of an integer between b/β and c/γ. If the Dark shadow holds, an integer solution for the problem exists. One nice thing is that if c =1orb =1,the Real shadow and the Dark shadow are the same. They are then called the Exact shadow, andwehavetheFourier-Motzkineliminationforintegers: ∃x. β≤ bz ∧ cz ≤ γ ⇐⇒ cβ ≤ bγ (4.1) The Exact shadow is an easy and convenient way to eliminate quantifiers in a subset of problems. Pugh argues that the Exact shadow happens quite often in the domain of dependence analysis which makes the Omega Test become a very efficient technique for quantifier alternation [27]. Gray Shadow The Gray shadow is tested when the Real shadow is true and the Dark shadow is false [18]: cβ ≤ cbz ≤ bγ ∧ bγ − cβ >(c − 1)(b − 1) After simplification, the above condition can be used to reduce quantifier elimination to check a finite number of candidates of bz: bz = β + i for 0 ≤ i ≤ cb−c−b b 32
4.2. DECISION PROCEDURES FOR PRESBURGER ARITHMETIC In general, every quantifier can be eliminated from a Presburger formula in PNF: Q 1 x 1 .Q 2 x 2 ....Q n x n . ∨ ∧ L ij i j where Q k ∈{∃, ∀} and L ij are literals in a form of weak inequalities. Quantifiers are removed in a bottom-up manner. The formula ∨ ∧ i j L ij is in disjunctive normal form (DNF). If Q n = ∃ we have the following equivalence: ∃x n . ∨ ∧ L ij ≡ ∨ ∃x n . ∧ L ij i j i j Now we can use elements of the Omega Test on the conjunction of literals. On the other hand, any universal quantifier is removed by using the dual relation ∀x.φ(x) ≡¬∃x.¬φ(x) andconverting¬φ(x) intoDNF. The procedure is done recursively until no quantifier is left. The Omega Test has some advantages and disadvantages compared to Cooper’s algorithm: •ElementsoftheOmegaTestcannotdealwithdivisibilityconstraints.Tobe able to use the Omega Test for an arbitrary formula, one has to eliminate divisibility constraints first, which is quite costly if they occur often in the formula. Divisibility constraint elimination is beyond the scope of this paper. •TheOmegaTestrequirestheinnerformulatobeinDNFwhichcancausethe formula to grow very fast compared to NNF of Cooper’s algorithm. Moreover, once the Gray shadow has to be checked, it generates a disjunction of constraints and the resulting formula is not in DNF anymore. Therefore, even in ablockofquantifiers,eachquantifiereliminationrequirestotranslatetheinput formula into DNF, which is prohibitively expensive. In contrast, Cooper’s algorithm handles blocks of quantifiers quite well, and a formula is normalized into NNF once for each block. •TheOmegaTestdoesnothavetheproblemofhugecoefficientsasCooper’s algorithm because each shadow only involves in pairs of inequalities. Cooper’s algorithm and the Omega Test have good characteristics to make them competitive with each other. Both algorithms have been implemented in HOL theorem-proving system [22]. The results show that while the Omega Test is a little faster, there are problems where Cooper’s algorithm outperforms its competitor. It is also easy to construct formulas more favorable for either one of these procedures. Thus, using both the Omega Test and Cooper’s algorithm in a complete procedure might be a good idea. One possible solution is executing two algorithms in a parallel manner [22], and another solution is combining elements of the Omega Test and Cooper’s procedure in a clever way. For example, the Omega Test is employed for resolving inequalities so coefficients of inequalities do not contribute to lcm and resulting small disjuncts are resolved by Cooper’s algorithm. This combination is incorporated into the SMT-solver Z3, and Z3 has capability to solve PA formulas quite efficiently [1]. 33
Page 1 and 2: Presburger Arithmetic and Its Use i
Page 3 and 4: Abstract Today, when every computer
Page 5 and 6: Preface The thesis is a part of the
Page 7: List of Abbreviations CPU DAG DC DN
Page 10 and 11: 5.2 Simplification of Presburger fo
Page 12 and 13: CHAPTER 1. INTRODUCTION functional
Page 15 and 16: Chapter 2 Multicore parallelism on
Page 17 and 18: 2.1. MULTICORE PARALLELISM: A BRIEF
Page 19 and 20: 2.2. MULTICORE PARALLELISM ON .NET
Page 29 and 30: Chapter 3 Functional paradigm and m
Page 31 and 32: 3.1. PARALLEL FUNCTIONAL ALGORITHMS
Page 33 and 34: 3.2. SOME PITFALLS OF FUNCTIONAL PA
Page 35 and 36: 3.2. SOME PITFALLS OF FUNCTIONAL PA
Page 37 and 38: Chapter 4 Theory of Presburger Arit
Page 39 and 40: 4.2. DECISION PROCEDURES FOR PRESBU
Page 41: 4.2. DECISION PROCEDURES FOR PRESBU
Page 45 and 46: Chapter 5 Duration Calculus and Pre
Page 47 and 48: 5.1. DURATION CALCULUS AND SIDE-CON
Page 49 and 50: 5.2. SIMPLIFICATION OF PRESBURGER F
Page 51: 5.3. SUMMARY occur in equation do n
Page 54 and 55: CHAPTER 6. EXPERIMENTS ON PRESBURGE
Page 56 and 57: CHAPTER 6. EXPERIMENTS ON PRESBURGE
Page 59 and 60: Chapter 7 Parallel execution of dec
Page 61 and 62: 7.1. A PARALLEL VERSION OF COOPER
Page 63 and 64: 7.1. A PARALLEL VERSION OF COOPER
Page 65 and 66: 7.2. A PARALLEL VERSION OF THE OMEG
Page 71 and 72: Chapter 8 Conclusions In this work,
Page 73 and 74: References [1] Nikolaj Bjørner. Li
Page 75: [28] C. R. Reddy and D. W. Loveland
Page 78 and 79: APPENDIX A. EXAMPLES OF MULTICORE P
Page 80 and 81: APPENDIX A. EXAMPLES OF MULTICORE P
Page 82 and 83: APPENDIX B. SOURCE CODE OF EXPERIME
Page 92 and 93:
APPENDIX B. SOURCE CODE OF EXPERIME
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100:
TRITA-CSC-E 2011:108 ISRN-KTH/CSC/E
show all

Presburger Arithmetic and Its Use in Verification

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?