Presburger Arithmetic and Its Use in Verification

More documents

Recommendations

Info

CHAPTER 5. DURATION CALCULUS AND PRESBURGER FRAGMENTS ∃x.(nx = t ∧ ∧ i L i ∧ ∧ j P j ) ≡ n|t ∧ ∧ i L i [t/nx] ∧ ∧ j P j [t/nx] (5.5) ∀x.(nx = t ∧ ∧ i L i ⇒ ∨ j P j ) ≡ n|t ∧ ∧ i L i [t/nx] ⇒ ∨ j P j [t/nx] (5.6) Rules 5.3 and 5.4 are preferable due to its strength of reducing a big formula to an obvious truth value. These truth values are possible to be propagated further to reduce even bigger formulas. Otherwise, rules 5.5 and 5.6 are also very helpful, because they are able to remove all equations in guards and eliminate corresponding quantifiers at the same time. A newly introduced divisibility constraint is an interesting point. If n is equal to 1, it is safely to remove; otherwise, that constraint is used to check the consistency of the term. Let b denote the constant and a denote the greatest common divisor of all coefficients of the term, we have the following condition: n | at ′ + b =⇒ gcd(n, a) | b If the term does not satisfy the condition, the whole formula is reduced to a truth value again. One might think that equation-based reduction is helpful even without quantifiers involved. Certainly equations can be used to substitute variables so that substituted variables only occur in literals; however, coefficients may increase and the chance of introducing inconsistency in those formulas is not clear. Therefore, equation-based substitution without quantifiers is not considered here. The second set of rules is for propagating independent literals to outer scopes. With a quantifier Q ∈{∃, ∀}, wehavefollowingrelations: Qx.( ∧ L i1 ∧ ∧ L i2 ⇒ ∨ i1 i2 j P j ) ≡ ∧ L i1 ⇒ Qx.( ∧ L i2 ⇒ ∨ i1 i2 j P j ) (5.7) Qx.( ∧ L i1 ∧ ∧ L i2 ∧ ∧ i1 i2 j P j ) ≡ ∧ L i1 ∧ Qx.( ∧ L i2 ∧ ∧ i1 i2 j P j ) (5.8) where x/∈ ∧ i1 L i1 and x ∈ ∧ i2 L i2. The advantage of applying these rules is two-fold. One is that quantified formulas become smaller and easier to be handled by decision procedures, another advantage is that independent literals come to outer scopes and hopefully are candidates for equation reduction rules (5.3-5.6). Now our concern is how to use 5.3-5.8 effectively. The algorithm could reduce formulas outside in; however, if equations are not collected in the guards, we end up having many unexploited equations. Here we derive a recursive algorithm which executes in an inside-out order. We start from the deepest quantified formulas and propagate equations if they still occur as follows: •NormalizetheformulaintoGNF.Noticethattheformulacouldbeevenreduce to a smaller one by evaluating it by the current guard, but we would think that is unnecessary. Because the smaller formula makes sure that variables 40
5.3. SUMMARY occur in equation do not happen anywhere in the formula, simplification is done even before we know it is helpful or not. Therefore, the aim of this step is collecting equations into literals and keeping the structure small for doing traversal. One important point is that all constraints will be kept in the compact form so their coefficients are smallest. •Apply5.3-5.6toreducequantifiersandeliminateallequationsinthecurrent guard. This step may generate some independent constraints which are candidates for the next step. •Partitionliteralsbywhethertheyconsistofquantifiersornot.Takeindependent literals out of current quantifiers, which causes the formula not in GNF anymore. The bigger formula will be normalized into GNF recursively in the next iteration. One decision has to be made is whether we should push quantifiers as down as possible. The process is based on the following rules: ∃x.( ∧ i L i ⇒ ∨ j P j ) ≡ ∧ i ∀x.L i ⇒ ∨ j ∃x.P j (5.9) ∀x.( ∧ i L i ∧ ∧ j P j ) ≡ ∧ i ∀x.L i ∧ ∧ j ∀x.P j (5.10) These rules result in quantified formulas in the smallest size. If decision procedures are able to recognize these patterns, it is unnecessary to do so. We are going to come back to this simplification process later in the report. 5.3 Summary We have presented side-condition Presburger formulas and how they are generated from the model checker. Due to high complexity of these formulas, we derive a simplification algorithm to reduce them as much as possible. Reduction is based on understanding structures of these formulas and establishing logic rules. Hopefully, simplified formulas are small enough to be solved by decision procedures in a reasonable amount of time. 41
Page 1 and 2: Presburger Arithmetic and Its Use i
Page 3 and 4: Abstract Today, when every computer
Page 5 and 6: Preface The thesis is a part of the
Page 7: List of Abbreviations CPU DAG DC DN
Page 10 and 11: 5.2 Simplification of Presburger fo
Page 12 and 13: CHAPTER 1. INTRODUCTION functional
Page 15 and 16: Chapter 2 Multicore parallelism on
Page 17 and 18: 2.1. MULTICORE PARALLELISM: A BRIEF
Page 19 and 20: 2.2. MULTICORE PARALLELISM ON .NET
Page 29 and 30: Chapter 3 Functional paradigm and m
Page 31 and 32: 3.1. PARALLEL FUNCTIONAL ALGORITHMS
Page 33 and 34: 3.2. SOME PITFALLS OF FUNCTIONAL PA
Page 35 and 36: 3.2. SOME PITFALLS OF FUNCTIONAL PA
Page 37 and 38: Chapter 4 Theory of Presburger Arit
Page 39 and 40: 4.2. DECISION PROCEDURES FOR PRESBU
Page 45 and 46: Chapter 5 Duration Calculus and Pre
Page 47 and 48: 5.1. DURATION CALCULUS AND SIDE-CON
Page 49: 5.2. SIMPLIFICATION OF PRESBURGER F
Page 54 and 55: CHAPTER 6. EXPERIMENTS ON PRESBURGE
Page 56 and 57: CHAPTER 6. EXPERIMENTS ON PRESBURGE
Page 59 and 60: Chapter 7 Parallel execution of dec
Page 61 and 62: 7.1. A PARALLEL VERSION OF COOPER
Page 63 and 64: 7.1. A PARALLEL VERSION OF COOPER
Page 65 and 66: 7.2. A PARALLEL VERSION OF THE OMEG
Page 71 and 72: Chapter 8 Conclusions In this work,
Page 73 and 74: References [1] Nikolaj Bjørner. Li
Page 75: [28] C. R. Reddy and D. W. Loveland
Page 78 and 79: APPENDIX A. EXAMPLES OF MULTICORE P
Page 80 and 81: APPENDIX A. EXAMPLES OF MULTICORE P
Page 82 and 83: APPENDIX B. SOURCE CODE OF EXPERIME
Page 100:
TRITA-CSC-E 2011:108 ISRN-KTH/CSC/E
show all

Presburger Arithmetic and Its Use in Verification

Create successful ePaper yourself

Delete template?

Save as template?