- 1 - Using an SMT Solver and Craig Interpolation to Detect and Remove Redundant Linear Constraints...
23
- 1 - Using an SMT Solver and Craig Interpolation to Detect and Remove Redundant Linear Constraints in Representations of Non-Convex Polyhedra Christoph Scholl, Stefan Disch, Florian Pigorsch, Stefan Kupferschmid Albert-Ludwigs-University Freiburg, Germany
-
Upload
michael-hickey -
Category
Documents
-
view
215 -
download
0
Transcript of - 1 - Using an SMT Solver and Craig Interpolation to Detect and Remove Redundant Linear Constraints...
- 1 -
Using an SMT Solver and Craig Interpolation toDetect and Remove Redundant Linear Constraints in Representations of Non-Convex Polyhedra
Christoph Scholl, Stefan Disch, Florian Pigorsch, Stefan Kupferschmid
Albert-Ludwigs-University Freiburg, Germany
- 2 -
Background and Motivation
Non-convex polyhedra = Arbitrary boolean combinations (including conjunction, disjunction and negation) of linear constraints
(Extended) non-convex polyhedra = arbitrary boolean combinations of linear constraints and boolean variables Used in the context of model checking of hybrid systems by
backward analysis Single symbolic representation for sets of states of hybrid
systems with large discrete state spaces [Damm et al. ATVA06, ATVA07]
We represent (extended) non-convex polyhedra by a data structure called LinAIGs (AIGs = And-Inverter-Graphs)
- 3 -
Problem: Optimization of non-convex polyhedra
A linear constraint is redundant for a non-convex polyhedron iff the non-convex polyhedron can be described without using this linear constraint.
Question: How to remove redundant linear constraints from representations efficiently?
c1
c2
c1
c2
- 4 -
Example
l1 l2 l5 l3 l4 l6
1
2
3
1 2 3
F= (y ¸ 0) ¢ (-2x – y + 3 ¸ 0) ¢ (y – x ¸ 0) + (x ¸ 0) ¢ (-1/2 x – y + 3/2) ¢ (x – y ¸ 0)
Question: Are l5 and l6 redundant?
I.e.: Is there a boolean function G with F(l1, ..., l6) = G(l1, ..., l4)?
x
y
- 5 -
Example
l1 l2 l5 l3 l4 l6
Is there a boolean function G with F(l1, ..., l6) = G(l1, ..., l4)?
In order to solve the problem consider the boolean abstraction (boolean variable b1 for l1, ..., b6 for l6):
F(b1, ..., b6) = b1 ¢ b2 ¢ b5 + b3 ¢ b4 ¢ b6
F= (y ¸ 0) ¢ (-2x – y + 3 ¸ 0) ¢ (y – x ¸ 0) + (x ¸ 0) ¢ (-1/2 x – y + 3/2) ¢ (x – y ¸ 0)
1111 001111 011111 101111 11
1110 001110 011110 101110 11
1101 001101 011101 101101 11
1100 001100 011100 101100 11
1011 001011 011011 101011 11
1010 001010 011010 101010 11
1001 001001 011001 101001 11
1000 001000 011000 101000 11
0111 000111 010111 100111 11
0110 000110 010110 100110 11
0101 000101 010101 100101 11
0100 000100 010100 100100 11
0011 000011 010011 100011 11
0010 000010 010010 100010 11
0001 000001 010001 100001 11
0000 000000 010000 100000 11
Function table of F(b1, ..., b6):
function value = 1:function value = 0:
- 6 -
0000 000000 010000 100000 11
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
Example
l1 l2 l5 l3 l4 l6
F= (y ¸ 0) ¢ (-2x – y + 3 ¸ 0) ¢ (y – x ¸ 0) + (x ¸ 0) ¢ (-1/2 x – y + 3/2) ¢ (x – y ¸ 0)
Function table of F(b1, ..., b6):
function value = 1:function value = 0:
Partition into orbits
F(b1, ..., b6) = b1 ¢ b2 ¢ b5 + b3 ¢ b4 ¢ b6
- 7 -
Example
l1 l2 l5 l3 l4 l6
F= (y ¸ 0) ¢ (-2x – y + 3 ¸ 0) ¢ (y – x ¸ 0) + (x ¸ 0) ¢ (-1/2 x – y + 3/2) ¢ (x – y ¸ 0)
Is there a boolean function G with F(l1, ..., l6) = G(l1, ..., l4)?
Problem is turned into logic synthesis problem with don‘t cares. Don‘t cares correspond to inconsistent
assignments to Boolean abstraction variables.
Example:b2=0, b5 = 1, b3 = 0 is inconsistent, because l2 = false, l5 = true, l3 = false can not be true at the same time.
) For b2=0, b5 = 1, b3 = 0 we can change F(b1, ..., b6) without changing the predicate F(l1, ..., l6).
1
2
3
1 2 3
l2 = false
l5 = true
l3 = false
- 8 -
0000 000000 010000 100000 11
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
Example
l1 l2 l5 l3 l4 l6
F= (y ¸ 0) ¢ (-2x – y + 3 ¸ 0) ¢ (y – x ¸ 0) + (x ¸ 0) ¢ (-1/2 x – y + 3/2) ¢ (x – y ¸ 0)
Function table of F(b1, ..., b6):
function value = 1:function value = 0:
Inconsistent assignment ) don‘t care:
- 9 -
0000 000000 010000 100000 11
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
Example
l1 l2 l5 l3 l4 l6
F= (y ¸ 0) ¢ (-2x – y + 3 ¸ 0) ¢ (y – x ¸ 0) + (x ¸ 0) ¢ (-1/2 x – y + 3/2) ¢ (x – y ¸ 0)
Function table of F(b1, ..., b6):
function value = 1:function value = 0:
Inconsistent assignment ) don‘t care:
- 10 -
0000 000000 010000 100000 11
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
Example
l1 l2 l5 l3 l4 l6
F= (y ¸ 0) ¢ (-2x – y + 3 ¸ 0) ¢ (y – x ¸ 0) + (x ¸ 0) ¢ (-1/2 x – y + 3/2) ¢ (x – y ¸ 0)
Function table of F(b1, ..., b6):
function value = 1:function value = 0:
Inconsistent assignment ) don‘t care:
- 11 -
0000 000000 010000 100000 11
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
Example
l1 l2 l5 l3 l4 l6
F= (y ¸ 0) ¢ (-2x – y + 3 ¸ 0) ¢ (y – x ¸ 0) + (x ¸ 0) ¢ (-1/2 x – y + 3/2) ¢ (x – y ¸ 0)
Function table of G(b1, ..., b4):
function value = 1:function value = 0:
Changed function G does not depend on b5 and b6!
G(b1, ..., b4) = b1 ¢ b3 ¢ (b2 + b4)
G(l1, ..., l4) = F(l1, ..., l6)
- 12 -
Redundancy check using an SMT solver
For large examples we are not able to enumerate the function tables with don‘t cares.
) We need a more efficient method for detecting and removing redundant linear constraints.
Three key results: Detecting redundancy of a set of linear constraints can be
reduced to the solution of one SMT formula. The don‘t cares needed to compute G(b1, ..., b4) can be
extracted from conflict clauses generated by the SMT solver while solving this formula!
Removal of redundant constraints can be performed efficiently based on Craig interpolation.
- 13 -
0000 000000 010000 100000 11
Example
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
F(b1, ..., b6) = b1 b2 b3 + b4 b5 b6
DC =
0
0
0
0
1
1
1
1
0
0
0
1
1
function value = 1:
function value = 0:
- 14 -
0000 000000 010000 100000 11
Example
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
F(b1, ..., b6) = b1 b2 b3 + b4 b5 b6
DC = : b5: b6
0
0
0
0
1
1
1
1
0
0
0
1
1
l5 and l6 can not be false at the same time!
) Minimized conflict clause (b5 + b6) inserted by SMT solver
) Insert :b5:b6 into don‘t care representation!
- 15 -
0000 000000 010000 100000 11
Example
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
F(b1, ..., b6) = b1 b2 b3 + b4 b5 b6
DC = : b5: b6
function value = 1:
function value = 0:
Inconsistent assignment ) don‘t care:
- 16 -
0000 000000 010000 100000 11
Example
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
F(b1, ..., b6) = b1 b2 b3 + b4 b5 b6
DC = : b5: b6
0
0
0
0
1
1
1
1
0
0
1
1
1
- 17 -
Example
...
- 18 -
0000 000000 010000 100000 11
Example – Final Result
0001 000001 010001 100001 11
0010 000010 010010 100010 11
0011 000011 010011 100011 11
0100 000100 010100 100100 11
0101 000101 010101 100101 11
0110 000110 010110 100110 11
0111 000111 010111 100111 11
1000 001000 011000 101000 11
1001 001001 011001 101001 11
1010 001010 011010 101010 11
1011 001011 011011 101011 11
1100 001100 011100 101100 11
1101 001101 011101 101101 11
1110 001110 011110 101110 11
1111 001111 011111 101111 11
F(b1, ..., b6) = b1 b2 b3 + b4 b5 b6
DC = :b5:b6 + :b1:b2b4 + :b1b3b6 + :b2b4:b6 + b2:b3:b4 + b1:b3b5 + b2:b4:b5
- 19 -
Redundancy Removal
How to remove redundant constraints efficiently (i.e. compute G(b1, ..., b4) efficiently)?
Approach 1- Existential quantification: G(b1, ..., b4) = 9 b5 b6 (F ¢ : DC) 9 bi F = F|bi = 0 + F|bi = 1.
Risk of doubling AIG representation with quantification of one variable. Potential problem for large numbers of redundant constraints.
Observation: Approach 1 provides only one of a number of appropriate don‘t care assignments.
Approach 2: Craig interpolation Obtain appropriate function G by one Craig interpolation for
• F(b1, ..., b4, b5, b6) ¢ : DC(b1, ..., b4, b5, b6) • : F(b1, ..., b4, b´5, b´6) ¢ : DC(b1, ..., b4, b´5, b´6)
In contrast to the work of McMillan [CAV2003] Craig interpolation is not an approximation method in this context, but it makes use of existing degrees of freedom.
- 20 -
Experimental results – Model checking with and without redundancy removal
Early removal of redundant constraints pays off. Avoids blow-up due to a series of further substitutions into the removed
constraints in the following steps.
- 21 -
Experimental results: Redundancy elimination -Existential quantification versus Craig interpolation
time nodes time nodes
m_2_3 112 16 7 0,01 s 0,02 s 0,58 s 93 0,03 s 61m_2_4 495 74 44 0,10 s 0,94 s 4,55 s 1151 0,13 s 130m_3_1 1775 297 228 1,86 s 49,28 s timeout - 1,60 s 322m_3_2 6703 1281 1143 105,69 s 2113,2 s timeout - 14,12 s 898
Bench-mark
# AIG nodes
# linear constr.
# redund. lin. constr.
time red. detec-
tion
dc set gene-ration
Exist. quant. Craig interpol.
Red. removal Red. removal
- 22 -
Experimental results: Comparison with other solvers
#AND #LC # Bool. var. # Real var. # quantified real var.m_4_1 5K 26 5 4 2m_5_1 160K 52 4 4 2m_6_1 188K 27 20 5 2m_7_1 1396K 31 20 5 2m_7_2 3894K 30 20 5 2m_7_3 6730K 44 20 5 2m_8_1 9931K 52 8 4 2
initial formulaBenchmark
LinAIG: Our tool
Redlog (Dolzmann, Sturm, ACM SIGSAM Bulletin 1997)
LIRA (Eisinger, Klaedtke, CAV 2006)
#AND #LC Time #AND #LC Time Result Timem_4_1 135 16 1,94 1918 39 0,43 Sat 443,66m_5_1 31 12 4,49 196483 224 38,06m_6_1 80 13 4,44 35356 42 14,67m_7_1 29 9 15,56 396887 68 98,89m_7_2 51 8 49,76m_7_3 350 14 71,90m_8_1 134 20 100,78
Benchmark
memoutmemout
LinAIG Reduce/Redlog
memoutmemoutmemout
memout
memout
timeout
timeout
LIRA
- 23 -
Conclusions and future work
Approach for optimizing non-convex polyhedra based on removal of redundant constraints
Successfully applied to solving of quantified formulas including linear real arithmetic and boolean variables
Accelerate approach by using state-of-the-art SMT solver for don‘t care computation, too.
Fast preprocessor for more general formulas by simplifying subformulas from the subclass considered in this paper?
Apply methods to underlying theories different from linear arithmetic?
