The Theory of Equality TE CS156: The Calculus of Σ : =, a, b, c, ..., f , g, h, ..., p, q, r, ... E { } Computation uninterpreted symbols: constants a, b, c,... Zohar Manna • functions f , g, h,... • Winter 2010 predicates p, q, r,... • Example: x = y f (x) = f (y) T -unsatisfiable ∧ 6 E f (x)= f (y) x = y T -satisfiable ∧ 6 E f (f (f (a))) = a f (f (f (f (f (a))))) = a f (a) = a ∧ ∧ 6 TE -unsatisfiable x = g(y, z) f (x)= f (g(y, z)) T -valid Chapter 9: Quantifier-free Equality and Data → E Structures Page 1 of 48 Page 2 of 48 Axioms of TE Axiom schema 1. x. x = x (reflexivity) 5. for each positive integer n and n-ary predicate symbol p, ∀ 2. x, y. x = y y = x (symmetry) ∀ → n 3. x, y, z. x = y y = z x = z (transitivity) ∀ ∧ → x¯, y¯. xi = yi (p(¯x) p(¯y)) define = to be an equivalence relation. ∀ ! → ↔ i^=1 Axiom schema (predicate) 4. for each positive integer n and n-ary function symbol f , n Thus, for unary p, the axiom is x¯, y¯. xi = yi f (¯x)= f (¯y) ∀ ! → x′, y ′.x′ = y ′ (p(x′) p(y ′)) i^=1 ∀ → ↔ (function) Therefore, For example, for unary f , the axiom is a = b (p(a) p(b)) → ↔ x′, y ′. x′ = y ′ f (x′)= f (y ′) is TE -valid. (x′ a, y ′ b). ∀ → → → Therefore, x = g(y, z) f (x)= f (g(y, z)) → is T -valid. (x x, y g(y, z)). E ′ → ′ → Page 3 of 48 Page 4 of 48 We discuss TE -formulae without predicates Equivalence and Congruence Relations: Basics For example, for Σ -formula E Binary relation R over set S F : p(x) q(x, y) q(y, z) q(x, z) is an equivalence relation if ∧ ∧ → ¬ • ◮ reflexive: s S. sRs; introduce fresh constant and fresh functions fp and fq, and ∀ ∈ • ◮ symmetric: s1, s2 S. s1 R s2 s2 R s1; transform F to ∀ ∈ → ◮ transitive: s , s , s S. s R s s R s s R s . ∀ 1 2 3 ∈ 1 2 ∧ 2 3 → 1 3 G : f (x)= f (x, y)= f (y, z)= f (x, z) = . p • ∧ q • ∧ q • → q 6 • Example: Define the binary relation 2 over the set Z of integers ≡ m n iff (m mod 2) = (n mod 2) ≡2 That is, m, n Z are related iff they are both even or both odd. ∈ is an equivalence relation ≡2 is a congruence relation if in addition • n s, t. s R t f (s) R f (t) . ∀ i i → i^=1 Page 5 of 48 Page 6 of 48 Classes Quotient equivalence equivalence For relation R over set S, The quotient S/R of S by relation R is the congruence congruence equivalence equivalence the class of s S under R is partition of S into classes congruence ∈ congruence def [s]R = s′ S : sRs′ . S/R = [s] : s S . { ∈ } { R ∈ } Example: It satisfies total and disjoint conditions. The equivalence class of 3 under 2 over Z is ≡ Example: The quotient Z/ 2 is a partition of Z. The set of [3] 2 = n Z : n is odd . ≡ ≡ { ∈ } equivalence classes Partitions n Z : n is odd , n Z : n is even A partition P of S is a set of subsets of S that is {{ ∈ } { ∈ }} ◮ total S′ = S Note duality between relations and classes S P ! [′∈ ◮ disjoint S , S P. S = S S S = ∀ 1 2 ∈ 1 6 2 → 1 ∩ 2 ∅ Page 7 of 48 Page 8 of 48 Refinements Closures Two binary relations R1 and R2 over set S. Given binary relation R over S. R is a refinement of R , R R , if The equivalence closure RE of R is the equivalence relation s.t. 1 2 1 ≺ 2 E E ◮ R refines R , i.e. R R ; s1, s2 S. s1R1s2 s1R2s2 . ≺ ∀ ∈ → ◮ for all other equivalence relations R′ s.t. R R′, E E ≺ R refines R . either R′ = R or R R′ 1 2 ≺ That is, RE is the “smallest” equivalence relation that “covers” R. Examples: Example: If S = a, b, c, d and R = aRb, bRc, dRd , then ◮ For S = a, b , { } { } { } aRE b, bRE c, dRE d since R RE ; R1 : aR1b R2 : aR2b, bR2b • ⊆ { } { } aRE a, bRE b, cRE c by reflexivity; Then R1 R2 • ≺ bRE a, cRE b by symmetry; ◮ For set Z • aRE c by transitivity; R1 : xR1y : x mod 2 = y mod 2 • { } cRE a by symmetry. R2 : xR2y : x mod 4 = y mod 4 • { } Then R R . 2 ≺ 1 Similarly, the congruence closure RC of R is the “smallest” congruence relation that “covers” R. Page 9 of 48 Page 10 of 48 TE -satisfiability and Congruence Classes I TE -satisfiability and Congruence Classes II Given Σ -formula F Definition: For ΣE -formula E F : s1 = t1 sm = tm sm+1 = tm+1 sn = tn F : s1 = t1 sm = tm sm+1 = tm+1 sn = tn ∧ ··· ∧ ∧ 6 ∧ ··· ∧ 6 ∧ ··· ∧ ∧ 6 ∧ ··· ∧ 6 with subterm set SF , F is TE -satisfiable iff there exists a the subterm set S of F is the set that contains precisely F congruence relation over S such that the subterms of F . ∼ F ◮ for each i 1,..., m , si ti ; Example: The subterm set of ∈ { } ∼ ◮ for each i m + 1,..., n , s t . ∈ { } i 6∼ i F : f (a, b)= a f (f (a, b), b) = a ∧ 6 Such congruence relation defines TE -interpretation I : (DI , αI ) ∼ of F . D consists of S / elements, one for each congruence is I | F ∼| S = a, b, f (a, b), f (f (a, b), b) . class of SF under . F { } ∼ Note: we consider only quantifier-free conjunctive Σ -formulae. Instead of writing I = F for this T -interpretation, we abbreviate E | E Convert non-conjunctive formula F to DNF F , where each = F i i ∼ | disjunct Fi is a conjunction of =, =. Check each disjunct Fi . F is 6 W The goal of the algorithm is to construct the congruence relation TE -satisfiable iff at least one disjunct Fi is TE -satisfiable. over SF , or to prove that no congruence relation exists. Page 11 of 48 Page 12 of 48 Congruence Closure Algorithm Congruence Closure Algorithm (Details) F : s1 = t1 sm = tm sm+1 = tm+1 sn = tn Initially, begin with the finest congruence relation given by the ∧ ··· ∧ ∧ 6 ∧ ··· ∧ 6 ∼0 generate congruence closure search for contradiction partition s : s S . | {z } | {z } {{ } ∈ F } Decide if F is TE -satisfiable. That is, let each term over SF be its own congruence class. The algorithm performs the following steps: Then, for each i 1,..., m , impose s = t by merging the ∈ { } i i 1. Construct the congruence closure of congruence classes ∼ s = t ,..., s = t [si ] i 1 and [ti ] i 1 { 1 1 m m} ∼ − ∼ − to form a new congruence relation . over the subterm set SF . Then ∼i To accomplish this merging, = s1 = t1 sm = tm . ◮ form the union of [si ] i 1 and [ti ] i 1 ∼ | ∧ ··· ∧ ∼ − ∼ − ◮ propagate any new congruences that arise within this union. 2. If for any i m + 1,..., n , si ti , return unsatisfiable. ∈ { } ∼ The new relation is a congruence relation in which s t . 3. Otherwise, = F , so return satisfiable. ∼i i ∼ i ∼| How do we actually construct the congruence closure in Step 1? Page 13 of 48 Page 14 of 48 Congruence Closure Algorithm: Example 1 I Congruence Closure Algorithm: Example 1 II This partition represents the congruence closure of S . Given ΣE -formula F Is it the case that F : f (a, b)= a f (f (a, b), b) = a ∧ 6 a, f (a, b), f (f (a, b), b) , b = F ? {{ } { }} | Construct initial partition by letting each member of the subterm No, as f (f (a, b), b) a but F asserts that f (f (a, b), b) = a. set SF be its own class: ∼ 6 1. a , b , f (a, b) , f (f (a, b), b) Hence, F is TE -unsatisfiable. {{ } { } { } { }} According to the first literal f (a, b)= a, merge f (a, b) and a { } { } to form partition 2. a, f (a, b) , b , f (f (a, b), b) {{ } { } { }} According to the (function) congruence axiom, f (a, b) a, b b implies f (f (a, b), b) f (a, b) , ∼ ∼ ∼ resulting in the new partition 3. a, f (a, b), f (f (a, b), b) , b {{ } { }} Page 15 of 48 Page 16 of 48 Congruence Closure Algorithm: Example 2 I Congruence Closure Algorithm: Example 2 II Example: Given ΣE -formula 3. a, f 3(a) , f (a), f 4(a) , f 2(a), f 5(a) . {{ } { } { }} F : f (f (f (a))) = a f (f (f (f (f (a))))) = a f (a) = a From the second literal, f 5(a)= a, merge ∧ ∧ 6 From the subterm set SF , the initial partition is f 2(a), f 5(a) and a, f 3(a) 1. a , f (a) , f 2(a) , f 3(a) , f 4(a) , f 5(a) { } { } {{ } { } { } { } { } { }} to form the partition where, for example, f 3(a) abbreviates f (f (f (a))). 4. a, f 2(a), f 3(a), f 5(a) , f (a), f 4(a) . According to the literal f 3(a)= a, merge {{ } { }} Propagating the congruence f 3(a) and a . { } { } f 3(a) f 2(a) f (f 3(a)) f (f 2(a)) i.e. f 4(a) f 3(a) From the union, ∼ ⇒ ∼ ∼ 2. a, f 3(a) , f (a) , f 2(a) , f 4(a) , f 5(a) yields the partition {{ } { } { } { } { }} 5. a, f (a), f 2(a), f 3(a), f 4(a), f 5(a) , deduce the following congruence propagations: {{ }} f 3(a) a f (f 3(a)) f (a) i.e.