WHAT IS AN SMT SOLVER? Jaeheon Yi - April 17, 2008

Size: px

Start display at page:

Download "WHAT IS AN SMT SOLVER? Jaeheon Yi - April 17, 2008"

Lambert Harrington
6 years ago
Views:

1 WHAT IS AN SMT SOLVER? Jaeheon Yi - April 17, 2008

2 WHAT I LL TALK ABOUT Propositional Logic Terminology, Satisfiability, Decision Procedure First-Order Logic Terminology, Background Theories Satisfiability Modulo Theories Combining Theories, SMT Solvers

3 TERMINOLOGY: PROPOSITIONAL LOGIC Propositional variables: Propositional formulae: p, q, r p, φ 1 φ 2, φ 1 φ 2, φ Literals: Clauses: p, p p q r s Conjunctive Normal Form: (p q) r (s q) Truth Assignment: Let p be false, q be true, etc.

4 SATISFIABILITY Given a propositional formula φ, does it have a truth assignment M, such that M = φ? Decidable: there exists a decision procedure for this Complexity: NP-complete

5 DECISION PROCEDURE DPLL Method Sound Complete Backtracking Conjunctive Normal Form Davis, Putnam, Logemann, Loveland: 1960, 1962

6 DECISION PROCEDURE Function DPLL Input: A formula, Output: A boolean φ If φ is consistent Return true If φ contains an empty clause Return false l := choose_literal( φ ) Return DPLL( φ l ) Or DPLL( φ l )

7 DECISION PROCEDURE Performance: Depends on choice of branching literal Satisfying assignment may be found quickly Unsatisfiability requires exhaustive search Modern Heuristics

8 TERMINOLOGY: FIRST-ORDER LOGIC Variables: X = {x 1,x 2,x 3,... } Function Symbols: Predicate Symbols: F = {f 1,f 2,f 3,... } P = {p 1,p 2,p 3,... } Equality, quantification, propositional connectives: =,,,,,

9 TERMINOLOGY: FIRST-ORDER LOGIC Term τ ::= x f(τ 1,..., τ n ) Formula ϕ ::= τ 1 = τ 2 p(τ 1,..., τ n )... Sentence: fully quantified formula Structure: a triple (δ, σ, ι) Domain δ : set of values Signature σ : set of function and predicate symbols, with arities ι Interpretation : what X, F, P do in δ

10 TERMINOLOGY: EXAMPLES Term: x 1, f 1 (x 3 ), f 2 (x 2,f 1 (x 3 )) Formula: Sentence: p 1 (x 1 ), x 1 = f 1 (x 3 ), p 1 (x 1 ), x 1. p 1 (x 1 ) p 2 (x 1,x 2 ) x 1.p 1 (x 1 ), x 3. x 1.x 1 = f 1 (x 3 ) Structure: a triple (δ, σ, ι) δ Domain : N σ Signature : c n 0, for all, ι n N is zero 1 Interpretation : for is_zero: if argument is 0 then true, else false

11 BACKGROUND THEORIES Theory : A set of sentences in signature σ. T σ Some theories: Theory of Equality with Uninterpreted Functions Theory of Integers Theory of Reals Theory of Lists

12 BACKGROUND THEORIES Two ways to define a theory: Enumerate a set of axioms, and close the set under logical consequence Define a structure in which all sentences are satisfied

13 BACKGROUND THEORIES T E Theory of Equality with Uninterpreted Functions ( Empty Theory ) {} T Z (Z, +,, ) Theory of Integers T R Theory of Reals (Q, +,, ) T L Theory of Lists cons(car(x),cdr(x)) = x, car(cons(x,y)) = x, cdr(cons(x,y)) = y,...

14 BACKGROUND THEORIES T E Theory of Equality with Uninterpreted Functions ( Empty Theory ) Undecidable. Quantifier-free fragment is decidable T Z Theory of Integers Decidable. Quantifier-free fragment is NP-complete T R Theory of Reals Decidable. Quantifier-free fragment is solvable in polynomial time T L Theory of Lists Decidable. Quantifier-free fragment is solvable in linear time

15 SATISFIABILITY IN A THEORY Given a signature σ and a theory T σ, a formula ϕ, constructed in σ, is satisfiable in T σ, if ϕ evaluates to true under some interpretation of T σ

16 SATISFIABILITY MODULO THEORIES Assume we have signatures σ 1,..., σ n, and theories T,..., T σ1 σn, so that we have a combined signature σ = σ 1 σ n and combined theory of T σ = T T σ1 σn Is a formula ϕ, constructed in σ, satisfiable in T σ?

17 SMT EXAMPLE Let T = T E T Z. Let s assume we have a formula with the following terms conjuncted: 1 x x 2 Γ = f(x) f(1) f(x) f(2) Is Γsatisfiable in T?

18 DECISION PROCEDURE Nelson-Oppen method Combines decision procedures for first-order theories into a single decision procedure for the union theory - equality symbol is shared ϕ must be quantifier-free Signatures σ 1,..., σ n must be disjoint Theories T σ1,..., T σn must be stably infinite

19 STABLY INFINITE THEORIES For signature σ, a theory T σ is stably infinite, if for every quantifier-free formula ϕ in σ that is satisfiable in T σ, there exists an interpretation satisfying ϕ, whose domain is infinite. T E,T Z,T R,T L are all stably infinite theories. For signature σ = {a, b}, the following theory is not stably infinite: T = { x. x = a x = b}

20 NELSON-OPPEN METHOD Phase 1: Purify Phase 2: Equality Propagation Contradiction Rule Equality Propagation Rule Case Split Rule

21 NELSON-OPPEN METHOD Purify phase: Assume formula from σ 1 σ 2 Γ, a conjunction of literals Convert gamma to conjunction Γ 1 Γ 2, satisfying two properties: Each literal in Γ i is a literal in σ i, for all i Γ 1 Γ 2 is satisfiable in T 1 T 2, iff Γ is

22 NELSON-OPPEN METHOD Purify phase example Assume Formula σ 1 = {f 1 }, σ 2 = {g 1 } Γ = {f(g(x)) g(f(x))} Each term and inequality purified

23 NELSON-OPPEN METHOD Purify phase example Assume Formula σ 1 = {f 1 }, σ 2 = {g 1 } Γ = {f(g(x)) g(f(x))} Each { term and inequality purified Γ = f(g(x)) g(f(x)) }

24 NELSON-OPPEN METHOD Purify phase example Assume Formula σ 1 = {f 1 }, σ 2 = {g 1 } Γ = {f(g(x)) g(f(x))} Each term and inequality purified { } f(w1 ) g(f(x)) Γ = w 1 = g(x)

25 NELSON-OPPEN METHOD Purify phase example Assume Formula σ 1 = {f 1 }, σ 2 = {g 1 } Γ = {f(g(x)) g(f(x))} Each term and inequality purified f(w 1 ) g(w 2 ) Γ = w 1 = g(x) w 2 = f(x)

26 NELSON-OPPEN METHOD Purify phase example Assume Formula σ 1 = {f 1 }, σ 2 = {g 1 } Γ = {f(g(x)) g(f(x))} Each term and inequality purified w 3 w 4 w 1 = g(x) Γ = w 2 = f(x) w 3 = f(w 1 ) w 4 = g(w 2 )

27 NELSON-OPPEN METHOD Purify phase example Assume Formula σ 1 = {f 1 }, σ 2 = {g 1 } Γ = {f(g(x)) g(f(x))} Each term and inequality purified { } w2 = f(x) Γ 1 = w 3 = f(w 1 ) Γ 2 = w 1 = g(x) w 4 = g(w 2 ) w 3 w 4

28 NELSON-OPPEN METHOD Equality Propagation Phase Tree with states Γ 1, Γ 2,E as nodes Initial derivation s 0 : Γ 1, Γ 2, Apply inference rules If all leaves are labeled false, then unsat Else sat

29 NELSON-OPPEN METHOD Equality Propagation Phase Contradiction If unsatisfiable Equality Propagation If equality is satisfiable Γ 1, Γ 2,E false Γ 1, Γ 2,E Γ 1, Γ 2,E {x = y} Case Split Γ 1, Γ 2,E Γ 1, Γ 2,E {x 1 = y 1 } Γ 1, Γ 2,E {x n = y n }

30 NELSON-OPPEN METHOD Equality Propagation Phase example Satisfiability of following formula in T Z T E 1 x 1 x x 2 x 2 Γ = Γ f(x) f(1) Z = w 1 =1 f(x) f(2) w 2 =2 After purify: { f(x) f(w1 ) Γ E = f(x) f(w 2 ) }

31 NELSON-OPPEN METHOD Equality Propagation Phase example Satisfiability of following formula in T Z T E s 0 : Γ Z, Γ E, s 1 : Γ Z, Γ E, {x = w 1 } s 2 : Γ Z, Γ E, {x = w 2 } s 3 : false s 4 : false

32 THEORY CONVEXITY Case-Split inference rule creates many, many subtrees Can be avoided altogether, if the combined theories are convex T R,T E,T L are convex. T Z is not.

33 THEORY CONVEXITY A theory T σ is convex, if for every conjunction Γ of literals in σ, and for every disjunction x 1 = y 1 x n = y n n T Γ = some j i=1 x i = y i iff T Γ = x j = y j, for

34 THEORY CONVEXITY How is T Z not convex? We have a formula: the conjunction Γ = We have a disjunction, x = z y = z x =1 y =2 1 z z 2 While T Z Γ logically implies the disjunction, both x = z and y = z do not logically follow.

35 IMPLEMENTATION Theory of Equality with Uninterpreted Functions has decision procedure: Congruence Closure algorithm E-Graphs: a set of terms, and an equivalence relation on those terms

36 SMT SOLVERS Simplify (HP Research) CVC3 (Stanford) Yices (SRI International) Z3 (MS Research) Paradox (Chalmers)

37 ISSUES Modularity of theories More theories Extending to solve formulas with quantification

38 CONCLUSION Thank you for coming Questions welcome Wanna hack one up?

39 BIBLIOGRAPHY Zohar Manna and Calogero Zarba. Combining Decision Procedures. In Formal Methods at the Crossroads: from Panacea to Foundational Support, Lecture Notes in Computer Science, Volume 2787, Springer-Verlag, November 2003, pp David Detlefs, Greg Nelson, James B. Saxe. Simplify: A Theorem Prover for Program Checking. In Journal of the ACM, Vol 52, No 3, May 2005, pp Greg Nelson and Derek C. Oppen. Simplification by Cooperating Decision Procedures. In ACM Transactions on Programming Languages and Systems, Vol 1, No 2. October 1979, pp Greg Nelson and Derek C. Oppen. Fast Decision Procedures Based on Congruence Closure. In Journal of the ACM, Vol 27, No 2, April 1980, pp Stanley N. Burris. Logic for Mathematics and Computer Science. Prentice Hall, August 1997.

Tutorial 1: Modern SMT Solvers and Verification

University of Illinois at Urbana-Champaign Tutorial 1: Modern SMT Solvers and Verification Sayan Mitra Electrical & Computer Engineering Coordinated Science Laboratory University of Illinois at Urbana