The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura...
Transcript of The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura...
![Page 1: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/1.jpg)
The Strategy Challenge in SMT Solving (part I) IWS 2012, Manchester, UK
Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge)
![Page 2: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/2.jpg)
A Satisfiability Checker
with built-in support for useful theories
![Page 3: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/3.jpg)
b + 2 = c and f(read(write(a,b,3), c-2) ≠ f(c-b+1)
![Page 4: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/4.jpg)
Arithmetic
b + 2 = c and f(read(write(a,b,3), c-2) ≠ f(c-b+1)
![Page 5: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/5.jpg)
Arithmetic Array Theory
b + 2 = c and f(read(write(a,b,3), c-2) ≠ f(c-b+1)
![Page 6: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/6.jpg)
Arithmetic Array Theory Uninterpreted
Functions
b + 2 = c and f(read(write(a,b,3), c-2) ≠ f(c-b+1)
![Page 7: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/7.jpg)
Scalability (huge formulas)
Complexity
Undecidability
Quantified formulas
Nonlinear arithmetic
![Page 8: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/8.jpg)
Basic Idea x 0, y = x + 1, (y > 2 y < 1)
p1, p2, (p3 p4)
Abstract (aka “naming” atoms)
p1 (x 0), p2 (y = x + 1),
p3 (y > 2), p4 (y < 1)
![Page 9: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/9.jpg)
Basic Idea x 0, y = x + 1, (y > 2 y < 1)
p1, p2, (p3 p4)
Abstract (aka “naming” atoms)
p1 (x 0), p2 (y = x + 1),
p3 (y > 2), p4 (y < 1)
SAT Solver
![Page 10: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/10.jpg)
Basic Idea x 0, y = x + 1, (y > 2 y < 1)
p1, p2, (p3 p4)
Abstract (aka “naming” atoms)
p1 (x 0), p2 (y = x + 1),
p3 (y > 2), p4 (y < 1)
SAT Solver
Assignment p1, p2, p3, p4
![Page 11: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/11.jpg)
Basic Idea x 0, y = x + 1, (y > 2 y < 1)
p1, p2, (p3 p4)
Abstract (aka “naming” atoms)
p1 (x 0), p2 (y = x + 1),
p3 (y > 2), p4 (y < 1)
SAT Solver
Assignment p1, p2, p3, p4 x 0, y = x + 1,
(y > 2), y < 1
![Page 12: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/12.jpg)
Basic Idea x 0, y = x + 1, (y > 2 y < 1)
p1, p2, (p3 p4)
Abstract (aka “naming” atoms)
p1 (x 0), p2 (y = x + 1),
p3 (y > 2), p4 (y < 1)
SAT Solver
Assignment p1, p2, p3, p4 x 0, y = x + 1,
(y > 2), y < 1
Theory Solver
Unsatisfiable
x 0, y = x + 1, y < 1
![Page 13: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/13.jpg)
Basic Idea x 0, y = x + 1, (y > 2 y < 1)
p1, p2, (p3 p4)
Abstract (aka “naming” atoms)
p1 (x 0), p2 (y = x + 1),
p3 (y > 2), p4 (y < 1)
SAT Solver
Assignment p1, p2, p3, p4 x 0, y = x + 1,
(y > 2), y < 1
Theory Solver
Unsatisfiable
x 0, y = x + 1, y < 1
New Lemma
p1p2p4
![Page 14: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/14.jpg)
Theory Solver
Unsatisfiable
x 0, y = x + 1, y < 1
New Lemma
p1p2p4
AKA
Theory conflict
![Page 15: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/15.jpg)
![Page 16: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/16.jpg)
Current SMT solvers provide
a combination
of different engines
![Page 17: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/17.jpg)
DPLL
Simplex
Grobner Basis
-elimination
Superposition
Simplification
Congruence Closure
KB Completion
SMT
…
![Page 18: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/18.jpg)
Theorem Prover/ Satisfiability Checker
F Satisfiable
(model)
Unsatisfiable
(proof) Config
Z3 has approx. 300 options
![Page 19: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/19.jpg)
Actual feedback provided by Z3 users:
“Could you send me your CNF converter?”
“I want to implement my own search strategy.”
“I want to include these rewriting rules in Z3.”
“I want to apply a substitution to term t.”
“I want to compute the set of implied equalities.”
![Page 20: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/20.jpg)
To build theoretical and practical tools allowing users to exert strategic control
over core heuristic aspects of high performance SMT solvers.
![Page 21: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/21.jpg)
Theorem proving as an exercise of combinatorial search
Strategies are adaptations of general search mechanisms which reduce the search space by tailoring its exploration to a particular class of formulas.
![Page 22: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/22.jpg)
Different Strategies for Different Domains.
![Page 23: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/23.jpg)
Different Strategies for Different Domains.
From timeout to 0.05 secs…
![Page 24: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/24.jpg)
Hardware Fixpoint Checks.
Given: and
Ranking function synthesis.
Join work with C. Wintersteiger and Y. Hamadi
FMCAD 2010
QBVF = Quantifiers + Bit-vectors + uninterpreted functions
![Page 25: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/25.jpg)
![Page 26: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/26.jpg)
![Page 27: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/27.jpg)
Z3 is using different engines:
rewriting, simplification, model checking, SAT, …
Z3 is using a customized strategy.
We could do it because
we have access to the source code.
![Page 28: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/28.jpg)
SMT solvers are collections of little engines.
They should provide access to these engines.
Users should be able to define their own strategies.
![Page 29: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/29.jpg)
Tactic
goal
subgoals
Proof builder
![Page 30: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/30.jpg)
Proofs for subgoals
Proof builder
Proof for goal
Tactic goal
subgoals
Proof builder
![Page 31: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/31.jpg)
Tactic goal
Tactic
Tactic
Proof builder
Proof builder
Proof builder
![Page 32: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/32.jpg)
Proof Builder
proof
Proof Builder
Proof Builder
![Page 33: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/33.jpg)
Proof Builder
proof
Proof Builder
Proof Builder
thm in LCF terminology
proof in LCF terminology
![Page 34: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/34.jpg)
then( , ) = Tactic Tactic Tactic
orelse( , ) = Tactic Tactic Tactic
repeat( ) = Tactic Tactic
![Page 35: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/35.jpg)
Tactic
goal
subgoals
Proof builder
Model builder
![Page 36: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/36.jpg)
![Page 37: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/37.jpg)
end-game tactics: never return unknown(sb, mc, pc)
![Page 38: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/38.jpg)
non-branching tactics: sb is a sigleton in
unknown(sb, mc, pc)
![Page 39: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/39.jpg)
Empty goal [ ] is trivially satisfiable
False goal [ …, false, …] is trivially unsatisfiable
basic : tactic
![Page 40: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/40.jpg)
Tactic: elim-vars
Proof builder
Model builder
![Page 41: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/41.jpg)
Tactic: elim-vars
Proof builder
Model builder
M
M, M(a) = M(b) + 1
![Page 42: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/42.jpg)
Tactic: split-or
Proof builder
Model builder
![Page 43: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/43.jpg)
simplify
nnf
cnf
tseitin
lift-if
bitblast
gb
vts
propagate-bounds
propagate-values
split-ineqs
split-eqs
rewrite
p-cad
sat
solve-eqs
![Page 44: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/44.jpg)
![Page 45: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/45.jpg)
![Page 46: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/46.jpg)
![Page 47: The Strategy Challenge in SMT Solving (part I) · IWS 2012, Manchester, UK Leonardo de Moura (Microsoft Research) and Grant Passmore (University of Cambridge) A Satisfiability Checker](https://reader033.fdocuments.in/reader033/viewer/2022061003/60b1ced796e6aa60120d3c49/html5/thumbnails/47.jpg)
http://rise4fun.com/z3/tutorial/strategies (SMT 2.0) http://rise4fun.com/z3py/tutorial/strategies (Python)