1Budapest University of Technology and EconomicsDepartment of Measurement and Information Systems

SAT/SMT/ARIntroduction and Applications

Ákos Hajdu

2

About me

Ákos Hajdu

o PhD student at BME MIT (2016 – )

o Supervisor: Dr. Zoltán Micskei

o Topic: Applying counterexample-guidedabstraction refinement in model checking

hajdua@mit.bme.huinf.mit.bme.hu/members/hajdua

3

References

This presentation is based on the talks presented at the SAT/SMT/AR Summer School 2016

Some content (text, figures, examples) of this presentation is copied from the presentationsof the school, available athttp://ssa-school-2016.it.uu.se/programme/

4

History of the school

SAT/SMT (2011 – 2015)

o 2011: MIT, USA

o 2012: Trento, Italy

o 2013: Espoo, Finland

o 2014: Semmering, Austria

o 2015: Stanford, USA

SAT/SMT/AR (2016 – )

o 2016: Lisbon, Portugal

• http://ssa-school-2016.it.uu.se/

5

Overview

SAT

o Boolean satisfiability

o Boolean variables and operators

o Problem: is the formula satisfiable?

AR

o Automated Reasoning

o First order logic

o Problem: theorem proving

SMT

o Satisfiability Modulo Theories

o First order logic, but interpreted symbols

o Problem: is the formula satisfiable?

¬𝑝 ∧ (𝑝 ∨ 𝑞)

∀𝑥, 𝑦 ∃𝑧: 𝑝(𝑓 𝑥, 𝑦 , 𝑔 𝑧 )

(𝑥 ≤ 𝑦 + 1) ∧ (𝑦 ≥ 3)

6

SAT basics

Building blocks

o Boolean variables

o Literals (variable or negation)

o Clauses (disjunction of literals)

o Formulas (conjunction of clauses)

SAT problem

o Decide if a variable assignment existsthat evaluates the formula to true

o In theory: NP-complete

o In practice: efficient solversAnnual SAT competition: http://baldur.iti.kit.edu/sat-competition-2016/

𝑥, 𝑦, 𝑧, …

𝑥, ¬𝑥, 𝑦, ¬𝑦, 𝑧, ¬𝑧, …

(𝑥 ∨ 𝑦 ∨ ¬𝑧)

(𝑥 ∨ 𝑦) ∧ (¬𝑥 ∨ 𝑧)

SAT solver

Formula

UNSATSAT

7

SAT in practice

http://ssa-school-2016.it.uu.se/wp-content/uploads/2016/06/LaurentSimon.pdf

8

SAT in practice

Randomly generatedproblem

Real world problem(bounded model checking)

http://ssa-school-2016.it.uu.se/wp-content/uploads/2016/06/LaurentSimon.pdf

9

SAT in practice

Wide range of applications

http://ssa-school-2016.it.uu.se/wp-content/uploads/2016/06/jpms-satsmtar16-slides.pdf

10

SAT modeling

Graph 𝐺 = (𝑉, 𝐸), coloring with 𝑘 colors

o 𝑥𝑖,𝑗 = 1 if vertex 𝑣𝑖 has 𝑗th color

o Guarantee valid coloring

• (¬𝑥𝑖,𝑗 ∨ ¬𝑥𝑙,𝑗) for all 𝑣𝑖 , 𝑣𝑙 ∈ 𝐸 and 𝑗 ∈ 1,… , 𝑘

o All vertices should have some color

• 𝑥𝑖,1 ∨ 𝑥𝑖,2 ∨ ⋯∨ 𝑥𝑖,𝑘 for all 𝑣𝑖 ∈ 𝑉

Valid Invalid

11

SAT modeling

Sudoku

o 𝑣𝑖,𝑗,𝑘 = 1 if the value in row 𝑖 and cell 𝑗 is 𝑘

o Each cell has exactly one value

• 𝑘=19 𝑣𝑖,𝑗,𝑘 = 1 for all 𝑖, 𝑗 ∈ {1, … , 9}

o Each value used exactly once in each row

• 𝑗=19 𝑣𝑖,𝑗,𝑘 = 1 for all 𝑖, 𝑘 ∈ {1, … , 9}

o Each value used exactly once in each column

• 𝑖=19 𝑣𝑖,𝑗,𝑘 = 1 for all 𝑗, 𝑘 ∈ {1, … , 9}

o Each value used exactly once in each 3x3 sub-grid

• 𝑟=13 𝑠=1

3 𝑣3𝑖+𝑟,3𝑗+𝑠,𝑘 = 1 for all 𝑖, 𝑗 ∈ {0, … , 2} and 𝑘 ∈ {1,… , 9}

o Fixed cells

• 𝑣1,1,5 = 1, 𝑣1,2,3 = 1, 𝑣1,5,7 = 1, 𝑣2,1,6 = 1, …

12

Modeling challenges

Non-conjunctive formulas

o Introduce auxiliary variables (Tseitin transformation)

o Linear increase of the formula size

Cardinality constraints

o 𝑗=1𝑛 𝑥𝑗 ≥ 1: 𝑥1 ∨ 𝑥2 ∨ ⋯∨ 𝑥𝑛

o 𝑗=1𝑛 𝑥𝑗 ≤ 1:

• Pairwise: 𝑂(𝑛2) clauses

• Sequential counter: 𝑂(𝑛) clauses + 𝑂(𝑛) new variables

• Bitwise: 𝑂(𝑛 log 𝑛) clauses + 𝑂(log 𝑛) new variables

o Can be generalized from 1 to 𝑘

(𝑝 ∨ 𝑞) ↔ (𝑝 ∧ 𝑞 ∨ 𝑟)

13

Modeling challenges

Pseudo-Boolean constraints

o 𝑗=1𝑛 𝑎𝑗𝑥𝑗 ≤ 𝑏

o Binary Decision Diagram (BDD): exponential clauses

o Watchdog encoding: 𝑂(𝑛3 log(𝑛) log(𝑎𝑚𝑎𝑥)) clauses + 𝑂(𝑛2 log 𝑛 log(𝑎𝑚𝑎𝑥)) new variables

CSP constraints

o Direct encoding

• 𝑥𝑖 variable with domain 𝐷𝑖, 𝑚𝑖 = 𝐷𝑖

• 𝑥𝑖,1, … , 𝑥𝑖,𝑚𝑖variables, 𝑘=1

𝑚𝑖 𝑥𝑖,𝑘 = 1

• If 𝑥𝑖 = 𝑣𝑖 ∧ 𝑥𝑗 = 𝑣𝑗 is not valid, add a clause: (¬𝑥𝑖,𝑣𝑖 ∨ ¬𝑥𝑗,𝑣𝑗)

o There are other, more efficient encodings

14

SAT solver algorithms

DP-60

o Eliminate variables step by step with resolution𝑥1 ∨ 𝑥4

¬𝑥1 ∨ 𝑥4 ∨ 𝑥14¬𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥1 ∨ 𝑥5 ∨ ¬𝑥9𝑥2 ∨ 𝑥11

¬𝑥3 ∨ ¬𝑥7 ∨ 𝑥13¬𝑥3 ∨ ¬𝑥7 ∨ ¬𝑥13 ∨ 𝑥9

𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥9

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14¬𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥1 ∨ 𝑥5 ∨ ¬𝑥9𝑥2 ∨ 𝑥11

¬𝑥3 ∨ ¬𝑥7 ∨ 𝑥13¬𝑥3 ∨ ¬𝑥7 ∨ ¬𝑥13 ∨ 𝑥9

𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥9

𝑥1 ∨

𝑥4𝑥8 ∨ 𝑥12𝑥5 ∨ ¬𝑥9

¬𝑥1 ∨𝑥4 ∨ 𝑥14¬𝑥3 ∨ ¬𝑥8

𝑥4𝑥8 ∨ 𝑥12𝑥5 ∨ ¬𝑥9

∨𝑥4 ∨ 𝑥14¬𝑥3 ∨ ¬𝑥8

𝑥4 ∨ 𝑥4 ∨ 𝑥14𝑥4 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥8 ∨ 𝑥12 ∨ 𝑥4 ∨ 𝑥14𝑥8 ∨ 𝑥12 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥5 ∨ ¬𝑥9 ∨ 𝑥4 ∨ 𝑥14𝑥5 ∨ ¬𝑥9 ∨ ¬𝑥3 ∨ ¬𝑥8

15

SAT solver algorithms

DPLL-62

o Backtrack search

• Pick a literal

• Search for solution by setting the literal to true

• If conflicting, set literal to false

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥2 ∨ 𝑥12

¬𝑥3 ∨ ¬𝑥12 ∨ 𝑥13¬𝑥3 ∨ 𝑥7 ∨ ¬𝑥13𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥12

Level Literal Backtrack1 ¬𝑥1 X

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥2 ∨ 𝑥12

¬𝑥3 ∨ ¬𝑥12 ∨ 𝑥13¬𝑥3 ∨ 𝑥7 ∨ ¬𝑥13𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥12

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥2 ∨ 𝑥12

¬𝑥3 ∨ ¬𝑥12 ∨ 𝑥13¬𝑥3 ∨ 𝑥7 ∨ ¬𝑥13𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥12

Level Literal Backtrack1 ¬𝑥1 X

𝑥4

Level Literal Backtrack1 ¬𝑥1 X

𝑥42 𝑥3 X

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥2 ∨ 𝑥12

¬𝑥3 ∨ ¬𝑥12 ∨ 𝑥13¬𝑥3 ∨ 𝑥7 ∨ ¬𝑥13𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥12

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥2 ∨ 𝑥12

¬𝑥3 ∨ ¬𝑥12 ∨ 𝑥13¬𝑥3 ∨ 𝑥7 ∨ ¬𝑥13𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥12

Level Literal Backtrack1 ¬𝑥1 X

𝑥42 𝑥3 X

¬𝑥8

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥2 ∨ 𝑥12

¬𝑥3 ∨ ¬𝑥12 ∨ 𝑥13¬𝑥3 ∨ 𝑥7 ∨ ¬𝑥13𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥12

Level Literal Backtrack1 ¬𝑥1 X

𝑥42 𝑥3 X

¬𝑥8𝑥12

Level Literal Backtrack1 ¬𝑥1 X

𝑥42 𝑥3 X

¬𝑥8𝑥12𝑥13

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥2 ∨ 𝑥12

¬𝑥3 ∨ ¬𝑥12 ∨ 𝑥13¬𝑥3 ∨ 𝑥7 ∨ ¬𝑥13𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥12

Level Literal Backtrack1 ¬𝑥1 X

𝑥42 𝑥3 X

¬𝑥8𝑥12𝑥13𝑥7

𝑥1 ∨ 𝑥4¬𝑥1 ∨ 𝑥4 ∨ 𝑥14𝑥1 ∨ ¬𝑥3 ∨ ¬𝑥8𝑥1 ∨ 𝑥8 ∨ 𝑥12𝑥2 ∨ 𝑥12

¬𝑥3 ∨ ¬𝑥12 ∨ 𝑥13¬𝑥3 ∨ 𝑥7 ∨ ¬𝑥13𝑥8 ∨ ¬𝑥7 ∨ ¬𝑥12 Conflict, backtrack

16

SAT solver algorithms

DPLL-62 problems

o Selecting the literal

• Bad decisions at the beginning can have a high cost

o Only chronological backtracking

CDCL algorithms (2001 – )

o Conflict Driven Clause Learning

o Learn new clause from conflict

o Non-chronological backtrack and restart is possible

17

SAT extensions

MUS: Minimal Unsatisfiable Subset

o Minimal explanation of inconsistency

MCS: Minimal Correction Subset

o Minimal relaxation to recover consistency

Application: analysis of over-constrained systems

o Software/hardware model checking

o Model-based diagnosis

o Maximum feasible subsystem

o Timetable/scheduling

o…

18

SAT extensions

MaxSAT

o Maximize the number of satisfied clauses

o Weighted MaxSAT: assign weights to clauses

o Partial MaxSAT: „hard” clauses that must be satisfied

o Application: optimization problems

QBF (Quantified Boolean Formulas)

o Quantified formulas (∀, ∃)

o Application: e.g. bounded model checking

o Harder than SAT if NP ≠ PSPACE• This is reflected in the complexity of solvers

• But allows for exponentially more succinct encodings than SAT

19

Overview

SAT

o Boolean satisfiability

o Boolean variables and operators

o Problem: is the formula satisfiable?

AR

o Automated Reasoning

o First order logic

o Problem: theorem proving

SMT

o Satisfiability Modulo Theories

o First order logic, but interpreted symbols

o Problem: is the formula satisfiable?

¬𝑝 ∧ (𝑝 ∨ 𝑞)

∀𝑥, 𝑦 ∃𝑧: 𝑝(𝑓 𝑥, 𝑦 , 𝑔 𝑧 )

(𝑥 ≤ 𝑦 + 1) ∧ (𝑦 ≥ 3)

20

AR basics

Expressiveness of SAT is not always enough

First Order Logic (FOL)

o Symbolic knowledge representation and reasoning

o Building blocks

• Simple terms: constants, variables

• Complex terms: functions

• Atoms: predicates

• Literals: atom or negation

• Formulas: connectives and quantifiers

• Partial order between elements

𝑎, 𝑏, 𝑐, … 𝑥, 𝑦, 𝑧, …

𝑓 𝑎, 𝑏 , 𝑔(𝑧)

𝑝 𝑥, 𝑦 , 𝑎 = 𝑏

𝑝 𝑥, 𝑦 , ¬𝑝(𝑥, 𝑦)

∀𝑥∃𝑦: 𝑝(𝑓 𝑥 , 𝑦) ∧ 𝑥 ≠ 𝑦

𝑓 𝑥, 𝑔 𝑥 ≻ 𝑔(𝑥)

21

AR basics

Theorem proving

o𝐻 set of formulas: assumptions, hypotheses

o 𝜑 formula: conjecture

o Theorem proving problem: 𝐻 ⇒ 𝜑?

o Drawback: infinitely many interpretations on infinitely many domains

In theory

o Gödel: completeness

o Turing: undecidability

o Herbrand: semi-decidability

22

AR basics

Applicationso Software and hardware verificationo Static analysiso Reasoning in knowledge baseso Mathematical theorem proving

Example: arrayso Axioms

• ∀𝑎, 𝑖, 𝑗: 𝑖 = 𝑗 → 𝑎 𝑖 = 𝑎 𝑗

• ∀𝑎, 𝑣, 𝑖, 𝑗: 𝑖 = 𝑗 → store 𝑎, 𝑖, 𝑣 𝑗 = 𝑣

• ∀𝑎, 𝑣, 𝑖, 𝑗: 𝑖 ≠ 𝑗 → store 𝑎, 𝑖, 𝑣 𝑗 = 𝑎[𝑗]

o Theorem

• ∀𝑎, 𝑖, 𝑗:store store 𝑎, 𝑖, 𝑎 𝑗 , 𝑗, 𝑎 𝑖 = store(store 𝑎, 𝑗, 𝑎 𝑖 , 𝑖, 𝑎 𝑗 )

23

Theorem provers

Inference system

o Set of inference rules

o Expansion or contraction of a set of formulas

Contraction

o Subsumption

o Simplification

Expansion

o Resolution

o Superposition

𝑝 𝑥 ∨ 𝑞 𝑥 , ¬𝑝(𝑓(𝑎)) ∨ r(a)𝑞(𝑓(𝑎)) ∨ r(a)

𝑝 𝑥, 𝑦 ∨ 𝑞 𝑧 , 𝑝(𝑎, 𝑎) ∨ 𝑞(𝑏) ∨ r(a)𝑝 𝑥, 𝑦 ∨ 𝑞 𝑧

𝑓 𝑧, 𝑒 = 𝑧, 𝑓 𝑙 𝑥, 𝑦 , 𝑦 = 𝑥𝑙 𝑥, 𝑒 = 𝑥

𝑓 𝑥 = 𝑥, 𝑝(𝑓(𝑎)) ∨ q(a)𝑓 𝑥 = 𝑥, 𝑝(𝑎) ∨ q(a)

24

Theorem provers

Search plan

o Which rule to use?

o Fairness: use all rules that are needed

o Redundancy: avoid redundant clauses

Strategy = inference system + search plan

Algorithms

o Ordering-based

o Subgoal-reduction

o Semantically-Guided Goal-sensitive

25

AR in practice

Toolso Otter, EQP, Prover9

o SNARK

o SPASS

o E

o Vampire

o leanCoP

o iProver

o Meris, MetiTarski

CASCo The CADE ATP System Competition

26

Overview

SAT

o Boolean satisfiability

o Boolean variables and operators

o Problem: is the formula satisfiable?

AR

o Automated Reasoning

o First order logic

o Problem: theorem proving

SMT

o Satisfiability Modulo Theories

o First order logic, but interpreted symbols

o Problem: is the formula satisfiable?

¬𝑝 ∧ (𝑝 ∨ 𝑞)

∀𝑥, 𝑦 ∃𝑧: 𝑝(𝑓 𝑥, 𝑦 , 𝑔 𝑧 )

(𝑥 ≤ 𝑦 + 1) ∧ (𝑦 ≥ 3)

27

SMT basics

First order logic is undecidable

In practice, symbols often have an interpretation in some theory

o Integers, reals, arrays, …

o Decidable theories (or fragments)

SMT problem

o Check if a FOL formula is satisfiablemodulo the background theories

o Example (QF_UFLRA)𝑧 = 1 ∨ 𝑧 = 0 ∧ 𝑥 − 𝑦 + 𝑧 = 1 ∧ 𝑓 𝑥 > 𝑓 𝑦

SMT solver

Formula

UNSATSAT

Theories

28

SMT modeling

Example: schedule 3 jobs, each composed of 2 consecutive tasks, on 2 machines in 8 time units

Machine1 Machine2

Job1 2 1

Job2 3 1

Job3 2 3

𝑡1,1 ≥ 0 ∧ 𝑡1,2 ≥ 𝑡1,1 + 2 ∧ 𝑡1,2 + 1 ≤ 8

𝑡2,1 ≥ 0 ∧ 𝑡2,2 ≥ 𝑡2,1 + 3 ∧ (𝑡2,2 + 1 ≤ 8)

𝑡3,1 ≥ 0 ∧ 𝑡3,2 ≥ 𝑡3,1 + 2 ∧ 𝑡3,2 + 3 ≤ 8

((𝑡1,1 ≥ 𝑡2,1 + 3) ∨ (𝑡2,1 ≥ 𝑡1,1 + 2)((𝑡1,1 ≥ 𝑡3,1 + 2) ∨ (𝑡3,1 ≥ 𝑡1,1 + 2)

((𝑡2,1 ≥ 𝑡3,1 + 2) ∨ (𝑡3,1 ≥ 𝑡2,1 + 3)

((𝑡1,2 ≥ 𝑡2,2 + 1) ∨ (𝑡2,2 ≥ 𝑡1,2 + 1)((𝑡1,2 ≥ 𝑡3,2 + 3) ∨ (𝑡3,2 ≥ 𝑡1,2 + 1)

((𝑡2,2 ≥ 𝑡3,2 + 3) ∨ (𝑡3,2 ≥ 𝑡2,2 + 1)

𝑡1,1 = 5 𝑡1,2 = 7

𝑡2,1 = 2 𝑡2,2 = 6𝑡3,1 = 0 𝑡3,2 = 3

29

SMT modeling

Example: is the code correct?

void swap(int* a, int* b) {*a = *a + *b;*b = *a - *b;*a = *a - *b;

}

ℎ1 = store(ℎ0, 𝑎, ℎ0 𝑎 +32 ℎ0[𝑏])ℎ2 = store(ℎ1, 𝑏, ℎ1 𝑎 −32 ℎ1[𝑏])ℎ3 = store(ℎ2, 𝑎, ℎ2 𝑎 −32 ℎ2[𝑏])

¬ ℎ3 𝑎 = ℎ0[𝑏] ∧ ℎ3 𝑏 = ℎ0[𝑎]

𝑎 = 0, 𝑏 = 0ℎ0 0 = 1, ℎ1 0 = 2ℎ2 0 = 0 ℎ3 0 = 0

30

SMT theories

Uninterpreted functions and equality

Arrays

Arithmetic (integer/ real)o Difference logic

o Linear arithmetic

o Nonlinear arithmetic

Bitvectors

Quantifiers

…

Combinations are also possible

𝑓 𝑔 𝑥 = 𝑥

store 𝑎, 𝑖, 𝑒 𝑖 = 𝑒

𝑥 − 𝑦 ≤ 1

2𝑥 − 3𝑦 + 4𝑧 ≤ 5

𝑥2 + 3𝑥𝑦 + 𝑦2 > 0

~𝑎 & 𝑎 +32 1 > 𝑎

∀𝑥∃𝑦

31

SMT logics

http://smtlib.cs.uiowa.edu/logics.shtml

32

SMT algorithms

Theory solver: decision procedure for a conjunction of literals in a theoryo Example: linear real arithmetic

• Literals: linear (in)equalities• Conjunction: system of linear (in)equalities simplex algorithm

Basic algorithmo Convert formula to disjunctive normal form

• ¬𝑙0 ∧ ¬𝑙1 ∧ 𝑙2 ∨ 𝑙3 ∧ ¬𝑙4 ∨ (𝑙5 ∧ 𝑙6)

o Check if any of the disjuncts is satisfiable

Lazy algorithmo Introduce Boolean variables for SMT literalso Apply SAT solver, check literals selected by the solver

• If not satisfiable → add a blocking clause

33

SAT solverTheory solver

¬ 𝑎 ≥ 3 ∧ (𝑎 ≥ 3 ∨ 𝑎 ≥ 5)

Lazy SMT

Example

¬ 𝑎 ≥ 3 ∧ (𝑎 ≥ 3 ∨ 𝑎 ≥ 5) ¬𝑥 ∧ (𝑥 ∨ 𝑦)

𝑥 = 0, 𝑦 = 1¬ 𝑎 ≥ 3 ∧ (𝑎 ≥ 5)

𝑎 ≥ 3 ∨ ¬(𝑎 ≥ 5)

𝑥 ∨ ¬𝑦

𝑥 ∨ ¬𝑦 ∧ ¬𝑥 ∧ (𝑥 ∨ 𝑦)

UNSAT

UNSAT

Blocking clause

34

SMT algorithms

DPLL(T) algorithm

o Lazy SMT + tight integration with SAT solver

• Incremental

• Backtrack

• Propagation

• Conflicts

http://ssa-school-2016.it.uu.se/wp-content/uploads/2016/06/jovanovic.pdf

35

Theory solvers

Uninterpreted functionso Congruence closure

Difference logico Map to a graph and search for negative cycle

Linear arithmetico Reals: variant of simplex algorithm

o Integers: branch & bound algorithm

Arrayso Use uninterpreted functions and refine if needed

Bitvectorso Map to SAT (bit blasting)

36

SMT in practice

SMT-LIB: international initiative

o Standard descriptions of theories

o Common input/output language

o Connect the community

o Large benchmark library

o Related software tools

Actively developed solvers (as of 2015)

o Alt-Ergo, AProVE, Boolector, CVC4, MathSAT 5, OpenSMT 2, raSAT, SMTInterpol, SMT-RAT, STP,veriT, Yices 2, Z3

http://smtlib.cs.uiowa.edu/

37

SMT in practice

> (set-option :print-success false)

> (set-option :produce-models true)

> (set-option :interactive-mode true)

> (set-logic QF_LIA)

> (declare-fun x () Int)

> (declare-fun y () Int)

> (assert (= (+ x (* 2 y)) 20))

> (assert (= (- x y) 2))

> (check-sat)

sat

> (get-value (x y))

((x 8)(y 6))

𝑥 + 2𝑦 = 20𝑥 − 𝑦 = 2

Constant: functionwith no parameter

http://smtlib.github.io/jSMTLIB/SMTLIBTutorial.pdf

𝑥 = 8𝑦 = 6

38

Summary

SAT

o Success story, engine of the engines, low level

AR

o High level, undecidable in general

SMT

o High level, but decidable theories and fragments

¬𝑝 ∧ (𝑝 ∨ 𝑞)

∀𝑥, 𝑦 ∃𝑧: 𝑝(𝑓 𝑥, 𝑦 , 𝑔 𝑧 )

(𝑥 ≤ 𝑦 + 1) ∧ (𝑦 ≥ 3)

hajdua@mit.bme.huinf.mit.bme.hu/members/hajduaQuestions?