Presentation is loading. Please wait.

Presentation is loading. Please wait.

Nikolaj Bjørner Microsoft Research Lecture 3. DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Nikolaj Bjørner Microsoft Research Lecture 3. DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3."— Presentation transcript:

1 Nikolaj Bjørner Microsoft Research Lecture 3

2 DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3 2Congruence closureProgram exploration with Pex 3A solver for arithmetic.Encoding arithmetic problems 4Theory combination. Arrays (part 1) Arrays 5Arrays, (part 2) and quantifiers Build a theory solver on top of Z3

3 A solver for Arithmetic Lab: Explore Pex Rush hour and bounded model checking

4 Slides for Lecture 5 contains a comprehensive list of references Default pointer, with pointers to pointers: http://research.microsoft.com/projects/z3 http://research.microsoft.com/projects/z3

5

6 Find x, y such that: For reals: Solution: For integers: No solution

7 The set of terms T LA and atoms A LA : t  T LA ::= r  xx   F r  Int/Rational | t + t’ t, t’  T LA Shorthand: x instead of 1  x a  A LA ::= t  t’ t, t’  T LA |t < t’ |t = t’

8 Constraints are of the form x – y  4y – z  7 Example unsatisfiable constraints: x 1 - x 2  -3, x 2 - x 3  1, x 3 - x 4  -2, x 4 - x 1  3 Proof: 0 = (x 1 - x 2 )+(x 2 - x 3 )+(x 3 - x 4 )+(x 4 - x 1 )= -3 + 1 – 2 + 3 = -1

9 Graph interpretation: Variables are nodes. Atoms x – y  c are weighted edges A set of literals is satisfiable iff there is no negative cycle: where C := c 1 + c 2 + c 3 + c 4 < 0. A negative cycle implies a contradiction 0  C < 0.

10 How to find negative cycles? Bellman-Ford style algorithm O(nm), where n – # vertices, m – # edges. Floyd-Warshall O(n 3 ), works OK when m  n 2 for : cost[x,y] := c, else cost[x,y] =  for x  V: for y  V: for z  V: cost[x,y] := min(cost[x,y], cost[x,z] + cost[z,y]) Check that  x. cost[x,x]  0

11 What about  (x – y  c)  (y – x < -c)? x, y integers: (y – x < -c)  (y – x  -c-1) x,y reals: Use infinitesimals . (y – x < -c)  (y – x  -c-  ) Formally, constants are pairs  c,c’  with interpretation c + c’  Sample negative cycle:

12 Not all linear arithmetic uses only two variables per inequality

13 Fourier-Motzkin: Quantifier elimination procedure  x (t  ax  t’  bx  cx  t’’)  ct  at’  ct’  bt’’ Polynomial for difference logic. Generally: exponential space, doubly exponential time. Simplex: Worst-case exponential, but Time-tried practical efficiency. Linear space

14 Simplex general form Pre-processing step Algorithm based on Dual Simplex Efficient backtracking Efficient Theory propagation The following material is from: Dutetre & de Moura CAV 2006

15 General form: Ax = s, l j  x j, s j  u j Example: Only bounds (e.g., s 1  0 ) are asserted during search.

16 Tableau Ax = s is built during pre-processing Bounds are asserted and un-asserted during search

17 Tableau Ax = s is built during pre-processing Bounds are asserted and un-asserted during search Backtracking should be cheap – and it is: Let  (x 1 ) = 0,  (x 2 ) = -1,  (s 2 ) = 0  satisfies x 1  4, x 2  -1, -3  s 2 then  satisfies x 1  4, x 2  -1

18 Tableau Ax = s from pre-processing. Initial assignment , where  (x i ) = 0,  (s i ) = 0 satisfies tableau. What do we do when bounds are asserted? We pivot.

19 Terminology: Ax = s The s variables are basic. The x variables are non-basic. Invariant on Ax = s,  : For non-basic variables: l j   (x j )  u j The role of pivoting: also satisfy bounds on non- basic variables.

20 New bound x j  u is asserted. Set  (x j )  min(  (x j ), u) Check each row with x j if bounds on non-basic variables are satisfied. If not, pivot and update

21 Asserting Assignment EquationsBounds

22 Asserting assignment does not satisfy bounds Assignment EquationsBounds

23 Asserting pivot s and x (s is a dependent variable) Assignment EquationsBounds

24 Asserting pivot s and x (s is a dependent variable) Assignment EquationsBounds

25 Asserting pivot s and x (s is a dependent variable) Assignment EquationsBounds

26 Asserting update dependent variable assignment Assignment EquationsBounds

27 Asserting update dependent variable assignment Assignment EquationsBounds

28 Asserting Assignment EquationsBounds

29 Asserting assignment satisfies new bound Assignment EquationsBounds

30 Case split Assignment EquationsBounds

31 Case split bounds do not satisfy assignment Assignment EquationsBounds

32 Case split update assignment Assignment EquationsBounds

33 Case split update dependent assignment Assignment EquationsBounds

34 Bound violation Assignment EquationsBounds

35 Bound violation pivot x and s (x is a dependent variable) Assignment EquationsBounds

36 Bound violation pivot x and s (x is a dependent variable) Assignment EquationsBounds

37 Bound violation pivot x and s (x is a dependent variable) Assignment EquationsBounds

38 Bound violation pivot x and s (x is a dependent variable) Assignment EquationsBounds

39 Bound violation update assignment Assignment EquationsBounds

40 Theory propagation: Assignment EquationsBounds

41 Theory propagation: Assignment EquationsBounds

42 Boolean propagation: Assignment EquationsBounds

43 Theory propagation: Assignment EquationsBounds

44 Conflict Assignment EquationsBounds

45 Backtrack Assignment EquationsBounds

46 Assert y  1 assignment does not satisfy bound Assignment EquationsBounds

47 Assert y  1 update assignment Assignment EquationsBounds

48 Theory propagation Assignment EquationsBounds

49 Boolean propagation Assignment EquationsBounds

50 Assignment does not satisfy bounds Assignment EquationsBounds

51 Pivot v and x ( v is a dependent variable) Assignment EquationsBounds

52 Pivot v and x ( v is a dependent variable) Assignment EquationsBounds

53 Update assignment to v Assignment EquationsBounds

54 Update all other assignments Assignment EquationsBounds

55 Boolean propagation Assignment EquationsBounds

56 Bound violation assignment to u does not satisfy bounds. Assignment EquationsBounds

57 Bound violation pivot u and v (u is a dependent variable) Assignment EquationsBounds

58 Bound violation pivot u and v (u is a dependent variable) Assignment EquationsBounds

59 Bound violation update assignment Assignment EquationsBounds

60 Bound violation update assignment on dependent variables Assignment EquationsBounds

61 Bound violation bounds on s are violated Assignment EquationsBounds

62 Bound violation pivot s and y (s is a dependent variable) Assignment EquationsBounds

63 Bound violation update value of s Assignment EquationsBounds

64 Propagate pivot to other rows Assignment EquationsBounds

65 Propagate assignment to dependent variables Assignment EquationsBounds

66 Tableau is feasible, constraints are satisfied Assignment EquationsBounds

67 New bound x j  u is asserted. Set  (x j )  min(  (x j ), u) Check each row with x j if bounds on non-basic variables are satisfied. Tableau is infeasible if some row: s = 3x 1 + 4x 2 - 5x 3 Either l s > 3u x1 + 4u x2 - 5l x3, Or u s < 3l x1 + 4l x2 - 5u x3 A tableau may still be feasible even if  on non- basic variable is not satisfied.

68 New bound x j  u is asserted. Set  (x j )  min(  (x j ), u) A tableau may still be feasible even if  on non-basic variable is not satisfied. Restore feasible tableau: Pivoting Exchange basic and non-basic variables in row where basic variable can be fixed. Substitute new basic variable everywhere else Update assignment 

69 GCD test Gomory Cut Branch and Bound

70 Mostly encountered in SMT applications of Hybrid systems. Decision problem is doubly exponential. Tools: CAD: Cylindric Algebraic Decomposition Gröbner Basis computation Symbolic solutions (using non-standard numerals)

71

72

73 Choice of solver (and when to apply it) depends on: Problem characteristics: Difference logic Dense difference logic – Floyd Warshall. Full linear arithmetic Solver must work in the context of: Backtracking search engine Producing succinct explanations

74 http://research.microsoft.com/specsharp

75 Source Language C# + goodies = Spec# Specifications method contracts, invariants, field and type annotations. Program Logic: Dijkstra’s weakest preconditions. Automatic Verification type checking, verification condition generation (VCG), automatic theorem proving (SMT) Spec# (annotated C#) Boogie PL Spec# Compiler VC Generator Formulas Automatic Theorem Prover

76

Download ppt "Nikolaj Bjørner Microsoft Research Lecture 3. DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3."

Similar presentations

Demand-driven inference of loop invariants in a theorem prover

Demand-driven inference of loop invariants in a theorem prover
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Course Summary What have we learned and what are we expected to know?

Course Summary What have we learned and what are we expected to know?
Satisfiability Modulo Theories and Network Verification Nikolaj Bjørner Microsoft Research Formal Methods and Networks Summer School Ithaca, June 10-14.

Satisfiability Modulo Theories and Network Verification Nikolaj Bjørner Microsoft Research Formal Methods and Networks Summer School Ithaca, June
Synthesis, Analysis, and Verification Lecture 04c Lectures: Viktor Kuncak VC Generation for Programs with Data Structures “Beyond Integers”

Synthesis, Analysis, and Verification Lecture 04c Lectures: Viktor Kuncak VC Generation for Programs with Data Structures “Beyond Integers”
50.530: Software Engineering

50.530: Software Engineering
Satisfiability Modulo Theories (An introduction)

Satisfiability Modulo Theories (An introduction)
Linked List Implementation class List { private List next; private Object data; private static List root; private static int size; public static void addNew(Object.

Linked List Implementation class List { private List next; private Object data; private static List root; private static int size; public static void addNew(Object.
UIUC CS 497: Section EA Lecture #2 Reasoning in Artificial Intelligence Professor: Eyal Amir Spring Semester 2004.

UIUC CS 497: Section EA Lecture #2 Reasoning in Artificial Intelligence Professor: Eyal Amir Spring Semester 2004.
Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 

Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 
On Solving Presburger and Linear Arithmetic with SAT Ofer Strichman Carnegie Mellon University.

On Solving Presburger and Linear Arithmetic with SAT Ofer Strichman Carnegie Mellon University.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
Introduction to Algorithms

Introduction to Algorithms
CPSC 422, Lecture 21Slide 1 Intelligent Systems (AI-2) Computer Science cpsc422, Lecture 21 Mar, 4, 2015 Slide credit: some slides adapted from Stuart.

CPSC 422, Lecture 21Slide 1 Intelligent Systems (AI-2) Computer Science cpsc422, Lecture 21 Mar, 4, 2015 Slide credit: some slides adapted from Stuart.
Panel on Decision Procedures Panel on Decision Procedures Randal E. Bryant Lintao Zhang Nils Klarlund Harald Ruess Sergey Berezin Rajeev Joshi.

Panel on Decision Procedures Panel on Decision Procedures Randal E. Bryant Lintao Zhang Nils Klarlund Harald Ruess Sergey Berezin Rajeev Joshi.
Leonardo de Moura and Nikolaj Bjørner Microsoft Research.

Leonardo de Moura and Nikolaj Bjørner Microsoft Research.
Basic Feasible Solutions: Recap MS&E 211. WILL FOLLOW A CELEBRATED INTELLECTUAL TEACHING TRADITION.

Basic Feasible Solutions: Recap MS&E 211. WILL FOLLOW A CELEBRATED INTELLECTUAL TEACHING TRADITION.
Nikolaj Bjørner Microsoft Research Lecture 4. DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3.

Nikolaj Bjørner Microsoft Research Lecture 4. DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.

An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.

Similar presentations

Ads by Google