satisfiability modulo theoriesfm.csl.sri.com/ssft16/slides.pdfintroduction. a (very) brief history...
TRANSCRIPT
![Page 1: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/1.jpg)
Satisfiability Modulo Theories
Clark Barrett, New York/Stanford University
Sixth Summer School on Formal Techniques, May 23, 2016
1
![Page 2: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/2.jpg)
Acknowledgments: Many thanks to Cesare Tinelli and Albert Oliveras forcontributing some of the material used in these slides.
Disclamer: The literature on SMT and its applications is vast. Thebibliographic references provided here are just a sample. Apologies to allauthors whose work is not cited.
2
![Page 3: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/3.jpg)
Introduction
![Page 4: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/4.jpg)
A (Very) Brief History of Automated Reasoning
Philosophers have long dreamed of machines that can reason.The pursuit of this dream has occupied some of the best mindsand led both to great acheivements and great disappointments.
4
![Page 5: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/5.jpg)
1928
Hilbert
Entscheidungs-problem
1936
Church – lamdacalculus
Turing – reduction halting problem
1954
Davis – decision procedure for Presburgerarithmetic
~1700Leibniz –mechanized human reasoning
5
![Page 6: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/6.jpg)
Automated Reasoning
Automated Reasoning: A Failure?
• At the turn of the century, automated reasoning was stillconsidered by many to be impractical for most real-worldapplications
• Interesting problems appeared to be beyond the reach ofautomated methods because of decidability and complexitybarriers
• The dream of Hilbert’s mechanized mathematics or Leibniz’scalculating machine was believed by many to be simplyunattainable
6
![Page 7: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/7.jpg)
The Satisfiability Revolution
Princeton, c. 2000
• Chaff SAT solver: orders of magnitude faster than previous SATsolvers
• Important observation: many real-world problems do not exhibitworst-case theoretical performance
Palo Alto, c. 2001
• Idea: combine fast new SAT solvers with decision procedures fordecidable first-order theories
• SVC, CVC solvers (Stanford); ICS, Yices solvers (SRI)
• Satisfiability Modulo Theories (SMT) was born
7
![Page 8: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/8.jpg)
SMT solvers
SMT solvers: general-purpose logic engines
• Given condition X , is it possible for Y to happen
• X and Y are expressed in a rich logical language• First-order logic• Domain-specific reasoning
• arithmetic, arrays, bit-vectors, data types, etc.
SMT solvers are changing the way people solve problems
• Instead of building a special-purpose solver
• Translate into a logical formula and use an SMT solver
• Not only easier, often better
8
![Page 9: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/9.jpg)
SMT solvers
SMT solvers: general-purpose logic engines
• Given condition X , is it possible for Y to happen
• X and Y are expressed in a rich logical language• First-order logic• Domain-specific reasoning
• arithmetic, arrays, bit-vectors, data types, etc.
SMT solvers are changing the way people solve problems
• Instead of building a special-purpose solver
• Translate into a logical formula and use an SMT solver
• Not only easier, often better
8
![Page 10: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/10.jpg)
A Security Example
Django
• Widely used open-source web development platform
• A security vulnerability in Django (CVE-2013-6044) wasblamed on the following function1
def is_safe_url(url, host=None):"""Return ‘‘True‘‘ if the url is a safe redirection (i.e. it doesn’tpoint to a different host).
Always returns ‘‘False‘‘ on an empty url."""if not url:
return Falsenetloc = urllib_parse.urlparse(url)[1]return not netloc or netloc == host
1https://github.com/django/django/blob/09a5f5aabe27f63ec8d8982efa6cef9bf7b86022/django/utils/http.py#L252
9
![Page 11: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/11.jpg)
Symbolic Execution
Security Policies
Security Policy
Code SMT Formula
SMT Solver
Unsafe
Safe
Using SMT To Find the Vulnerability
An approach for finding security vulnerabilities
• Symbolic execution: generates a logical formula satisfiable iffcode can violate security policy
• SMT solver: returns a solution or proves that none exists
10
![Page 12: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/12.jpg)
Using SMT To Find the Vulnerability
Demo: Django XSS attack
11
![Page 13: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/13.jpg)
SMT Solvers
12
![Page 14: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/14.jpg)
SMT Solvers
12
SAT Solver
• Only sees Boolean skeletonof problem
• Builds partial model byassigning truth values toliterals
• Sends these literals to thecore as assertions
![Page 15: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/15.jpg)
SMT Solvers
12
Core
• Sends each assertion to theappropriate theory
• Sends deduced literals toother theories/SAT solver
• Handles theory combination
![Page 16: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/16.jpg)
SMT Solvers
12
Theory Solvers
• Decide T -satisfiability of aconjunction of theory literals
• Incremental
• Backtrackable
• Conflict Generation
• Theory Propagation
![Page 17: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/17.jpg)
Theory Solvers
![Page 18: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/18.jpg)
Theory Solvers
Given a theory T , a Theory Solver for T takes as input a set Φ ofliterals and determines whether Φ is T -satisfiable.
Φ is T -satisfiable iff there is some model M of T such that eachformula in Φ holds in M .
14
![Page 19: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/19.jpg)
Theories of Interest: UF
Equality (=) with Uninterpreted Functions [NO80, BD94, NO07]
Typically used to abstract unsupported constructs, e.g.:
• non-linear multiplication in arithmetic• ALUs in circuits
Example: The formula
a ∗ (|b|+ c) = d ∧ b ∗ (|a|+ c) 6= d ∧ a = b
is unsatisfiable, but no arithmetic reasoning is needed
if we abstract it to
mul(a, add(abs(b), c)) = d ∧ mul(b, add(abs(a), c)) 6= d ∧ a = b
it is still unsatisfiable15
![Page 20: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/20.jpg)
Theories of Interest: Arithmetic
Very useful, for obvious reasons
Restricted fragments (over the reals or the integers) support moreefficient methods:
• Bounds: x ./ k with ./ ∈ {<, >, ≤, ≥, =} [BBC+05a]
• Difference logic: x− y ./ k, with./ ∈ {<, >, ≤, ≥, =} [NO05, WIGG05, CM06]
• UTVPI: ±x± y ./ k, with ./ ∈ {<, >, ≤, ≥, =} [LM05]
• Linear arithmetic, e.g: 2x− 3y + 4z ≤ 5 [DdM06]
• Non-linear arithmetic, e.g:2xy + 4xz2 − 5y ≤ 10 [BLNM+09, ZM10, JdM12]
16
![Page 21: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/21.jpg)
Theories of Interest: Arrays
Used in software verification and hardware verification (formemories) [SBDL01, BNO+08a, dMB09]
Two interpreted function symbols read and write
Axiomatized by:
• ∀a ∀i ∀v read(write(a, i, v), i) = v
• ∀a ∀i ∀j ∀v i 6= j → read(write(a, i, v), j) = read(a, j)
Sometimes also with extensionality :
• ∀a ∀b (∀i read(a, i) = read(b, i) → a = b)
Is the following set of literals satisfiable in this theory?
write(a, i, x) 6= b, read(b, i) = y, read(write(b, i, x), j) = y, a = b, i = j
17
![Page 22: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/22.jpg)
Theories of Interest: Bit vectors
Useful both in hardware and software verification [BCF+07, BB09, HBJ+14]
Universe consists of (fixed-sized) vectors of bits
Different types of operations:
• String-like: concat, extract, . . .• Logical: bit-wise not, or, and, . . .• Arithmetic: add, subtract, multiply, . . .• Comparison: <,>, . . .
Is this formula satisfiable over bit vectors of size 3?
a[1 : 0] 6= b[1 : 0] ∧ (a | b) = c ∧ c[0] = 0 ∧ a[1] + b[1] = 0
18
![Page 23: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/23.jpg)
Implementing a Theory Solver: Difference Logic
We consider a simple example: difference logic.
In difference logic, we are interested in the satisfiability of aconjunction of arithmetic atoms.
Each atom is of the form x− y ./ c, where x and y are variables, c isa numeric constant, and ./ ∈ {=, <,≤, >,≥}.
The variables can range over either the integers (QF_IDL) or the reals(QF_RDL).
19
![Page 24: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/24.jpg)
Difference Logic
The first step is to rewrite everything in terms of ≤:
20
![Page 25: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/25.jpg)
Difference Logic
The first step is to rewrite everything in terms of ≤:
• x− y = c =⇒ x− y ≤ c ∧ x− y ≥ c
20
![Page 26: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/26.jpg)
Difference Logic
The first step is to rewrite everything in terms of ≤:
• x− y = c =⇒ x− y ≤ c ∧ x− y ≥ c• x− y ≥ c =⇒ y − x ≤ −c
20
![Page 27: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/27.jpg)
Difference Logic
The first step is to rewrite everything in terms of ≤:
• x− y = c =⇒ x− y ≤ c ∧ x− y ≥ c• x− y ≥ c =⇒ y − x ≤ −c• x− y > c =⇒ y − x < −c
20
![Page 28: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/28.jpg)
Difference Logic
The first step is to rewrite everything in terms of ≤:
• x− y = c =⇒ x− y ≤ c ∧ x− y ≥ c• x− y ≥ c =⇒ y − x ≤ −c• x− y > c =⇒ y − x < −c• x− y < c =⇒ x− y ≤ c− 1 (integers)
20
![Page 29: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/29.jpg)
Difference Logic
The first step is to rewrite everything in terms of ≤:
• x− y = c =⇒ x− y ≤ c ∧ x− y ≥ c• x− y ≥ c =⇒ y − x ≤ −c• x− y > c =⇒ y − x < −c• x− y < c =⇒ x− y ≤ c− 1 (integers)
• x− y < c =⇒ x− y ≤ c− δ (reals)
20
![Page 30: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/30.jpg)
Difference Logic
Now we have a conjunction of literals, all of the form x− y ≤ c.
From these literals, we form a weighted directed graph with a vertexfor each variable.
For each literal x− y ≤ c, there is an edge x c−→ y.
The set of literals is satisfiable iff there is no cycle for which the sumof the weights on the edges is negative.
There are a number of efficient algorithms for detecting negativecycles in graphs.
21
![Page 31: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/31.jpg)
Difference Logic Example
x− y = 5 ∧ z− y ≥ 2 ∧ z− x > 2 ∧ w− x = 2 ∧ z−w < 0
22
![Page 32: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/32.jpg)
Difference Logic Example
x− y = 5 ∧ z− y ≥ 2 ∧ z− x > 2 ∧ w− x = 2 ∧ z−w < 0
x− y = 5
z − y ≥ 2
z − x > 2
⇒
w − x = 2
w − x ≤ 2 ∧ x− w ≤ −2
z − w < 0
22
![Page 33: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/33.jpg)
Difference Logic Example
x− y = 5 ∧ z− y ≥ 2 ∧ z− x > 2 ∧ w− x = 2 ∧ z−w < 0
x− y = 5
z − y ≥ 2
z − x > 2 ⇒w − x = 2
w − x ≤ 2 ∧ x− w ≤ −2
z − w < 0
23
![Page 34: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/34.jpg)
Difference Logic Example
x− y = 5 ∧ z− y ≥ 2 ∧ z− x > 2 ∧ w− x = 2 ∧ z−w < 0
x− y = 5 x− y ≤ 5 ∧ y − x ≤ −5
z − y ≥ 2 y − z ≤ −2
z − x > 2 ⇒ x− z ≤ −3
w − x = 2 w − x ≤ 2 ∧ x− w ≤ −2
z − w < 0 z − w ≤ −1
24
![Page 35: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/35.jpg)
Difference Logic Example
−3
−2
−12
−2
5
−5
25
![Page 36: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/36.jpg)
DPLL(T ): Combining T -Solvers with SAT
![Page 37: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/37.jpg)
Satisfiability Modulo a Theory T
Def. A formula is (un)satisfiable in a theory T , or T -(un)satisfiable, ifthere is a (no) model of T that satisfies it
Note: The T -satisfiability of quantifier-free formulas is decidable iffthe T -satisfiability of conjunctions/sets of literals is decidable
(Convert the formula in DNF and check if any of its disjuncts is T -sat)
Problem: In practice, dealing with Boolean combinations of literalsis as hard as in propositional logic
Solution: Exploit propositional satisfiability technology
27
![Page 38: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/38.jpg)
Satisfiability Modulo a Theory T
Def. A formula is (un)satisfiable in a theory T , or T -(un)satisfiable, ifthere is a (no) model of T that satisfies it
Note: The T -satisfiability of quantifier-free formulas is decidable iffthe T -satisfiability of conjunctions/sets of literals is decidable
(Convert the formula in DNF and check if any of its disjuncts is T -sat)
Problem: In practice, dealing with Boolean combinations of literalsis as hard as in propositional logic
Solution: Exploit propositional satisfiability technology
27
![Page 39: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/39.jpg)
Satisfiability Modulo a Theory T
Def. A formula is (un)satisfiable in a theory T , or T -(un)satisfiable, ifthere is a (no) model of T that satisfies it
Note: The T -satisfiability of quantifier-free formulas is decidable iffthe T -satisfiability of conjunctions/sets of literals is decidable
(Convert the formula in DNF and check if any of its disjuncts is T -sat)
Problem: In practice, dealing with Boolean combinations of literalsis as hard as in propositional logic
Solution: Exploit propositional satisfiability technology
27
![Page 40: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/40.jpg)
Satisfiability Modulo a Theory T
Def. A formula is (un)satisfiable in a theory T , or T -(un)satisfiable, ifthere is a (no) model of T that satisfies it
Note: The T -satisfiability of quantifier-free formulas is decidable iffthe T -satisfiability of conjunctions/sets of literals is decidable
(Convert the formula in DNF and check if any of its disjuncts is T -sat)
Problem: In practice, dealing with Boolean combinations of literalsis as hard as in propositional logic
Solution: Exploit propositional satisfiability technology
27
![Page 41: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/41.jpg)
Satisfiability Modulo a Theory T
Def. A formula is (un)satisfiable in a theory T , or T -(un)satisfiable, ifthere is a (no) model of T that satisfies it
Note: The T -satisfiability of quantifier-free formulas is decidable iffthe T -satisfiability of conjunctions/sets of literals is decidable
(Convert the formula in DNF and check if any of its disjuncts is T -sat)
Problem: In practice, dealing with Boolean combinations of literalsis as hard as in propositional logic
Solution: Exploit propositional satisfiability technology
27
![Page 42: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/42.jpg)
Lifting SAT Technology to SMT
Two main approaches:
1. “Eager” [PRSS99, SSB02, SLB03, BGV01, BV02]
• translate into an equisatisfiable propositional formula• feed it to any SAT solver
Notable systems: UCLID
2. “Lazy” [ACG00, dMR02, BDS02, ABC+02]
• abstract the input formula to a propositional one• feed it to a (DPLL-based) SAT solver• use a theory decision procedure to refine the formula and guide
the SAT solver
Notable systems: Barcelogic, Boolector, CVC4, MathSAT, Yices, Z3
This talk will focus on the lazy approach 28
![Page 43: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/43.jpg)
Lifting SAT Technology to SMT
Two main approaches:
1. “Eager” [PRSS99, SSB02, SLB03, BGV01, BV02]
• translate into an equisatisfiable propositional formula• feed it to any SAT solver
Notable systems: UCLID
2. “Lazy” [ACG00, dMR02, BDS02, ABC+02]
• abstract the input formula to a propositional one• feed it to a (DPLL-based) SAT solver• use a theory decision procedure to refine the formula and guide
the SAT solver
Notable systems: Barcelogic, Boolector, CVC4, MathSAT, Yices, Z3
This talk will focus on the lazy approach 28
![Page 44: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/44.jpg)
Lifting SAT Technology to SMT
Two main approaches:
1. “Eager” [PRSS99, SSB02, SLB03, BGV01, BV02]
• translate into an equisatisfiable propositional formula• feed it to any SAT solver
Notable systems: UCLID
2. “Lazy” [ACG00, dMR02, BDS02, ABC+02]
• abstract the input formula to a propositional one• feed it to a (DPLL-based) SAT solver• use a theory decision procedure to refine the formula and guide
the SAT solver
Notable systems: Barcelogic, Boolector, CVC4, MathSAT, Yices, Z3
This talk will focus on the lazy approach 28
![Page 45: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/45.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c ∧ f(g(a)) 6= f(c) ∨ g(a) = d ∧ c 6= d
Theory T : Equality with Uninterpreted Functions
Simplest setting:
• Off-line SAT solver• Non-incremental theory solver for conjunctions of equalities and
disequalities• Theory atoms (e.g., g(a) = c) abstracted to propositional atoms
(e.g., 1)
29
![Page 46: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/46.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c ∧ f(g(a)) 6= f(c) ∨ g(a) = d ∧ c 6= d
Theory T : Equality with Uninterpreted Functions
Simplest setting:
• Off-line SAT solver• Non-incremental theory solver for conjunctions of equalities and
disequalities• Theory atoms (e.g., g(a) = c) abstracted to propositional atoms
(e.g., 1)
29
![Page 47: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/47.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
• Send {1, 2 ∨ 3, 4} to SAT solver.
• SAT solver returns model {1, 2, 4}.Theory solver finds (concretization of) {1, 2, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4} to SAT solver.
• SAT solver returns model {1, 3, 4}.Theory solver finds {1, 3, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2, 1 ∨ 3 ∨ 4} to SAT solver.
• SAT solver finds {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4} unsat.Done: the original formula is unsatisfiable in UF.
30
![Page 48: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/48.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
• Send {1, 2 ∨ 3, 4} to SAT solver.
• SAT solver returns model {1, 2, 4}.Theory solver finds (concretization of) {1, 2, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4} to SAT solver.
• SAT solver returns model {1, 3, 4}.Theory solver finds {1, 3, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2, 1 ∨ 3 ∨ 4} to SAT solver.
• SAT solver finds {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4} unsat.Done: the original formula is unsatisfiable in UF.
30
![Page 49: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/49.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
• Send {1, 2 ∨ 3, 4} to SAT solver.
• SAT solver returns model {1, 2, 4}.Theory solver finds (concretization of) {1, 2, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4} to SAT solver.
• SAT solver returns model {1, 3, 4}.Theory solver finds {1, 3, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2, 1 ∨ 3 ∨ 4} to SAT solver.
• SAT solver finds {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4} unsat.Done: the original formula is unsatisfiable in UF.
30
![Page 50: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/50.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
• Send {1, 2 ∨ 3, 4} to SAT solver.
• SAT solver returns model {1, 2, 4}.Theory solver finds (concretization of) {1, 2, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4} to SAT solver.
• SAT solver returns model {1, 3, 4}.Theory solver finds {1, 3, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2, 1 ∨ 3 ∨ 4} to SAT solver.
• SAT solver finds {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4} unsat.Done: the original formula is unsatisfiable in UF.
30
![Page 51: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/51.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
• Send {1, 2 ∨ 3, 4} to SAT solver.
• SAT solver returns model {1, 2, 4}.Theory solver finds (concretization of) {1, 2, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4} to SAT solver.
• SAT solver returns model {1, 3, 4}.Theory solver finds {1, 3, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2, 1 ∨ 3 ∨ 4} to SAT solver.
• SAT solver finds {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4} unsat.Done: the original formula is unsatisfiable in UF.
30
![Page 52: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/52.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
• Send {1, 2 ∨ 3, 4} to SAT solver.
• SAT solver returns model {1, 2, 4}.Theory solver finds (concretization of) {1, 2, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4} to SAT solver.
• SAT solver returns model {1, 3, 4}.Theory solver finds {1, 3, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2, 1 ∨ 3 ∨ 4} to SAT solver.
• SAT solver finds {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4} unsat.Done: the original formula is unsatisfiable in UF.
30
![Page 53: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/53.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
• Send {1, 2 ∨ 3, 4} to SAT solver.
• SAT solver returns model {1, 2, 4}.Theory solver finds (concretization of) {1, 2, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4} to SAT solver.
• SAT solver returns model {1, 3, 4}.Theory solver finds {1, 3, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2, 1 ∨ 3 ∨ 4} to SAT solver.
• SAT solver finds {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4} unsat.Done: the original formula is unsatisfiable in UF.
30
![Page 54: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/54.jpg)
(Very) Lazy Approach for SMT – Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
• Send {1, 2 ∨ 3, 4} to SAT solver.
• SAT solver returns model {1, 2, 4}.Theory solver finds (concretization of) {1, 2, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4} to SAT solver.
• SAT solver returns model {1, 3, 4}.Theory solver finds {1, 3, 4} unsat.
• Send {1, 2 ∨ 3, 4, 1 ∨ 2, 1 ∨ 3 ∨ 4} to SAT solver.
• SAT solver finds {1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4} unsat.Done: the original formula is unsatisfiable in UF.
30
![Page 55: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/55.jpg)
Lazy Approach – Enhancements
Several enhancements are possible to increase efficiency:
• Check T -satisfiability only of full propositional model
• Check T -satisfiability of partial assignment M as it grows
•• If M is T -unsatisfiable, identify a T -unsatisfiable subset M0 ofM and add ¬M0 as a clause
•• If M is T -unsatisfiable, backtrack to some point where the
assignment was still T -satisfiable
31
![Page 56: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/56.jpg)
Lazy Approach – Enhancements
Several enhancements are possible to increase efficiency:
• Check T -satisfiability only of full propositional model
• Check T -satisfiability of partial assignment M as it grows
•• If M is T -unsatisfiable, identify a T -unsatisfiable subset M0 ofM and add ¬M0 as a clause
•• If M is T -unsatisfiable, backtrack to some point where the
assignment was still T -satisfiable
31
![Page 57: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/57.jpg)
Lazy Approach – Enhancements
Several enhancements are possible to increase efficiency:
• Check T -satisfiability only of full propositional model
• Check T -satisfiability of partial assignment M as it grows
• If M is T -unsatisfiable, add ¬M as a clause
• If M is T -unsatisfiable, identify a T -unsatisfiable subset M0 ofM and add ¬M0 as a clause
•• If M is T -unsatisfiable, backtrack to some point where the
assignment was still T -satisfiable
31
![Page 58: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/58.jpg)
Lazy Approach – Enhancements
Several enhancements are possible to increase efficiency:
• Check T -satisfiability only of full propositional model
• Check T -satisfiability of partial assignment M as it grows
• If M is T -unsatisfiable, add ¬M as a clause
• If M is T -unsatisfiable, identify a T -unsatisfiable subset M0 ofM and add ¬M0 as a clause
•• If M is T -unsatisfiable, backtrack to some point where the
assignment was still T -satisfiable
31
![Page 59: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/59.jpg)
Lazy Approach – Enhancements
Several enhancements are possible to increase efficiency:
• Check T -satisfiability only of full propositional model
• Check T -satisfiability of partial assignment M as it grows
• If M is T -unsatisfiable, add ¬M as a clause
• If M is T -unsatisfiable, identify a T -unsatisfiable subset M0 ofM and add ¬M0 as a clause
• If M is T -unsatisfiable, add clause and restart
• If M is T -unsatisfiable, backtrack to some point where theassignment was still T -satisfiable
31
![Page 60: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/60.jpg)
Lazy Approach – Enhancements
Several enhancements are possible to increase efficiency:
• Check T -satisfiability only of full propositional model
• Check T -satisfiability of partial assignment M as it grows
• If M is T -unsatisfiable, add ¬M as a clause
• If M is T -unsatisfiable, identify a T -unsatisfiable subset M0 ofM and add ¬M0 as a clause
• If M is T -unsatisfiable, add clause and restart
• If M is T -unsatisfiable, backtrack to some point where theassignment was still T -satisfiable
31
![Page 61: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/61.jpg)
Lazy Approach – Main Benefits
• Every tool does what it is good at:
• SAT solver takes care of Boolean information
• Theory solver takes care of theory information
• The theory solver works only with conjunctions of literals
• Modular approach:
• SAT and theory solvers communicate via a simple API [GHN+04]
• SMT for a new theory only requires new theory solver
• An off-the-shelf SAT solver can be embedded in a lazy SMTsystem with few new lines of code (tens)
32
![Page 62: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/62.jpg)
Lazy Approach – Main Benefits
• Every tool does what it is good at:
• SAT solver takes care of Boolean information
• Theory solver takes care of theory information
• The theory solver works only with conjunctions of literals
• Modular approach:
• SAT and theory solvers communicate via a simple API [GHN+04]
• SMT for a new theory only requires new theory solver
• An off-the-shelf SAT solver can be embedded in a lazy SMTsystem with few new lines of code (tens)
32
![Page 63: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/63.jpg)
Lazy Approach – Main Benefits
• Every tool does what it is good at:
• SAT solver takes care of Boolean information
• Theory solver takes care of theory information
• The theory solver works only with conjunctions of literals
• Modular approach:
• SAT and theory solvers communicate via a simple API [GHN+04]
• SMT for a new theory only requires new theory solver
• An off-the-shelf SAT solver can be embedded in a lazy SMTsystem with few new lines of code (tens)
32
![Page 64: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/64.jpg)
An Abstract Framework for Lazy SMT
Several variants and enhancements of lazy SMT solvers exist
They can be modeled abstractly and declaratively as transitionsystems
A transition system is a binary relation over states, induced by a set ofconditional transition rules
The framework can be first developed for SAT and then extended tolazy SMT [NOT06, KG07]
33
![Page 65: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/65.jpg)
Advantages of Abstract Framework
An abstract framework helps one:
• skip over implementation details and unimportant control aspects
• reason formally about solvers for SAT and SMT
• model advanced features such as non-chronological bactracking,lemma learning, theory propagation, . . .
• describe different strategies and prove their correctness
• compare different systems at a higher level
• get new insights for further enhancements
The one described next is a re-elaboration of those in [NOT06, KG07]
34
![Page 66: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/66.jpg)
Advantages of Abstract Framework
An abstract framework helps one:
• skip over implementation details and unimportant control aspects
• reason formally about solvers for SAT and SMT
• model advanced features such as non-chronological bactracking,lemma learning, theory propagation, . . .
• describe different strategies and prove their correctness
• compare different systems at a higher level
• get new insights for further enhancements
The one described next is a re-elaboration of those in [NOT06, KG07]
34
![Page 67: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/67.jpg)
The Original DPLL Procedure
• Modern SAT solvers are based on the DPLLprocedure [DP60, DLL62]
• DPLL tries to build incrementally a satisfying truth assignmentM for a CNF formula F
• M is grown by• deducing the truth value of a literal from M and F , or• guessing a truth value
• If a wrong guess for a literal leads to an inconsistency, theprocedure backtracks and tries the opposite value
35
![Page 68: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/68.jpg)
An Abstract Framework for DPLL
States:
fail or 〈M,F 〉
where
• M is a sequence of literals and decision points •denoting a partial truth assignment
• F is a set of clauses denoting a CNF formula
Def. If M = M0 •M1 • · · · •Mn where each Mi contains no decision points
• Mi is decision level i of M
• M [i] def= M0 • · · · •Mi
36
![Page 69: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/69.jpg)
An Abstract Framework for DPLL
States:
fail or 〈M,F 〉
Initial state:
• 〈(), F0〉, where F0 is to be checked for satisfiability
Expected final states:
• fail if F0 is unsatisfiable
• 〈M,G〉 otherwise, where• G is equivalent to F0 and• M satisfies G
36
![Page 70: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/70.jpg)
Transition Rules: Notation
States treated like records:
• M denotes the truth assignment component of current state
• F denotes the formula component of current state
Transition rules in guarded assignment form [KG07]
p1 · · · pn
[M := e1] [F := e2]
updating M, F or both when premises p1, . . . , pn all hold
37
![Page 71: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/71.jpg)
Transition Rules for the Original DPLL
Extending the assignment
Propagatel1 ∨ · · · ∨ ln ∨ l ∈ F l1, . . . , ln ∈ M l, l /∈ M
M := M l
Note: When convenient, treat M as a set
Note: Clauses are treated modulo ACI of ∨
Decidel ∈ Lit(F) l, l /∈ M
M := M • l
Note: Lit(F )def= {l | l literal of F} ∪ {l | l literal of F}
38
![Page 72: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/72.jpg)
Transition Rules for the Original DPLL
Extending the assignment
Propagatel1 ∨ · · · ∨ ln ∨ l ∈ F l1, . . . , ln ∈ M l, l /∈ M
M := M l
Note: When convenient, treat M as a set
Note: Clauses are treated modulo ACI of ∨
Decidel ∈ Lit(F) l, l /∈ M
M := M • l
Note: Lit(F )def= {l | l literal of F} ∪ {l | l literal of F}
38
![Page 73: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/73.jpg)
Transition Rules for the Original DPLL
Repairing the assignment
Faill1 ∨ · · · ∨ ln ∈ F l1, . . . , ln ∈ M • /∈ M
fail
Backtrack
l1 ∨ · · · ∨ ln ∈ F l1, . . . , ln ∈ M M = M • l N • /∈ N
M := M l
Note: Last premise of Backtrack enforces chronological backtracking
39
![Page 74: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/74.jpg)
Transition Rules for the Original DPLL
Repairing the assignment
Faill1 ∨ · · · ∨ ln ∈ F l1, . . . , ln ∈ M • /∈ M
fail
Backtrack
l1 ∨ · · · ∨ ln ∈ F l1, . . . , ln ∈ M M = M • l N • /∈ N
M := M l
Note: Last premise of Backtrack enforces chronological backtracking
39
![Page 75: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/75.jpg)
From DPLL to CDCL Solvers (1)
To model conflict-driven backjumping and learning, add to states athird component C whose value is either no or a conflict clause
States: fail or 〈M,F,C〉
Initial state:
• 〈(), F0, no〉, where F0 is to be checked for satisfiability
Expected final states:
• fail if F0 is unsatisfiable• 〈M,G, no〉 otherwise, where
• G is equivalent to F0 and• M satisfies G
40
![Page 76: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/76.jpg)
From DPLL to CDCL Solvers (1)
To model conflict-driven backjumping and learning, add to states athird component C whose value is either no or a conflict clause
States: fail or 〈M,F,C〉
Initial state:
• 〈(), F0, no〉, where F0 is to be checked for satisfiability
Expected final states:
• fail if F0 is unsatisfiable• 〈M,G, no〉 otherwise, where
• G is equivalent to F0 and• M satisfies G
40
![Page 77: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/77.jpg)
From DPLL to CDCL Solvers (2)
Replace Backtrack with
ConflictC = no l1 ∨ · · · ∨ ln ∈ F l1, . . . , ln ∈ M
C := l1 ∨ · · · ∨ ln
ExplainC = l ∨D l1 ∨ · · · ∨ ln ∨ l ∈ F l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
BackjumpC = l1 ∨ · · · ∨ ln ∨ l lev l1, . . . , lev ln ≤ i < lev l
C := no M := M[i] l
Maintain invariant: F |=p C and M |=p ¬C when C 6= no
Note: |=p denotes propositional entailment
41
![Page 78: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/78.jpg)
From DPLL to CDCL Solvers (2)
Replace Backtrack with
ConflictC = no l1 ∨ · · · ∨ ln ∈ F l1, . . . , ln ∈ M
C := l1 ∨ · · · ∨ ln
ExplainC = l ∨D l1 ∨ · · · ∨ ln ∨ l ∈ F l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
BackjumpC = l1 ∨ · · · ∨ ln ∨ l lev l1, . . . , lev ln ≤ i < lev l
C := no M := M[i] l
Note: l ≺M l′ if l occurs before l′ in M
lev l = i iff l occurs in decision level i of M
Maintain invariant: F |=p C and M |=p ¬C when C 6= no
Note: |=p denotes propositional entailment41
![Page 79: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/79.jpg)
From DPLL to CDCL Solvers (2)
Replace Backtrack with
ConflictC = no l1 ∨ · · · ∨ ln ∈ F l1, . . . , ln ∈ M
C := l1 ∨ · · · ∨ ln
ExplainC = l ∨D l1 ∨ · · · ∨ ln ∨ l ∈ F l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
BackjumpC = l1 ∨ · · · ∨ ln ∨ l lev l1, . . . , lev ln ≤ i < lev l
C := no M := M[i] l
Maintain invariant: F |=p C and M |=p ¬C when C 6= no
Note: |=p denotes propositional entailment
41
![Page 80: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/80.jpg)
From DPLL to CDCL Solvers (3)
Modify Fail to
FailC 6= no • /∈ M
fail
42
![Page 81: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/81.jpg)
From DPLL to CDCL Solvers (3)
Modify Fail to
FailC 6= no • /∈ M
fail
42
![Page 82: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/82.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 83: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/83.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 84: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/84.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 85: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/85.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 86: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/86.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 87: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/87.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 88: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/88.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 89: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/89.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 90: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/90.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 91: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/91.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 92: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/92.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 93: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/93.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 94: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/94.jpg)
Execution Example
F := {1, 1 ∨ 2, 3 ∨ 4, 5 ∨ 6, 1 ∨ 5 ∨ 7, 2 ∨ 5 ∨ 6 ∨ 7}
M F C ruleF no
1 F no by Propagate1 2 F no by Propagate
1 2 • 3 F no by Decide1 2 • 3 4 F no by Propagate
1 2 • 3 4 • 5 F no by Decide1 2 • 3 4 • 5 6 F no by Propagate
1 2 • 3 4 • 5 6 7 F no by Propagate1 2 • 3 4 • 5 6 7 F 2 ∨ 5 ∨ 6 ∨ 7 by Conflict1 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 ∨ 6 by Explain with 1 ∨ 5 ∨ 71 2 • 3 4 • 5 6 7 F 1 ∨ 2 ∨ 5 by Explain with 5 ∨ 6
1 2 5 F no by Backjump1 2 5 • 3 F no by Decide
· · ·
43
![Page 95: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/95.jpg)
From DPLL to CDCL Solvers (4)
Also add
LearnF |=p C C /∈ F
F := F ∪ {C}
ForgetC = no F = G ∪ {C} G |=p C
F := G
RestartM := M[0] C := no
Note: Learn can be applied to any clause stored in C when C 6= no
44
![Page 96: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/96.jpg)
Modeling Modern SAT Solvers
At the core, current CDCL SAT solvers are implementations of thetransition system with rules
Propagate, Decide,
Conflict, Explain, Backjump,
Learn, Forget, Restart
Basic DPLL def=
{ Propagate, Decide, Conflict, Explain, Backjump }
DPLL def= Basic DPLL + { Learn, Forget, Restart }
45
![Page 97: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/97.jpg)
Modeling Modern SAT Solvers
At the core, current CDCL SAT solvers are implementations of thetransition system with rules
Propagate, Decide,
Conflict, Explain, Backjump,
Learn, Forget, Restart
Basic DPLL def=
{ Propagate, Decide, Conflict, Explain, Backjump }
DPLL def= Basic DPLL + { Learn, Forget, Restart }
45
![Page 98: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/98.jpg)
The Basic DPLL System – Correctness
Some terminology:
Irreducible state: state for which no Basic DPLL rules apply
Execution: sequence of transitions allowed by the rules andstarting with M = ∅ and C = no
Exhausted execution: execution ending in an irreducible state
Proposition (Soundness) For every exhausted execution starting withF = F0 and ending with fail, the clause set F0 is unsatisfiable.
Proposition (Completeness) For every exhausted execution startingwith F = F0 and ending with C = no, the clause set F0 is satisfied byM.
46
![Page 99: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/99.jpg)
The Basic DPLL System – Correctness
Some terminology:
Irreducible state: state for which no Basic DPLL rules apply
Execution: sequence of transitions allowed by the rules andstarting with M = ∅ and C = no
Exhausted execution: execution ending in an irreducible state
Proposition (Strong Termination) Every execution in Basic DPLL isfinite.
Note: This is not so immediate, because of Backjump.
Proposition (Soundness) For every exhausted execution starting withF = F0 and ending with fail, the clause set F0 is unsatisfiable.
Proposition (Completeness) For every exhausted execution startingwith F = F0 and ending with C = no, the clause set F0 is satisfied byM.
46
![Page 100: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/100.jpg)
The Basic DPLL System – Correctness
Some terminology:
Irreducible state: state for which no Basic DPLL rules apply
Execution: sequence of transitions allowed by the rules andstarting with M = ∅ and C = no
Exhausted execution: execution ending in an irreducible state
Proposition (Strong Termination) Every execution in Basic DPLL isfinite.
Lemma Every exhausted execution ends with either C = no or fail.
Proposition (Soundness) For every exhausted execution starting withF = F0 and ending with fail, the clause set F0 is unsatisfiable.
Proposition (Completeness) For every exhausted execution startingwith F = F0 and ending with C = no, the clause set F0 is satisfied byM.
46
![Page 101: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/101.jpg)
The Basic DPLL System – Correctness
Some terminology:
Irreducible state: state for which no Basic DPLL rules apply
Execution: sequence of transitions allowed by the rules andstarting with M = ∅ and C = no
Exhausted execution: execution ending in an irreducible state
Proposition (Soundness) For every exhausted execution starting withF = F0 and ending with fail, the clause set F0 is unsatisfiable.
Proposition (Completeness) For every exhausted execution startingwith F = F0 and ending with C = no, the clause set F0 is satisfied byM.
46
![Page 102: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/102.jpg)
The DPLL System – Strategies
• Applying• one Basic DPLL rule between each two Learn applications and• Restart less and less often
ensures termination
• A common basic strategy applies the rules with the followingpriorities:
1. If n > 0 conflicts have been found so far,increase n and apply Restart
2. If a clause is falsified by M, apply Conflict3. Keep applying Explain until Backjump is applicable4. Apply Learn5. Apply Backjump6. Apply Propagate to completion7. Apply Decide
47
![Page 103: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/103.jpg)
The DPLL System – Strategies
• Applying• one Basic DPLL rule between each two Learn applications and• Restart less and less often
ensures termination
• A common basic strategy applies the rules with the followingpriorities:
1. If n > 0 conflicts have been found so far,increase n and apply Restart
2. If a clause is falsified by M, apply Conflict3. Keep applying Explain until Backjump is applicable4. Apply Learn5. Apply Backjump6. Apply Propagate to completion7. Apply Decide
47
![Page 104: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/104.jpg)
The DPLL System – Strategies
• Applying• one Basic DPLL rule between each two Learn applications and• Restart less and less often
ensures termination
• A common basic strategy applies the rules with the followingpriorities:
1. If n > 0 conflicts have been found so far,increase n and apply Restart
2. If a clause is falsified by M, apply Conflict3. Keep applying Explain until Backjump is applicable4. Apply Learn5. Apply Backjump6. Apply Propagate to completion7. Apply Decide
47
![Page 105: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/105.jpg)
The DPLL System – Strategies
• Applying• one Basic DPLL rule between each two Learn applications and• Restart less and less often
ensures termination
• A common basic strategy applies the rules with the followingpriorities:
1. If n > 0 conflicts have been found so far,increase n and apply Restart
2. If a clause is falsified by M, apply Conflict3. Keep applying Explain until Backjump is applicable4. Apply Learn5. Apply Backjump6. Apply Propagate to completion7. Apply Decide
47
![Page 106: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/106.jpg)
The DPLL System – Strategies
• Applying• one Basic DPLL rule between each two Learn applications and• Restart less and less often
ensures termination
• A common basic strategy applies the rules with the followingpriorities:
1. If n > 0 conflicts have been found so far,increase n and apply Restart
2. If a clause is falsified by M, apply Conflict3. Keep applying Explain until Backjump is applicable4. Apply Learn5. Apply Backjump6. Apply Propagate to completion7. Apply Decide
47
![Page 107: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/107.jpg)
The DPLL System – Strategies
• Applying• one Basic DPLL rule between each two Learn applications and• Restart less and less often
ensures termination
• A common basic strategy applies the rules with the followingpriorities:
1. If n > 0 conflicts have been found so far,increase n and apply Restart
2. If a clause is falsified by M, apply Conflict3. Keep applying Explain until Backjump is applicable4. Apply Learn5. Apply Backjump6. Apply Propagate to completion7. Apply Decide
47
![Page 108: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/108.jpg)
The DPLL System – Strategies
• Applying• one Basic DPLL rule between each two Learn applications and• Restart less and less often
ensures termination
• A common basic strategy applies the rules with the followingpriorities:
1. If n > 0 conflicts have been found so far,increase n and apply Restart
2. If a clause is falsified by M, apply Conflict3. Keep applying Explain until Backjump is applicable4. Apply Learn5. Apply Backjump6. Apply Propagate to completion7. Apply Decide
47
![Page 109: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/109.jpg)
The DPLL System – Strategies
• Applying• one Basic DPLL rule between each two Learn applications and• Restart less and less often
ensures termination
• A common basic strategy applies the rules with the followingpriorities:
1. If n > 0 conflicts have been found so far,increase n and apply Restart
2. If a clause is falsified by M, apply Conflict3. Keep applying Explain until Backjump is applicable4. Apply Learn5. Apply Backjump6. Apply Propagate to completion7. Apply Decide
47
![Page 110: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/110.jpg)
From SAT to SMT
Same states and transitions but
• F contains quantifier-free clauses in some theory T
• M is a sequence of theory literals and decision points
• the DPLL system is augmented with rules
T -Conflict, T -Propagate, T -Explain
• maintains invariant: F |=T C and M |=p ¬C when C 6= no
Def. F |=T G iff every model of T that satisfies F satisfies G as well
48
![Page 111: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/111.jpg)
SMT-level Rules
Fix a theory T
T -ConflictC = no l1, . . . , ln ∈ M l1, . . . , ln |=T ⊥
C := l1 ∨ · · · ∨ ln
T -Propagatel ∈ Lit(F) M |=T l l, l /∈ M
M := M l
T -ExplainC = l ∨D l1, . . . , ln |=T l l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
Note: ⊥ = empty clause
Note: |=T decided by theory solver
49
![Page 112: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/112.jpg)
SMT-level Rules
Fix a theory T
T -ConflictC = no l1, . . . , ln ∈ M l1, . . . , ln |=T ⊥
C := l1 ∨ · · · ∨ ln
T -Propagatel ∈ Lit(F) M |=T l l, l /∈ M
M := M l
T -ExplainC = l ∨D l1, . . . , ln |=T l l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
Note: ⊥ = empty clause
Note: |=T decided by theory solver
49
![Page 113: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/113.jpg)
SMT-level Rules
Fix a theory T
T -ConflictC = no l1, . . . , ln ∈ M l1, . . . , ln |=T ⊥
C := l1 ∨ · · · ∨ ln
T -Propagatel ∈ Lit(F) M |=T l l, l /∈ M
M := M l
T -ExplainC = l ∨D l1, . . . , ln |=T l l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
Note: ⊥ = empty clause
Note: |=T decided by theory solver
49
![Page 114: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/114.jpg)
Modeling the Very Lazy Theory Approach
T -Conflict is enough to model the naive integration of SAT solversand theory solvers seen in the earlier UF example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 115: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/115.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 116: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/116.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 117: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/117.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 118: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/118.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 119: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/119.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 120: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/120.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 121: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/121.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 122: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/122.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 123: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/123.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 124: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/124.jpg)
Modeling the Very Lazy Theory Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 ∨ 4 by T -Conflict1 4 • 2 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 1 ∨ 2 ∨ 4 by Learn
1 4 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Restart1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4 no by Propagate+1 4 2 3 1, 2 ∨ 3, 4, 1 ∨ 2 ∨ 4, 1 ∨ 3 ∨ 4 1 ∨ 3 ∨ 4 by T -Conflict,Learn
fail by Fail
50
![Page 125: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/125.jpg)
A Better Lazy Approach
The very lazy approach can be improved considerably with
• An on-line SAT engine,which can accept new input clauses on the fly
• an incremental and explicating T -solver,which can
1. check the T -satisfiability of M as it is extended and2. identify a small T -unsatisfiable subset of M once M becomesT -unsatisfiable
51
![Page 126: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/126.jpg)
A Better Lazy Approach
The very lazy approach can be improved considerably with
• An on-line SAT engine,which can accept new input clauses on the fly
• an incremental and explicating T -solver,which can
1. check the T -satisfiability of M as it is extended and2. identify a small T -unsatisfiable subset of M once M becomesT -unsatisfiable
51
![Page 127: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/127.jpg)
A Better Lazy Approach
The very lazy approach can be improved considerably with
• An on-line SAT engine,which can accept new input clauses on the fly
• an incremental and explicating T -solver,which can
1. check the T -satisfiability of M as it is extended and2. identify a small T -unsatisfiable subset of M once M becomesT -unsatisfiable
51
![Page 128: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/128.jpg)
A Better Lazy Approach
The very lazy approach can be improved considerably with
• An on-line SAT engine,which can accept new input clauses on the fly
• an incremental and explicating T -solver,which can
1. check the T -satisfiability of M as it is extended and2. identify a small T -unsatisfiable subset of M once M becomesT -unsatisfiable
51
![Page 129: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/129.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 130: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/130.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 131: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/131.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 132: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/132.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 133: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/133.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 134: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/134.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 135: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/135.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 136: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/136.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 137: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/137.jpg)
A Better Lazy Approach
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 • 2 1, 2 ∨ 3, 4 no by Decide1 4 • 2 1, 2 ∨ 3, 4 1 ∨ 2 by T -Conflict
1 4 2 1, 2 ∨ 3, 4 no by Backjump1 4 2 3 1, 2 ∨ 3, 4 no by Propagate1 4 2 3 1, 2 ∨ 3, 4 1 ∨ 3 ∨ 4 by T -Conflict
fail by Fail
52
![Page 138: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/138.jpg)
Lazy Approach – Strategies
Ignoring Restart (for simplicity), a common strategy is to apply therules using the following priorities:
1. If a clause is falsified by the current assignment M,apply Conflict
2. If M is T -unsatisfiable, apply T -Conflict
3. Apply Fail or Explain+Learn+Backjump as appropriate
4. Apply Propagate
5. Apply Decide
Note: Depending on the cost of checking the T -satisfiability of M,Step (2) can be applied with lower frequency or priority
53
![Page 139: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/139.jpg)
Lazy Approach – Strategies
Ignoring Restart (for simplicity), a common strategy is to apply therules using the following priorities:
1. If a clause is falsified by the current assignment M,apply Conflict
2. If M is T -unsatisfiable, apply T -Conflict
3. Apply Fail or Explain+Learn+Backjump as appropriate
4. Apply Propagate
5. Apply Decide
Note: Depending on the cost of checking the T -satisfiability of M,Step (2) can be applied with lower frequency or priority
53
![Page 140: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/140.jpg)
Theory Propagation
With T -Conflict as the only theory rule, the theory solver is used justto validate the choices of the SAT engine
With T -Propagate and T -Explain, it can also be used to guide theengine’s search [Tin02]
T -Propagatel ∈ Lit(F) M |=T l l, l /∈ M
M := M l
T -ExplainC = l ∨D l1, . . . , ln |=T l l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
54
![Page 141: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/141.jpg)
Theory Propagation
With T -Conflict as the only theory rule, the theory solver is used justto validate the choices of the SAT engine
With T -Propagate and T -Explain, it can also be used to guide theengine’s search [Tin02]
T -Propagatel ∈ Lit(F) M |=T l l, l /∈ M
M := M l
T -ExplainC = l ∨D l1, . . . , ln |=T l l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
54
![Page 142: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/142.jpg)
Theory Propagation Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 2 1, 2 ∨ 3, 4 no by T -Propagate (1 |=T 2)
1 4 2 3 1, 2 ∨ 3, 4 no by T -Propagate (1, 4 |=T 3)1 4 2 3 1, 2 ∨ 3, 4 2 ∨ 3 by Conflict
fail by Fail
Note: T -propagation eliminates search altogether in this caseno applications of Decide are needed
55
![Page 143: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/143.jpg)
Theory Propagation Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 2 1, 2 ∨ 3, 4 no by T -Propagate (1 |=T 2)
1 4 2 3 1, 2 ∨ 3, 4 no by T -Propagate (1, 4 |=T 3)1 4 2 3 1, 2 ∨ 3, 4 2 ∨ 3 by Conflict
fail by Fail
Note: T -propagation eliminates search altogether in this caseno applications of Decide are needed
55
![Page 144: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/144.jpg)
Theory Propagation Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 2 1, 2 ∨ 3, 4 no by T -Propagate (1 |=T 2)
1 4 2 3 1, 2 ∨ 3, 4 no by T -Propagate (1, 4 |=T 3)1 4 2 3 1, 2 ∨ 3, 4 2 ∨ 3 by Conflict
fail by Fail
Note: T -propagation eliminates search altogether in this caseno applications of Decide are needed
55
![Page 145: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/145.jpg)
Theory Propagation Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 2 1, 2 ∨ 3, 4 no by T -Propagate (1 |=T 2)
1 4 2 3 1, 2 ∨ 3, 4 no by T -Propagate (1, 4 |=T 3)1 4 2 3 1, 2 ∨ 3, 4 2 ∨ 3 by Conflict
fail by Fail
Note: T -propagation eliminates search altogether in this caseno applications of Decide are needed
55
![Page 146: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/146.jpg)
Theory Propagation Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 2 1, 2 ∨ 3, 4 no by T -Propagate (1 |=T 2)
1 4 2 3 1, 2 ∨ 3, 4 no by T -Propagate (1, 4 |=T 3)1 4 2 3 1, 2 ∨ 3, 4 2 ∨ 3 by Conflict
fail by Fail
Note: T -propagation eliminates search altogether in this caseno applications of Decide are needed
55
![Page 147: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/147.jpg)
Theory Propagation Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 2 1, 2 ∨ 3, 4 no by T -Propagate (1 |=T 2)
1 4 2 3 1, 2 ∨ 3, 4 no by T -Propagate (1, 4 |=T 3)1 4 2 3 1, 2 ∨ 3, 4 2 ∨ 3 by Conflict
fail by Fail
Note: T -propagation eliminates search altogether in this caseno applications of Decide are needed
55
![Page 148: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/148.jpg)
Theory Propagation Example
g(a) = c︸ ︷︷ ︸1
∧ f(g(a)) 6= f(c)︸ ︷︷ ︸2
∨ g(a) = d︸ ︷︷ ︸3
∧ c 6= d︸ ︷︷ ︸4
M F C rule1, 2 ∨ 3, 4 no
1 4 1, 2 ∨ 3, 4 no by Propagate+1 4 2 1, 2 ∨ 3, 4 no by T -Propagate (1 |=T 2)
1 4 2 3 1, 2 ∨ 3, 4 no by T -Propagate (1, 4 |=T 3)1 4 2 3 1, 2 ∨ 3, 4 2 ∨ 3 by Conflict
fail by Fail
Note: T -propagation eliminates search altogether in this caseno applications of Decide are needed
55
![Page 149: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/149.jpg)
Modeling Modern Lazy SMT Solvers
At the core, current lazy SMT solvers are implementations of thetransition system with rules
(1) Propagate, Decide, Conflict, Explain, Backjump, Fail
(2) T -Conflict, T -Propagate, T -Explain
(3) Learn, Forget, Restart
Basic DPLL Modulo Theories def= (1) + (2)
DPLL Modulo Theories def= (1) + (2) + (3)
56
![Page 150: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/150.jpg)
Modeling Modern Lazy SMT Solvers
At the core, current lazy SMT solvers are implementations of thetransition system with rules
(1) Propagate, Decide, Conflict, Explain, Backjump, Fail
(2) T -Conflict, T -Propagate, T -Explain
(3) Learn, Forget, Restart
Basic DPLL Modulo Theories def= (1) + (2)
DPLL Modulo Theories def= (1) + (2) + (3)
56
![Page 151: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/151.jpg)
Correctness
Updated terminology:
Irreducible state: state to which no Basic DPLL MT rules apply
Execution: sequence of transitions allowed by the rules andstarting with M = ∅ and C = no
Exhausted execution: execution ending in an irreducible state
Proposition (Soundness) For every exhausted execution starting withF = F0 and ending with fail, the clause set F0 is T -unsatisfiable.
Proposition (Completeness) For every exhausted execution startingwith F = F0 and ending with C = no, F0 is T -satisfiable; specifically,M is T -satisfiable and M |=p F0.
57
![Page 152: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/152.jpg)
Correctness
Updated terminology:
Irreducible state: state to which no Basic DPLL MT rules apply
Execution: sequence of transitions allowed by the rules andstarting with M = ∅ and C = no
Exhausted execution: execution ending in an irreducible state
Proposition (Termination) Every execution in which(a) Learn/Forget are applied only finitely many times and(b) Restart is applied with increased periodicity
is finite.
Lemma Every exhausted execution ends with either C = no or fail.
Proposition (Soundness) For every exhausted execution starting withF = F0 and ending with fail, the clause set F0 is T -unsatisfiable.
Proposition (Completeness) For every exhausted execution startingwith F = F0 and ending with C = no, F0 is T -satisfiable; specifically,M is T -satisfiable and M |=p F0.
57
![Page 153: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/153.jpg)
Correctness
Updated terminology:
Irreducible state: state to which no Basic DPLL MT rules apply
Execution: sequence of transitions allowed by the rules andstarting with M = ∅ and C = no
Exhausted execution: execution ending in an irreducible state
Proposition (Soundness) For every exhausted execution starting withF = F0 and ending with fail, the clause set F0 is T -unsatisfiable.
Proposition (Completeness) For every exhausted execution startingwith F = F0 and ending with C = no, F0 is T -satisfiable; specifically,M is T -satisfiable and M |=p F0.
57
![Page 154: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/154.jpg)
DPLL(T ) Architecture
The approach formalized so far can be implemented with a simplearchitecture named DPLL(T ) [GHN+04, NOT06]
DPLL(T ) = DPLL(X) engine + T -solver
58
![Page 155: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/155.jpg)
DPLL(T ) Architecture
The approach formalized so far can be implemented with a simplearchitecture named DPLL(T ) [GHN+04, NOT06]
DPLL(T ) = DPLL(X) engine + T -solver
DPLL(X):
• Very similar to a SAT solver, enumerates Boolean models
• Not allowed: pure literal, blocked literal detection, ...
• Required: incremental addition of clauses
• Desirable: partial model detection
58
![Page 156: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/156.jpg)
DPLL(T ) Architecture
The approach formalized so far can be implemented with a simplearchitecture named DPLL(T ) [GHN+04, NOT06]
DPLL(T ) = DPLL(X) engine + T -solver
T -solver:
• Checks the T -satisfiability of conjunctions of literals
• Computes theory propagations
• Produces explanations of T -unsatisfiability/propagation
• Must be incremental and backtrackable
58
![Page 157: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/157.jpg)
Reasoning by Cases in Theory Solvers
For certain theories, determining that a set M is T -unsatisfiablerequires reasoning by cases.
Example: T = the theory of arrays.
M = { r(w(a, i, x), j) 6= x︸ ︷︷ ︸1
, r(w(a, i, x), j) 6= r(a, j)︸ ︷︷ ︸2
}
i = j) Then, r(w(a, i, x), j) = x. Contradiction with 1.
i 6= j) Then, r(w(a, i, x), j) = r(a, j). Contradiction with 2.
Conclusion: M is T -unsatisfiable
59
![Page 158: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/158.jpg)
Reasoning by Cases in Theory Solvers
For certain theories, determining that a set M is T -unsatisfiablerequires reasoning by cases.
Example: T = the theory of arrays.
M = { r(w(a, i, x), j) 6= x︸ ︷︷ ︸1
, r(w(a, i, x), j) 6= r(a, j)︸ ︷︷ ︸2
}
i = j) Then, r(w(a, i, x), j) = x. Contradiction with 1.
i 6= j) Then, r(w(a, i, x), j) = r(a, j). Contradiction with 2.
Conclusion: M is T -unsatisfiable
59
![Page 159: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/159.jpg)
Reasoning by Cases in Theory Solvers
For certain theories, determining that a set M is T -unsatisfiablerequires reasoning by cases.
Example: T = the theory of arrays.
M = { r(w(a, i, x), j) 6= x︸ ︷︷ ︸1
, r(w(a, i, x), j) 6= r(a, j)︸ ︷︷ ︸2
}
i = j) Then, r(w(a, i, x), j) = x. Contradiction with 1.
i 6= j) Then, r(w(a, i, x), j) = r(a, j). Contradiction with 2.
Conclusion: M is T -unsatisfiable
59
![Page 160: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/160.jpg)
Reasoning by Cases in Theory Solvers
For certain theories, determining that a set M is T -unsatisfiablerequires reasoning by cases.
Example: T = the theory of arrays.
M = { r(w(a, i, x), j) 6= x︸ ︷︷ ︸1
, r(w(a, i, x), j) 6= r(a, j)︸ ︷︷ ︸2
}
i = j) Then, r(w(a, i, x), j) = x. Contradiction with 1.
i 6= j) Then, r(w(a, i, x), j) = r(a, j). Contradiction with 2.
Conclusion: M is T -unsatisfiable
59
![Page 161: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/161.jpg)
Reasoning by Cases in Theory Solvers
For certain theories, determining that a set M is T -unsatisfiablerequires reasoning by cases.
Example: T = the theory of arrays.
M = { r(w(a, i, x), j) 6= x︸ ︷︷ ︸1
, r(w(a, i, x), j) 6= r(a, j)︸ ︷︷ ︸2
}
i = j) Then, r(w(a, i, x), j) = x. Contradiction with 1.
i 6= j) Then, r(w(a, i, x), j) = r(a, j). Contradiction with 2.
Conclusion: M is T -unsatisfiable
59
![Page 162: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/162.jpg)
Case Splitting
A complete T -solver reasons by cases via (internal) case splitting andbacktracking mechanisms
An alternative is to lift case splitting and backtracking from theT -solver to the SAT engine
Basic idea: encode case splits as sets of clauses and send them asneeded to the SAT engine for it to split on them [BNOT06]
Possible benefits:
• All case-splitting is coordinated by the SAT engine
• Only have to implement case-splitting infrastructure in one place
• Can learn a wider class of lemmas
60
![Page 163: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/163.jpg)
Case Splitting
A complete T -solver reasons by cases via (internal) case splitting andbacktracking mechanisms
An alternative is to lift case splitting and backtracking from theT -solver to the SAT engine
Basic idea: encode case splits as sets of clauses and send them asneeded to the SAT engine for it to split on them [BNOT06]
Possible benefits:
• All case-splitting is coordinated by the SAT engine
• Only have to implement case-splitting infrastructure in one place
• Can learn a wider class of lemmas
60
![Page 164: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/164.jpg)
Case Splitting
A complete T -solver reasons by cases via (internal) case splitting andbacktracking mechanisms
An alternative is to lift case splitting and backtracking from theT -solver to the SAT engine
Basic idea: encode case splits as sets of clauses and send them asneeded to the SAT engine for it to split on them [BNOT06]
Possible benefits:
• All case-splitting is coordinated by the SAT engine
• Only have to implement case-splitting infrastructure in one place
• Can learn a wider class of lemmas
60
![Page 165: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/165.jpg)
Case Splitting
A complete T -solver reasons by cases via (internal) case splitting andbacktracking mechanisms
An alternative is to lift case splitting and backtracking from theT -solver to the SAT engine
Basic idea: encode case splits as sets of clauses and send them asneeded to the SAT engine for it to split on them [BNOT06]
Possible benefits:
• All case-splitting is coordinated by the SAT engine
• Only have to implement case-splitting infrastructure in one place
• Can learn a wider class of lemmas
60
![Page 166: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/166.jpg)
Splitting on Demand
Basic idea: encode case splits as a set of clauses and send them asneeded to the SAT engine for it to split on them
Basic Scenario:
M = {. . . , s = r(w(a, i, t), j)︸ ︷︷ ︸s′
, . . .}
• Main SMT module: “Is M T -unsatisfiable?”
• T -solver: “I do not know yet, but it will help me if you considerthese theory lemmas:
s = s′ ∧ i = j → s = t, s = s′ ∧ i 6= j → s = r(a, j) ”
61
![Page 167: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/167.jpg)
Splitting on Demand
Basic idea: encode case splits as a set of clauses and send them asneeded to the SAT engine for it to split on them
Basic Scenario:
M = {. . . , s = r(w(a, i, t), j)︸ ︷︷ ︸s′
, . . .}
• Main SMT module: “Is M T -unsatisfiable?”
• T -solver: “I do not know yet, but it will help me if you considerthese theory lemmas:
s = s′ ∧ i = j → s = t, s = s′ ∧ i 6= j → s = r(a, j) ”
61
![Page 168: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/168.jpg)
Splitting on Demand
Basic idea: encode case splits as a set of clauses and send them asneeded to the SAT engine for it to split on them
Basic Scenario:
M = {. . . , s = r(w(a, i, t), j)︸ ︷︷ ︸s′
, . . .}
• Main SMT module: “Is M T -unsatisfiable?”
• T -solver: “I do not know yet, but it will help me if you considerthese theory lemmas:
s = s′ ∧ i = j → s = t, s = s′ ∧ i 6= j → s = r(a, j) ”
61
![Page 169: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/169.jpg)
Modeling Splitting on Demand
To model the generation of theory lemmas for case splits, add the rule
T -Learn
|=T ∃v(l1 ∨ · · · ∨ ln) l1, . . . , ln ∈ LS v vars not in F
F := F ∪ {l1 ∨ · · · ∨ ln}
where LS is a finite set of literals dependent on the initial set ofclauses (see [BNOT06] for a formal definition of LS)
Note: For many theories with a theory solver, there existsan appropriate finite LS for every input F
The set LS does not need to be computed explicitly
62
![Page 170: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/170.jpg)
Modeling Splitting on Demand
To model the generation of theory lemmas for case splits, add the rule
T -Learn
|=T ∃v(l1 ∨ · · · ∨ ln) l1, . . . , ln ∈ LS v vars not in F
F := F ∪ {l1 ∨ · · · ∨ ln}
where LS is a finite set of literals dependent on the initial set ofclauses (see [BNOT06] for a formal definition of LS)
Note: For many theories with a theory solver, there existsan appropriate finite LS for every input F
The set LS does not need to be computed explicitly
62
![Page 171: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/171.jpg)
Modeling Splitting on Demand
Now we can relax the requirement on the theory solver:
When M |=p F, it must either
• determine whether M |=T ⊥ or• generate a new clause by T -Learn containing
at least one literal of LS undefined in M
The T -solver is required to determine whether M |=T ⊥ only if allliterals in LS are defined in M
Note: In practice, to determine if M |=T ⊥, the T -solver only needsa small subset of LS to be defined in M
63
![Page 172: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/172.jpg)
Modeling Splitting on Demand
Now we can relax the requirement on the theory solver:
When M |=p F, it must either
• determine whether M |=T ⊥ or• generate a new clause by T -Learn containing
at least one literal of LS undefined in M
The T -solver is required to determine whether M |=T ⊥ only if allliterals in LS are defined in M
Note: In practice, to determine if M |=T ⊥, the T -solver only needsa small subset of LS to be defined in M
63
![Page 173: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/173.jpg)
Modeling Splitting on Demand
Now we can relax the requirement on the theory solver:
When M |=p F, it must either
• determine whether M |=T ⊥ or• generate a new clause by T -Learn containing
at least one literal of LS undefined in M
The T -solver is required to determine whether M |=T ⊥ only if allliterals in LS are defined in M
Note: In practice, to determine if M |=T ⊥, the T -solver only needsa small subset of LS to be defined in M
63
![Page 174: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/174.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 175: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/175.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 176: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/176.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 177: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/177.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 178: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/178.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 179: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/179.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 180: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/180.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 181: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/181.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 182: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/182.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 183: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/183.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 184: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/184.jpg)
Example — Theory of Finite Sets
F : x = y ∪ z ∧ y 6= ∅ ∨ x 6= z
M F rulex = y ∪ z F by Propagate+
x = y ∪ z • y = ∅ F by Decidex = y ∪ z • y = ∅ x 6= z F by Propagatex = y ∪ z • y = ∅ x 6= z F, (x = z ∨ e ∈ x ∨ e ∈ z), by T -Learn
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x F, (x = z ∨ e ∈ x ∨ e ∈ z), by Decide
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)x = y ∪ z • y = ∅ x 6= z • e ∈ x e /∈ z F, (x = z ∨ e ∈ x ∨ e ∈ z), by Propagate
F,
(x = z ∨ e 6∈ x ∨ e 6∈ z)
T -solver can make the following deductions at this point:
e ∈ x · · · ⇒ e ∈ y ∪ z · · · ⇒ e ∈ y · · · ⇒ e ∈ ∅ ⇒ ⊥
This enables an application of T -Conflict with clause
x 6= y ∪ z ∨ y 6= ∅ ∨ x = z ∨ e /∈ x ∨ e ∈ z
64
![Page 185: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/185.jpg)
Correctness Results
Correctness results can be extended to the new rule.
Soundness: The new T -Learn rule maintains satisfiability of theclause set.
Completeness: As long as the theory solver can decide M |=T ⊥when all literals in LS are determined, the system is still complete.
Termination: The system terminates under the same conditions asbefore. Roughly:
• Any lemma is (re)learned only finitely many times
• Restart is applied with increased periodicity
65
![Page 186: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/186.jpg)
Combining Theories
![Page 187: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/187.jpg)
Need for Combining Theories and Solvers
Recall: Many applications give rise to formulas like:
a ≈ b + 2 ∧ A ≈ write(B, a + 1, 4) ∧(read(A, b + 3) ≈ 2 ∨ f(a− 1) 6= f(b + 1))
Solving that formula requires reasoning over
• the theory of linear arithmetic (TLA)
• the theory of arrays (TA)
• the theory of uninterpreted functions (TUF)
Question: Given solvers for each theory, can we combine themmodularly into one for TLA ∪ TA ∪ TUF?
Under certain conditions, we can do it with the Nelson-Oppencombination method [NO79, Opp80]
67
![Page 188: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/188.jpg)
Need for Combining Theories and Solvers
Recall: Many applications give rise to formulas like:
a ≈ b + 2 ∧ A ≈ write(B, a + 1, 4) ∧(read(A, b + 3) ≈ 2 ∨ f(a− 1) 6= f(b + 1))
Solving that formula requires reasoning over
• the theory of linear arithmetic (TLA)
• the theory of arrays (TA)
• the theory of uninterpreted functions (TUF)
Question: Given solvers for each theory, can we combine themmodularly into one for TLA ∪ TA ∪ TUF?
Under certain conditions, we can do it with the Nelson-Oppencombination method [NO79, Opp80]
67
![Page 189: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/189.jpg)
Need for Combining Theories and Solvers
Recall: Many applications give rise to formulas like:
a ≈ b + 2 ∧ A ≈ write(B, a + 1, 4) ∧(read(A, b + 3) ≈ 2 ∨ f(a− 1) 6= f(b + 1))
Solving that formula requires reasoning over
• the theory of linear arithmetic (TLA)
• the theory of arrays (TA)
• the theory of uninterpreted functions (TUF)
Question: Given solvers for each theory, can we combine themmodularly into one for TLA ∪ TA ∪ TUF?
Under certain conditions, we can do it with the Nelson-Oppencombination method [NO79, Opp80]
67
![Page 190: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/190.jpg)
Need for Combining Theories and Solvers
Recall: Many applications give rise to formulas like:
a ≈ b + 2 ∧ A ≈ write(B, a + 1, 4) ∧(read(A, b + 3) ≈ 2 ∨ f(a− 1) 6= f(b + 1))
Solving that formula requires reasoning over
• the theory of linear arithmetic (TLA)
• the theory of arrays (TA)
• the theory of uninterpreted functions (TUF)
Question: Given solvers for each theory, can we combine themmodularly into one for TLA ∪ TA ∪ TUF?
Under certain conditions, we can do it with the Nelson-Oppencombination method [NO79, Opp80]
67
![Page 191: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/191.jpg)
Motivating Example (Convex Case)
Consider the following set of literals over TLRA ∪ TUF
(TLRA, linear real arithmetic):
f(f(x)− f(y)) = a
f(0) > a+ 2
x = y
First step: purify literals so that each belongs to a single theory
68
![Page 192: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/192.jpg)
Motivating Example (Convex Case)
Consider the following set of literals over TLRA ∪ TUF
(TLRA, linear real arithmetic):
f(f(x)− f(y)) = a
f(0) > a+ 2
x = y
First step: purify literals so that each belongs to a single theory
68
![Page 193: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/193.jpg)
Motivating Example (Convex Case)
Consider the following set of literals over TLRA ∪ TUF
(TLRA, linear real arithmetic):
f(f(x)− f(y)) = a
f(0) > a+ 2
x = y
First step: purify literals so that each belongs to a single theory
f(f(x)− f(y)) = a =⇒ f(e1) = a =⇒ f(e1) = a
e1 = f(x)− f(y) e1 = e2 − e3e2 = f(x)
e3 = f(y)
68
![Page 194: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/194.jpg)
Motivating Example (Convex Case)
Consider the following set of literals over TLRA ∪ TUF
(TLRA, linear real arithmetic):
f(f(x)− f(y)) = a
f(0) > a+ 2
x = y
First step: purify literals so that each belongs to a single theory
f(0) > a + 2 =⇒ f(e4) > a + 2 =⇒ f(e4) = e5e4 = 0 e4 = 0
e5 > a + 2
68
![Page 195: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/195.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 196: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/196.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 197: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/197.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 198: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/198.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 199: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/199.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 200: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/200.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 201: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/201.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 202: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/202.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 203: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/203.jpg)
Motivating Example (Convex Case)
Second step: exchange entailed interface equalities, equalities overshared constants e1, e2, e3, e4, e5, a
L1 L2
f(e1) = a e2 − e3 = e1f(x) = e2 e4 = 0
f(y) = e3 e5 > a + 2
f(e4) = e5 e2 = e3x = y a = e5e1 = e4
L1 |=UF e2 = e3 L2 |=LRA e1 = e4
L1 |=UF a = e5
Third step: check for satisfiability locally
L1 6|=UF ⊥L2 |=LRA ⊥
Report unsatisfiable
69
![Page 204: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/204.jpg)
Motivating Example (Non-convex Case)
Consider the following unsatisfiable set of literals over TLIA ∪ TUF
(TLIA, linear integer arithmetic):
1 ≤ x ≤ 2
f(1) = a
f(2) = f(1) + 3
a = b+ 2
First step: purify literals so that each belongs to a single theory
70
![Page 205: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/205.jpg)
Motivating Example (Non-convex Case)
Consider the following unsatisfiable set of literals over TLIA ∪ TUF
(TLIA, linear integer arithmetic):
1 ≤ x ≤ 2
f(1) = a
f(2) = f(1) + 3
a = b+ 2
First step: purify literals so that each belongs to a single theory
70
![Page 206: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/206.jpg)
Motivating Example (Non-convex Case)
Consider the following unsatisfiable set of literals over TLIA ∪ TUF
(TLIA, linear integer arithmetic):
1 ≤ x ≤ 2
f(1) = a
f(2) = f(1) + 3
a = b+ 2
First step: purify literals so that each belongs to a single theory
f(1) = a =⇒ f(e1) = a
e1 = 1
70
![Page 207: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/207.jpg)
Motivating Example (Non-convex Case)
Consider the following unsatisfiable set of literals over TLIA ∪ TUF
(TLIA, linear integer arithmetic):
1 ≤ x ≤ 2
f(1) = a
f(2) = f(1) + 3
a = b+ 2
First step: purify literals so that each belongs to a single theory
f(2) = f(1) + 3 =⇒ e2 = 2
f(e2) = e3
f(e1) = e4
e3 = e4 + 3
70
![Page 208: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/208.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e1e3 = e4 + 3
a = e4x = e1
71
![Page 209: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/209.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e1e3 = e4 + 3
a = e4x = e1
No more entailed equalities, but L1 |=LIA x = e1 ∨ x = e2
71
![Page 210: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/210.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e1e3 = e4 + 3
a = e4x = e1
Consider each case of x = e1 ∨ x = e2 separately
71
![Page 211: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/211.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e1e3 = e4 + 3
a = e4x = e1
Case 1) x = e1
71
![Page 212: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/212.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e1e3 = e4 + 3
a = e4x = e1
71
![Page 213: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/213.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e1e3 = e4 + 3
a = e4x = e1
L2 |=UF a = b, which entails ⊥ when sent to L1
71
![Page 214: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/214.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e2e3 = e4 + 3
a = e4x = e2
72
![Page 215: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/215.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e2e3 = e4 + 3
a = e4x = e2
Case 2) x = e2
72
![Page 216: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/216.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e2e3 = e4 + 3
a = e4x = e2
72
![Page 217: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/217.jpg)
Motivating Example (Non-convex Case)
Second step: exchange entailed interface equalities over sharedconstants x, e1, a, b, e2, e3, e4
L1 L2
1 ≤ x f(e1) = a
x ≤ 2 f(x) = b
e1 = 1 f(e2) = e3a = b + 2 f(e1) = e4e2 = 2 x = e2e3 = e4 + 3
a = e4x = e2
L2 |=UF e3 = b, which entails ⊥ when sent to L1
72
![Page 218: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/218.jpg)
The Nelson-Oppen Method
• For i = 1, 2, let Ti be a first-order theory of signature Σi (set of
function and predicate symbols in Ti other than =)
• Let T = T1 ∪ T2
• Let C be a finite set of free constants (i.e., not in Σ1 ∪ Σ2)
We consider only input problems of the form
L1 ∪ L2
where each Li is a finite set of ground (i.e., variable-free)(Σi ∪ C)-literals
Note: Because of purification, there is no loss of generality in consideringonly ground (Σi ∪ C)-literals
73
![Page 219: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/219.jpg)
The Nelson-Oppen Method
• For i = 1, 2, let Ti be a first-order theory of signature Σi (set of
function and predicate symbols in Ti other than =)
• Let T = T1 ∪ T2
• Let C be a finite set of free constants (i.e., not in Σ1 ∪ Σ2)
We consider only input problems of the form
L1 ∪ L2
where each Li is a finite set of ground (i.e., variable-free)(Σi ∪ C)-literals
Note: Because of purification, there is no loss of generality in consideringonly ground (Σi ∪ C)-literals
73
![Page 220: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/220.jpg)
The Nelson-Oppen Method
• For i = 1, 2, let Ti be a first-order theory of signature Σi (set of
function and predicate symbols in Ti other than =)
• Let T = T1 ∪ T2
• Let C be a finite set of free constants (i.e., not in Σ1 ∪ Σ2)
We consider only input problems of the form
L1 ∪ L2
where each Li is a finite set of ground (i.e., variable-free)(Σi ∪ C)-literals
Note: Because of purification, there is no loss of generality in consideringonly ground (Σi ∪ C)-literals
73
![Page 221: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/221.jpg)
The Nelson-Oppen Method
Bare-bones, non-deterministic, non-incremental version[Opp80, Rin96, TH96]:
Input: L1 ∪ L2 with Li finite set of ground (Σi ∪ C)-literalsOutput: sat or unsat
1. Guess an arrangement A, i.e., a set of equalities anddisequalities over C such that
c = d ∈ A or c 6= d ∈ A for all c, d ∈ C
2. If Li ∪A is Ti-unsatisfiable for i = 1 or i = 2, return unsat
3. Otherwise, return sat
74
![Page 222: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/222.jpg)
The Nelson-Oppen Method
Bare-bones, non-deterministic, non-incremental version[Opp80, Rin96, TH96]:
Input: L1 ∪ L2 with Li finite set of ground (Σi ∪ C)-literalsOutput: sat or unsat
1. Guess an arrangement A, i.e., a set of equalities anddisequalities over C such that
c = d ∈ A or c 6= d ∈ A for all c, d ∈ C
2. If Li ∪A is Ti-unsatisfiable for i = 1 or i = 2, return unsat
3. Otherwise, return sat
74
![Page 223: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/223.jpg)
The Nelson-Oppen Method
Bare-bones, non-deterministic, non-incremental version[Opp80, Rin96, TH96]:
Input: L1 ∪ L2 with Li finite set of ground (Σi ∪ C)-literalsOutput: sat or unsat
1. Guess an arrangement A, i.e., a set of equalities anddisequalities over C such that
c = d ∈ A or c 6= d ∈ A for all c, d ∈ C
2. If Li ∪A is Ti-unsatisfiable for i = 1 or i = 2, return unsat
3. Otherwise, return sat
74
![Page 224: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/224.jpg)
The Nelson-Oppen Method
Bare-bones, non-deterministic, non-incremental version[Opp80, Rin96, TH96]:
Input: L1 ∪ L2 with Li finite set of ground (Σi ∪ C)-literalsOutput: sat or unsat
1. Guess an arrangement A, i.e., a set of equalities anddisequalities over C such that
c = d ∈ A or c 6= d ∈ A for all c, d ∈ C
2. If Li ∪A is Ti-unsatisfiable for i = 1 or i = 2, return unsat
3. Otherwise, return sat
74
![Page 225: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/225.jpg)
The Nelson-Oppen Method
Bare-bones, non-deterministic, non-incremental version[Opp80, Rin96, TH96]:
Input: L1 ∪ L2 with Li finite set of ground (Σi ∪ C)-literalsOutput: sat or unsat
1. Guess an arrangement A, i.e., a set of equalities anddisequalities over C such that
c = d ∈ A or c 6= d ∈ A for all c, d ∈ C
2. If Li ∪A is Ti-unsatisfiable for i = 1 or i = 2, return unsat
3. Otherwise, return sat
74
![Page 226: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/226.jpg)
Correctness of the NO Method
Proposition (Termination) The method is terminating.
(Trivially, because there is only a finite number of arrangements to guess)
Proposition (Soundness) If the method returns unsat for everyarrangement, the input is (T1 ∪ T2)-unsatisfiable.
(Because satisfiability in (T1 ∪ T2) is always preserved)
Proposition (Completeness) If Σ1 ∩ Σ2 = ∅ and T1 and T2 are stablyinfinite, when the method returns sat for some arrangement, the inputis (T1 ∪ T2)-is satisfiable.
75
![Page 227: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/227.jpg)
Correctness of the NO Method
Proposition (Termination) The method is terminating.
(Trivially, because there is only a finite number of arrangements to guess)
Proposition (Soundness) If the method returns unsat for everyarrangement, the input is (T1 ∪ T2)-unsatisfiable.
(Because satisfiability in (T1 ∪ T2) is always preserved)
Proposition (Completeness) If Σ1 ∩ Σ2 = ∅ and T1 and T2 are stablyinfinite, when the method returns sat for some arrangement, the inputis (T1 ∪ T2)-is satisfiable.
75
![Page 228: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/228.jpg)
Correctness of the NO Method
Proposition (Termination) The method is terminating.
(Trivially, because there is only a finite number of arrangements to guess)
Proposition (Soundness) If the method returns unsat for everyarrangement, the input is (T1 ∪ T2)-unsatisfiable.
(Because satisfiability in (T1 ∪ T2) is always preserved)
Proposition (Completeness) If Σ1 ∩ Σ2 = ∅ and T1 and T2 are stablyinfinite, when the method returns sat for some arrangement, the inputis (T1 ∪ T2)-is satisfiable.
75
![Page 229: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/229.jpg)
Stably Infinite Theories
Def. A theory T is stably infinite iff every quantifier-free T -satisfiableformula is satisfiable in an infinite model of T
Many interesting theories are stably infinite:
• Theories of an infinite structure (e.g., integer arithmetic)
• Complete theories with an infinite model (e.g., theory of dense linear
orders, theory of lists)
• Convex theories (e.g., EUF, linear real arithmetic)
Def. A theory T is convex iff, for any set L of literalsL |=T s1 = t1 ∨ · · · ∨ sn = tn =⇒ L |=T si = ti for some i
Note: With convex theories, arrangements do not need to be guessed—theycan be computed by (theory) propagation
76
![Page 230: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/230.jpg)
Stably Infinite Theories
Def. A theory T is stably infinite iff every quantifier-free T -satisfiableformula is satisfiable in an infinite model of T
Many interesting theories are stably infinite:
• Theories of an infinite structure (e.g., integer arithmetic)
• Complete theories with an infinite model (e.g., theory of dense linear
orders, theory of lists)
• Convex theories (e.g., EUF, linear real arithmetic)
Def. A theory T is convex iff, for any set L of literalsL |=T s1 = t1 ∨ · · · ∨ sn = tn =⇒ L |=T si = ti for some i
Note: With convex theories, arrangements do not need to be guessed—theycan be computed by (theory) propagation
76
![Page 231: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/231.jpg)
Stably Infinite Theories
Def. A theory T is stably infinite iff every quantifier-free T -satisfiableformula is satisfiable in an infinite model of T
Many interesting theories are stably infinite:
• Theories of an infinite structure (e.g., integer arithmetic)
• Complete theories with an infinite model (e.g., theory of dense linear
orders, theory of lists)
• Convex theories (e.g., EUF, linear real arithmetic)
Def. A theory T is convex iff, for any set L of literalsL |=T s1 = t1 ∨ · · · ∨ sn = tn =⇒ L |=T si = ti for some i
Note: With convex theories, arrangements do not need to be guessed—theycan be computed by (theory) propagation
76
![Page 232: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/232.jpg)
Stably Infinite Theories
Def. A theory T is stably infinite iff every quantifier-free T -satisfiableformula is satisfiable in an infinite model of T
Other interesting theories are not stably infinite:
• Theories of a finite structure (e.g., theory of bit vectors of finite size,
arithmetic modulo n)
• Theories with models of bounded cardinality (e.g., theory of strings of
bounded length)
• Some equational/Horn theories
The Nelson-Oppen method has been extended to some classes ofnon-stably infinite theories [TZ05, RRZ05, JB10]
77
![Page 233: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/233.jpg)
Stably Infinite Theories
Def. A theory T is stably infinite iff every quantifier-free T -satisfiableformula is satisfiable in an infinite model of T
Other interesting theories are not stably infinite:
• Theories of a finite structure (e.g., theory of bit vectors of finite size,
arithmetic modulo n)
• Theories with models of bounded cardinality (e.g., theory of strings of
bounded length)
• Some equational/Horn theories
The Nelson-Oppen method has been extended to some classes ofnon-stably infinite theories [TZ05, RRZ05, JB10]
77
![Page 234: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/234.jpg)
Stably Infinite Theories
Def. A theory T is stably infinite iff every quantifier-free T -satisfiableformula is satisfiable in an infinite model of T
Other interesting theories are not stably infinite:
• Theories of a finite structure (e.g., theory of bit vectors of finite size,
arithmetic modulo n)
• Theories with models of bounded cardinality (e.g., theory of strings of
bounded length)
• Some equational/Horn theories
The Nelson-Oppen method has been extended to some classes ofnon-stably infinite theories [TZ05, RRZ05, JB10]
77
![Page 235: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/235.jpg)
SMT Solving with Multiple Theories
Let T1, . . . , Tn be theories with respective solvers S1, . . . , Sn
How can we integrate all of them cooperatively into a single SMTsolver for T = T1 ∪ · · · ∪ Tn?
78
![Page 236: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/236.jpg)
SMT Solving with Multiple Theories
Let T1, . . . , Tn be theories with respective solvers S1, . . . , Sn
How can we integrate all of them cooperatively into a single SMTsolver for T = T1 ∪ · · · ∪ Tn?
Quick Solution:
1. Combine S1, . . . , Sn with Nelson-Oppen into a theory solver forT
2. Build a DPLL(T ) solver as usual
78
![Page 237: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/237.jpg)
SMT Solving with Multiple Theories
Let T1, . . . , Tn be theories with respective solvers S1, . . . , Sn
How can we integrate all of them cooperatively into a single SMTsolver for T = T1 ∪ · · · ∪ Tn?
Better Solution [Bar02, BBC+05b, BNOT06]:
1. Extend DPLL(T ) to DPLL(T1, . . . , Tn)
2. Lift Nelson-Oppen to the DPLL(X1, . . . , Xn) level
3. Build a DPLL(T1, . . . , Tn) solver
78
![Page 238: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/238.jpg)
Modeling DPLL(T1, . . . , Tn) Abstractly
• Let n = 2, for simplicity
• Let Ti be of signature Σi for i = 1, 2, with Σ1 ∩ Σ2 = ∅
• Let C be a set of free constants
• Assume wlog that each input literal has signature (Σ1 ∪ C) or(Σ2 ∪ C) (no mixed literals)
• Let M|idef= {(Σi ∪ C)-literals of M and their complement}
• Let I(M)def= {c = d | c, d occur in C, M|1 and M|2} ∪{c 6= d | c, d occur in C, M|1 and M|2}
(interface literals)
79
![Page 239: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/239.jpg)
Abstract DPLL Modulo Multiple Theories
Propagate, Conflict, Explain, Backjump, Fail (unchanged)
Decidel ∈ Lit(F) ∪ I(M) l, l /∈ M
M := M • l
Only change: decide on interface equalities as well
T -Propagatel ∈ Lit(F) ∪ I(M) i ∈ {1, 2} M |=Ti l l, l /∈ M
M := M l
Only change: propagate interface equalities as well, but reason locallyin each Ti
80
![Page 240: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/240.jpg)
Abstract DPLL Modulo Multiple Theories
Propagate, Conflict, Explain, Backjump, Fail (unchanged)
Decidel ∈ Lit(F) ∪ I(M) l, l /∈ M
M := M • l
Only change: decide on interface equalities as well
T -Propagatel ∈ Lit(F) ∪ I(M) i ∈ {1, 2} M |=Ti l l, l /∈ M
M := M l
Only change: propagate interface equalities as well, but reason locallyin each Ti
80
![Page 241: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/241.jpg)
Abstract DPLL Modulo Multiple Theories
Propagate, Conflict, Explain, Backjump, Fail (unchanged)
Decidel ∈ Lit(F) ∪ I(M) l, l /∈ M
M := M • l
Only change: decide on interface equalities as well
T -Propagatel ∈ Lit(F) ∪ I(M) i ∈ {1, 2} M |=Ti l l, l /∈ M
M := M l
Only change: propagate interface equalities as well, but reason locallyin each Ti
80
![Page 242: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/242.jpg)
Abstract DPLL Modulo Multiple Theories
T -Conflict
C = no l1, . . . , ln ∈ M l1, . . . , ln |=Ti ⊥ i ∈ {1, 2}
C := l1 ∨ · · · ∨ lnT -Explain
C = l ∨D l1, . . . , ln |=Ti l i ∈ {1, 2} l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
Only change: reason locally in each Ti
I-Learn
|=Ti l1 ∨ · · · ∨ ln l1, . . . , ln ∈ M|i ∪ I(M) i ∈ {1, 2}
F := F ∪ {l1 ∨ · · · ∨ ln}
New rule: for entailed disjunctions of interface literals81
![Page 243: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/243.jpg)
Abstract DPLL Modulo Multiple Theories
T -Conflict
C = no l1, . . . , ln ∈ M l1, . . . , ln |=Ti ⊥ i ∈ {1, 2}
C := l1 ∨ · · · ∨ lnT -Explain
C = l ∨D l1, . . . , ln |=Ti l i ∈ {1, 2} l1, . . . , ln ≺M l
C := l1 ∨ · · · ∨ ln ∨D
Only change: reason locally in each Ti
I-Learn
|=Ti l1 ∨ · · · ∨ ln l1, . . . , ln ∈ M|i ∪ I(M) i ∈ {1, 2}
F := F ∪ {l1 ∨ · · · ∨ ln}
New rule: for entailed disjunctions of interface literals81
![Page 244: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/244.jpg)
Example — Convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = e2 ∧
2︷ ︸︸ ︷f(y) = e3 ∧
3︷ ︸︸ ︷f(e4) = e5 ∧
4︷ ︸︸ ︷x = y ∧
e2 − e3 = e1︸ ︷︷ ︸5
∧ e4 = 0︸ ︷︷ ︸6
∧ e5 > a + 2︸ ︷︷ ︸7
e2 = e3︸ ︷︷ ︸8
e1 = e4︸ ︷︷ ︸9
a = e5︸ ︷︷ ︸10
M F C ruleF no
0 1 2 3 4 5 6 7 F no by Propagate+0 1 2 3 4 5 6 7 8 F no by T -Propagate (1, 2, 4 |=UF 8)
0 1 2 3 4 5 6 7 8 9 F no by T -Propagate (5, 6, 8 |=LRA 9)0 1 2 3 4 5 6 7 8 9 10 F no by T -Propagate (0, 3, 9 |=UF 10)0 1 2 3 4 5 6 7 8 9 10 F 7 ∨ 10 by T -Conflict (7, 10 |=LRA ⊥)
fail by Fail
82
![Page 245: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/245.jpg)
Example — Convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = e2 ∧
2︷ ︸︸ ︷f(y) = e3 ∧
3︷ ︸︸ ︷f(e4) = e5 ∧
4︷ ︸︸ ︷x = y ∧
e2 − e3 = e1︸ ︷︷ ︸5
∧ e4 = 0︸ ︷︷ ︸6
∧ e5 > a + 2︸ ︷︷ ︸7
e2 = e3︸ ︷︷ ︸8
e1 = e4︸ ︷︷ ︸9
a = e5︸ ︷︷ ︸10
M F C ruleF no
0 1 2 3 4 5 6 7 F no by Propagate+0 1 2 3 4 5 6 7 8 F no by T -Propagate (1, 2, 4 |=UF 8)
0 1 2 3 4 5 6 7 8 9 F no by T -Propagate (5, 6, 8 |=LRA 9)0 1 2 3 4 5 6 7 8 9 10 F no by T -Propagate (0, 3, 9 |=UF 10)0 1 2 3 4 5 6 7 8 9 10 F 7 ∨ 10 by T -Conflict (7, 10 |=LRA ⊥)
fail by Fail
82
![Page 246: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/246.jpg)
Example — Convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = e2 ∧
2︷ ︸︸ ︷f(y) = e3 ∧
3︷ ︸︸ ︷f(e4) = e5 ∧
4︷ ︸︸ ︷x = y ∧
e2 − e3 = e1︸ ︷︷ ︸5
∧ e4 = 0︸ ︷︷ ︸6
∧ e5 > a + 2︸ ︷︷ ︸7
e2 = e3︸ ︷︷ ︸8
e1 = e4︸ ︷︷ ︸9
a = e5︸ ︷︷ ︸10
M F C ruleF no
0 1 2 3 4 5 6 7 F no by Propagate+0 1 2 3 4 5 6 7 8 F no by T -Propagate (1, 2, 4 |=UF 8)
0 1 2 3 4 5 6 7 8 9 F no by T -Propagate (5, 6, 8 |=LRA 9)0 1 2 3 4 5 6 7 8 9 10 F no by T -Propagate (0, 3, 9 |=UF 10)0 1 2 3 4 5 6 7 8 9 10 F 7 ∨ 10 by T -Conflict (7, 10 |=LRA ⊥)
fail by Fail
82
![Page 247: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/247.jpg)
Example — Convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = e2 ∧
2︷ ︸︸ ︷f(y) = e3 ∧
3︷ ︸︸ ︷f(e4) = e5 ∧
4︷ ︸︸ ︷x = y ∧
e2 − e3 = e1︸ ︷︷ ︸5
∧ e4 = 0︸ ︷︷ ︸6
∧ e5 > a + 2︸ ︷︷ ︸7
e2 = e3︸ ︷︷ ︸8
e1 = e4︸ ︷︷ ︸9
a = e5︸ ︷︷ ︸10
M F C ruleF no
0 1 2 3 4 5 6 7 F no by Propagate+0 1 2 3 4 5 6 7 8 F no by T -Propagate (1, 2, 4 |=UF 8)
0 1 2 3 4 5 6 7 8 9 F no by T -Propagate (5, 6, 8 |=LRA 9)0 1 2 3 4 5 6 7 8 9 10 F no by T -Propagate (0, 3, 9 |=UF 10)0 1 2 3 4 5 6 7 8 9 10 F 7 ∨ 10 by T -Conflict (7, 10 |=LRA ⊥)
fail by Fail
82
![Page 248: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/248.jpg)
Example — Convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = e2 ∧
2︷ ︸︸ ︷f(y) = e3 ∧
3︷ ︸︸ ︷f(e4) = e5 ∧
4︷ ︸︸ ︷x = y ∧
e2 − e3 = e1︸ ︷︷ ︸5
∧ e4 = 0︸ ︷︷ ︸6
∧ e5 > a + 2︸ ︷︷ ︸7
e2 = e3︸ ︷︷ ︸8
e1 = e4︸ ︷︷ ︸9
a = e5︸ ︷︷ ︸10
M F C ruleF no
0 1 2 3 4 5 6 7 F no by Propagate+0 1 2 3 4 5 6 7 8 F no by T -Propagate (1, 2, 4 |=UF 8)
0 1 2 3 4 5 6 7 8 9 F no by T -Propagate (5, 6, 8 |=LRA 9)0 1 2 3 4 5 6 7 8 9 10 F no by T -Propagate (0, 3, 9 |=UF 10)0 1 2 3 4 5 6 7 8 9 10 F 7 ∨ 10 by T -Conflict (7, 10 |=LRA ⊥)
fail by Fail
82
![Page 249: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/249.jpg)
Example — Convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = e2 ∧
2︷ ︸︸ ︷f(y) = e3 ∧
3︷ ︸︸ ︷f(e4) = e5 ∧
4︷ ︸︸ ︷x = y ∧
e2 − e3 = e1︸ ︷︷ ︸5
∧ e4 = 0︸ ︷︷ ︸6
∧ e5 > a + 2︸ ︷︷ ︸7
e2 = e3︸ ︷︷ ︸8
e1 = e4︸ ︷︷ ︸9
a = e5︸ ︷︷ ︸10
M F C ruleF no
0 1 2 3 4 5 6 7 F no by Propagate+0 1 2 3 4 5 6 7 8 F no by T -Propagate (1, 2, 4 |=UF 8)
0 1 2 3 4 5 6 7 8 9 F no by T -Propagate (5, 6, 8 |=LRA 9)0 1 2 3 4 5 6 7 8 9 10 F no by T -Propagate (0, 3, 9 |=UF 10)0 1 2 3 4 5 6 7 8 9 10 F 7 ∨ 10 by T -Conflict (7, 10 |=LRA ⊥)
fail by Fail
82
![Page 250: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/250.jpg)
Example — Convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = e2 ∧
2︷ ︸︸ ︷f(y) = e3 ∧
3︷ ︸︸ ︷f(e4) = e5 ∧
4︷ ︸︸ ︷x = y ∧
e2 − e3 = e1︸ ︷︷ ︸5
∧ e4 = 0︸ ︷︷ ︸6
∧ e5 > a + 2︸ ︷︷ ︸7
e2 = e3︸ ︷︷ ︸8
e1 = e4︸ ︷︷ ︸9
a = e5︸ ︷︷ ︸10
M F C ruleF no
0 1 2 3 4 5 6 7 F no by Propagate+0 1 2 3 4 5 6 7 8 F no by T -Propagate (1, 2, 4 |=UF 8)
0 1 2 3 4 5 6 7 8 9 F no by T -Propagate (5, 6, 8 |=LRA 9)0 1 2 3 4 5 6 7 8 9 10 F no by T -Propagate (0, 3, 9 |=UF 10)0 1 2 3 4 5 6 7 8 9 10 F 7 ∨ 10 by T -Conflict (7, 10 |=LRA ⊥)
fail by Fail
82
![Page 251: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/251.jpg)
Example — Convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = e2 ∧
2︷ ︸︸ ︷f(y) = e3 ∧
3︷ ︸︸ ︷f(e4) = e5 ∧
4︷ ︸︸ ︷x = y ∧
e2 − e3 = e1︸ ︷︷ ︸5
∧ e4 = 0︸ ︷︷ ︸6
∧ e5 > a + 2︸ ︷︷ ︸7
e2 = e3︸ ︷︷ ︸8
e1 = e4︸ ︷︷ ︸9
a = e5︸ ︷︷ ︸10
M F C ruleF no
0 1 2 3 4 5 6 7 F no by Propagate+0 1 2 3 4 5 6 7 8 F no by T -Propagate (1, 2, 4 |=UF 8)
0 1 2 3 4 5 6 7 8 9 F no by T -Propagate (5, 6, 8 |=LRA 9)0 1 2 3 4 5 6 7 8 9 10 F no by T -Propagate (0, 3, 9 |=UF 10)0 1 2 3 4 5 6 7 8 9 10 F 7 ∨ 10 by T -Conflict (7, 10 |=LRA ⊥)
fail by Fail
82
![Page 252: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/252.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 253: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/253.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 254: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/254.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 255: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/255.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 256: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/256.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 257: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/257.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 258: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/258.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 259: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/259.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 260: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/260.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 261: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/261.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 262: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/262.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 263: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/263.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 264: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/264.jpg)
Example — Non-convex Theories
F :=
0︷ ︸︸ ︷f(e1) = a ∧
1︷ ︸︸ ︷f(x) = b ∧
2︷ ︸︸ ︷f(e2) = e3 ∧
3︷ ︸︸ ︷f(e1) = e4 ∧
1 ≤ x︸ ︷︷ ︸4
∧ x ≤ 2︸ ︷︷ ︸5
∧ e1 = 1︸ ︷︷ ︸6
∧ a = b + 2︸ ︷︷ ︸7
∧ e2 = 2︸ ︷︷ ︸8
∧ e3 = e4 + 3︸ ︷︷ ︸9
a = e4︸ ︷︷ ︸10
x = e1︸ ︷︷ ︸11
x = e2︸ ︷︷ ︸12
a = b︸ ︷︷ ︸13
M F C ruleF no
0 · · · 9 F no by Propagate+0 · · · 9 10 F no by T -Propagate (0, 3 |=UF 10)0 · · · 9 10 F, 4 ∨ 5 ∨ 11 ∨ 12 no by I-Learn (|=LIA 4 ∨ 5 ∨ 11 ∨ 12)
0 · · · 9 10 • 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Decide0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 11 |=UF 13)0 · · · 9 10 • 11 13 F, 4 ∨ 5 ∨ 11 ∨ 12 7 ∨ 13 by T -Conflict (7, 13 |=UF ⊥)
0 · · · 9 10 13 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Backjump0 · · · 9 10 13 11 F, 4 ∨ 5 ∨ 11 ∨ 12 no by T -Propagate (0, 1, 13 |=UF 11)
0 · · · 9 10 13 11 12 F, 4 ∨ 5 ∨ 11 ∨ 12 no by Propagate. . . (exercise)fail · · · · · · by Fail
83
![Page 265: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/265.jpg)
84
![Page 266: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/266.jpg)
Suggested Readings
1. R. Nieuwenhuis, A. Oliveras, and C. Tinelli. Solving SAT and SAT Modulo Theories:From an abstract Davis-Putnam-Logemann- Loveland procedure to DPLL(T).Journal of the ACM, 53(6):937-977, 2006.
2. R. Sebastiani. Lazy Satisfiability Modulo Theories. Journal on Satisfiability, BooleanModeling and Computation 3:141-224, 2007.
3. S. Krstic and A. Goel. Architecting Solvers for SAT Modulo Theories: Nelson-Oppenwith DPLL. In Proceeding of the Symposium on Frontiers of Combining Systems(FroCoS’07). Volume 4720 of LNCS. Springer, 2007.
4. C. Barrett, R. Sebastiani, S. Seshia, and C. Tinelli. Satisfiability Modulo Theories. InHandbook of Satisfiability. IOS Press, 2009.
84
![Page 267: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/267.jpg)
References
[ABC+02] Gilles Audemard, Piergiorgio Bertoli, Alessandro Cimatti, Artur Korniłowicz, and Roberto Sebastiani.
A SAT-based approach for solving formulas over boolean and linear mathematical propositions.In Andrei Voronkov, editor, Proceedings of the 18th International Conference on AutomatedDeduction, volume 2392 of Lecture Notes in Artificial Intelligence, pages 195–210. Springer, 2002
[ACG00] Alessandro Armando, Claudio Castellini, and Enrico Giunchiglia. SAT-based procedures for temporalreasoning.In S. Biundo and M. Fox, editors, Proceedings of the 5th European Conference on Planning (Durham,UK), volume 1809 of Lecture Notes in Computer Science, pages 97–108. Springer, 2000
[AMP06] Alessandro Armando, Jacopo Mantovani, and Lorenzo Platania. Bounded model checking of softwareusing SMT solvers instead of SAT solvers.In Proceedings of the 13th International SPIN Workshop on Model Checking of Software (SPIN’06),volume 3925 of Lecture Notes in Computer Science, pages 146–162. Springer, 2006
[Bar02] Clark W. Barrett. Checking Validity of Quantifier-Free Formulas in Combinations of First-OrderTheories.PhD dissertation, Department of Computer Science, Stanford University, Stanford, CA, Sep 2002
85
![Page 268: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/268.jpg)
References
[BB09] R. Brummayer and A. Biere. Boolector: An Efficient SMT Solver for Bit-Vectors and Arrays.In S. Kowalewski and A. Philippou, editors, 15th International Conference on Tools and Algorithmsfor the Construction and Analysis of Systems, TACAS’05, volume 5505 of Lecture Notes in ComputerScience, pages 174–177. Springer, 2009
[BBC+05a] M. Bozzano, R. Bruttomesso, A. Cimatti, T. Junttila, P. van Rossum, S. Schulz, and R. Sebastiani. Anincremental and layered procedure for the satisfiability of linear arithmetic logic.In Tools and Algorithms for the Construction and Analysis of Systems, 11th Int. Conf., (TACAS),volume 3440 of Lecture Notes in Computer Science, pages 317–333, 2005
[BBC+05b] Marco Bozzano, Roberto Bruttomesso, Alessandro Cimatti, Tommi Junttila, Silvio Ranise, Roberto
Sebastiani, and Peter van Rossu. Efficient satisfiability modulo theories via delayed theorycombination.In K.Etessami and S. Rajamani, editors, Proceedings of the 17th International Conference onComputer Aided Verification, volume 3576 of Lecture Notes in Computer Science, pages 335–349.Springer, 2005
86
![Page 269: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/269.jpg)
References
[BCF+07] Roberto Bruttomesso, Alessandro Cimatti, Anders Franzén, Alberto Griggio, Ziyad Hanna, Alexander
Nadel, Amit Palti, and Roberto Sebastiani. A lazy and layered SMT(BV) solver for hard industrialverification problems.In Werner Damm and Holger Hermanns, editors, Proceedings of the 19th International Conferenceon Computer Aided Verification, volume 4590 of Lecture Notes in Computer Science, pages 547–560.Springer-Verlag, July 2007
[BCLZ04] Thomas Ball, Byron Cook, Shuvendu K. Lahiri, and Lintao Zhang. Zapato: Automatic theoremproving for predicate abstraction refinement.In R. Alur and D. Peled, editors, Proceedings of the 16th International Conference on Computer AidedVerification, volume 3114 of Lecture Notes in Computer Science, pages 457–461. Springer, 2004
[BD94] J. R. Burch and D. L. Dill. Automatic verification of pipelined microprocessor control.In Procs. 6th Int. Conf. Computer Aided Verification (CAV), LNCS 818, pages 68–80, 1994
[BDS02] Clark W. Barrett, David L. Dill, and Aaron Stump. Checking satisfiability of first-order formulas byincremental translation to SAT.In J. C. Godskesen, editor, Proceedings of the International Conference on Computer-AidedVerification, Lecture Notes in Computer Science, 2002
87
![Page 270: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/270.jpg)
References
[BGV01] R. E. Bryant, S. M. German, and M. N. Velev. Processor Verification Using Efficient Reductions ofthe Logic of Uninterpreted Functions to Propositional Logic.ACM Transactions on Computational Logic, TOCL, 2(1):93–134, 2001
[BLNM+09] C. Borralleras, S. Lucas, R. Navarro-Marset, E. Rodríguez-Carbonell, and A. Rubio. SolvingNon-linear Polynomial Arithmetic via SAT Modulo Linear Arithmetic.In R. A. Schmidt, editor, 22nd International Conference on Automated Deduction , CADE-22, volume5663 of Lecture Notes in Computer Science, pages 294–305. Springer, 2009
[BLS02] Randal E. Bryant, Shuvendu K. Lahiri, and Sanjit A. Seshia. Deciding CLU logic formulas viaboolean and pseudo-boolean encodings.In Proc. Intl. Workshop on Constraints in Formal Verification, 2002
[BNO+08a] M. Bofill, R. Nieuwenhuis, A. Oliveras, E. Rodríguez-Carbonell, and A. Rubio. A Write-BasedSolver for SAT Modulo the Theory of Arrays.In Formal Methods in Computer-Aided Design, FMCAD, pages 1–8, 2008
[BNO+08b] Miquel Bofill, Robert Nieuwenhuis, Albert Oliveras, Enric Rodríguez-Carbonell, and Albert Rubio.
The Barcelogic SMT solver.In Computer-aided Verification (CAV), volume 5123 of Lecture Notes in Computer Science, pages294–298. Springer, 2008
88
![Page 271: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/271.jpg)
References
[BNOT06] Clark Barrett, Robert Nieuwenhuis, Albert Oliveras, and Cesare Tinelli. Splitting on demand in satmodulo theories.In M. Hermann and A. Voronkov, editors, Proceedings of the 13th International Conference on Logicfor Programming, Artificial Intelligence and Reasoning (LPAR’06), Phnom Penh, Cambodia, volume4246 of Lecture Notes in Computer Science, pages 512–526. Springer, 2006
[BV02] R. E. Bryant and M. N. Velev. Boolean Satisfiability with Transitivity Constraints.ACM Transactions on Computational Logic, TOCL, 3(4):604–627, 2002
[CKSY04] Edmund Clarke, Daniel Kroening, Natasha Sharygina, and Karen Yorav. Predicate abstraction ofANSI–C programs using SAT.Formal Methods in System Design (FMSD), 25:105–127, September–November 2004
[CM06] S. Cotton and O. Maler. Fast and Flexible Difference Constraint Propagation for DPLL(T).In A. Biere and C. P. Gomes, editors, 9th International Conference on Theory and Applications ofSatisfiability Testing, SAT’06, volume 4121 of Lecture Notes in Computer Science, pages 170–183.Springer, 2006
89
![Page 272: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/272.jpg)
References
[DdM06] Bruno Dutertre and Leonardo de Moura. A Fast Linear-Arithmetic Solver for DPLL(T).In T. Ball and R. B. Jones, editors, 18th International Conference on Computer Aided Verification,CAV’06, volume 4144 of Lecture Notes in Computer Science, pages 81–94. Springer, 2006
[DLL62] Martin Davis, George Logemann, and Donald Loveland. A machine program for theorem proving.Communications of the ACM, 5(7):394–397, July 1962
[dMB09] L. de Moura and N. Bjørner. Generalized, efficient array decision procedures.In 9th International Conference on Formal Methods in Computer-Aided Design, FMCAD 2009, pages45–52. IEEE, 2009
[dMR02] L. de Moura and H. Rueß. Lemmas on Demand for Satisfiability Solvers.In 5th International Conference on Theory and Applications of Satisfiability Testing, SAT’02, pages244–251, 2002
[DP60] Martin Davis and Hilary Putnam. A computing procedure for quantification theory.Journal of the ACM, 7(3):201–215, July 1960
[FLL+02] C. Flanagan, K. R. M Leino, M. Lillibridge, G. Nelson, and J. B. Saxe. Extended static checking forJava.In Proc. ACM Conference on Programming Language Design and Implementation, pages 234–245,June 2002
90
![Page 273: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/273.jpg)
References
[GHN+04] Harald Ganzinger, George Hagen, Robert Nieuwenhuis, Albert Oliveras, and Cesare Tinelli.
DPLL(T): Fast decision procedures.In R. Alur and D. Peled, editors, Proceedings of the 16th International Conference on ComputerAided Verification, CAV’04 (Boston, Massachusetts), volume 3114 of Lecture Notes in ComputerScience, pages 175–188. Springer, 2004
[HBJ+14] Liana Hadarean, Clark Barrett, Dejan Jovanovic, Cesare Tinelli, and Kshitij Bansal. A tale of twosolvers: Eager and lazy approaches to bit-vectors.In Armin Biere and Roderick Bloem, editors, Proceedings of the 26th International Conference onComputer Aided Verification (CAV ’14), volume 8559 of Lecture Notes in Computer Science, pages680–695. Springer, July 2014
[HT08] George Hagen and Cesare Tinelli. Scaling up the formal verification of Lustre programs withSMT-based techniques.In A. Cimatti and R. Jones, editors, Proceedings of the 8th International Conference on FormalMethods in Computer-Aided Design (FMCAV’08), Portland, Oregon, pages 109–117. IEEE, 2008
[JdM12] Dejan Jovanovic and Leonardo de Moura. Solving Non-linear Arithmetic.In Bernhard Gramlich, Dale Miller, and Uli Sattler, editors, 6th International Joint Conference onAutomated Reasoning (IJCAR ’12), volume 7364 of Lecture Notes in Computer Science, pages339–354. Springer, 2012
[JB10] Dejan Jovanovic and Clark Barrett. Polite theories revisited.In Chris Fermüller and Andrei Voronkov, editors, Proceedings of the 17th International Conferenceon Logic for Programming, Artificial Intelligence and Reasoning, volume 6397 of Lecture Notes inComputer Science, pages 402–416. Springer-Verlag, 2010
[KG07] Sava Krstic and Amit Goel. Architecting solvers for SAT modulo theories: Nelson-Oppen with DPLL.
In B. Konev and F. Wolter, editors, Proceeding of the Symposium on Frontiers of Combining Systems(Liverpool, England), volume 4720 of Lecture Notes in Computer Science, pages 1–27. Springer, 2007 91
![Page 274: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/274.jpg)
References
[LM05] Shuvendu K. Lahiri and Madanlal Musuvathi. An Efficient Decision Procedure for UTVPIConstraints.In B. Gramlich, editor, 5th International Workshop on Frontiers of Combining Systems, FroCos’05,volume 3717 of Lecture Notes in Computer Science, pages 168–183. Springer, 2005
[LNO06] S. K. Lahiri, R. Nieuwenhuis, and A. Oliveras. SMT Techniques for Fast Predicate Abstraction.In T. Ball and R. B. Jones, editors, 18th International Conference on Computer Aided Verification,CAV’06, volume 4144 of Lecture Notes in Computer Science, pages 413–426. Springer, 2006
[NO79] Greg Nelson and Derek C. Oppen. Simplification by cooperating decision procedures.ACM Trans. on Programming Languages and Systems, 1(2):245–257, October 1979
[NO80] Greg Nelson and Derek C. Oppen. Fast decision procedures based on congruence closure.Journal of the ACM, 27(2):356–364, 1980
[NO05] Robert Nieuwenhuis and Albert Oliveras. DPLL(T) with Exhaustive Theory Propagation and itsApplication to Difference Logic.In Kousha Etessami and Sriram K. Rajamani, editors, Proceedings of the 17th InternationalConference on Computer Aided Verification, CAV’05 (Edimburgh, Scotland), volume 3576 of LectureNotes in Computer Science, pages 321–334. Springer, July 2005
92
![Page 275: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/275.jpg)
References
[NO07] R. Nieuwenhuis and A. Oliveras. Fast Congruence Closure and Extensions.Information and Computation, IC, 2005(4):557–580, 2007
[NOT06] Robert Nieuwenhuis, Albert Oliveras, and Cesare Tinelli. Solving SAT and SAT Modulo Theories:from an Abstract Davis-Putnam-Logemann-Loveland Procedure to DPLL(T).Journal of the ACM, 53(6):937–977, November 2006
[Opp80] Derek C. Oppen. Complexity, convexity and combinations of theories.Theoretical Computer Science, 12:291–302, 1980
[PRSS99] A. Pnueli, Y. Rodeh, O. Shtrichman, and M. Siegel. Deciding Equality Formulas by Small DomainsInstantiations.In N. Halbwachs and D. Peled, editors, 11th International Conference on Computer AidedVerification, CAV’99, volume 1633 of Lecture Notes in Computer Science, pages 455–469. Springer,1999
[Rin96] Christophe Ringeissen. Cooperation of decision procedures for the satisfiability problem.In F. Baader and K.U. Schulz, editors, Frontiers of Combining Systems: Proceedings of the 1stInternational Workshop, Munich (Germany), Applied Logic, pages 121–140. Kluwer AcademicPublishers, March 1996
93
![Page 276: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/276.jpg)
References
[RRZ05] Silvio Ranise, Christophe Ringeissen, and Calogero G. Zarba. Combining data structures withnonstably infinite theories using many-sorted logic.In B. Gramlich, editor, Proceedings of the Workshop on Frontiers of Combining Systems, volume3717 of Lecture Notes in Computer Science, pages 48–64. Springer, 2005
[SBDL01] A. Stump, C. W. Barrett, D. L. Dill, and J. R. Levitt. A Decision Procedure for an Extensional Theoryof Arrays.In 16th Annual IEEE Symposium on Logic in Computer Science, LICS’01, pages 29–37. IEEEComputer Society, 2001
[Sha02] Natarajan Shankar. Little engines of proof.In Lars-Henrik Eriksson and Peter A. Lindsay, editors, FME 2002: Formal Methods - Getting ITRight, Proceedings of the International Symposium of Formal Methods Europe (Copenhagen,Denmark), volume 2391 of Lecture Notes in Computer Science, pages 1–20. Springer, July 2002
[SLB03] Sanjit A. Seshia, Shuvendu K. Lahiri, and Randal E. Bryant. A hybrid SAT-based decision procedurefor separation logic with uninterpreted functions.In Proc. 40th Design Automation Conference, pages 425–430. ACM Press, 2003
[SSB02] O. Strichman, S. A. Seshia, and R. E. Bryant. Deciding Separation Formulas with SAT.In E. Brinksma and K. G. Larsen, editors, 14th International Conference on Computer AidedVerification, CAV’02, volume 2404 of Lecture Notes in Computer Science, pages 209–222. Springer,2002
94
![Page 277: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/277.jpg)
References
[TdH08] N. Tillmann and J. de Halleux. Pex-White Box Test Generation for .NET.In B. Beckert and R. Hähnle, editors, 2nd International Conference on Tests and Proofs, TAP’08,volume 4966 of Lecture Notes in Computer Science, pages 134–153. Springer, 2008
[TH96] Cesare Tinelli and Mehdi T. Harandi. A new correctness proof of the Nelson–Oppen combinationprocedure.In F. Baader and K. U. Schulz, editors, Frontiers of Combining Systems: Proceedings of the 1stInternational Workshop (Munich, Germany), Applied Logic, pages 103–120. Kluwer AcademicPublishers, March 1996
[Tin02] C. Tinelli. A DPLL-based calculus for ground satisfiability modulo theories.In G. Ianni and S. Flesca, editors, Proceedings of the 8th European Conference on Logics in ArtificialIntelligence (Cosenza, Italy), volume 2424 of Lecture Notes in Artificial Intelligence. Springer, 2002
[TZ05] Cesare Tinelli and Calogero Zarba. Combining nonstably infinite theories.Journal of Automated Reasoning, 34(3):209–238, April 2005
95
![Page 278: Satisfiability Modulo Theoriesfm.csl.sri.com/SSFT16/slides.pdfIntroduction. A (Very) Brief History of Automated Reasoning Philosophers have long dreamed of machines that can reason](https://reader033.vdocuments.net/reader033/viewer/2022053005/5f08d37f7e708231d423e87b/html5/thumbnails/278.jpg)
References
[WIGG05] C. Wang, F. Ivancic, M. K. Ganai, and A. Gupta. Deciding Separation Logic Formulae by SAT andIncremental Negative Cycle Elimination.In G. Sutcliffe and A. Voronkov, editors, 12h International Conference on Logic for Programming,Artificial Intelligence and Reasoning, LPAR’05, volume 3835 of Lecture Notes in Computer Science,pages 322–336. Springer, 2005
[ZM10] Harald Zankl and Aart Middeldorp. Satisfiability of Non-linear (Ir)rational Arithmetic.In Edmund M. Clarke and Andrei Voronkov, editors, 16th International Conference on Logic forProgramming, Artificial Intelligence and Reasoning, LPAR’10, volume 6355 of Lecture Notes inComputer Science, pages 481–500. Springer, 2010
96