1. 8/2/2018 4:21 AM
Lifting SAT to richer theories: bit-vectors, finite bases, and theory combination
Christoph M. Wintersteiger
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2. What is SMT? Satisfiability Modulo Theories SMT Theories
Decision procedures for pre-defined theories/logics
Theory combination strategy
Language standard
Benchmark library
SMT Theories
Booleans
Uninterpreted functions
Integers (linear & non-linear)
Reals (linear & non-linear)
Bit-vectors
Arrays
Floating-point arithmetic
(Datatypes, Strings, Probabilities, … )

3. The big picture mcSAT DP Nelson/Oppen T/C ADPLL (with learning) DPLL
ADPLL(T)
Model-based T/C
CDCL
ACDCL
Abstract interpretation
B-CSP
CSP
R. Nieuwenhuis, A. Oliveras, C. Tinelli: Solving SAT and SAT Modulo Theories: From an abstract Davis-Putnam-Logemann-Loveland procedure to DPLL(T). J. ACM 53(6) 2006.
R. Nieuwenhuis, A. Oliveras, C. Tinelli: Abstract DPLL and Abstract DPLL Modulo Theories. LPAR 2004.
V. D'Silva, L. Haller, D. Kroening: Abstract conflict driven learning. POPL 2013.
L. de Moura, D. Jovanović: A Model-Constructing Satisfiability Calculus. VMCAI 2013.
N. Creignou, H. Vollmer: Boolean Constraint Satisfaction Problems: When Does Post's Lattice Help? Complexity of Constraints 2008.

4. Abstract DPLL 𝑀∥𝐹, 𝐶∨𝑙 ⇒ 𝑀𝑙∥𝐹,𝐶∨𝑙 Start at ∅∥𝐹 UnitPropagate:
If 𝑀⊨¬𝐶 and 𝑙 is undefined in 𝑀
R. Nieuwenhuis, A. Oliveras, C. Tinelli: Solving SAT and SAT Modulo Theories: From an abstract Davis-Putnam- Logemann-Loveland procedure to DPLL(T). J. ACM 53(6) 2006

5. Abstract DPLL(T) (One theory; combinations hidden) 𝑀∥𝐹 ⇒ 𝑀∥𝐹, 𝐶
T-Learn:
𝑀∥𝐹 ⇒ 𝑀∥𝐹, 𝐶
If each atom of 𝐶 occurs
in 𝐹 or in 𝑀 and 𝐹 ⊨ 𝑇 𝐶.
R. Nieuwenhuis, A. Oliveras, C. Tinelli: Solving SAT and SAT Modulo Theories: From an abstract Davis-Putnam- Logemann-Loveland procedure to DPLL(T). J. ACM 53(6) 2006

6. Model-constructing satisfiability calculus
Microsoft Research 2013
8/2/2018 4:21 AM
Model-constructing satisfiability calculus
Borrows from ADPLL(T)
Finite basis 𝔹
A finite number of predicates (for termination, in the worst case)
Pick a new predicate at any time
Explanations
Explain conflicts, implications (usually clauses)
Performance depends on
Good basis exploration (and coverage?)
Good decision making
Efficient domain representation
L. de Moura, D. Jovanović: A Model-Constructing Satisfiability Calculus. VMCAI 2013.
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7. mcSAT clausal rules 𝑀,𝐶 ⇒ 𝑀,𝐿 ,𝐶 Decide: If 𝐿∈𝔹, 𝑣𝑎𝑙𝑢𝑒 𝐿,𝑀 =𝑢𝑛𝑑𝑒𝑓
𝑀,𝐶 ⇒ 𝑀,𝐿 ,𝐶
If 𝐿∈𝔹, 𝑣𝑎𝑙𝑢𝑒 𝐿,𝑀 =𝑢𝑛𝑑𝑒𝑓
L. de Moura, D. Jovanović: A Model-Constructing Satisfiability Calculus. VMCAI 2013.

8. mcSAT theory rules
L. de Moura, D. Jovanović: A Model-Constructing Satisfiability Calculus. VMCAI 2013.

9. mcSAT crucials Pick any 𝐿∈𝔹 Assign variables T-Backjump-Decide
All on one trail
Assign variables
Boolean or theory
Such that the trail stays consistent
T-Backjump-Decide
Non-asserting clauses
Tricky termination arguments
explain(…)
Contains magic

10. A word on ACDCL Based on Abstract Interpretation
(A different “abstract”)
Roughly: abstract domains implement theories
Greatest fix-point implements (Boolean) constraint propagation
Least fix-point implements conflict resolution
Theory combination
Adapted Nelson/Oppen
Cartesian product of domains
V. D'Silva, L. Haller, D. Kroening: Abstract conflict driven learning. POPL 2013

11. A bit-blasting challenge
(set-logic QF_BV)
(declare-fun x () (_ BitVec 29980))
(declare-fun y () (_ BitVec 29980))
(assert (and (bvuge x y)
(bvule (bvadd x (_ bv )) y)))
𝑥 ≥ 𝑢 𝑦 ∧ 𝑥+1 ≤ 𝑢 𝑦
(QF_BV/pspace/ndist.b smt2; SAT; model: x=1…1, y=0…0)

12. mcBV Decision procedure for the theory of bit-vectors based on mcSAT
Microsoft Research 2013
8/2/2018 4:21 AM
mcBV
Decision procedure for the theory of bit-vectors
based on mcSAT
avoids bit-blasting (often)
preserves word-level structure
using tailor-made conflict driven learning
theory lemmas ~ conflict explanations
A. Zeljić, C. M. Wintersteiger, P. Rümmer: Deciding Bit-Vector Formulas with mcSAT. SAT 2016.
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13. mcSAT requirements Finite basis of literals/predicates B
Can be large
Possibly the cross-product of multiple bases
Explain function
Returns a valid clause which evaluates to false under the trail
Literals are not necessarily on the trail, but must be from B
Value function
Can evaluate any literal/predicate
Definition affects the strength of propagation

14. mcBV news I Theory decisions Projections
Decide on theory variables, e.g., 𝑥=0𝑥2𝐴
Projections
𝑥 7:4 =0𝑥𝐴

15. mcBV news II Two model assignment representations
Run-length encoded bit-patterns
𝑥= ∗
Sound & complete
Bounds
1<𝑥<42
Sound
Cross-theory
Propagation
Conflicts
Explanations, (some) generalization

16. Experiments I

17. Experiments II

18. Lessons learned Implementation complexity Heuristics Explanations
Underestimated by all involved parties
Abstract rules cannot be implemented directly
Efficient data structures yet to be discovered
Heuristics
Unclear what works
And what should work
Explanations
Extensions
Generalization
(Craig) Interpolation
…> cat *.fs | wc -l
10633
…> cat *.fs | sed "/^\s*$/d" | wc -l
8846

19. Theory combination Nelson/Oppen Model-based theory combination
Theory solvers deduce and exchange (disjunctions of) interface equalities
(Can be delayed)
Model-based theory combination
“Optimistic approach”
Propagates/exchanges all equalities implied by a candidate model
(Interpolation)
Cross-products of
Abstract domains
Finite bases

20. Wishlist Personal In theory & practice (Lazy) data structures
Quantifiers, regular expressions over bit-vectors
In theory & practice
Extensions; at least some sub-class of
Theory and understanding of heuristics
Logic fragments/theory classes, sub-theories, finite bases
Cross-theory interpolation/extensions
Better complexity theory
(Lazy) data structures
Critical for any implementation
Parallel/Distributed
Decomposition (ideally cross-theory)

21. 8/2/2018 4:21 AM
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22. Bit-vector logic All variables are (existential) bit-vectors
E.g., 𝑥 may be a 32-bit value
The usual bit-vector operations +, −, ∗, /, extract, concat, zero-extend, … <, >, =, ≤,≥ (with overflows)
Example: 𝑥+1=0 ∨ 𝑦∗2=1

23. Bit-vector explosion example
Suppose ∀𝑥∈ 𝐵 32 ∃𝑦∈ 𝐵 𝑥=𝑦
Bit-blast into ∀ 𝑥 31 … 𝑥 0 ∃ 𝑦 31 … 𝑦 𝑥 31 = 𝑦 31 ∧ …∧ 𝑥 0 = 𝑦 0
= 6 bits
2 6 =32 bits

24. Complexity UFBV QF_BV QBF SAT 2-NEXPTIME NEXPTIME EXPSPACE EXPTIMENP P
UFBV
QF_BV
QBF
SAT
Kovásznai, Fröhlich, Biere: On the Complexity of Fixed-Size Bit-Vector Logics with Binary Encoded Bit-Width. 2012
Fröhlich, Kovásznai, Biere: More on the Complexity of Quantifier-Free Fixed-Size Bit-Vector Logics with Binary Encoding. CSR 2013