quantifier instantiation beyond e-matching - the smt...
TRANSCRIPT
![Page 1: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/1.jpg)
Quantifier InstantiationBeyond E-Matching
Andrew ReynoldsSMT WorkshopJuly 22, 2017
![Page 2: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/2.jpg)
Acknowledgements
• Thanks to collaborators:• Cesare Tinelli, Clark Barrett, Viktor Kuncak, Tim King, Morgan Deters, Francois
Bobot, Amit Goel, Sava Krstic, Leonardo de Moura, Thomas Wies, Kshitij Bansal,Haniel Barbosa, Pascal Fontaine
• Past and present members of development team of CVC4:• Dejan Jovanovic, Liana Hadarean, Tianyi Liang, Christopher Conway, Guy Katz,
Andres Noetzli, Paul Meng
![Page 3: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/3.jpg)
Timeline of Modern SMT Solvers for QF (Approximate)
2000 2010 2017
simplify
z3
cvc lite cvc3 cvc4
yices
barcelogic
mathsat
yices2
First SMT COMP2005
fx7
boolector
veriT
SMTInterpol
STP
SMT RAT raSat
openSMT AProVE COLIBRI
zap
Alt-Ergo MinkeyRink
1990
SMT Solvers forquantifier-free (QF)
constraints
…
![Page 4: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/4.jpg)
Timeline of Modern SMT Solvers for QF (Approximate)
2000 2010 2017
simplify
z3
cvc lite cvc3 cvc4
yices
barcelogic
mathsat
yices2
First SMT COMP2005
fx7
boolector
veriT
SMTInterpol
STP
SMT RAT
openSMT AProVE
MinkeyRink
COLIBRI
zap
Alt-Ergo
Modern SMT solvers arehighly mature for manytypes of QF constraints
1990
raSat…
![Page 5: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/5.jpg)
Timeline of Modern SMT Solvers for (Approximate)
2000 2010 2017
simplify
z3
cvc3 cvc4
First SMT COMP2005
fx7 veriT
Q3B
veriT+redlog
Vampire
boolectorAlt-Ergo
proB
1990
Subset of these solvers support +T-constraints
…
![Page 6: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/6.jpg)
Timeline of Modern SMT Solvers for (Approximate)
2000 2010 2017
simplify
z3
cvc3 cvc4
First SMT COMP2005
fx7 veriT
Q3B
veriT+redlog
Vampire
boolectorAlt-Ergo
proB
SMT Solvers area developing technology
for +T-constraints
1990
Subset of these solvers support +T-constraints
…
![Page 7: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/7.jpg)
Timeline of Modern SMT Solvers for (Approximate)
1990 2000 2010 2017
simplify
z3
cvc3 cvc4
First SMT COMP2005
fx7 veriT
Q3B
veriT+redlog
Vampire
boolectorAlt-Ergo
proB
Vampire
SPASS
E iProver
CASC-131996
Build on earlier work from ATP community for -constraints
…
SMT Solvers area developing technology
for +T-constraints
![Page 8: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/8.jpg)
Applications of in SMT
• Are used for:• Automated theorem proving:
• Background axioms {x.g(e,x)=g(x,e)=x, x.g(x,g(y,z))=g(g(x,y),x),x.g(x,i(x))=e}
• Software verification:• Unfoldingx.foo(x)=bar(x+1), code contracts x.pre(x)post(f(x))• Frame axiomsx.x≠t A’(x)=A(x)
• Function Synthesis:• Synthesis conjectures i:input.o:output.R[o,i]
• Planning:• Specifications p:plan.t:time.F[P,t]
![Page 9: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/9.jpg)
Solvers for • First order theorem provers focus on reasoning
…but have been extended in the past decade to theory reasoning• Vampire, E, SPASS
• First-order resolution + superposition [Robinson 65, Nieuwenhuis/Rubio 99, Prevosto/Waldman 06]• AVATAR in Vampire [Voronkov 14]
• iProver• InstGen calculus [Ganzinger/Korovin 03]
• Princess, Beagle, …• SMT solvers focus mostly on quantifier-free theory reasoning
…but have been extended in the past decade to reasoning• Z3, CVC4, VeriT, Alt-Ergo
• Some superposition-based [deMoura et al 09]• Mostly instantiation-based [Detlefs et al 03, deMoura et al 07, Ge et al 07, …]
![Page 10: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/10.jpg)
Solvers for • First order theorem provers focus on reasoning
…but have been extended in the past decade to theory reasoning:• Vampire, E, SPASS
• First-order resolution + superposition [Robinson 65, Nieuwenhuis/Rubio 99, Prevosto/Waldman 06]• AVATAR [Voronkov 14, Reger et al 15]
• iProver• InstGen calculus [Ganzinger/Korovin 03]
• Princess, Beagle, …• SMT solvers focus mostly on quantifier-free theory reasoning
…but have been extended in the past decade to reasoning• Z3, CVC4, VeriT, Alt-Ergo
• Some superposition-based [deMoura et al 09]• Mostly instantiation-based [Detlefs et al 03, deMoura et al 07, Ge et al 07, …]
![Page 11: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/11.jpg)
Solvers for • First order theorem provers focus on reasoning
…but have been extended in the past decade to theory reasoning:• Vampire, E, SPASS
• First-order resolution + superposition [Robinson 65, Nieuwenhuis/Rubio 99, Prevosto/Waldman 06]• AVATAR [Voronkov 14, Reger et al 15]
• iProver• InstGen calculus [Ganzinger/Korovin 03]
• Princess, Beagle, …• SMT solvers focus mostly on quantifier-free theory reasoning
…but have been extended in the past decade to reasoning:• Z3, CVC4, VeriT, Alt-Ergo
• Some superposition-based [deMoura et al 09]• Mostly instantiation-based [Detlefs et al 05, deMoura et al 07, Ge et al 07, …]
![Page 12: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/12.jpg)
Solvers for • First order theorem provers focus on reasoning
…but have been extended in the past decade to theory reasoning:• Vampire, E, SPASS
• First-order resolution + superposition [Robinson 65, Nieuwenhuis/Rubio 99, Prevosto/Waldman 06]• AVATAR [Voronkov 14, Reger et al 15]
• iProver• InstGen calculus [Ganzinger/Korovin 03]
• Princess, Beagle, …• SMT solvers focus mostly on quantifier-free theory reasoning
…but have been extended in the past decade to reasoning:• Z3, CVC4, VeriT, Alt-Ergo
• Some superposition-based [deMoura et al 09]• Mostly instantiation-based [Detlefs et al 05, deMoura et al 07, Ge et al 07, …]
Focus of this talk
![Page 13: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/13.jpg)
SMT Solvers for using Quantifier Instantiation
• Traditionally: Implemented in• E-matching [Detlefs et al 2005,Bjorner et al 2007, Ge et al 2007]
• More recently:• Model-Based Instantiation [Ge et al 2009, Reynolds et al 2013] z3, cvc4
• Conflict-Based Instantiation [Reynolds et al 2014, Barbosa et al 2017] cvc4, veriT
• Theory-specific Approaches z3, cvc4, yices,• Linear arithmetic [Bjorner 2012, Reynolds et al 2015, Janota et al 2015] veriT+redlog• Bit-Vectors [Wintersteiger et al 2013, Dutertre 2015]
simplify, cvc3, z3, FX7,Alt-Ergo, Princess,cvc4, veriT
![Page 14: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/14.jpg)
SMT Solvers for using Quantifier Instantiation
• Traditionally: Implemented in• E-matching [Detlefs et al 2005,Bjorner et al 2007, Ge et al 2007]
• More recently:• Model-Based Instantiation [Ge et al 2009, Reynolds et al 2013] z3, cvc4
• Conflict-Based Instantiation [Reynolds et al 2014, Barbosa et al 2017] cvc4, veriT
• Theory-specific Approaches z3, cvc4, yices,• Linear arithmetic [Bjorner 2012, Reynolds et al 2015, Janota et al 2015] veriT+redlog• Bit-Vectors [Wintersteiger et al 2013, Dutertre 2015]
simplify, cvc3, z3, FX7,Alt-Ergo, Princess,cvc4, veriT
![Page 15: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/15.jpg)
DPLL(T)-Based SMT Solvers
QF Solver
SATSolver
Theorysolver(s)
T-Clauses F
![Page 16: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/16.jpg)
DPLL(T)-Based SMT Solvers
Ground Solver
Context M
SATSolver
Theorysolver(s)
T-Clauses F
…whenF is unsatisfiableunsat
…where M ╞p F
![Page 17: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/17.jpg)
DPLL(T)-Based SMT Solvers
QF Solver
Context M
SATSolver
Theorysolver(s)
T-Clauses F
…whenM is T-satisfiable sat
F1 … Fnconflicts,lemmas
![Page 18: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/18.jpg)
DPLL(T)-Based SMT Solvers
QF Solver
Context M
SATSolver
Theorysolver(s)
T-Clauses F
…whenM is T-satisfiable
…whenF is unsatisfiable satunsat
F1 … Fn
![Page 19: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/19.jpg)
QF Solver
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
…whenM is T-satisfiable
…whenF is unsatisfiable
unsat sat
Context M
![Page 20: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/20.jpg)
QF Solver
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
…whenM is T-satisfiable
…whenF is unsatisfiable
unsat sat
When M containsquantified formulas…
Context M
![Page 21: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/21.jpg)
QF Solver
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
…whenM is T-satisfiable
…whenF is unsatisfiable
unsat sat? …cannot use QF procedurefor establishing M is sat
Context M
![Page 22: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/22.jpg)
QF Solver
Context M
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
…whenF is unsatisfiable
unsat
![Page 23: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/23.jpg)
QF Solver
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
Q
E
…whenF is unsatisfiable
unsat
partition
Set of ground equalitiesand disequalities
• {f(a)=b, P(a)=, ...}
Set of quantified formulas• {x.P(x), …}
Context M
![Page 24: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/24.jpg)
QF Solver
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
Solver
Q
E
…whenF is unsatisfiable
unsat
Context M
![Page 25: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/25.jpg)
QF Solver
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
Solver
Q
E
…whenE,Q is T-satisfiable
…whenF is unsatisfiable
unsat sat
Context M F1 … Fn
(Instantiation)lemmas
![Page 26: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/26.jpg)
QF Solver
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
Solver
Q
E
…whenE,Q is T-satisfiable
…whenF is unsatisfiable
unsat sat
Context M
Focus of this talk
F1 … Fn
(Instantiation)lemmas
![Page 27: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/27.jpg)
QF Solver
DPLL(T)-Based SMT Solvers + Instantiation
SATSolver
Theorysolver(s)
T-Clauses F
Solver
Q
E
…whenE,Q is T-satisfiable
…whenF is unsatisfiable
unsat sat
Context M F1 … Fn
(Instantiation)lemmas
• Which lemmas are likely lead to “unsat”?• When can we answer “sat”?
![Page 28: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/28.jpg)
E-matching
x.P(x) R(x)
P(a)P(b)R(c)R(a)S(e)
E
Q
Solver
![Page 29: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/29.jpg)
E-matching
x.P(x) R(x)
P(a)P(b)R(c)R(a)S(e)
E
Q
E-matching
• Introduced in Nelson’s Phd Thesis [Nelson 80]
![Page 30: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/30.jpg)
E-matching
E
Q
E-matching
x.P(x) R(x)
P(a)P(b)R(c)R(a)S(e)
![Page 31: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/31.jpg)
E-matching
x.P(x) R(x)
E
Q
Idea: choose instances based on pattern matching
Pattern
E-matching
P(a)P(b)R(c)R(a)S(e)
![Page 32: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/32.jpg)
P(a)P(b)R(c)R(a)S(e)
E-matching
x.P(x) R(x)
E
Q
Pattern
return (x.P(x) R(x))P(a)R(a)(x.P(x) R(x))P(b)R(b)E-matching
![Page 33: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/33.jpg)
(x.P(x) R(x))P(a)R(a)(x.P(x) R(x))P(b)R(b)
P(a)P(b)R(c)R(a)S(e)
E-matching
x.P(x) R(x)
E
Q
Pattern
returnE-matching
(x.P(x) R(x))P(a)R(a)
“Instantiation Lemma”Variable x is instantiated by ground term a
![Page 34: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/34.jpg)
P(a)P(b)R(c)R(a)S(e)
E-matching
x.P(x) R(x)
E
Q
Pattern
return (x.P(x) R(x))P(a)R(a)(x.P(x) R(x))P(b)R(b)E-matching
![Page 35: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/35.jpg)
P(a)P(b)R(c)R(a)S(e)
(x.P(x) R(x))P(a)R(a)(x.P(x) R(x))P(b)R(b)(x.P(x) R(x))P(c)R(c)
E-matching
x.P(x) R(x)
E
Q
Pattern
returnE-matching
![Page 36: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/36.jpg)
(x.P(x) R(x))P(a)R(a)(x.P(x) R(x))P(b)R(b)(x.P(x) R(x))P(c)R(c)
P(a)P(b)R(c)R(a)S(e)
E-matching
x.P(x) R(x)
E
Q
returnE-matching
![Page 37: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/37.jpg)
(x.P(x) R(x))P(a)R(a)(x.P(x) R(x))P(b)R(b)(x.P(x) R(x))P(c)R(c)
E-matching
returnE-matching
QFSolverunsat
(we hope)
![Page 38: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/38.jpg)
E-matching: Functions, Equality
xy.P(f(x),y)g(x)=y
P(a,c)f(b)=aE
Q
E-matching
![Page 39: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/39.jpg)
E-matching: Functions, Equality
P(a,c)f(b)=aE
Q
E-matching
In E-matching, Pattern matching takes into account equalities in E
xy.P(f(x),y)g(x)=y
![Page 40: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/40.jpg)
E-matching: Functions, Equality
P(a,c)f(b)=aE
Q
Pattern
E-matching
xy.P(f(x),y)g(x)=y
![Page 41: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/41.jpg)
E-matching: Functions, Equality
P(a,c)f(b)=aE
Q
P( a ,c)
E-matching
xy.P(f(x),y)g(x)=y
![Page 42: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/42.jpg)
E-matching: Functions, Equality
P(a,c)f(b)=aE
Q
P( a ,c)
E-matching
xy.P(f(x),y)g(x)=y
a=f(b)
T=P(a,c)
b c
Congruence closure of E
![Page 43: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/43.jpg)
E-matching: Functions, Equality
P(a,c)f(b)=aE
Q
P( a ,c) …E implies P(a,c)P(f(b),c)f(b)
E-matching
xy.P(f(x),y)g(x)=y
a=f(b)
T=P(a,c)
b c
![Page 44: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/44.jpg)
E-matching: Functions, Equality
P(a,c)f(b)=aE
Q
P( a ,c)f(b)
(xy.P(f(x),y)g(x)=y)P(f(b),c)g(b)=cE-matching
xy.P(f(x),y)g(x)=y
![Page 45: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/45.jpg)
E-matching
• Most widely used technique for unsatisfiable problems in SMT• Variants implemented in:
• Z3 [deMoura et al 07], CVC3 [Ge et al 07], CVC4, Princess [Ruemmer 12], VeriT, Alt-Ergo• Used in:
• Software verification• Boogie, Dafny, Leon, SPARK, Why3
• Automated Theorem Proving• Sledgehammer
![Page 46: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/46.jpg)
Challenge #1 : Too Many Instances
E-matching
QFSolver F
• Typical problems in applications:• F contains 1000s of clauses
~1000
![Page 47: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/47.jpg)
Challenge #1 : Too Many Instances
E1
Q
QFSolver F
• Typical problems in applications:• F contains 1000s of clauses• Contexts contain 1000s of terms in E, 100s of in Q
~1000
~1000
~100
E-matching
![Page 48: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/48.jpg)
Challenge #1 : Too Many Instances
Q
QFSolver F
F1
• Typical problems in applications:• F contains 1000s of clauses• Contexts contain 1000s of terms in E, 100s of in Q
~100~1000
~100
E-matching
E1
![Page 49: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/49.jpg)
Challenge #1 : Too Many InstancesQF
Solver FF1
• Typical problems in applications:• F contains 1000s of clauses• Contexts contain 1000s of terms in E, 100s of in Q
~100E-matching
unsat
(we hope)
![Page 50: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/50.jpg)
Challenge #1 : Too Many Instances
E2Q
QFSolver
• Typical problems in applications:• F contains 1000s of clauses• Contexts contain 1000s of terms in E, 100s of in Q• Leads to 100s
~10000
~100
E-matching
FF1
~100
![Page 51: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/51.jpg)
Challenge #1 : Too Many Instances
E2Q
QFSolver F
F1 F2
• Typical problems in applications:• F contains 1000s of clauses• Contexts contain 1000s of terms in E, 100s of in Q• Leads to 100s, 1000s
~1000~10000
~100
E-matching
![Page 52: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/52.jpg)
Challenge #1 : Too Many Instances
E3Q
QFSolver F
F1 F2
• Typical problems in applications:• F contains 1000s of clauses• Contexts contain 1000s of terms in E, 100s of in Q• Leads to 100s, 1000s, 10000s of instances
~10000~100000
~100
F3E-matching
![Page 53: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/53.jpg)
Challenge #1 : Too Many Instances
E3Q
QFSolver F
F1 F2~10000~100000
~100
F3
QF solver is overloaded …solver times out
OVERLOADED
![Page 54: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/54.jpg)
Challenge #1 : Too Many Instances# Instances cvc3 cvc4 z3
1-10#
1464%
13.49%#
1007%
8.87%#
1321%
11.43%10-100 1755 16.17% 1853 16.31% 2554 22.11%
100-1000 3816 35.16% 3680 32.40% 4553 39.41%1000-10k 1893 17.44% 2468 21.73% 1779 15.40%10k-100k 1162 10.71% 1414 12.45% 823 7.12%100k-1M 560 5.16% 607 5.34% 376 3.25%1M-10M 193 1.78% 330 2.91% 139 1.20%
>10M 10 0.09% 0 0.00% 8 0.07%
• Evaluation on 33032 SMTLIB, TPTP, Isabelle benchmarks• E-matching often requires many instances
(Above, 16.6% required >10k, max 19.5M by z3 on a software verification benchmark from TPTP)
(for 8 of benchmarks z3 solves,its E-matching procedure adds
more than 10M instances)
![Page 55: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/55.jpg)
Challenge #2 : Incompleteness
E-matching
x.P(x)x.P(x)
E
Q
E-matching is an incomplete procedure
empty
![Page 56: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/56.jpg)
Challenge #2 : Incompleteness
E-matching
E
Q
If E-matching produces no instances,this does not guarantee EQ is T-satisfiable
return
empty
x.P(x)x.P(x)
NoInstances
Found
![Page 57: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/57.jpg)
SolverE-matching : Challenges Addressed
• What if there are too many instances?Use conflict-based instantiation [Reynolds et al FMCAD14]
• What if there are no instances, andproblem maybe “sat”?Use model-based instantiation [Ge/deMoura CAV2009]
E-matching
![Page 58: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/58.jpg)
SolverE-matching : Challenges Addressed
• What if there are too many instances?Use conflict-based instantiation [Reynolds et al FMCAD14]
• What if there are no instances, andproblem maybe “sat”?Use model-based instantiation [Ge/deMoura CAV2009]
E-matching
Conflict-Based
![Page 59: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/59.jpg)
SolverE-matching : Challenges Addressed
• What if there are too many instances?Use conflict-based instantiation [Reynolds et al FMCAD14]
• What if there are no instances, andproblem maybe “sat”?Use model-based instantiation [Ge/deMoura CAV2009]
E-matching
Conflict-Based
Model-Based
sat
![Page 60: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/60.jpg)
• Basic idea:• Since we are interested in whether e.g. E,x.P(x) is satisfiable,
• Try to find one “conflict instance” such that E,P(a)╞ • If this is possible, don’t run E-matching
Leads to fewer instances, improved ability to answer
E-matching
Conflict-Based
Model Based
Conflict-Based Instantiation
unsat
![Page 61: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/61.jpg)
Conflict-Based Instantiation
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E
E-matching
x.P(x) R(x)
E-matching
Conflict-Based
Model Based
Q
![Page 62: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/62.jpg)
Conflict-Based Instantiation
E
E-matching
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E-matching would produce {xa}, {xb}, {xc}, {xd}, {xe}
x.P(x) R(x)
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E-matching
Conflict-Based
Model Based
Q
![Page 63: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/63.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ P(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 64: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/64.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ P(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
By E, we know P(a) TT
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 65: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/65.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ P(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
T
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 66: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/66.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ P(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
T We know P(b)
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 67: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/67.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ P(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
TR(b)
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 68: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/68.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ R(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
TR(b) We know P(c)
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 69: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/69.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ R(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
TR(b)
T
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
We know R(d) T
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 70: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/70.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ R(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
TR(b)
T
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
We know R(e)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 71: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/71.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ R(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
TR(b)
T
P(a),P(b)P(c),R(a)R(d),R(e)
R(c)
We know R(c)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 72: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/72.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ R(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
TR(b)
T
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 73: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/73.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ R(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
TR(b)
T
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
P(c) R(c) is a conflictinginstance for (E,Q)!
E-matching
E-matching
Conflict-Based
Model Based
Q
![Page 74: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/74.jpg)
Conflict-Based Instantiation
x.P(x) R(x)
E
Q
Conflict-based
Instantiation
Consider what we learn from these instances:
(x.P(x) R(x))P(a) R(a)(x.P(x) R(x))P(b) R(b)(x.P(x) R(x))P(c) R(c)(x.P(x) R(x))P(d) R(d)(x.P(x) R(x))P(e) R(e)
E,P(a) R(a) ╞ P(a) R(a)E,P(b) R(b) ╞ P(b) R(b)E,P(c) R(c) ╞ R(c) R(c)E,P(d) R(d) ╞ P(d) R(d)E,P(e) R(e) ╞ P(e) R(e)
TR(b)
T
P(a),P(b)P(c),R(a)R(d),R(e)R(c)
Since P(c) R(c)suffices to derive ,return only this instance
E-matching
Conflict-Based
Model Based
![Page 75: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/75.jpg)
Conflict-Based Instantiation: EUF
E
Q
CBQI
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c,
x.f(g(x))=h(f(x))
E-matching
Conflict-Based
Model Based
![Page 76: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/76.jpg)
Conflict-Based Instantiation: EUF
x.f(g(x))=h(f(x))
E
Q
Consider the instance x.f(g(x))=h(f(x))f(g(b))=h(f(b))• Is this conflicting for (E,Q)?
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, CBQI
E-matching
Conflict-Based
Model Based
![Page 77: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/77.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c,
E,f(g(b))=h(f(b))╞ E f(g(b))=h(f(b))
x.f(g(x))=h(f(x))
CBQI
E-matching
Conflict-Based
Model Based
![Page 78: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/78.jpg)
Conflict-Based Instantiation: EUF
E
QConsider the equivalence classes of E
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
E,f(g(b))=h(f(b))╞ E f(g(b))=h(f(b))
x.f(g(x))=h(f(x))
CBQI
E-matching
Conflict-Based
Model Based
![Page 79: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/79.jpg)
Conflict-Based Instantiation: EUF
E
Q
Build partial definitions for functions in terms of representatives
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(g(b))=h(f(b))
a
fa b
b
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 80: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/80.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(g(b))=h(f(b))
a
fa b
b
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 81: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/81.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(g(b))=h(fb)()
a
fa b
b
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 82: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/82.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(g(b))=h(fc)()
a
fa b
b
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 83: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/83.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(ga())=h(fc)()
fb
ba
a
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 84: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/84.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(ga())=h(fc)()
a
fa b
b
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 85: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/85.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(a=cg())h(f)()
fb
ba
a
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 86: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/86.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(acg())h(f)()
fb
ba
a
From E, we know a≠c
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 87: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/87.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()a≠c,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(acg())h(f)()
fb
ba
a
f(g(b))=h(f(b)) is a conflictinginstance for (E,Q)!
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 88: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/88.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()...,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c,
Consider the same example, but where we don’t know a≠c• Is the instance f(g(b))=h(f(b)) still useful?
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 89: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/89.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()...,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
fb
ba
a
Build partial definitions
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 90: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/90.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()...,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E f(g(b))=h(f(b))
fb
ba
a
Check entailment
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 91: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/91.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()...,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E a=cf(g())hg(())
fb
ba
a
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 92: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/92.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()...,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E a=cf(g())hg(())
fb
ba
a
Instance is not conflicting,but propagates an equality
between two existing terms in E
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 93: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/93.jpg)
Conflict-Based Instantiation: EUF
E
Q
() f()...,f(b)=b,h()g(b)=a,f(a)=a,h(f(a))=d,h(b)=c, a=g(b)=f(a)
d=h(f(a))
b=f(b)
c=h(b)
a
g
b
d
ha b
c
E,f(g(b))=h(f(b))╞ E a=cf(g())hg(())
fb
ba
a
f(g(b))=h(f(b)) is apropagating instance for (E,Q)
These are also useful
CBQI
E-matching
Conflict-Based
Model Based
x.f(g(x))=h(f(x))
![Page 94: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/94.jpg)
Conflict-Based Instantiation: Impact
• Using conflict-basedinstantiation (cvc4+ci),require an order of magnitudefewer instances for showing“UNSAT” wrt E-matching alone
(taken from [Reynolds et al FMCAD14], evaluationOn SMTLIB, TPTP, Isabelle benchmarks)
E-matching
Conflict-Based
Model Based
![Page 95: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/95.jpg)
• Conflicting instances found on ~75% of rounds (IR)• Configuration cvc4+ci:
• Calls E-matching 1.5x fewer times overall• As a result, returns 5x fewer instantiations
E-matching Conflict Inst. Propagating Inst.
Conflict-Based Instantiation: ImpactE-matching
Conflict-Based
Model Based
![Page 96: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/96.jpg)
• CVC4 with conflicting instances cvc4+ci• Solves the most benchmarks for TPTP and Isabelle• Requires almost an order of magnitude fewer instantiations
Conflict-Based Instantiation: Impact
A number of hard benchmarks can be solved without resorting to E-matching at all
E-matching
Conflict-Based
Model Based
![Page 97: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/97.jpg)
• How do we find conflicting instances?• Idea: construct instances via a stronger version of matching
• Intuition: for x.P(x) Q(x), will only match P(x) where P(t)(see [Reynolds et al FMCAD2014])
• Formalized as calculus based on E-ground (dis)unification [Barbosa et al 2017]
Challenge : Finding Conflicting Instances E-matching
Conflict-Based
Model Based
![Page 98: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/98.jpg)
• Difficult for quantified formulas that contain theory symbols:
Generally, use fast and incomplete procedure for +theories
Challenge : Theory Symbols E-matching
Conflict-Based
Model Based
xy.f(x+y)>x+2*y
f(1)=5E
Q
![Page 99: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/99.jpg)
• Difficult for quantified formulas that contain theory symbols:
Generally, use fast and incomplete procedure for +theories
Challenge : Theory Symbols E-matching
Conflict-Based
Model Based
xy.f(x+y)>x+2*y
f(1)=5E
Qxy.f(x+y)>x+2*yf(-3+4)>-3+2*4
![Page 100: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/100.jpg)
xy.f(x+y)>x+2*yf(1)>5
• Difficult for quantified formulas that contain theory symbols:
Generally, use fast and incomplete procedure for +theories
Challenge : Theory Symbols E-matching
Conflict-Based
Model Based
xy.f(x+y)>x+2*y
f(1)=5E
Q
![Page 101: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/101.jpg)
Model-based Instantiation
• Basic idea:• If E-matching saturates, build “candidate model”M satisfying E
• Check ifM also satisfies Q(using a quantifier-free satisfiability query)
Ability to answer
Model-Based
E-matching
Conflict-Based
sat
![Page 102: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/102.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q
MBQI
Model-Based
E-matching
Conflict-Based
![Page 103: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/103.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q Build interpretationM of predicates• This interpretation must satisfy E
PMλx.ite(x=a,,ite(x=b,T,ITE(x=c,…)))
RMλx.ite(x=b,,ite(x=c,,ITE(x=c,…)))
M
MBQI
Model-Based
E-matching
Conflict-Based
![Page 104: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/104.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q Build interpretationM of predicates• This interpretation must satisfy E• Missing values may be filled in arbitrarily
PMλx.ite(x=a,,ite(x=b,T,ITE(x=c,T)))
RMλx.ite(x=b,,ite(x=c,,ITE(x=c,)))
M
MBQI
Model-Based
E-matching
Conflict-Based
![Page 105: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/105.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q
PMλx.ite(x=a,,ite(x=b,T,ITE(x=c,T)))
RMλx.ite(x=b,,ite(x=c,,ITE(x=c,)))
M
DoesM satisfy Q?• Check (un)satisfiability of: x.(PM(x) RM(x))
MBQI
Model-Based
E-matching
Conflict-Based
![Page 106: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/106.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q
PMλx.ite(x=a,,ite(x=b,T,ITE(x=c,T)))
RMλx.ite(x=b,,ite(x=c,,ITE(x=c,)))
M
Check: x.(PM(x) RM(x))
MBQI
Model-Based
E-matching
Conflict-Based
![Page 107: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/107.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q
PMλx.ite(x=a,,ite(x=b,T,ITE(x=c,T)))
RMλx.ite(x=b,,ite(x=c,,ITE(x=c,)))
M
Check: (PM(k) RM(k)) Skolemize
MBQI
Model-Based
E-matching
Conflict-Based
![Page 108: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/108.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q
PMlx.ite(x=a,,ite(x=b,T,ITE(x=c,T)))
RMlx.ite(x=b,,ite(x=c,,ITE(x=c,)))
M
Check: (ite(k=a,,ite(k=b,T,T)))ite(k=b,,ite(k=c,,))))
Substitute
MBQI
Model-Based
E-matching
Conflict-Based
![Page 109: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/109.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q
PMλx.ite(x=a,,ite(x=b,T,ITE(x=c,T)))
RMλx.ite(x=b,,ite(x=c,,ITE(x=c,)))
M
Check: (k≠a ) Simplify
MBQI
Model-Based
E-matching
Conflict-Based
![Page 110: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/110.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q
PMλx.ite(x=a,,ite(x=b,T,ITE(x=c,T)))
RMλx.ite(x=b,,ite(x=c,,ITE(x=c,)))
M
Check: k=a Simplify
MBQI
Model-Based
E-matching
Conflict-Based
![Page 111: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/111.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q
PMλx.ite(x=a,,ite(x=b,T,ITE(x=c,T)))
RMλx.ite(x=b,,ite(x=c,,ITE(x=c,)))
M
Satisfiable! There are values k for whichM does not satisfy Q
MBQI
Model-Based
E-matching
Conflict-Based
Check: k=a
![Page 112: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/112.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
Q Add one instancefor one such value of k
for whichM did satisfy Q
return (x.P(x) R(x))P(a)R(a)MBQI
Model-Based
E-matching
Conflict-Based
Check: k=a
![Page 113: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/113.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)
E
MBQI
Model-Based
E-matching
Conflict-Based
return (x.P(x) R(x))P(a)R(a)
Q
![Page 114: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/114.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)R(a)
E’
Q’ Subsequent models must satisfy P(a) R(a)
MBQI
Model-Based
E-matching
Conflict-Based
return (x.P(x) R(x))P(a)R(a)
QFSolver
![Page 115: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/115.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)R(a)
E’
Q’MBQI
Model-Based
E-matching
Conflict-Based
![Page 116: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/116.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)R(a)
E’
Q’• Repeat as necessary “Model refinement loop”
MBQI
Model-Based
E-matching
Conflict-Based
return (x.P(x) R(x))P(c)R(c)
![Page 117: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/117.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)R(a)P(c)
E”
Q”
MBQI
Model-Based
E-matching
Conflict-Based
QFSolver
• Repeat as necessary “Model refinement loop”
return (x.P(x) R(x))P(c)R(c)
![Page 118: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/118.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)R(a)P(c)
E”PM”λx.ite(x=a,,ite(x=b,T,ite(x=c,T,ITE(x=c,T)))
RM”λx.ite(x=a,T,ite(x=b,,ite(x=c,,ITE(x=c,)))
M”
Check: x.(PM”(x) RM ”(x))
MBQI
Model-Based
E-matching
Conflict-Based
Q”
![Page 119: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/119.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)R(a)P(c)
E”M”
Check: k=a k≠a
PM”λx.ite(x=a,,ite(x=b,T,ite(x=c,T,ITE(x=c,T)))
RM”λx.ite(x=a,T,ite(x=b,,ite(x=c,,ITE(x=c,)))
MBQI
Model-Based
E-matching
Conflict-Based
Q”
![Page 120: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/120.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)R(a)P(c)
E”M”
Check: k=a k≠a Unsatisfiable, there are no values k for whichM ’’ does not satisfy Q
PM”λx.ite(x=a,,ite(x=b,T,ite(x=c,T,ITE(x=c,T)))
RM”λx.ite(x=a,T,ite(x=b,,ite(x=c,,ITE(x=c,)))
MBQI
Model-Based
E-matching
Conflict-Based
Check: k=a k≠aQ”
![Page 121: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/121.jpg)
Model-based Instantiation
x.P(x) R(x)
P(a)P(b)R(b)R(c)R(a)P(c)
E”M” PM”
λx.ite(x=a,,ite(x=b,T,ite(x=c,T,ITE(x=c,T)))
RM”λx.ite(x=a,T,ite(x=b,,ite(x=c,,ITE(x=c,)))
, modelM”
MBQI
Model-Based
E-matching
Conflict-Based
satQ”
![Page 122: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/122.jpg)
Model-based Instantiation: ImpactModel-Based
E-matching
Conflict-Based
• 1203 satisfiable benchmarks from the TPTP library• Graph shows # instances required by exhaustive instantiation
• E.g. xyz:U.P(x,y,z), if |U|=4, requires 43=64 instances
![Page 123: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/123.jpg)
Model-based Instantiation: ImpactModel-Based
E-matching
Conflict-Based
• CVC4 Finite Model Finding + Exhaustive instantiation• Scales only up to ~150k instances with a 30 sec timeout
![Page 124: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/124.jpg)
Model-based Instantiation: ImpactModel-Based
E-matching
Conflict-Based
• CVC4 Finite Model Finding + Model-Based instantiation [Reynolds et al CADE13]• Scales to >2 billion instances with a 30 sec timeout, only adds fraction of possible instances
![Page 125: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/125.jpg)
Model-based Instantiation: Challenges
• How do we build interpretationsM ?• Typically, build interpretations fM that are almost constant:
• e.g. fM := λx.ite(x=t1,v1,ite(x=t2,v2,…,ite(x=tn,vn,vdef)…))
Model-Based
E-matching
Conflict-Based
![Page 126: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/126.jpg)
Model-based Instantiation: Challenges
• How do we build interpretationsM ?• Typically, build interpretations fM that are almost constant:
• e.g. fM := λx.ite(x=t1,v1,ite(x=t2,v2,…,ite(x=tn,vn,vdef)…))
…but models may need to be more complex when theories are present:
Model-Based
E-matching
Conflict-Based
xy:Int.(f(x,y)x f(x,y)y)
x:Int.3*g(x)+5*h(x)=x
fM := λxy.ite(xy,x,y)
gM := λx.-3*xhM := λx.2*x
xy:Int.u(x+y)+11*v(w(x))=x+y ???
![Page 127: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/127.jpg)
Putting it Together Solver
E-matching
Model Based
Conflict-Based • Input:• Ground literals E• Quantified formulas Q
Q
E
![Page 128: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/128.jpg)
Putting it Together Solver
Conflict-BasedE,Q is unsat P(a), where
E,P(a)╞
where x.P(x)Q
Model Based
E-matching
Q
E
![Page 129: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/129.jpg)
Putting it Together Solver
E-matching
Conflict-BasedE,Q is unsat P(a), where
E,P(a)╞
where x.P(x)Q
P(b),P(c),
P(d),P(e),P(f),…pattern matching
Model Based
Q
E
![Page 130: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/130.jpg)
Putting it Together Solver
E-matching
Conflict-BasedE,Q is unsat P(a), where
E,P(a)╞
modelfor E
where x.P(x)Q
P(b),P(c),
P(d),P(e),P(f),…pattern matching
M
Model Based
Q
E
![Page 131: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/131.jpg)
Putting it Together Solver
E-matching
Model Based
Conflict-BasedE,Q is unsat P(a), where
E,P(a)╞
M is not amodel for Q
M is amodel for E,Q
modelfor E
where x.P(x)Q
P(b),P(c),
P(d),P(e),P(f),…
P(z), whereM╞ P(z)
pattern matching
M
sat
Q
E
![Page 132: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/132.jpg)
E-matching, Conflict-Based, Model-based:• Common thread: satisfiability of + UF + theories is hard!
• E-matching:• Pattern selection, matching modulo theories
• Conflict-based:• Matching is incomplete, entailment tests are expensive
• Model-based:• Models are complex, interpreted domains (e.g. Int) may be infinite
![Page 133: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/133.jpg)
E-matching, Conflict-Based, Model-based:• Common thread: satisfiability of + UF + theories is hard!
• E-matching:• Pattern selection, matching modulo theories
• Conflict-based:• Matching is incomplete, entailment tests are expensive
• Model-based:• Models are complex, interpreted domains (e.g. Int) may be infinite
But reasoning about + theories without UF isn’t as bad:• Classic -elimination algorithms are decision procedures for in:
• LRA [Ferrante+Rackoff 79, Loos+Wiespfenning 93] , LIA [Cooper 72], datatypes, …
![Page 134: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/134.jpg)
E-matching, Conflict-Based, Model-based:• Common thread: satisfiability of + UF + theories is hard!
• E-matching:• Pattern selection, matching modulo theories
• Conflict-based:• Matching is incomplete, entailment tests are expensive
• Model-based:• Models are complex, interpreted domains (e.g. Int) may be infinite
But reasoning about + theories without UF isn’t as bad:• Classic -elimination algorithms are decision procedures for in:
• LRA [Ferrante+Rackoff 79, Loos+Wiespfenning 93] , LIA [Cooper 72], datatypes, …• Can classic -elimination algorithms be leveraged in an DPLL(T) context?
• Yes: [Monniaux 2010, Bjorner 2012, Reynolds et al 2015, Bjorner/Janota 2016]
![Page 135: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/135.jpg)
Techniques for Quantifier Instantiation Solver
E-matching
Model Based
Conflict-Based
satEQ is T-satisfiable
Instances of in Q
Generally,used for quantifiers with UF
Generally,used for quantifiers w/o UF
Counterexample-GuidedQ
E
![Page 136: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/136.jpg)
Counterexample-Guided Instantiation CE-Guided
• Variants implemented in number of tools:• Z3 [Bjorner 2012, Bjorner/Janota 2016]• Tools using Z3 as backend: SPACER [Komuravelli et al 2014] UFO [Fedyukovich et al 2016]• Yices [Dutertre 2015]• CVC4 [Reynolds et al 2015]• Boolector [Preiner et al 2017]
• n instances
![Page 137: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/137.jpg)
Counterexample-Guided Instantiation CE-Guided
• High-level idea:• Quantifier elimination (e.g. for LIA) says:
x.ψ[x] ψ[t1] … ψ[tn] for finite n• Enumerate these instances lazily, via a counterexample-guided loop,
that is:(consider the dual of the above: x.ψ[x]ψ[t1] … ψ[tn])
• Terminating: enumerate at most n instances• Efficient in practice: typically terminates after m<<n instances
![Page 138: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/138.jpg)
Counterexample-Guided Instantiation CE-Guided
• High-level idea:• Quantifier elimination (e.g. for LIA) says:
x.y[x] y[t1] … y[tn] for finite n• Enumerate these instances lazily, via a counterexample-guided loop,
that is:Terminating: enumerate at most n instances• Efficient in practice: typically terminates after m<<n instances
(consider the dual)
![Page 139: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/139.jpg)
Counterexample-Guided Instantiation CE-Guided
• High-level idea:• Quantifier elimination (e.g. for LIA) says:
x.ψ[x]ψ[t1] … ψ[tn] for finite n• Enumerate these instances via a counterexample-guided loop, that is:
• Terminating: enumerate at most n instances• Efficient in practice: typically terminates after <<n instances
![Page 140: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/140.jpg)
Counterexample-Guided Instantiation CE-Guided
E,Q contain no uninterpreted functions, only linear arithmetic symbols
x.(x>a x<b x-c<3)Q
a=b+5E
![Page 141: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/141.jpg)
Counterexample-Guided Instantiation CE-Guided
Use counterexample-guided instantiation
CE-GuidedInstantiation
x.(x>a x<b x-c<3)Q
a=b+5E
![Page 142: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/142.jpg)
Counterexample-Guided Instantiation CE-Guided
Use counterexample-guided instantiation
x.(x>a x<b x-c<3)Q
a=b+5ECEGQI
![Page 143: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/143.jpg)
Counterexample-Guided Instantiation CE-Guided
With respect to model-based instantiation:• Similar: based on finding models for Q’s negation
x.(x>a x<b x-c<3)Q
a=b+5ECEGQI
![Page 144: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/144.jpg)
Counterexample-Guided Instantiation CE-Guided
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
E’
Q
E a=b+5
Extend context to include counterexample
…has counterexample k iff k.(k>a k<b k-c<3)
CEGQI
![Page 145: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/145.jpg)
Counterexample-Guided Instantiation CE-Guided
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
E’
Qk
E a=b+5
CEGQI One of two cases…
![Page 146: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/146.jpg)
Counterexample-Guided Instantiation CE-Guided
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
E’
Qk
E a=b+5
sat
CEGQI
If E’ is T-unsatisfiable,all models of E also satisfy Q
1
(since E’EQ╞T implies E╞T Q )
![Page 147: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/147.jpg)
Counterexample-Guided Instantiation CE-Guided
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
E’
Qk
E a=b+5
sat
CEGQI
If E’ is T-unsatisfiable,all models of E also satisfy Q
1
Return an instance based onmodel for E’
2
(since E’EQ╞T implies E╞T Q )
![Page 148: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/148.jpg)
Counterexample-Guided Instantiation CE-Guided
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
E’
Qk
E a=b+5
CEGQI
![Page 149: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/149.jpg)
Counterexample-Guided Instantiation
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
Build modelM for E’
aM=5
bM=0
cM=0
kM=3
E’
Qk
E a=b+5
![Page 150: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/150.jpg)
Counterexample-Guided Instantiation
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
Take lower bounds of k in E’
aM=5
bM=0
cM=0
kM=3
kbkc+3
E’
Qk
E a=b+5
![Page 151: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/151.jpg)
Counterexample-Guided Instantiation
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
Compute their value inM
aM=5
bM=0
cM=0
kM=3
kbkc+3
inM=0=3
E’
Qk
E a=b+5
![Page 152: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/152.jpg)
Counterexample-Guided Instantiation
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
Add instance for lower bound that is maximal inM
aM=5
bM=0
cM=0
kM=3
kbkc+3
x.(x>a x<b x-c<3)c+3>a c+3<b c+3-c<3
=0=3
inME’
Qk
E a=b+5
![Page 153: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/153.jpg)
Counterexample-Guided Instantiation
a=b+5,kakbkc+3
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
aM=5
bM=0
cM=0
kM=3
kbkc+3
x.(x>a x<b x-c<3)c+3>a c+3<b
=0=3
inME’
Qk
E a=b+5
Simplify
![Page 154: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/154.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
aM=5
bM=0
cM=0
kM=3
kbkc+3
x.(x>a x<b x-c<3)c+3>a c+3<b
=0=3
inM
QFSolver
E a=b+5,c+3<b
Q
![Page 155: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/155.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5,c+3<b
Q
![Page 156: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/156.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
a=b+5,c+3<b,kakb
kc+3E’
E a=b+5,c+3<b
Extend context to include counterexample
Qk
![Page 157: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/157.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
Build modelM for E’
aM=5
bM=0
cM=-4
kM=3
a=b+5,c+3<b,kakb
kc+3
E a=b+5,c+3<b
E’
Qk
![Page 158: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/158.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
Take lower bounds of k in E’
kbkc+3
a=b+5,c+3<b,kakb
kc+3
aM=5
bM=0
cM=-4
kM=3
E a=b+5,c+3<b
E’
Qk
![Page 159: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/159.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQIkbkc+3
a=b+5,c+3<b,kakb
kc+3
aM=5
bM=0
cM=-4
kM=3
inM
=0=-1
Compute their value inM
E a=b+5,c+3<b
E’
Qk
![Page 160: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/160.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQIkbkc+3
a=b+5,c+3<b,kakb
kc+3
aM=5
bM=0
cM=-4
kM=3
=0=-1
Add instance for lower bound that is maximal inM
x.(x>a x<b x-c<3)b>a b<b b-c<3
inM
E a=b+5,c+3<b
E’
Qk
![Page 161: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/161.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQIkbkc+3
a=b+5,c+3<b,kakb
kc+3
aM=5
bM=0
cM=-4
kM=3
=0=-1
Simplify
x.(x>a x<b x-c<3)b>a b<c+3
inM
E a=b+5,c+3<b
E’
Qk
![Page 162: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/162.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
x.(x>a x<b x-c<3)b>a b<c+3
E a=b+5,c+3<b
Q
QFSolver
![Page 163: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/163.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
x.(x>a x<b x-c<3)b>a b<c+3
E a=b+5,c+3<b
Q
QFSolver
Backtrack previous decision c+3>a c+3<b
![Page 164: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/164.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
x.(x>a x<b x-c<3)b>a b<c+3
E a=b+5,c+3>a
Q
QFSolver
Backtrack previous decision c+3>a c+3<b
![Page 165: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/165.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q x.(x>a x<b x-c<3)b>a b<c+3
QFSolver
![Page 166: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/166.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q
![Page 167: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/167.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q
a=b+5, c+3>a,b<c+3kakb
kc+3
E’
Extend context to include counterexample
k
![Page 168: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/168.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q
a=b+5, c+3>a,b<c+3kakbkc+3
E’
k
![Page 169: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/169.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q
a=b+5, c+3>a,b<c+3kakbkc+3
E’
k
ab c+3
![Page 170: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/170.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q
a=b+5, c+3>a,b<c+3kakb
kc+3
E’
k
ab c+3
kakb
kc+3
![Page 171: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/171.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q
a=b+5, c+3>a,b<c+3kakbkc+3
E’
k
ab c+3
kakb
kc+3
kakbkc+3 is unsatisfiable
![Page 172: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/172.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q
a=b+5, c+3>a,b<c+3kakbkc+3
E’
k
ab c+3
kakb
kc+3
sat (Since E’ is unsatisfiable)
![Page 173: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/173.jpg)
Counterexample-Guided Instantiation
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E a=b+5, c+3>a,b<c+3
Q
a=b+5, c+3>a,b<c+3kakbkc+3
E’
k
sat
ab c+3
x>a
x<b
x<c+3
x.(x>a x<b x-c<3) holdsDually:
![Page 174: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/174.jpg)
Summary
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E ...
Q
![Page 175: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/175.jpg)
Summary
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E ...
Q
...kakbkc+3
E’
k
Extend context to include counterexample
![Page 176: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/176.jpg)
Summary
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E ...
Q
...kakbkc+3
E’
k
sat …if E’ is unsatisfiable
![Page 177: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/177.jpg)
Summary
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E ...
Q
...kakbkc+3
E’
k
aM=…bM=…cM=…kM=…
M
x.(x>a x<b x-c<3)t>a t<b t-c<3
…select an instance toreturn otherwise
![Page 178: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/178.jpg)
Summary
x.(x>a x<b x-c<3)
CE-Guided
CEGQI
E ...
Q
...kakbkc+3
E’
k
aM=…bM=…cM=…kM=…
M
x.(x>a x<b x-c<3)t>a t<b t-c<3
In general:Requires a
selection functionSelT : E’,M ,k t
![Page 179: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/179.jpg)
Selection Functions CE-Guided
• Selection function gives decision procedure for in various theories:• Linear real arithmetic (LRA)
• Maximal lower (minimal upper) bounds l1<k,…,ln<k {xlmax+δ }[Loos+Wiespfenning 93] …may involve virtual termsd,
• Interior point method: lmax<k<umin {x(lmax+umin)/2}[Ferrante+Rackoff 79]
• Linear integer arithmetic (LIA)• Maximal lower (minimal upper) bounds (+c) l1<k,…,ln<k {xlmax+c }
[Cooper 72]• Bitvectors/finite domains
• Value instantiations … {xkM}• Datatypes, …
Termination argument for each: enumerate at most a finite number of instances
![Page 180: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/180.jpg)
Current Work CE-Guided
• In current work [Reynolds/King/Kuncak FMSD 2017]• Finite selection functions for LRA, LIA, LIRA• Extension to arbitrary quantifier alternations
• Instantiation can be used for quantifier elimination:CEGQI terminates with ψ[t1] … ψ[tn]x.ψ[x] is equivalent to ψ[t1] … ψ[tn]
• Instantiation can be used as basis of synthesis procedures:CEGQI finds ψ[t1] … ψ[tn] is unsat
λx.ite(ψ[t1],t1,…,ite(ψ[tn-1],tn-1,tn)…) is a solution for f in x.ψ[f(x)]Used in CVC4’s synthesis solver [Reynolds et al CAV 2015]
![Page 181: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/181.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
ECEGQI
empty
E,Q contain only bit-vector symbols
![Page 182: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/182.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
![Page 183: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/183.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
Extend context to include counterexample
![Page 184: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/184.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
Build modelM for E’
![Page 185: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/185.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
x.bvshl(x,#0001)bvand(a,#FFFE)bvshl(#0000,#0001)bvand(a,#FFFE)
Add instance for value of kM
![Page 186: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/186.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
x.bvshl(x,#0001)bvand(a,#FFFE)#0000bvand(a,#FFFE)
Simplify
![Page 187: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/187.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
x.bvshl(x,#0001)bvand(a,#FFFE)#0000bvand(a,#FFFE)
#0000bvand(a,#FFFE) QFSolver
![Page 188: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/188.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
#0000bvand(a,#FFFE)
![Page 189: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/189.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
E’ #0000bvand(a,#FFFE)bvshl(k,#0001)=bvand(a,#FFFE)
k
Extend context to include counterexample
#0000bvand(a,#FFFE)
![Page 190: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/190.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
E’ #0000bvand(a,#FFFE)bvshl(k,#0001)=bvand(a,#FFFE)
k
aM=#0002
M
kM=#0004
Build modelM for E’
#0000bvand(a,#FFFE)
![Page 191: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/191.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
E’ #0000bvand(a,#FFFE)bvshl(k,#0001)=bvand(a,#FFFE)
k
aM=#0002
M
kM=#0004
x.bvshl(x,#0001)bvand(a,#FFFE)bvshl(#0004,#0001)bvand(a,#FFFE)
Add instance for value of kM
#0000bvand(a,#FFFE)
![Page 192: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/192.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
E’ #0000bvand(a,#FFFE)bvshl(k,#0001)=bvand(a,#FFFE)
k
aM=#0002
M
kM=#0004
x.bvshl(x,#0001)bvand(a,#FFFE)#0002bvand(a,#FFFE)
#0000bvand(a,#FFFE)
Simplify
![Page 193: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/193.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
x.bvshl(x,#0001)bvand(a,#FFFE)#0002bvand(a,#FFFE)
QFSolver
![Page 194: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/194.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
![Page 195: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/195.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
Extend context to include counterexample
E’ #0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
bvshl(k,#0001)=bvand(a,#FFFE)
k
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
![Page 196: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/196.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
E’ #0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
bvshl(k,#0001)=bvand(a,#FFFE)
k
aM=#0004
M
kM=#0008
Build modelM for E’
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
![Page 197: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/197.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
E’ #0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
bvshl(k,#0001)=bvand(a,#FFFE)
k
aM=#0004
M
kM=#0008
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
x.bvshl(x,#0001)bvand(a,#FFFE)bvshl(#0008,#0001)bvand(a,#FFFE)
Add instance for value of kM
![Page 198: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/198.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
E’ #0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
bvshl(k,#0001)=bvand(a,#FFFE)
k
aM=#0004
M
kM=#0008
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)
x.bvshl(x,#0001)bvand(a,#FFFE)#0004bvand(a,#FFFE)
Simplify
![Page 199: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/199.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)#0004bvand(a,#FFFE)
x.bvshl(x,#0001)bvand(a,#FFFE)#0004bvand(a,#FFFE)
QFSolver
![Page 200: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/200.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)#0004bvand(a,#FFFE)
![Page 201: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/201.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)#0004bvand(a,#FFFE)#0006bvand(a,#FFFE)#0008bvand(a,#FFFE)#000Abvand(a,#FFFE)
...#FFFEbvand(a,#FFFE)
x.bvshl(x,#0001)bvand(a,#FFFE)...
QFSolver
…and repeat 231 times
![Page 202: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/202.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
#0000bvand(a,#FFFE)#0002bvand(a,#FFFE)#0004bvand(a,#FFFE)#0006bvand(a,#FFFE)#0008bvand(a,#FFFE)#000Abvand(a,#FFFE)
...#FFFEbvand(a,#FFFE)
x.bvshl(x,#0001)bvand(a,#FFFE)...
unsat QFSolver
…and repeat 231 times
![Page 203: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/203.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
But what if we had used a differentselection function?
![Page 204: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/204.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
Extend context to include counterexample
![Page 205: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/205.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
Build modelM for E’
![Page 206: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/206.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
M ╞ bvshl(#0000,#0001)=bvand(a,#FFFE)
![Page 207: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/207.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
M ╞ bvshl(#0000,#0001)=bvand(a,#FFFE)
Consider other terms whose value is #0000 is inM…
![Page 208: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/208.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
M ╞ bvshl(#0000,#0001)=bvand(a,#FFFE)
bvshr(a,#0001)M bvand(a,#0001)MaM ...
=
bvmul(a,b)M
![Page 209: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/209.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
M ╞ bvshl(bvshr(a,#0001),#0001)=bvand(a,#FFFE)
![Page 210: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/210.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
E
CEGQI
empty
bvshl(k,#0001)=bvand(a,#FFFE)E’
k
aM=#0000
M
kM=#0000
x.bvshl(x,#0001)bvand(a,#FFFE)bvshl(bvshr(a,#0001),#0001)bvand(a,#FFFE)
![Page 211: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/211.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
CEGQI
x.bvshl(x,#0001)bvand(a,#FFFE)bvshl(bvshr(a,#0001),#0001)bvand(a,#FFFE)
QFSolver
bvshl(bvshr(a,#0001),#0001)bvand(a,#FFFE)E
![Page 212: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/212.jpg)
CEGQI for Bit-Vectors CE-Guided
x.bvshl(x,#0001)bvand(a,#FFFE)Q
CEGQI
GroundSolver
bvshl(bvshr(a,#0001),#0001)bvand(a,#FFFE)E unsat
Single instance suffices to show thisinput is unsatisfiable
…found using selection function SelT : E’,M ,k twhich returns terms whose interpretation is equal to k’s inM
![Page 213: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/213.jpg)
CEGQI for Bit-Vectors CE-Guided
• Ongoing work: model-based selection functions for bit-vectors that:• Choose symbolic terms based on algebraic reasoning
• E.g. many bit-vector operators are (partially) invertible:
• Related work on bit-vectors:• MBQI for +BV [Wintersteiger et al 2013]• Incremental determinization for QBF [Rabe et al SAT 2016]• Syntax-guided synthesis for +BV [Preiner et al TACAS 2017]
bvadd(bvsub(a,n),n)=abvshl(bvshr(a,#0001),#0001)=a when bvand(a,#FFFE)=#x0000bvand(bvor(a,n),~n)=a when bvand(a,n)=#x0000
![Page 214: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/214.jpg)
Summary
• Quantifier Instantiation Beyond E-matching, via:• Conflict-based, Model-Based Instantiation
• Effective in practice for that highly involve UF• Conflict-Based is useful for “unsat”• Model-Based is useful for “sat”
• Counterexample-guided Instantiation• Decision procedure for +LRA, +LIA, +BV, …
![Page 215: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/215.jpg)
Future Challenges
• How do we develop instantiations procedures for +new theories?• Ongoing work on +bit-vectors• Also interested in +strings, +floating-points, +finite sets, etc.
• How do we combine instantiation procedures for +UF+theories?• E.g. we have E-matching for +UF, counterexample-guided for + theories
…to what extent can these techniques be combined?
• How can we leverage first-order instantiation for higher-order problems?• E.g. synthesis conjectures, higher-order theorem proving
![Page 216: Quantifier Instantiation Beyond E-Matching - The SMT Workshopsmt-workshop.cs.uiowa.edu/2017/slides/smt2017-ajr.pdfTimeline of Modern SMT Solvers for (Approximate) 1990 2000 2010 2017](https://reader030.vdocuments.us/reader030/viewer/2022011911/5f903264837ab8412734a338/html5/thumbnails/216.jpg)
• Techniques in this talk implemented in CVC4• Open source• Available at : http://cvc4.cs.stanford.edu/web/
• …Thanks for listening!