linear quantifier elimination as an abstract decision procedure
DESCRIPTION
Linear Quantifier Elimination as an Abstract Decision Procedure. Nikolaj Bjørner Microsoft Research. What, Why and How. What Why – actually SMT Applications use Quantifiers How Interleave Quantifier-Elimination steps with DPLL(T) loop. Linear QE is cool and macho. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/1.jpg)
Linear Quantifier Elimination as an
AbstractDecision
ProcedureNikolaj BjørnerMicrosoft Research
![Page 2: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/2.jpg)
What
Why – actually
SMT Applications use Quantifiers
How Interleave Quantifier-Elimination
stepswith DPLL(T) loop.
What, Why and How
![Page 3: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/3.jpg)
Linear QE is cool and macho
Should we call it Quantifier Termination?
Bug found by SLAyerusing Z3’s QE procedure
![Page 4: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/4.jpg)
Linear QE is CLASSICAL
Long history:Presburger, Büchi, Cooper, Oppen, Fischer&Rabin, Pugh, Klaedtke, Boudet&Comon, Boigelot&Wolper, …
Many tools:REDLOG, -package, QEPCAD, LIRA, LDD, LASH, MONA, Mjolnir, Isabelle, HOL-light, ….
![Page 5: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/5.jpg)
A Rough Picture of Current Approach
FourierMotzkin
Omega Test
Loos-Weispfennin
gCooper
Resolution
Case split+ Virtual subst
Abstract Decision
Proc
Abstract Decision
Proc
Case split+ Resolution
![Page 6: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/6.jpg)
Opportunity
SMT solvers use are good at Boolean combinations of quantifier free formulas.
is SAT
![Page 7: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/7.jpg)
OpportunityAll-SMT enumerates satisfiable branches
has 8 satisfiable cases. Shorter than
![Page 8: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/8.jpg)
OpportunityAll-SMT enumerates satisfiable branches
Can be used for DNF enumeration For QE procedures tuned to DNF[Monniaux LPAR 2008]
Minimize monomesCompares several different QE procedures
Also suggested in [de Moura, Ruess, Sorea CAV 2003]
![Page 9: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/9.jpg)
OpportunityLinear Quantifier Elimination in Verification
SLAyer: A Separation Logic Prover
Y Symbolic Execution and Abstraction
Predicate Abstraction:[Chaki, Gurfinkel, Strichmann FMCAD 09]Linear Decision Diagrams LDD
![Page 10: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/10.jpg)
Any news?
Virtual Substitutions = Bounds + Resolution
Embed QE case splits into DPLL(LA)
A new twist on Presburger QE:Cooper + Resolution from the -testDistributed Divisibility Constraints
Practicalities:Use LA solvers to prune search earlySolve integer equalitiesParallel vs. Sequential EliminationHandling finite range arithmetic efficiently
![Page 11: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/11.jpg)
Loos-Weispfenning Abstract QE(LRA)
Terms
Atoms
Formulas
𝑥𝑖𝑠𝑙𝑎𝑟𝑔𝑒𝑥𝑖𝑠𝑡𝑘
𝑙𝑢𝑏 .𝑜𝑓 𝑥𝑖𝑠 𝑡𝑖
![Page 12: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/12.jpg)
𝑡1 𝑡 3
𝑠1
𝜑 [𝑥<𝑡1 ,𝑥<𝑡2 ,𝑥=𝑡3 ,𝑥>𝑠1 ,𝑥>𝑠2]
𝒕𝒓𝒖𝒆𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆
𝑡 2
𝒇𝒂𝒍𝒔𝒆𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆
𝑠2
𝑡1 𝑖𝑠𝑙𝑢𝑏 . 𝑓𝑜𝑟 𝑥
![Page 13: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/13.jpg)
𝑡1 𝑡 3
𝑠1
𝜑 [𝑥<𝑡1 ,𝑥<𝑡2 ,𝑥=𝑡3 ,𝑥>𝑠1 ,𝑥>𝑠2]
𝑡 2
𝒇𝒂𝒍𝒔𝒆𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆𝒇𝒂𝒍𝒔𝒆𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆 𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆
𝑠2
𝑡 2<𝑥
![Page 14: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/14.jpg)
𝑡1 𝑡 3
𝑠1
𝜑 [𝑥<𝑡1 ,𝑥<𝑡2 ,𝑥=𝑡3 ,𝑥>𝑠1 ,𝑥>𝑠2]
𝑡 2
𝒇𝒂𝒍𝒔𝒆𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆 𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆𝒕𝒓𝒖𝒆𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆
𝑠2
𝑡 3=𝑥
![Page 15: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/15.jpg)
𝑡1 𝑡 3
𝑠1 𝑠2
𝜑 [𝑥<𝑡1 ,𝑥<𝑡2 ,𝑥=𝑡3 ,𝑥>𝑠1 ,𝑥>𝑠2]
𝑡 2
𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆𝒕𝒓𝒖𝒆𝒕𝒓𝒖𝒆 𝒇𝒂𝒍𝒔𝒆𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆 𝒇𝒂𝒍𝒔𝒆𝒕𝒓𝒖𝒆𝒕𝒓𝒖𝒆𝑥𝑖𝑠𝑏𝑖𝑔𝑔𝑒𝑟 h𝑡 𝑎𝑛𝑡 1 , 𝑡 2 , 𝑡3 , 𝑠1 ,𝑠2
𝑡1 𝑖𝑠𝑙𝑢𝑏 . 𝑓𝑜𝑟 𝑥 ,𝑡 2𝑖𝑠 𝑙𝑢𝑏 . 𝑓𝑜𝑟 𝑥 , 𝑡3=𝑥 , 𝑥𝑖𝑠𝑏𝑖𝑔𝑔𝑒𝑟 h𝑡 𝑎𝑛𝑡 1 , 𝑡 2 , 𝑡3 , 𝑠1 ,𝑠2
![Page 16: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/16.jpg)
Loos-Weispfenning Abstract QE(LRA)
Terms
Atoms
Formulas
𝑥𝑖𝑠𝑙𝑎𝑟𝑔𝑒𝑥𝑖𝑠𝑡𝑘
𝑙𝑢𝑏 .𝑜𝑓 𝑥𝑖𝑠 𝑡𝑖
![Page 17: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/17.jpg)
Loos-Weispfenning Abstract QE(LRA)
Terms
Atoms
Formulas
𝑥𝑖𝑠𝑙𝑎𝑟𝑔𝑒𝑥𝑖𝑠𝑡𝑘
𝑙𝑢𝑏 .𝑜𝑓 𝑥𝑖𝑠 𝑡𝑖
![Page 18: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/18.jpg)
Loos-Weispfenning Abstract QE(LRA)
Terms
Atoms
Formulas
𝑥𝑖𝑠𝑙𝑎𝑟𝑔𝑒𝑥𝑖𝑠𝑡𝑘
𝑙𝑢𝑏 .𝑜𝑓 𝑥𝑖𝑠 𝑡𝑖
![Page 19: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/19.jpg)
Loos-Weispfenning Abstract QE(LRA)
Terms
Atoms
Formulas
𝑥𝑖𝑠𝑙𝑎𝑟𝑔𝑒𝑥𝑖𝑠𝑡𝑘
𝑙𝑢𝑏 .𝑜𝑓 𝑥𝑖𝑠 𝑡𝑖
![Page 20: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/20.jpg)
Loos-Weispfenning Abstract QE(LRA)
Terms
Atoms
Formulas
𝑥𝑖𝑠𝑙𝑎𝑟𝑔𝑒𝑥𝑖𝑠𝑡𝑘
𝑙𝑢𝑏 .𝑜𝑓 𝑥𝑖𝑠 𝑡𝑖
![Page 21: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/21.jpg)
Loos-Weispfenning Abstract QE(LRA)
Terms
Atoms
Formulas
𝑥𝑖𝑠𝑙𝑎𝑟𝑔𝑒𝑥𝑖𝑠𝑡𝑘
𝑙𝑢𝑏 .𝑜𝑓 𝑥𝑖𝑠 𝑡𝑖
![Page 22: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/22.jpg)
Loos-Weispfenning Abstract QE(LRA)
Terms
Atoms
Formulas
![Page 23: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/23.jpg)
Loos-Weispfenning Abstract QE(LRA)
¿ 𝑖¬ (𝑥<𝑡𝑖 )∧¿𝑘¬ (𝑥=𝑡𝑘 )∧ ¿ 𝑗 𝑥>𝑠 𝑗¿¿
𝑥=𝑡𝑘∧¿𝑘 ′ (𝑥=𝑡𝑘 ′→ 𝑡𝑘=𝑡𝑘 ′ )∧ ¿ 𝑖 (𝑥<𝑡𝑖→𝑡𝑘<𝑡𝑖 )∧ ¿ 𝑗(𝑥>𝑠 𝑗→ 𝑡𝑘>𝑠 𝑗)¿ ¿
𝑥<𝑡𝑖∧¿𝑘¬ (𝑥=𝑡𝑘 )∧¿ 𝑖 ′ (𝑥<𝑡𝑖 ′→𝑡 𝑖≤𝑡 𝑖 ′ )∧¿ 𝑗 (𝑥>𝑠 𝑗→𝑡 𝑖>𝑠 𝑗)¿¿
![Page 24: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/24.jpg)
Loos-Weispfenning Abstract QE(LRA)
¿ 𝑖¬ (𝑥<𝑡𝑖 )∧¿𝑘¬ (𝑥=𝑡𝑘 )∧ ¿ 𝑗 𝑥>𝑠 𝑗¿¿
𝑥=𝑡𝑘∧¿𝑘 ′ (𝑥=𝑡𝑘 ′→ 𝑡𝑘=𝑡𝑘 ′ )∧ ¿ 𝑖 (𝑥<𝑡𝑖→𝑡𝑘<𝑡𝑖 )∧ ¿ 𝑗(𝑥>𝑠 𝑗→ 𝑡𝑘>𝑠 𝑗)¿ ¿
𝑥<𝑡𝑖∧¿𝑘¬ (𝑥=𝑡𝑘 )∧¿ 𝑖 ′ (𝑥<𝑡𝑖 ′→𝑡 𝑖≤𝑡 𝑖 ′ )∧¿ 𝑗 (𝑥>𝑠 𝑗→𝑡 𝑖>𝑠 𝑗)¿¿
𝜑 [ 𝑥↦∞ ]
𝜑 [𝑥↦𝑡 𝑖−𝜖 ]𝜑 [𝑥↦𝑡𝑘 ]
![Page 25: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/25.jpg)
The Abstract Decision Procedure
propagate decide
decide
decide
Eliminate x
𝑥<𝑡𝑖∧¿𝑘¬ (𝑥=𝑡𝑘 )∧¿ 𝑖 ′ (𝑥<𝑡𝑖 ′→𝑡 𝑖≤𝑡 𝑖 ′ )∧¿ 𝑗 (𝑥>𝑠 𝑗→𝑡 𝑖>𝑠 𝑗)¿¿¿ 𝑖¬ (𝑥<𝑡𝑖 )∧¿𝑘¬ (𝑥=𝑡𝑘 )∧ ¿ 𝑗 𝑥>𝑠 𝑗¿¿
[x↦φ
Non-chronological backtracking works across elimination splits
![Page 26: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/26.jpg)
Cooper+ Abstract QE(LIA)
Terms
Atoms
Formulas
![Page 27: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/27.jpg)
Cooper+ Abstract QE(LIA)
¿ 𝑖¬ (𝑎𝑥≤ 𝑡𝑖 )∧ ¿ 𝑗 (𝑏𝑥 ≥𝑡 𝑗 )¿
𝑎𝑖𝑥 ≤ 𝑡𝑖∧¿ 𝑖 ′ (𝑎𝑖 ′ 𝑥≤ 𝑡𝑖 ′→𝑎𝑖 ′ 𝑡𝑖≤𝑎𝑖𝑡 𝑖 ′ )∧¿ 𝑗¿¿
𝜑 [ 𝑥↦∞ ]
𝜑 [𝑥↦⌊𝑡𝑖𝑎𝑖
⌋ 𝑖𝑠𝑙𝑢𝑏 .]
![Page 28: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/28.jpg)
Cooper+ Abstract QE(LIA)
Resolving integer inequalities:
(∃𝑥 .𝑎𝑥≤ 𝑡∧𝑏𝑥 ≥𝑠 )≡𝑟𝑒𝑠𝑜𝑙𝑣𝑒 (𝑎𝑥≤ 𝑡 ,𝑏𝑥 ≥𝑠 )
n x m-ary version in [Pugh 92]
![Page 29: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/29.jpg)
Cooper+ Abstract QE(LIA)
𝛿=𝑙𝑐𝑚 (𝑐𝑘 )−1
𝑥↦𝑥 𝛿+𝑢
Eliminating divisibility
![Page 30: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/30.jpg)
PracticalitiesUse LA solvers to prune search early
Efficient LA solvers eliminate infeasible casesIdentify satisfiable pure formulas
Linear Diophantine Equation solving, e.g., [Pugh 92]
Elimination Order: Sequential vs. Parallel
Handling finite range arithmetic efficiently In context of Z3: Reduce finite range arithmetic to bit-vector theory
𝑦 𝑥∃𝑥𝑦𝜑 ∃𝑥𝜓 𝜃 𝑦𝑥
∃𝑥𝑦𝜑 𝜃
![Page 31: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/31.jpg)
Selective ExperimentsFM/-SMS: All-SMT loop +Fourier-Motzkin elimination
LW/C-SMT: All-SMT loop +Cooper/LW elimination
LW/C-Plain: Only SMT on pure formulas.
Mix-Model: Use Model to guide split.
Mix-SMT: Method presented here.
Would have been much worse without SMT on pure formulasSMT is a waste of time on random formulas
Mix-SMT cheaper than DNF based branching
![Page 32: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/32.jpg)
SummaryLinear Quantifier Eliminination Integrated as an abstract decision procedure.
Similar procedures for other theories:Term AlgebrasArrays (very partially)
Available in Z3 using ELIM_QUANTIFIERS=true
![Page 33: Linear Quantifier Elimination as an Abstract Decision Procedure](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812af3550346895d8ed9fa/html5/thumbnails/33.jpg)
Term Algebra (and co-term algebras)
Terms
Atoms
Formulas
𝑢𝑖 ,𝜓 𝑖=𝑠𝑜𝑙𝑣𝑒𝑥(𝑡 ¿¿ 𝑖 [ 𝑥 ]=𝑠𝑖)¿