the smt lib 2 standard overview and proposed new theories
play

The SMT-LIB 2 Standard: Overview and Proposed New Theories Philipp - PowerPoint PPT Presentation

Dec 19, 2023 •581 likes •832 views

The SMT-LIB 2 Standard: Overview and Proposed New Theories Philipp Rmmer Oxford University Computing Laboratory philr@comlab.ox.ac.uk Third Workshop on Formal and Automated Theorem Proving and Applications Belgrade, Serbia 29 January 2010

  1. The SMT-LIB 2 Standard: Overview and Proposed New Theories Philipp Rümmer Oxford University Computing Laboratory philr@comlab.ox.ac.uk Third Workshop on Formal and Automated Theorem Proving and Applications Belgrade, Serbia 29 January 2010 1 / 23

  2. Outline Overview of SMT-LIB 2, comparison with version 1 Joint work by somebody else Set-theoretic datatypes for the SMT-LIB Finite sets, lists, maps, relations Joint work with Daniel Kroening, Georg Weissenbacher Floating-point arithmetic for the SMT-LIB Joint work with Thomas Wahl 2 / 23

  3. The SMT-LIB Standard SMT → S atisfiability M odulo T heories SMT-LIB is . . . a standardised input format for SMT solvers (since 2003) a standardised format for exchanging SMT problems a library of more than 90 000 SMT benchmarks the basis for the annual SMT competition (this year: on FLoC) Relevant for verification + program analysis tool: Krakatoa, Caduceus, ESC/Java2, Spec#, VCC, Havoc, Pex, CBMC, F7, . . . 3 / 23

  4. Example in SMT-LIB Format (Version 1) (benchmark Ensures_Q_noinfer_2 :source { Boogie/Spec# benchmarks. } :logic AUFLIA [...] :extrapreds (( InRange Int Int )) :extrafuns (( this Int )) :extrafuns (( intAtLeast Int Int Int )) [...] :assumption (forall (?t Int) (?u Int) (?v Int) (implies (and (subtypes ?t ?u) (subtypes ?u ?v)) (subtypes ?t ?v)) :pat (subtypes ?t ?u) (subtypes ?u ?v)) [...] :formula (not (implies (implies (implies (implies (and (forall (?o Int) (?F Int) (implies (and (= ?o this) (= ?F X)) (= (select2 H ?o ?F) 5))) (implies (forall (?o Int) (?F Int) (implies (and (= ?o this) (= ?F X)) (= (select2 H ?o ?F) 5))) (implies true true))) (= ReallyLastGeneratedExit_correct Smt.true)) (= ReallyLastGeneratedExit_correct Smt.true)) (= start_correct Smt.true)) (= start_correct Smt.true)))) 4 / 23

  5. Example in SMT-LIB Format (Version 1) (benchmark Ensures_Q_noinfer_2 :source :logic Preamble + problem logic/category [...] :extrapreds :extrafuns Problem signature: sorts, functions, predicates :extrafuns [...] :assumption Premises + axioms [...] :formula Verification condition ) 4 / 23

  6. Versions of SMT-LIB Latest “stable” version 1.2 Introduced 2006 Supported by virtually all SMT solvers Theories: arrays, bit-vectors, integers, reals Upcoming version 2.0 Proposed July 2009 1 Improvements + simplifications over 1.2 . . . next slides More flexible w.r.t. combination of theories But: semantics similar to 1.2 1 Working group: Clark Barrett, Sylvain Conchon, Bruno Dutertre, Jim Grundy, Leonardo de Moura, Albert Oliveras, Aaron Stump, Cesare Tinelli 5 / 23

  7. The Brave New World (of SMT-LIB 2)

  8. 1. Sort Constructors SMT-LIB 1 SMT-LIB 2 Only nullary sort constructors: Sort constructors of any arity: :sorts (Int) :sorts ((Array 2)) [...] [...] :extrasorts (U T) :extrasorts ((List 1) U T) Types are atomic: Types can be compound: :extrafuns :extrafuns ((f T T)) ((f T (Array U T))) 7 / 23

  9. 2. Theory Schemas SMT-LIB 1 SMT-LIB 2 Theories are monomorphic: Parametric polymorphism in theories: (theory Int_Arrays (theory Array :sorts (Int Array) :sorts ((Array 2)) :funs :funs ((select Array Int Int) ((par (X Y) (store Array Int Int (select Array) (Array X Y) X Y)) [...] (par (X Y) )) (store (Array X Y) X Y (Array X Y))) [...] )) 8 / 23

  10. 3. Symbol Overloading SMT-LIB 1 SMT-LIB 2 Unique operator names: Symbol overloading: :sorts (Int) :sorts (Int) :funs ((~ Int Int) :funs ((- Int Int) (- Int Int Int) (- Int Int Int) (+ Int Int Int)) (+ Int Int Int)) [...] [...] :sorts (BitVec) :sorts (BitVec) :funs :funs ((- BitVec BitVec)) ((bvneg BitVec BitVec)) 9 / 23

  11. 4. No Formula/Term Distinction SMT-LIB 1 SMT-LIB 2 Formulae � = terms, Bool is simply a sort: predicates � = functions: :extrapreds :extrafuns ((divides Int Int)) ((divides Int Int Bool) :extrafuns (prime (Array Int Bool))) ((succ Int Int)) Only terms can be and , or , = , . . . function/predicate arguments are just functions Work-arounds: reflection, ite operator 10 / 23

  12. 5. Standardised Command Language Text-based interface to SMT solvers: > (set-logic AUFLIA) > (declare-fun a () Int) > (declare-fun b () Int) > (assert (= (* 8 a) (* 4 b))) > (push) > (assert (forall ((x Int)) (not (= b (* 2 x))))) > (check-sat) unsat > (pop) [...] Apparently: Interface will replace the old benchmark file format 11 / 23

  13. Proposals for Additional SMT-LIB 2 Theories

  14. Theories of Set-Theoretic Datatypes We propose to add datatypes inspired by VDM-SL Tuples Lists (Finite) Sets (Finite) Partial Maps Main applications for us: Bounded Model Checking for C, C++ (CBMC) Model-based test-case generation (UML/OCL, Simulink/Stateflow, Lustre) Analysis of requirements + architecture specifications System development in Event-B, VDM 13 / 23

  15. SMT-LIB 2 Theory Schemas Tuples Sets Lists Maps (Tuple n (Set T) (List T) (Map S T) T 1 ... T n ) ∅ [ ] ∅ tuple emptySet nil emptyMap ( x 1 , . . . , x n ) x :: L f ( x ) insert cons apply M ∪ { x } project head overwrite x k ∈ in tail < + ⊆ product subset append domain � M 1 × · · · × M n ∪ | l | union length range ∩ inter nth l k restrict ⊳ \ – setminus inds subtract ⊳ | M | { 1 , . . . , | l |} card elems { l 1 , . . . , l | l | } 14 / 23

  16. Example: Verification Cond. Generated by VDMTools In VDM-SL notation: � � ∀ l : L ( Z ) , i : N . i ∈ inds ( l ) ⇒ ∀ j ∈ inds ( l ) \ { i } . j ∈ inds ( l ) In SMT-LIB notation: (forall ((l (List Int)) (i Int)) (implies (and (>= i 0) (in i (inds l))) (forall (j Int) (implies (in j (setminus (inds l) (insert i emptySet))) (in j (inds l)))))) 15 / 23

  17. Status of the Proposal Syntax + Semantics of theories is defined ⇒ In collaboration with Cesare Tinelli Parser + type checker + converter to SMT-LIB 1 available (using a rather naive axiomatisation of the datatypes) Meaningful sublogics still to be identified We have a small initial collection of benchmarks ⇒ More to be converted from Event-B VCs ⇒ Further benchmarks would be welcome http://www.cprover.org/SMT-LIB-LSM/ 16 / 23

  18. Floating-Point Arithmetic (FPA) Binary floating-point numbers (IEEE 754-2008) ( − 1 ) s · m · 2 e | ( m , e ) ∈ E , s ∈ { 0 , 1 } � � ❋ = = { NaN , + ∞ , −∞ , 0 − , . . . } where: s . . . sign m . . . mantissa/significand e . . . exponent Standard mathematical operations + rounding (defined more or less ambiguously in IEEE 754-2008) Important for embedded software, control software, etc. 17 / 23

  19. A Theory of Floating-Point Arithmetic (FPA) So far: no SMT solvers with FPA support Correct reasoning about FPA is hard Precise encoding: hard for automatic solvers (but works for interactive proof assistants) Interval arithmetic: sound but imprecise, no models (bad for test cases) Rational arithmetic: only an approximation (unsound in certain settings) Main applications for us: Bounded model checking for Simulink/Stateflow Test-case generation 18 / 23

  20. Abstraction for Floating-Point Arithmetic [FMCAD’09] New reasoning approach: Precise SAT encoding combined with mixed over/under-approximation Outperforms naive SAT encoding + can generate models Prototypical implementation as part of CBMC Planned: move implementation to an SMT solver ⇒ SMT-LIB interface is needed! 19 / 23

  21. An SMT-LIB Theory of FPA (work in progress) Goals Model FPA core that is relevant for reasoning + verification Not considered: Exact error handling, bit-precise encoding, . . . Precise + concise definition of FPA semantics Useable syntax http://www.cprover.org/SMT-LIB-Float/ 20 / 23

  22. Example: FPA Problem in SMT-LIB :extrafuns ((x (ind FP 11 53)) (y (ind FP 11 53))) :problem (exists ((z (ind FP 11 53))) (= (+ roundTowardZero x z) y)) 64-bit floating-point arithmetic (double precision) ⇒ 11 bit exponent, 53 bit significand ind notation is used for indexed types ⇒ (ind FP 11 53) means FP 11 , 53 + is ternary: first argument is rounding mode 21 / 23

  23. Conclusion Overview of SMT-LIB 2 Datatypes of sets, lists, maps, relations Floating-point arithmetic Trade-off when defining theories: Generality → good for users Implementation complexity → good for tool writers Decidability ⇒ We hope that we have found a good compromise ⇒ Feedback is welcome! 22 / 23

  24. Thanks for your attention! Don’t forget about . . . Ad Logics for Systems Analysis — LfSA’10 Workshop affiliated with LICS and IJCAR at FLoC July 15th 2010 http://www.ls.cs.cmu.edu/LfSA10/ 23 / 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Overview Full Non-standard Satisfaction Predicates Sequential Theories Full Non-standard

Overview Full Non-standard Satisfaction Predicates Sequential Theories Full Non-standard

Full Non-standard Satisfaction S EQUENTIAL T HEORIES Predicates Sequential Theories Ali Enayat &amp; Albert Visser Department of Philosophy, Faculty of Humanities, Utrecht University Kotlarski-Ratajczyk Conference July 24, 2012, B edlewo

433 views • 19 slides
Proposed Carbon Pollution Standard For New Power Plants April 2, 2012 Overview Sources of

Proposed Carbon Pollution Standard For New Power Plants April 2, 2012 Overview Sources of

Proposed Carbon Pollution Standard For New Power Plants April 2, 2012 Overview Sources of Carbon Pollution Summary of Todays Action Proposed standard Flexibilities Transitional sources Why This Standard is Needed

448 views • 11 slides
Theories within Theories Berislav Zarni c Physics and Philosophy, Split, July 2012

Theories within Theories Berislav Zarni c Physics and Philosophy, Split, July 2012

Theories within Theories Berislav Zarni c Physics and Philosophy, Split, July 2012 University of Split, Croatia (Hrvatska) Theories within Theories 1 / 23 Overview In this talk I will try to sketch the grounds for repositioning

507 views • 23 slides
Pilot Project - ED 01/18 Proposed Auditing Standard ASA 315 Identifying and Assessing the Risks of

Pilot Project - ED 01/18 Proposed Auditing Standard ASA 315 Identifying and Assessing the Risks of

Pilot Project - ED 01/18 Proposed Auditing Standard ASA 315 Identifying and Assessing the Risks of Material Misstatement Rod Whitehead Auditor-General Outline Proposed auditing standard ASA 315 future changes ASA 315 pilot project

451 views • 18 slides
A An Overview of O i f Solar Eruption Theories Solar Eruption Theories G. S. Choe G. S.

A An Overview of O i f Solar Eruption Theories Solar Eruption Theories G. S. Choe G. S.

2009 Laboratory, Space, and Astrophysical Plasma Workshop 20 February 2009 A An Overview of O i f Solar Eruption Theories Solar Eruption Theories G. S. Choe G. S. Choe School of Space Research Kyung Hee University i i Yongin, Korea

603 views • 48 slides
Outline Classification of first-order theories Simple theories NIP theories NTP 2 Space of

Outline Classification of first-order theories Simple theories NIP theories NTP 2 Space of

Generalizations of stability and NTP 2 Artem Chernikov University Lyon 1 / HUJI Geometrie et Theorie des Modeles, Paris, 6 Apr 2012 Outline Classification of first-order theories Simple theories NIP theories NTP 2 Space of types Let T be

480 views • 30 slides
Search for Supersymmetry Standard Model : success and problems Grand Unified Theories

Search for Supersymmetry Standard Model : success and problems Grand Unified Theories

Vorlesung 11: Search for Supersymmetry Standard Model : success and problems Grand Unified Theories (GUT) Supersymmetrie (SUSY) theory direct search (pre-LHC) indirect search LHC results Tevatron and LHC

556 views • 29 slides
BODY AND SOUL Biological Theories of Generation and Theological Theories of Ensoulm ent

BODY AND SOUL Biological Theories of Generation and Theological Theories of Ensoulm ent

BODY AND SOUL Biological Theories of Generation and Theological Theories of Ensoulm ent OVERVIEW OF PRESENTATION History of Embryological Theories Views of the Soul Putting Body and Soul Together Ethical Implications

397 views • 23 slides
Subcommittee on Standards Proposed Operating Rules for Standard Transactions for Prior

Subcommittee on Standards Proposed Operating Rules for Standard Transactions for Prior

Subcommittee on Standards Proposed Operating Rules for Standard Transactions for Prior Authorization and Connectivity for certain adopted standard transactions August 25-26, 2020 1 zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Co-Chair

637 views • 11 slides
EPAs Proposed Revisions to the National Ambient Air Quality Standard (NAAQS) for Ozone

EPAs Proposed Revisions to the National Ambient Air Quality Standard (NAAQS) for Ozone

EPAs Proposed Revisions to the National Ambient Air Quality Standard (NAAQS) for Ozone Donnie Redmond Ambient Monitoring Section Chief 1 Ozone NAAQS Background Current standard is 75 ppb Established in 2008 Entire state now

406 views • 13 slides
Chapter 3 Theories Behind Gamification of Learning and Instruction Overview What learning

Chapter 3 Theories Behind Gamification of Learning and Instruction Overview What learning

Chapter 3 Theories Behind Gamification of Learning and Instruction Overview What learning theories support the use of games within the instructional process? What elements of motivational theory apply to the gamification of learning and

312 views • 16 slides
Assurance and Strategic Partnership with Standard Life Aberdeen plc 23 February 2018 1 Agenda

Assurance and Strategic Partnership with Standard Life Aberdeen plc 23 February 2018 1 Agenda

Proposed acquisition of Standard Life Assurance and Strategic Partnership with Standard Life Aberdeen plc 23 February 2018 1 Agenda Transaction overview Clive Bannister | Group Chief Executive FY17 performance and financial benefits of

508 views • 34 slides
Enriched Lawvere Theories theories for Operational Semantics Lawvere theories enriched theories

Enriched Lawvere Theories theories for Operational Semantics Lawvere theories enriched theories

Enriched Lawvere Theories for Operational Semantics John C. Baez Christian Williams Introduction Enriched Lawvere Theories theories for Operational Semantics Lawvere theories enriched theories enrichment enriched categories enriched

573 views • 23 slides
Will EPAs Proposed Ozone Air Quality Standard Have an Impact on Your County? NACos

Will EPAs Proposed Ozone Air Quality Standard Have an Impact on Your County? NACos

Will EPAs Proposed Ozone Air Quality Standard Have an Impact on Your County? NACos Environment, Energy and Land Use (EELU) Steering Subcommittees Education Session February 21, 2015 Washington, DC Ted Steichen Are you impacted Now?

664 views • 24 slides
Proposed Standard of GRAP on Living and Non-living Resources Background DP 10 Accounting for

Proposed Standard of GRAP on Living and Non-living Resources Background DP 10 Accounting for

Proposed Standard of GRAP on Living and Non-living Resources Background DP 10 Accounting for Living and Non-Living Resources issued August 2014 Comment due January 2015 Considered comment agreed to develop a Standard of GRAP

560 views • 35 slides
Motivation and Overview Overview Spaces of Superconformal field theories in 4D N = 4 SYM is

Motivation and Overview Overview Spaces of Superconformal field theories in 4D N = 4 SYM is

2D CFTs for a class of 4D N = 1 theories Vladimir Mitev PRISMA Cluster of Excellence, Institut f ur Physik, THEP , Johannes Gutenberg Universit at Mainz IGST Paris, July 18 2017 [V. Mitev, E. Pomoni, arXiv:1703.00736] Motivation and

675 views • 67 slides
Who We Are Our mission at CFED is to make it possible for millions of

Who We Are Our mission at CFED is to make it possible for millions of

Who We Are Our mission at CFED is to make it possible for millions of people to achieve financial security and contribute to an opportunity economy. How do we do it We push to expand innovative

474 views • 35 slides
Amy Cisler, OTR/L acisler@uw.edu Kristine Osmond, OTR/L kho2@uw.edu Learning Objectives

Amy Cisler, OTR/L acisler@uw.edu Kristine Osmond, OTR/L kho2@uw.edu Learning Objectives

Amy Cisler, OTR/L acisler@uw.edu Kristine Osmond, OTR/L kho2@uw.edu Learning Objectives Participants will have an understanding of the main considerations when deciding on which smartphone to purchase. Participants will gain knowledge of

673 views • 50 slides
Why IoT IoT Domain IoT Data Characteristics Massive data: 20.4 Billion connected Growing

Why IoT IoT Domain IoT Data Characteristics Massive data: 20.4 Billion connected Growing

Why IoT IoT Domain IoT Data Characteristics Massive data: 20.4 Billion connected Growing fast, impact on IoT Visualization our life thing by 2020 (Data Volume) Industries are putting e ff ort: Real-time integration of devices

146 views • 3 slides
Expert Systems Byoung-Tak Zhang TA: Hyo-Sun Chun School

Expert Systems Byoung-Tak Zhang TA: Hyo-Sun Chun School

4190.408 2015-Spring Expert Systems Byoung-Tak Zhang TA: Hyo-Sun Chun School of Computer Science and Engineering Seoul NaHonal

545 views • 28 slides
Declarao de conflito de interesse No recebi qualquer forma de pagamento ou auxlio

Declarao de conflito de interesse No recebi qualquer forma de pagamento ou auxlio

Newton Busso Declarao de conflito de interesse No recebi qualquer forma de pagamento ou auxlio financeiro de entidade pblica ou privada para pesquisa ou desenvolvimento de mtodo diagnstico ou teraputico ou ainda, tenho qualquer

726 views • 35 slides
Numerical Computations and Formal Methods Guillaume Melquiond Proval, Laboratoire de Recherche en

Numerical Computations and Formal Methods Guillaume Melquiond Proval, Laboratoire de Recherche en

Program verification Formal arithmetic Decision procedures Numerical Computations and Formal Methods Guillaume Melquiond Proval, Laboratoire de Recherche en Informatique INRIA SaclayIdF, Universit e Paris Sud, CNRS October 28, 2009

1.07k views • 77 slides
Towards less painful verification of the full correctness for C Keiko Nakata 25 October 2008

Towards less painful verification of the full correctness for C Keiko Nakata 25 October 2008

Towards less painful verification of the full correctness for C Keiko Nakata 25 October 2008 The content of the talk A report on my experience in combining an automatic decision procedure (Ergo) and interactive reasoning (Coq) to prove both

1.2k views • 102 slides
Unit 1: Introduction to data 4. Introduction to statistical inference Problem set (PS) 1 is

Unit 1: Introduction to data 4. Introduction to statistical inference Problem set (PS) 1 is

Announcements Unit 1: Introduction to data 4. Introduction to statistical inference Problem set (PS) 1 is due Tomorrow, 12.30 pm STA 104 - Summer 2017 Performance assessment (PA) 1 is due tomorrow, 12.30 pm Duke University, Department of

355 views • 6 slides

More recommend