the smt lib 2 standard overview and proposed new theories
play

The SMT-LIB 2 Standard: Overview and Proposed New Theories Philipp - PowerPoint PPT Presentation

Dec 19, 2023 •581 likes •832 views

The SMT-LIB 2 Standard: Overview and Proposed New Theories Philipp Rmmer Oxford University Computing Laboratory philr@comlab.ox.ac.uk Third Workshop on Formal and Automated Theorem Proving and Applications Belgrade, Serbia 29 January 2010

  1. The SMT-LIB 2 Standard: Overview and Proposed New Theories Philipp Rümmer Oxford University Computing Laboratory philr@comlab.ox.ac.uk Third Workshop on Formal and Automated Theorem Proving and Applications Belgrade, Serbia 29 January 2010 1 / 23

  2. Outline Overview of SMT-LIB 2, comparison with version 1 Joint work by somebody else Set-theoretic datatypes for the SMT-LIB Finite sets, lists, maps, relations Joint work with Daniel Kroening, Georg Weissenbacher Floating-point arithmetic for the SMT-LIB Joint work with Thomas Wahl 2 / 23

  3. The SMT-LIB Standard SMT → S atisfiability M odulo T heories SMT-LIB is . . . a standardised input format for SMT solvers (since 2003) a standardised format for exchanging SMT problems a library of more than 90 000 SMT benchmarks the basis for the annual SMT competition (this year: on FLoC) Relevant for verification + program analysis tool: Krakatoa, Caduceus, ESC/Java2, Spec#, VCC, Havoc, Pex, CBMC, F7, . . . 3 / 23

  4. Example in SMT-LIB Format (Version 1) (benchmark Ensures_Q_noinfer_2 :source { Boogie/Spec# benchmarks. } :logic AUFLIA [...] :extrapreds (( InRange Int Int )) :extrafuns (( this Int )) :extrafuns (( intAtLeast Int Int Int )) [...] :assumption (forall (?t Int) (?u Int) (?v Int) (implies (and (subtypes ?t ?u) (subtypes ?u ?v)) (subtypes ?t ?v)) :pat (subtypes ?t ?u) (subtypes ?u ?v)) [...] :formula (not (implies (implies (implies (implies (and (forall (?o Int) (?F Int) (implies (and (= ?o this) (= ?F X)) (= (select2 H ?o ?F) 5))) (implies (forall (?o Int) (?F Int) (implies (and (= ?o this) (= ?F X)) (= (select2 H ?o ?F) 5))) (implies true true))) (= ReallyLastGeneratedExit_correct Smt.true)) (= ReallyLastGeneratedExit_correct Smt.true)) (= start_correct Smt.true)) (= start_correct Smt.true)))) 4 / 23

  5. Example in SMT-LIB Format (Version 1) (benchmark Ensures_Q_noinfer_2 :source :logic Preamble + problem logic/category [...] :extrapreds :extrafuns Problem signature: sorts, functions, predicates :extrafuns [...] :assumption Premises + axioms [...] :formula Verification condition ) 4 / 23

  6. Versions of SMT-LIB Latest “stable” version 1.2 Introduced 2006 Supported by virtually all SMT solvers Theories: arrays, bit-vectors, integers, reals Upcoming version 2.0 Proposed July 2009 1 Improvements + simplifications over 1.2 . . . next slides More flexible w.r.t. combination of theories But: semantics similar to 1.2 1 Working group: Clark Barrett, Sylvain Conchon, Bruno Dutertre, Jim Grundy, Leonardo de Moura, Albert Oliveras, Aaron Stump, Cesare Tinelli 5 / 23

  7. The Brave New World (of SMT-LIB 2)

  8. 1. Sort Constructors SMT-LIB 1 SMT-LIB 2 Only nullary sort constructors: Sort constructors of any arity: :sorts (Int) :sorts ((Array 2)) [...] [...] :extrasorts (U T) :extrasorts ((List 1) U T) Types are atomic: Types can be compound: :extrafuns :extrafuns ((f T T)) ((f T (Array U T))) 7 / 23

  9. 2. Theory Schemas SMT-LIB 1 SMT-LIB 2 Theories are monomorphic: Parametric polymorphism in theories: (theory Int_Arrays (theory Array :sorts (Int Array) :sorts ((Array 2)) :funs :funs ((select Array Int Int) ((par (X Y) (store Array Int Int (select Array) (Array X Y) X Y)) [...] (par (X Y) )) (store (Array X Y) X Y (Array X Y))) [...] )) 8 / 23

  10. 3. Symbol Overloading SMT-LIB 1 SMT-LIB 2 Unique operator names: Symbol overloading: :sorts (Int) :sorts (Int) :funs ((~ Int Int) :funs ((- Int Int) (- Int Int Int) (- Int Int Int) (+ Int Int Int)) (+ Int Int Int)) [...] [...] :sorts (BitVec) :sorts (BitVec) :funs :funs ((- BitVec BitVec)) ((bvneg BitVec BitVec)) 9 / 23

  11. 4. No Formula/Term Distinction SMT-LIB 1 SMT-LIB 2 Formulae � = terms, Bool is simply a sort: predicates � = functions: :extrapreds :extrafuns ((divides Int Int)) ((divides Int Int Bool) :extrafuns (prime (Array Int Bool))) ((succ Int Int)) Only terms can be and , or , = , . . . function/predicate arguments are just functions Work-arounds: reflection, ite operator 10 / 23

  12. 5. Standardised Command Language Text-based interface to SMT solvers: > (set-logic AUFLIA) > (declare-fun a () Int) > (declare-fun b () Int) > (assert (= (* 8 a) (* 4 b))) > (push) > (assert (forall ((x Int)) (not (= b (* 2 x))))) > (check-sat) unsat > (pop) [...] Apparently: Interface will replace the old benchmark file format 11 / 23

  13. Proposals for Additional SMT-LIB 2 Theories

  14. Theories of Set-Theoretic Datatypes We propose to add datatypes inspired by VDM-SL Tuples Lists (Finite) Sets (Finite) Partial Maps Main applications for us: Bounded Model Checking for C, C++ (CBMC) Model-based test-case generation (UML/OCL, Simulink/Stateflow, Lustre) Analysis of requirements + architecture specifications System development in Event-B, VDM 13 / 23

  15. SMT-LIB 2 Theory Schemas Tuples Sets Lists Maps (Tuple n (Set T) (List T) (Map S T) T 1 ... T n ) ∅ [ ] ∅ tuple emptySet nil emptyMap ( x 1 , . . . , x n ) x :: L f ( x ) insert cons apply M ∪ { x } project head overwrite x k ∈ in tail < + ⊆ product subset append domain � M 1 × · · · × M n ∪ | l | union length range ∩ inter nth l k restrict ⊳ \ – setminus inds subtract ⊳ | M | { 1 , . . . , | l |} card elems { l 1 , . . . , l | l | } 14 / 23

  16. Example: Verification Cond. Generated by VDMTools In VDM-SL notation: � � ∀ l : L ( Z ) , i : N . i ∈ inds ( l ) ⇒ ∀ j ∈ inds ( l ) \ { i } . j ∈ inds ( l ) In SMT-LIB notation: (forall ((l (List Int)) (i Int)) (implies (and (>= i 0) (in i (inds l))) (forall (j Int) (implies (in j (setminus (inds l) (insert i emptySet))) (in j (inds l)))))) 15 / 23

  17. Status of the Proposal Syntax + Semantics of theories is defined ⇒ In collaboration with Cesare Tinelli Parser + type checker + converter to SMT-LIB 1 available (using a rather naive axiomatisation of the datatypes) Meaningful sublogics still to be identified We have a small initial collection of benchmarks ⇒ More to be converted from Event-B VCs ⇒ Further benchmarks would be welcome http://www.cprover.org/SMT-LIB-LSM/ 16 / 23

  18. Floating-Point Arithmetic (FPA) Binary floating-point numbers (IEEE 754-2008) ( − 1 ) s · m · 2 e | ( m , e ) ∈ E , s ∈ { 0 , 1 } � � ❋ = = { NaN , + ∞ , −∞ , 0 − , . . . } where: s . . . sign m . . . mantissa/significand e . . . exponent Standard mathematical operations + rounding (defined more or less ambiguously in IEEE 754-2008) Important for embedded software, control software, etc. 17 / 23

  19. A Theory of Floating-Point Arithmetic (FPA) So far: no SMT solvers with FPA support Correct reasoning about FPA is hard Precise encoding: hard for automatic solvers (but works for interactive proof assistants) Interval arithmetic: sound but imprecise, no models (bad for test cases) Rational arithmetic: only an approximation (unsound in certain settings) Main applications for us: Bounded model checking for Simulink/Stateflow Test-case generation 18 / 23

  20. Abstraction for Floating-Point Arithmetic [FMCAD’09] New reasoning approach: Precise SAT encoding combined with mixed over/under-approximation Outperforms naive SAT encoding + can generate models Prototypical implementation as part of CBMC Planned: move implementation to an SMT solver ⇒ SMT-LIB interface is needed! 19 / 23

  21. An SMT-LIB Theory of FPA (work in progress) Goals Model FPA core that is relevant for reasoning + verification Not considered: Exact error handling, bit-precise encoding, . . . Precise + concise definition of FPA semantics Useable syntax http://www.cprover.org/SMT-LIB-Float/ 20 / 23

  22. Example: FPA Problem in SMT-LIB :extrafuns ((x (ind FP 11 53)) (y (ind FP 11 53))) :problem (exists ((z (ind FP 11 53))) (= (+ roundTowardZero x z) y)) 64-bit floating-point arithmetic (double precision) ⇒ 11 bit exponent, 53 bit significand ind notation is used for indexed types ⇒ (ind FP 11 53) means FP 11 , 53 + is ternary: first argument is rounding mode 21 / 23

  23. Conclusion Overview of SMT-LIB 2 Datatypes of sets, lists, maps, relations Floating-point arithmetic Trade-off when defining theories: Generality → good for users Implementation complexity → good for tool writers Decidability ⇒ We hope that we have found a good compromise ⇒ Feedback is welcome! 22 / 23

  24. Thanks for your attention! Don’t forget about . . . Ad Logics for Systems Analysis — LfSA’10 Workshop affiliated with LICS and IJCAR at FLoC July 15th 2010 http://www.ls.cs.cmu.edu/LfSA10/ 23 / 23

Recommend

Overview Full Non-standard Satisfaction Predicates Sequential Theories Full Non-standard

Overview Full Non-standard Satisfaction Predicates Sequential Theories Full Non-standard

Full Non-standard Satisfaction S EQUENTIAL T HEORIES Predicates Sequential Theories Ali Enayat &amp; Albert Visser Department of Philosophy, Faculty of Humanities, Utrecht University Kotlarski-Ratajczyk Conference July 24, 2012, B edlewo

433 views • 19 slides
Proposed Carbon Pollution Standard For New Power Plants April 2, 2012 Overview Sources of

Proposed Carbon Pollution Standard For New Power Plants April 2, 2012 Overview Sources of

Proposed Carbon Pollution Standard For New Power Plants April 2, 2012 Overview Sources of Carbon Pollution Summary of Todays Action Proposed standard Flexibilities Transitional sources Why This Standard is Needed

448 views • 11 slides
Theories within Theories Berislav Zarni c Physics and Philosophy, Split, July 2012

Theories within Theories Berislav Zarni c Physics and Philosophy, Split, July 2012

Theories within Theories Berislav Zarni c Physics and Philosophy, Split, July 2012 University of Split, Croatia (Hrvatska) Theories within Theories 1 / 23 Overview In this talk I will try to sketch the grounds for repositioning

507 views • 23 slides
Pilot Project - ED 01/18 Proposed Auditing Standard ASA 315 Identifying and Assessing the Risks of

Pilot Project - ED 01/18 Proposed Auditing Standard ASA 315 Identifying and Assessing the Risks of

Pilot Project - ED 01/18 Proposed Auditing Standard ASA 315 Identifying and Assessing the Risks of Material Misstatement Rod Whitehead Auditor-General Outline Proposed auditing standard ASA 315 future changes ASA 315 pilot project

451 views • 18 slides
A An Overview of O i f Solar Eruption Theories Solar Eruption Theories G. S. Choe G. S.

A An Overview of O i f Solar Eruption Theories Solar Eruption Theories G. S. Choe G. S.

2009 Laboratory, Space, and Astrophysical Plasma Workshop 20 February 2009 A An Overview of O i f Solar Eruption Theories Solar Eruption Theories G. S. Choe G. S. Choe School of Space Research Kyung Hee University i i Yongin, Korea

603 views • 48 slides
Outline Classification of first-order theories Simple theories NIP theories NTP 2 Space of

Outline Classification of first-order theories Simple theories NIP theories NTP 2 Space of

Generalizations of stability and NTP 2 Artem Chernikov University Lyon 1 / HUJI Geometrie et Theorie des Modeles, Paris, 6 Apr 2012 Outline Classification of first-order theories Simple theories NIP theories NTP 2 Space of types Let T be

480 views • 30 slides
Search for Supersymmetry Standard Model : success and problems Grand Unified Theories

Search for Supersymmetry Standard Model : success and problems Grand Unified Theories

Vorlesung 11: Search for Supersymmetry Standard Model : success and problems Grand Unified Theories (GUT) Supersymmetrie (SUSY) theory direct search (pre-LHC) indirect search LHC results Tevatron and LHC

556 views • 29 slides
BODY AND SOUL Biological Theories of Generation and Theological Theories of Ensoulm ent

BODY AND SOUL Biological Theories of Generation and Theological Theories of Ensoulm ent

BODY AND SOUL Biological Theories of Generation and Theological Theories of Ensoulm ent OVERVIEW OF PRESENTATION History of Embryological Theories Views of the Soul Putting Body and Soul Together Ethical Implications

397 views • 23 slides
Subcommittee on Standards Proposed Operating Rules for Standard Transactions for Prior

Subcommittee on Standards Proposed Operating Rules for Standard Transactions for Prior

Subcommittee on Standards Proposed Operating Rules for Standard Transactions for Prior Authorization and Connectivity for certain adopted standard transactions August 25-26, 2020 1 zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Co-Chair

637 views • 11 slides
EPAs Proposed Revisions to the National Ambient Air Quality Standard (NAAQS) for Ozone

EPAs Proposed Revisions to the National Ambient Air Quality Standard (NAAQS) for Ozone

EPAs Proposed Revisions to the National Ambient Air Quality Standard (NAAQS) for Ozone Donnie Redmond Ambient Monitoring Section Chief 1 Ozone NAAQS Background Current standard is 75 ppb Established in 2008 Entire state now

406 views • 13 slides
Chapter 3 Theories Behind Gamification of Learning and Instruction Overview What learning

Chapter 3 Theories Behind Gamification of Learning and Instruction Overview What learning

Chapter 3 Theories Behind Gamification of Learning and Instruction Overview What learning theories support the use of games within the instructional process? What elements of motivational theory apply to the gamification of learning and

312 views • 16 slides
Assurance and Strategic Partnership with Standard Life Aberdeen plc 23 February 2018 1 Agenda

Assurance and Strategic Partnership with Standard Life Aberdeen plc 23 February 2018 1 Agenda

Proposed acquisition of Standard Life Assurance and Strategic Partnership with Standard Life Aberdeen plc 23 February 2018 1 Agenda Transaction overview Clive Bannister | Group Chief Executive FY17 performance and financial benefits of

508 views • 34 slides
Enriched Lawvere Theories theories for Operational Semantics Lawvere theories enriched theories

Enriched Lawvere Theories theories for Operational Semantics Lawvere theories enriched theories

Enriched Lawvere Theories for Operational Semantics John C. Baez Christian Williams Introduction Enriched Lawvere Theories theories for Operational Semantics Lawvere theories enriched theories enrichment enriched categories enriched

573 views • 23 slides
Will EPAs Proposed Ozone Air Quality Standard Have an Impact on Your County? NACos

Will EPAs Proposed Ozone Air Quality Standard Have an Impact on Your County? NACos

Will EPAs Proposed Ozone Air Quality Standard Have an Impact on Your County? NACos Environment, Energy and Land Use (EELU) Steering Subcommittees Education Session February 21, 2015 Washington, DC Ted Steichen Are you impacted Now?

664 views • 24 slides
Proposed Standard of GRAP on Living and Non-living Resources Background DP 10 Accounting for

Proposed Standard of GRAP on Living and Non-living Resources Background DP 10 Accounting for

Proposed Standard of GRAP on Living and Non-living Resources Background DP 10 Accounting for Living and Non-Living Resources issued August 2014 Comment due January 2015 Considered comment agreed to develop a Standard of GRAP

560 views • 35 slides
Motivation and Overview Overview Spaces of Superconformal field theories in 4D N = 4 SYM is

Motivation and Overview Overview Spaces of Superconformal field theories in 4D N = 4 SYM is

2D CFTs for a class of 4D N = 1 theories Vladimir Mitev PRISMA Cluster of Excellence, Institut f ur Physik, THEP , Johannes Gutenberg Universit at Mainz IGST Paris, July 18 2017 [V. Mitev, E. Pomoni, arXiv:1703.00736] Motivation and

675 views • 67 slides
Update on Proposed Privatization 27 October 2017 Overview of Proposed Privatization Proposed

Update on Proposed Privatization 27 October 2017 Overview of Proposed Privatization Proposed

Update on Proposed Privatization 27 October 2017 Overview of Proposed Privatization Proposed Scheme is the result of the rigorous and independent Strategic Review process Scheme of Arrangement (Scheme) for all the issued and paid-up

697 views • 14 slides
Monads and theories John Bourke (joint work with Richard Garner) Department of Mathematics and

Monads and theories John Bourke (joint work with Richard Garner) Department of Mathematics and

Introduction Basic setting and two standard constructions Main theorems Monads and theories John Bourke (joint work with Richard Garner) Department of Mathematics and Statistics Masaryk University CT2018 John Bourke Monads and theories

987 views • 63 slides
Evaluating the Proposed Coalition Battle Management Language Standard as a Basis for Enhanced C2

Evaluating the Proposed Coalition Battle Management Language Standard as a Basis for Enhanced C2

Evaluating the Proposed Coalition Battle Management Language Standard as a Basis for Enhanced C2 to M&amp;S Interoperability Dr. J. Mark Pullen Lionel Khimeche Dr. Michael R. Hieb DGA/DETSAIS C4I Center Arcueil, France George Mason

588 views • 25 slides
Proposed Australian design standard and installer certification for safety- critical anchors to

Proposed Australian design standard and installer certification for safety- critical anchors to

22/05/2015 Proposed Australian design standard and installer certification for safety- critical anchors to concrete - David J Heath - Ramil Crisolo www.aefac.org.au 1 D ISCLAIMER These seminar notes have been prepared for general information

629 views • 32 slides
Evaluating the Proposed Coalition Battle Management Language Standard as a Basis for Enhanced C2

Evaluating the Proposed Coalition Battle Management Language Standard as a Basis for Enhanced C2

APPROVED FOR PUBLIC RELEASE Evaluating the Proposed Coalition Battle Management Language Standard as a Basis for Enhanced C2 to M&amp;S Interoperability J. Mark Pullen, D.Sc. Lionel Khimeche Dlgation Gnrale pour lArmement (DGA)

371 views • 11 slides
Overview of the New Leases Standard MBAF Welcomes You! October 25, 2018 1 Agenda Overview

Overview of the New Leases Standard MBAF Welcomes You! October 25, 2018 1 Agenda Overview

Overview of the New Leases Standard MBAF Welcomes You! October 25, 2018 1 Agenda Overview Implementation considerations 2 Overview Effective Date The FASBs new leases standard requires lessees to recognize assets and

361 views • 14 slides
Proposed Technical Standard for Dry Active Waste Characterization PRESENTED BY DAN DILDAY

Proposed Technical Standard for Dry Active Waste Characterization PRESENTED BY DAN DILDAY

Proposed Technical Standard for Dry Active Waste Characterization PRESENTED BY DAN DILDAY ARGONNE NATIONAL LABORATORY SYDNEY GORDON NAVARRO RESEARCH AND ENGINEERING EFCOG SESSION WM 2017 PHOENIX, AZ MARCH 9, 2017 Why Characterization

357 views • 6 slides
The 2015 Proposed Ozone Standard The Ozone NAAQS 1 The Ozone NAAQS 1 Basic law: Clean Air

The 2015 Proposed Ozone Standard The Ozone NAAQS 1 The Ozone NAAQS 1 Basic law: Clean Air

Presentation for Air Quality Coalitions The 2015 Proposed Ozone Standard The Ozone NAAQS 1 The Ozone NAAQS 1 Basic law: Clean Air Act (CAA last amended 1990) NAAQS National Ambient Air Quality Standard NAAQS are set for

352 views • 23 slides

More recommend