Skip to main content
SpringerLink
Log in

On solving quantified bit-vector constraints using invertibility conditions

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

We present a novel approach for solving quantified bit-vector constraints in Satisfiability Modulo Theories (SMT) based on computing symbolic inverses of bit-vector operators. We derive conditions that precisely characterize when bit-vector constraints are invertible for a representative set of bit-vector operators commonly supported by SMT solvers. We utilize syntax-guided synthesis techniques to aid in establishing these conditions and verify them independently by using several SMT solvers. We show that invertibility conditions can be embedded into quantifier instantiations using Hilbert choice expressions and give experimental evidence that a counterexample-guided approach for quantifier instantiation utilizing these techniques leads to performance improvements with respect to state-of-the-art solvers for quantified bit-vector constraints.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

Notes

  1. Note that this makes this theory complete in the sense of Sect. 2.2.

  2. That is, provided that s is equivalent to a term of the form \(2_{[n]} \cdot s' + 1_{[n]} \).

  3. Available at https://cvc4.cs.stanford.edu/papers/CAV2018-QBV/

  4. Note that \(\psi \) may have free variables besides those in \(\varvec{x} \) which are then also free variables of \(\varphi \).

  5. Note that in order for a selection function that is finite on x and \(\psi \) to also be monotonic on the same, it must be the case that \(\bigwedge _{\varvec{t} \in {\mathcal {S}}^*}\psi [t]\ T\)-entails \(\psi \), so that no more legal inputs exist by the time the set \({\mathcal {S}}^*\) is exhausted.

  6. We evaluate the effectiveness of these configurations in Sect. 5.

  7. This is a simple heuristic to generate literals that can be solved for \(x_i\). More elaborate heuristics could be used in practice.

  8. We are using \(x_1 \cdot a>_\mathrm {u} b\) here instead of \(\lnot (x_1 \cdot a \le _\mathrm {u} b)\) for conciseness.

References

  1. Alur R, Bodík R, Juniwal G, Martin MMK, Raghothaman M, Seshia SA, Singh R, Solar-Lezama A, Torlak E, Udupa A (2013) Syntax-guided synthesis. In: Formal methods in computer-aided design, FMCAD 2013, Portland, OR, USA, pp 1–8

  2. Barrett C, Conway CL, Deters M, Hadarean L, Jovanović D, King T, Reynolds A, Tinelli C (2011) CVC4. In: Proceedings of the 23rd international conference on computer aided verification, CAV’11, pp 171–177. Springer-Verlag. http://dl.acm.org/citation.cfm?id=2032305.2032319

  3. Barrett C, Stump A, Tinelli C (2010) The SMT-LIB Standard: Version 2.0. In: Gupta A, Kroening D (eds) Proceedings of the 8th international workshop on satisfiability modulo theories (Edinburgh, UK)

  4. Bjørner N, Janota M (2015) Playing with quantified satisfaction. In: 20th International conferences on logic for programming, artificial intelligence and reasoning: short presentations, LPAR 2015, Suva, Fiji, pp 15–27

  5. Cooper DC (1972) Theorem proving in arithmetic without multiplication. In: Meltzer B, Michie D (eds) Machine intelligence, vol 7. Edinburgh University Press, Edinburgh, pp 91–100

    Google Scholar 

  6. De Moura L, Bjørner N (2008) Z3: An efficient SMT solver. In: Proceedings of the theory and practice of software, 14th international conference on tools and algorithms for the construction and analysis of systems, TACAS’08/ETAPS’08, pp 337–340. Springer. http://dl.acm.org/citation.cfm?id=1792734.1792766

  7. Dutertre B (2014) Yices 2.2. In: Proceedings of 26th international conference, computer aided verification, CAV 2014, held as part of the vienna summer of logic, VSL 2014, Vienna, Austria, pp 737–744

  8. Dutertre B (2015) Solving exists/forall problems in Yices. Workshop on Satisfiability Modulo Theories

  9. Ekici B, Mebsout A, Tinelli C, Keller C, Katz G, Reynolds A, Barrett C (2017) SMTCoq: a plug-in for integrating SMT solvers into Coq. In: Majumdar R, Kunčak V (eds) Computer aided verification, lecture notes in computer science, vol 10427, pp 126–133. Springer International Publishing

  10. Ekici B, Viswanathan A, Zohar Y, Barrett C, Tinelli C (2019) Verifying bit-vector invertibility conditions in Coq (extended abstract). In: Reis G, Barbosa H (eds) Proceedings sixth workshop on proof exchange for theorem proving, electronic proceedings in theoretical computer science, vol 301, pp 57–89. Open Publishing Association. https://doi.org/10.4204/EPTCS.301

  11. Enderton HB (2001) A mathematical introduction to logic, 2nd edn. Academic Press, New York

    MATH  Google Scholar 

  12. Ge Y, de Moura LM (2009) Complete instantiation for quantified formulas in satisfiabiliby modulo theories. In: Bouajjani A, Maler O (eds) Proceedings, lecture notes in computer science 21st international conference computer aided verification, CAV 2009, Grenoble, France, June 26–July 2, 2009, vol 5643, pp 306–320. Springer. https://doi.org/10.1007/978-3-642-02658-4_25

  13. Heizmann M, Chen Y, Dietsch D, Greitschus M, Nutz A, Musa B, Schätzle C, Schilling C, Schüssele F, Podelski A (2017) Ultimate automizer with an on-demand construction of floyd-hoare automata—(competition contribution). In: A. Legay, T. Margaria (eds) Tools and algorithms for the construction and analysis of systems; Proceedings of 23rd international conference, TACAS 2017, Held as Part of the European joint conferences on theory and practice of software, ETAPS 2017, Uppsala, Sweden, April 22-29, 2017, Part II, Lecture Notes in Computer Science, vol 10206, pp 394–398. https://doi.org/10.1007/978-3-662-54580-5_30

  14. Hilbert D, Bernays P (1934) Grundlagen der Mathematik. Verlag von Julius Springer, Die Grundlehren der mathematischen Wissenschaften

  15. John AK, Chakraborty S (2016) A layered algorithm for quantifier elimination from linear modular constraints. Formal Methods Syst Des 49(3):272–323. https://doi.org/10.1007/s10703-016-0260-9

    Article  MATH  Google Scholar 

  16. Jonás M, Strejcek J (2016) Solving quantified bit-vector formulas using binary decision diagrams. In: Proceedings of 19th international conference theory and applications of satisfiability testing SAT 2016, Bordeaux, France, pp 267–283

  17. Loos R, Weispfenning V (1993) Applying linear quantifier elimination

  18. Manzano M (1993) Introduction to many-sorted logic. Many-sorted logic and its applications. Wiley, New York, pp 3–86

  19. Niemetz A, Preiner M, Biere A (2014 (published 2015)) Boolector 2.0 system description. J Satisfiabil Boolean Model Comput 9: 53–58

  20. Niemetz A, Preiner M, Biere A (2016) Precise and complete propagation based local search for satisfiability modulo theories. In: Proceedings of 28th International conference computer aided verification, CAV 2016, Toronto, ON, Canada, Part I, pp 199–217

  21. Niemetz A, Preiner M, Biere A (2017) Propagation based local search for bit-precise reasoning. Formal Methods Syst Des 51(3):608–636. https://doi.org/10.1007/s10703-017-0295-6

    Article  MATH  Google Scholar 

  22. Niemetz A, Preiner M, Reynolds A, Barrett C, Tinelli C (2018) Solving quantified bit-vectors using invertibility conditions. In: Proceedings of the 30th international conference on computer aided verification (CAV 2018), Oxford, pp 236–255. https://doi.org/10.1007/978-3-319-96142-2_16

  23. Niemetz A, Preiner M, Reynolds A, Zohar Y, Barrett CW, Tinelli C (2019) Towards bit-width-independent proofs in SMT solvers. In: Fontaine P (ed) Proceedings of the 27th international conference on automated deduction (CADE-27), Lecture Notes in Computer Science, vol 11716, pp 366–384. Springer. https://doi.org/10.1007/978-3-030-29436-6_22

  24. Nieuwenhuis R, Oliveras A, Tinelli C (2006) Solving SAT and SAT modulo theories: from an abstract Davis-Putnam-Logemann-Loveland procedure to DPLL(T). J ACM 53(6):937–977

    Article  MathSciNet  Google Scholar 

  25. Preiner M, Niemetz A, Biere A (2017) Counterexample-guided model synthesis. In: Tools and algorithms for the construction and analysis of systems - 23rd International Conference, TACAS 2017, Held as Part of the European joint conferences on theory and practice of software, ETAPS 2017, Uppsala, Sweden, April 22-29, 2017, Proceedings, Part I, pp 264–280

  26. Reynolds A, Barbosa H, Nötzli A, Barrett CW, Tinelli C (2019) CVC4SY: Smart and fast term enumeration for syntax-guided synthesis. In: Dillig I, Tasiran S (eds) Proceedings of the 31st international conference on computer aided verification (CAV 2019), Lecture Notes in Computer Science, vol 11562, pp 74–83. Springer. https://doi.org/10.1007/978-3-030-25543-5_5

  27. Reynolds A, Deters M, Kuncak V, Tinelli C, Barrett CW (2015) Counterexample-guided quantifier instantiation for synthesis in SMT. In: Proceedings of 27th international conference computer aided verification, CAV 2015, San Francisco, CA, USA, Part II, pp 198–216

  28. Reynolds A, King T, Kuncak V (2017) Solving quantified linear arithmetic by counterexample-guided instantiation. Formal Methods Syst Des 51(3):500–532. https://doi.org/10.1007/s10703-017-0290-y

    Article  MATH  Google Scholar 

  29. Stump A, Sutcliffe G, Tinelli C (2014) Starexec: a cross-community infrastructure for logic solving. In: Demri S, Kapur D, Weidenbach C (eds) Proceedings of the 7th international joint conference on automated reasoning, lecture notes in computer science, vol 8562, pp 367–373. Springer

  30. Wintersteiger CM, Hamadi Y, de Moura LM (2013) Efficiently solving quantified bit-vector formulas. Formal Methods Syst Des 42(1):3–23

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Stanford University, Stanford, USA

    Aina Niemetz, Mathias Preiner & Clark Barrett

  2. Department of Computer Science, The University of Iowa, Iowa City, USA

    Andrew Reynolds & Cesare Tinelli

Authors
  1. Aina Niemetz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mathias Preiner
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrew Reynolds
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Clark Barrett
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Cesare Tinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aina Niemetz.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work was partially supported by DARPA under awards FA8750-15-C-0113 and FA8650-18-2-7861 and by the National Science Foundation under award 1656926.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Niemetz, A., Preiner, M., Reynolds, A. et al. On solving quantified bit-vector constraints using invertibility conditions. Form Methods Syst Des 57, 87–115 (2021). https://doi.org/10.1007/s10703-020-00359-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10703-020-00359-9

Keywords

Search

Navigation