Nikolaj Bjørner
Microsoft Research
nbjorner@microsoft.com |
In practice, we need a combination of theories.
A theory is a set (potentially infinite) of first-order sentences.
Main questions: Is the union of two theories consistent? Given a solvers for and , how can we build a solver for ?
Is there an effective over shared signature, that when embeddable into implies is consistent?
Foundations | Efficiency using rewriting | ||
---|---|---|---|
1979 | (Nelson and Oppen, 1979) - Framework | 1984 | Shostak Theory |
1996 | Tinelli et al: N.O Fix | 1996 | Cyrluk et al: Shostak fix 1 |
2000 | Barrett et al: N.O + Rewriting | 1998 | B: Shostak + Constraints |
2002 | Zarba & Manna: “Nice” theories | 2001 | Rues & Shankar: Shostak fix 2 |
2004 | (Ghilardi, 2004): N.O. as Amalgamation | 2004 | Ranise et al: N.O. + Superposition |
(Silva and Sakallah, 1999,Moskewicz et al. (2001)) efficient backjumping | |||
2006 | Bruttomesso et al: Delayed Theory Combination | ||
2007 | (Moura and Bjørner, 2008): Model-based Theory Combination | ||
2011 | (Jovanovic and Barrett, 2011): overlapping, polite, shiny theories | ||
2025 | (Toledo et al., 2025) super polite shiny polish++ | ||
Two theories are disjoint if they do not share function/constant and predicate symbols. is the only exception.
Example:
The theories of arithmetic and arrays are disjoint.
Arithmetic symbols: .
Array symbols:
becomes
becomes
A theory is stably infinite if every satisfiable QFF is satisfiable in an infinite model.
EUF and arithmetic are stably infinite.
Bit-vectors are not
The union of two consistent, disjoint, stably infinite theories is consistent.
Ingredient: establish homomorphism from theory to , such that consistency of is reduced to consistency of .
Local Theory Extensions, Bridge Functions, Surjective Homomorphisms
(Sofronie-Stokkermans, 2005), (Fontaine and Gribomont, 2005), (Zhang et al., 2006), (Suter et al., 2010), (Chocron et al., 2015), (Berthon and Ringeissen, 2016)
Let and be consistent, stably infinite theories over disjoint (countable) signatures. Assume satisfiability of conjunction of literals can be decided in and time respectively. Then
The combined theory is consistent and stably infinite.
Satisfiability of quantifier free conjunction of literals can be decided in .
If and are convex, then so is and satisfiability in is in .
A theory is convex iff:
Every convex theory with non trivial models is stably infinite.
Horn equational theories are convex.
Integer arithmetic is not convex.
Real non-linear arithmetic
EUF is convex
IDL is non-convex
is NP-complete
Theory Combination in Z3:
Core Theories = Arithmetic + EUF + SAT
Bit-vectors, Finite domains = SAT
Other theories reduced to Core Theories
Filtering rules on when shared variables matter.
are shared, but
occurs only in
occurs only in
We don't care if or .
Propagate all implied equalities.
Deterministic Nelson-Oppen.
Complete only for convex theories.
It may be expensive for some theories.
Delayed Theory Combination.
Deterministic Nelson-Oppen.
Create set of interface equalities between shared variables.
Use SAT solver to guess the partition.
Disadvantage: the number of additional equalities is quadratic in the number of shared variables.
Common to these methods is that they are pessimistic about which equalities are propagated.
Model-based Theory Combination:
Optimistic approach.
Use a candidate model for one of the theories and propagate all equalities implied by the candidate model hedging that other theories will agree.
If not, use backtracking on choices to fix the model.
It is cheaper to enumerate equalities that are implied in a particular model than of all models.
purify
Bit-vectors
Arithmetic