Solving QBF with
Counterexample Guided Refinement
Mikoláš Janota1 William Klieber2
Joao Marques-Silva1,3 Edmund Clarke2
1
2
Janota et al.
INESC-ID/IST, Lisbon, Portugal
Carnegie Mellon University, Pittsburgh, PA, USA
3 CASL/CSI, University College Dublin, Ireland
Solving QBF with Counterexample Guided Refinement
1 / 16
QBF
• an extension of SAT with quantifiers
• PSPACE-complete
• formal verification
• planning
Janota et al.
Solving QBF with Counterexample Guided Refinement
2 / 16
QBF
• an extension of SAT with quantifiers
• PSPACE-complete
• formal verification
• planning
Example
∀y1 y2 ∃x1 x2 . (y1 ↔ x1 ) ∧ (y2 ↔ x2 )
Janota et al.
Solving QBF with Counterexample Guided Refinement
2 / 16
QBF
• an extension of SAT with quantifiers
• PSPACE-complete
• formal verification
• planning
Example
∀y1 y2 ∃x1 x2 . (y1 ↔ x1 ) ∧ (y2 ↔ x2 )
• we consider prenex form with maximal blocks of variables
QX1 Q̄Y1 QX2 Q̄Y2 . . . . φ
where Q ∈ {∃, ∀}
¯ = ∀,∀
¯=∃
∃
Janota et al.
Solving QBF with Counterexample Guided Refinement
2 / 16
A QBF as a Game
• it is useful to think about a QBF as a game between the
universal and existential player
• universal player wins when the matrix becomes false
• existential player wins when the matrix becomes true
Janota et al.
Solving QBF with Counterexample Guided Refinement
3 / 16
A QBF as a Game
• it is useful to think about a QBF as a game between the
universal and existential player
• universal player wins when the matrix becomes false
• existential player wins when the matrix becomes true
• a QBF is true if and only if the “exist player can always win”
Janota et al.
Solving QBF with Counterexample Guided Refinement
3 / 16
A QBF as a Game
• it is useful to think about a QBF as a game between the
universal and existential player
• universal player wins when the matrix becomes false
• existential player wins when the matrix becomes true
• a QBF is true if and only if the “exist player can always win”
Example
∀y1 y2 ∃x1 x2 . (y1 ↔ x1 ) ∧ (y2 ↔ x2 )
• ∃ always wins by playing x1 = y1 , x2 = y2
Janota et al.
Solving QBF with Counterexample Guided Refinement
3 / 16
Semantics with Winning Move
winning move, base case QX .φ, for φ propositional
• for Q = ∃, an assignment that makes φ true (model of φ)
• for Q = ∀, an assignment that makes φ false
Janota et al.
Solving QBF with Counterexample Guided Refinement
4 / 16
Semantics with Winning Move
winning move, base case QX .φ, for φ propositional
• for Q = ∃, an assignment that makes φ true (model of φ)
• for Q = ∀, an assignment that makes φ false
winning move, general case QX . Φ, for Φ QBF
• an assignment τ s.t. there is no winning move for Q̄ for Φ[τ ]
Janota et al.
Solving QBF with Counterexample Guided Refinement
4 / 16
Semantics with Winning Move
winning move, base case QX .φ, for φ propositional
• for Q = ∃, an assignment that makes φ true (model of φ)
• for Q = ∀, an assignment that makes φ false
winning move, general case QX . Φ, for Φ QBF
• an assignment τ s.t. there is no winning move for Q̄ for Φ[τ ]
countermove, for QX . Φ, for Φ QBF
• an assignment µ is a countermove to the assignment τ if µ is
a winning move for Q̄ for Φ[τ ]
Janota et al.
Solving QBF with Counterexample Guided Refinement
4 / 16
Winning Move Semantics
QBF semantics
• ∃X .Φ is true if and only if there is a winning move for ∃
• ∀X .Φ is false if and only if there is a winning move for ∀
Janota et al.
Solving QBF with Counterexample Guided Refinement
5 / 16
Winning Move Semantics
QBF semantics
• ∃X .Φ is true if and only if there is a winning move for ∃
• ∀X .Φ is false if and only if there is a winning move for ∀
Example
∀y ∃x. x ∧ (y ∨ x̄)
• {ȳ } is a winning move for ∀, formula is false
• {y } is not a winning move and {x} is a countermove
Janota et al.
Solving QBF with Counterexample Guided Refinement
5 / 16
Computing a Winning Move—Base Case
Solve ( ∃X . φ), where φ is a propositional
output
: a winning move for ∃ if there is one; NULL
otherwise
return SAT(φ)
Janota et al.
Solving QBF with Counterexample Guided Refinement
6 / 16
Computing a Winning Move—Base Case
Solve ( ∃X . φ), where φ is a propositional
output
: a winning move for ∃ if there is one; NULL
otherwise
return SAT(φ)
Solve ( ∀X . φ), where φ is a propositional
output
: a winning move for ∀ if there is one; NULL
otherwise
return SAT(¬φ)
Janota et al.
Solving QBF with Counterexample Guided Refinement
6 / 16
Naive Algorithm for a Winning Move
1
Function Solve (QX . Φ)
2
Λ ← {true, false}X
while true do
if Λ = ∅ then
return NULL
τ ← pick(Λ)
µ ← Solve(Φ[τ ])
if µ = NULL then
return τ
Λ ← Λ r {τ }
end
3
4
5
6
7
8
9
10
11
Janota et al.
// consider all assignments
// all assignments used up
// pick a candidate solution
// find a countermove
// winning move
// remove bad candidate
Solving QBF with Counterexample Guided Refinement
7 / 16
Removing More Than One Candidate at a Time
Observation
• The naive algorithm does not avail of the countermove
Janota et al.
Solving QBF with Counterexample Guided Refinement
8 / 16
Removing More Than One Candidate at a Time
Observation
• The naive algorithm does not avail of the countermove
How?
• represent the set of considered candidates as the set of
winning moves of a (simpler) QBF (abstraction)
• each time a countermove is found, strengthen the abstraction
so that the same countermove cannot be used in the future
(refinement)
Janota et al.
Solving QBF with Counterexample Guided Refinement
8 / 16
CounterExample Guided Abstraction Refinement (CEGAR)
α0 , all moves
Winning Moves
Janota et al.
Solving QBF with Counterexample Guided Refinement
9 / 16
CounterExample Guided Abstraction Refinement (CEGAR)
α0 , all moves
τ1
Winning Moves
Janota et al.
Solving QBF with Counterexample Guided Refinement
9 / 16
CounterExample Guided Abstraction Refinement (CEGAR)
α0 , all moves
τ1
α1
Winning Moves
Janota et al.
Solving QBF with Counterexample Guided Refinement
9 / 16
CounterExample Guided Abstraction Refinement (CEGAR)
α0 , all moves
τ1
α1
τ2
Winning Moves
Janota et al.
Solving QBF with Counterexample Guided Refinement
9 / 16
CounterExample Guided Abstraction Refinement (CEGAR)
α0 , all moves
τ1
α1
τ2
αn
Winning Moves
Janota et al.
Solving QBF with Counterexample Guided Refinement
9 / 16
CounterExample Guided Abstraction Refinement (CEGAR)
α0 , all moves
τ1
α1
τ2
αn
τn
Winning Moves
Janota et al.
Solving QBF with Counterexample Guided Refinement
9 / 16
Refinement
for a bad candidate τ
• Q̄ wins by µ, i.e. QX Q̄Y . Φ[τ ][µ] is losing for Q
Janota et al.
Solving QBF with Counterexample Guided Refinement
10 / 16
Refinement
for a bad candidate τ
• Q̄ wins by µ, i.e. QX Q̄Y . Φ[τ ][µ] is losing for Q
for next candidates....
• make sure that next candidate τ is a winning move for
QX . Φ[µ]
• for such τ , µ cannot be a countermove
Janota et al.
Solving QBF with Counterexample Guided Refinement
10 / 16
Refinement
for a bad candidate τ
• Q̄ wins by µ, i.e. QX Q̄Y . Φ[τ ][µ] is losing for Q
for next candidates....
• make sure that next candidate τ is a winning move for
QX . Φ[µ]
• for such τ , µ cannot be a countermove
for a set of countermoves ω = {µ1 , . . . , µn }
•
•
V
Wµ∈ω
µ∈ω
Janota et al.
Φ[µ], Q = ∃
Φ[µ], Q = ∀
Solving QBF with Counterexample Guided Refinement
10 / 16
Refinement—Example
• ∀y ∃x. x ∧ (y ∨ x̄)
• candidate: {y }, countermove: {x}
• abstraction: ∀y . y
(with the single winning move {ȳ })
Janota et al.
Solving QBF with Counterexample Guided Refinement
11 / 16
Refinement—Example
• ∀y ∃x. x ∧ (y ∨ x̄)
• candidate: {y }, countermove: {x}
• abstraction: ∀y . y
(with the single winning move {ȳ })
• ∀y1 y2 ∃x. (y1 ∨ x̄) ∧ (y2 ∨ x)
Janota et al.
Solving QBF with Counterexample Guided Refinement
11 / 16
Refinement—Example
• ∀y ∃x. x ∧ (y ∨ x̄)
• candidate: {y }, countermove: {x}
• abstraction: ∀y . y
(with the single winning move {ȳ })
• ∀y1 y2 ∃x. (y1 ∨ x̄) ∧ (y2 ∨ x)
• candidate: {y1 , ȳ2 }, countermove: {x}
Janota et al.
(Φ[x] = y1 )
Solving QBF with Counterexample Guided Refinement
11 / 16
Refinement—Example
• ∀y ∃x. x ∧ (y ∨ x̄)
• candidate: {y }, countermove: {x}
• abstraction: ∀y . y
(with the single winning move {ȳ })
• ∀y1 y2 ∃x. (y1 ∨ x̄) ∧ (y2 ∨ x)
• candidate: {y1 , ȳ2 }, countermove: {x}
• candidate: {ȳ1 , y2 }, countermove: {x̄}
Janota et al.
(Φ[x] = y1 )
(Φ[x̄] = y2 )
Solving QBF with Counterexample Guided Refinement
11 / 16
Refinement—Example
• ∀y ∃x. x ∧ (y ∨ x̄)
• candidate: {y }, countermove: {x}
• abstraction: ∀y . y
(with the single winning move {ȳ })
• ∀y1 y2 ∃x. (y1 ∨ x̄) ∧ (y2 ∨ x)
• candidate: {y1 , ȳ2 }, countermove: {x}
• candidate: {ȳ1 , y2 }, countermove: {x̄}
(Φ[x] = y1 )
(Φ[x̄] = y2 )
• abstraction: ∀y1 y2 . y1 ∨ y2
(with the single winning move {ȳ1 , ȳ2 })
Janota et al.
Solving QBF with Counterexample Guided Refinement
11 / 16
Abstraction-Based Algorithm for a Winning Move
1
Function Solve (QX . Φ)
2
begin
if Φ has no quant then
return (Q = ∃) ? SAT(φ) : SAT(¬φ)
ω←∅
while true do
V
W
α ← (Q = ∃) ? µ∈ω Φ[µ] : µ∈ω Φ[µ] // abstraction
τ 0 ← Solve(Prenex(QX . α))
// find a candidate
0
if τ = NULL then return NULL
// no winning move
τ ← {l | l ∈ τ 0 ∧ var(l) ∈ X } // filter a move for X
µ ← Solve(Φ[τ ])
// find a countermove
if µ = NULL then return τ
// winning move
ω ← ω ∪ {µ}
// refine
end
end
3
4
5
6
7
8
9
10
11
12
13
14
15
Janota et al.
Solving QBF with Counterexample Guided Refinement
12 / 16
Results
• RAReQS implementation of the above using minisat2.2
Janota et al.
Solving QBF with Counterexample Guided Refinement
13 / 16
Results
• RAReQS implementation of the above using minisat2.2
• GhostQ-CEGAR integration into an existing DPLL solver
Janota et al.
Solving QBF with Counterexample Guided Refinement
13 / 16
Results
• RAReQS implementation of the above using minisat2.2
• GhostQ-CEGAR integration into an existing DPLL solver
300
QuBE7.2
400
Quantor
500
Nenofex
CPU time (s)
600
GhostQ
RAReQS
GhostQ
GhostQ-CEGAR
QuBE7.2
Quantor
Nenofex
700
RAReQS
800
GhostQ-CEGAR
Results for planning and Formal Verification families
200
100
0
0
Janota et al.
500
1000
1500
2000
instances
2500
3000
Solving QBF with Counterexample Guided Refinement
3500
4000
13 / 16
Conclusions and Future Work
• a novel CEGAR-based technique for QBF solving RAReQS
Janota et al.
Solving QBF with Counterexample Guided Refinement
14 / 16
Conclusions and Future Work
• a novel CEGAR-based technique for QBF solving RAReQS
• in some sense RAReQS is close to expansion-based solvers
(e.g. Quantor, Nenofex) but the expansion is driven by
counterexamples
Janota et al.
Solving QBF with Counterexample Guided Refinement
14 / 16
Conclusions and Future Work
• a novel CEGAR-based technique for QBF solving RAReQS
• in some sense RAReQS is close to expansion-based solvers
(e.g. Quantor, Nenofex) but the expansion is driven by
counterexamples
• step-by-step expansion enables RAReQS to avoid inherent
memory blowup of expansion solvers
Janota et al.
Solving QBF with Counterexample Guided Refinement
14 / 16
Conclusions and Future Work
• a novel CEGAR-based technique for QBF solving RAReQS
• in some sense RAReQS is close to expansion-based solvers
(e.g. Quantor, Nenofex) but the expansion is driven by
counterexamples
• step-by-step expansion enables RAReQS to avoid inherent
memory blowup of expansion solvers
• enables solving a large number of practical instances not
solved by state-of-the-art solvers
(220 instances that only RAReQS solved)
Janota et al.
Solving QBF with Counterexample Guided Refinement
14 / 16
Conclusions and Future Work
• a novel CEGAR-based technique for QBF solving RAReQS
• in some sense RAReQS is close to expansion-based solvers
(e.g. Quantor, Nenofex) but the expansion is driven by
counterexamples
• step-by-step expansion enables RAReQS to avoid inherent
memory blowup of expansion solvers
• enables solving a large number of practical instances not
solved by state-of-the-art solvers
(220 instances that only RAReQS solved)
• in the future we plan to further develop the integration
between DPLL and CEGAR
Janota et al.
Solving QBF with Counterexample Guided Refinement
14 / 16
Conclusions and Future Work
• a novel CEGAR-based technique for QBF solving RAReQS
• in some sense RAReQS is close to expansion-based solvers
(e.g. Quantor, Nenofex) but the expansion is driven by
counterexamples
• step-by-step expansion enables RAReQS to avoid inherent
memory blowup of expansion solvers
• enables solving a large number of practical instances not
solved by state-of-the-art solvers
(220 instances that only RAReQS solved)
• in the future we plan to further develop the integration
between DPLL and CEGAR
• in RAReQS we plan to investigate how to integrate
techniques used in other solvers (e.g. dependency detection)
Janota et al.
Solving QBF with Counterexample Guided Refinement
14 / 16
Questions?
Janota et al.
Solving QBF with Counterexample Guided Refinement
15 / 16
Results
Total instances solved (out of 4669):
RAReQS
GhostQ
GhostQ-C
Qube
Quantor
Nenofex
3868
2449
2801
2916
1462
1317
RAReQS vs GhostQ
RAReQS vs Qube
RAReQS vs Quantor
Only
RAReQS
1661
Only
RAReQS
998
Only
RAReQS
2436
Both
2207
Both
2870
Both
1432
Only GhostQ
242
Only Qube
46
Only Quantor
30
Janota et al.
Solving QBF with Counterexample Guided Refinement
16 / 16
© Copyright 2026 Paperzz