SAT and SMT solvers Ayrat Khalimov (based on Georg Hofferek‘s slides) AKDV 2014.

transcript

SAT and SMT solversAyrat Khalimov

(based on Georg Hofferek‘s slides)

AKDV 2014

Motivation

Institute for Applied Information Processing and Communications 2

• SAT solvers: They rocketed the model checking

• First-Order Theories Very expressive Efficient SMT Solvers

• What are they?

• How do solvers work?

Outline

• Propositional SAT solver DPLL algorithm

• Predicate Logic (aka. First-Order Logic) Syntax Semantics

• First Order Logic• First-Order Theories• SMT solver

Eager Encoding Lazy Encoding DPLL(T)

Scope of Solvers

propositional logicSAT solvers

first order logic

theory of equality

difference logic

Theorem provers

SMT solvers

linear integer arithmetic

theory of arrays

Notation• propositional variables

e.g., a, b, c, d, …

• literal is a variable or its negation e.g., a, b, …

• partial assignment A is a conjunction of literals e.g., A = a d

• clause is a disjunction of literals e.g., c = a b

• is a CNF formula (i.e. conjunction of clauses): e.g., = (a b d) c

• [A] is with all variables set according to A e.g., [A] = (FALSE b TRUE) c = b c

SAT Solver

Formula in CNF

Satisfiable(+ model)

Unsatisfiable(+ refutation

proof)

DPLL Algorithm

• Due to Davis, Putnam, Loveland, Logemann

two papers: 1960, 1962

• Basis for all modern SAT solvers

CNF as a Set of Clauses

• Formula: • Set Representation

Idea of DPLL-based SAT Solvers

• Recursively search an A: [A] is TRUE

• Proves satisfiable• “A” is a satisfying model

• No such A exists is unsatisfiable

Setting Literals

• Compute [l], for a literal l:

Remove all clauses that contain l:• They are true

Remove all literals l: • They are false (i.e., becomes a, becomes empty)

An empty clause is false

An empty set of clauses is true

Truth Value of a CNF

• At least one clause is empty: FALSE

• Clause set empty: TRUE

• Otherwise: Unassigned Literals left

DPLL Algorithm

// sat(, A)=TRUE iff [A] is satisfiable// sat(, true)=TRUE iff is satisfiablesat(, A){ if([A] = true) return TRUE; if([A] = false) return FALSE; // Some unassigned variables left l = pick unassigned variable; AT = A l; if(sat(, AT)) return TRUE; AF = A l; if(sat(, AF)) return TRUE; return FALSE;}

DPLL Example

• Formula to check: (a b) (b c) (c a)

1. sat((a b) (b c) (c a), true)2. sat( (a b) (b c) (c a), a)

3. sat( (a b) (b c) (c a), ab)4. sat( (a b) (b c) (c a), abc) unsat5. sat( (a b) (b c) (c a), abc) unsat

6. sat( (a b) (b c) (c a), ab) unsat7. sat( (a b) (b c) (c a), a)

8. sat((a b) (b c) (c a), ab)9. sat((a b) (b c) (c a), abc) sat

Boolean Constraint Propagation (BCP)

• Unit clause: a clause with a single unassigned literal Examples:

• (a)• (b)

• Unit Clause exists set its literal Very simple but very important heuristic!

DPLL with BCP

sat(, A){

while(unit clause occurs){ // l is only unassigned literal in // unit clause; A = A l; } if([A] = true) return TRUE; if([A] = false) return FALSE; l = pick unassigned variable; AT = A l; if(sat(, AT)) return TRUE; AF = A l; if(sat(, AF)) return TRUE; return FALSE;}

Example

1. sat((a b) (b c) (c a), true)2. sat( (a b) (b c) (c a), a)3. [BCP]: sat( (a b) (b c) (c a), ab)4. [BCP]: sat( (a b) (b c) (c a), abc) unsat5. sat( (a b) (b c) (c a), a)

6. sat( (a b) (b c) (c a), ab)7. sat((a b) (b c) (c a), abc) sat

Can we do better?

sat(, A){ while(unit clause occurs){ // l is only unassigned literal in // unit clause; A = A l; } if([A] = true) return TRUE; if([A] = false) return FALSE; l = pick unassigned variable; AT = A l; if(sat(, AT)) return TRUE; AF = A l; if(sat(, AF)) return TRUE; return FALSE;}

Pure Literals

• Pure literal: Literal for unassigned variable The variable appears in one phase only

• Pure literals true them

DPLL with BCP and Pure Literals

sat(, A){ while(unit clause occurs){ // BCP let l be only unassigned literal in c; A = A l; }

while(pure literal l exists){ // Pure literals A = A l; } if([A] = true) return TRUE; if([A] = false) return FALSE; l = pick a literal that does not occur in A; AT = A l; if(sat(, AT)) return TRUE; AL = A l; if(sat(, AL)) return TRUE; return FALSE;}

Example

1. sat((a b) (b c) (c a), true) [a pure]2. sat( (a b) (b c) (c a), a) [b pure]3. sat( (a b) (b c) (c a), ab) sat

Can we do better?

sat(, A){ while(unit clause l occurs) A = A l; while(pure literal l exists) A = A l; if([A] = true) return TRUE; if([A] = false) return FALSE; l = pick a literal that does not occur in A; AT = A l; if(sat(, AT)) return TRUE; AL = A l; if(sat(, AL)) return TRUE; return FALSE;}

• Whenever we get the conflict analyze it

• add clauses to avoid in future

2013-03-08 Institute for Applied Information Processing and Communications

Learning: informal

Learning

1. (a c)2. (b c)3. (a b c)4. (a b)5. (a b)6. (a b)7. (a b)

Learning

The problem is with a: no need to set c=true!

Without learning

Learning

a false7

We learn: a

Learning & Backtracking

1. (a c)2. (b c)3. (a b c)4. (a b)5. (a b)6. (a b)7. (a b)8. a

Jump back to level 0 is smart

LEVEL 0

LEVEL 1

LEVEL 2a false

We learn: a

Jump back to level 0 is smart

LEVEL 0

LEVEL 1

LEVEL 2

a b4 false5 LEVEL 0

LEVEL 1

LEVEL 2

a b4 false5

We learn: UNSAT, becauseno decision was necessary

LEVEL 0

LEVEL 1

LEVEL 2

Backtrack Level

• Three important possibilities1. Backtrack as usual2. Restart for every learned clause3. Go to the earliest level in which the conflict

clause is a unit clause

• Option 3 often performs better

Can we do better? (learning is not shown)

sat(, A){ while(unit clause l occurs) A = A l; while(pure literal l exists) A = A l; if([A] = true) return TRUE; if([A] = false) return FALSE; l = pick a literal that does not occur in A; AT = A l; if(sat(, AT)) return TRUE; AF = A l; if(sat(, AF)) return TRUE; return FALSE;}

how to pick literals?

Institute for Applied Information Processing and Communications 32Source: Armin Biere’s slides: http://fmv.jku.at/rerise14/rerise14-sat-slides.pdf

Effect of picking heuristics on SAT solver performance

Can we do better? -- Special cases

2013-03-08 Institute for Applied Information Processing and Communications 33

• Horn clauses can be solved in polynomial time• Cut width algorithm

source: http://gauss.ececs.uc.edu/SAT/

Syntax of Predicate Logic

• Two sorts:

Objects• Numbers• Strings• Elements of sets• …

Truth values• IsEven(42)

“Terms”

“Formulas”

From Terms to Formulas

Term Term

Formula

Predicate

FOL formulae: informal definition

quantifiers over variables

predicates: binary , etc.

functions

• can FO formulae quantify over functions/predicates?

• can FO formulae have free (non-quantified) variables?

• * can FO formulae have ‘uninterpreted’ functions?

• * can FO formula has infinite number of atoms?

Syntax of Predicate Logic

• Variables 𝕍 x, y, z, …

• Functions 𝔽 f, g, h, … (arity > 0) constants (arity = 0)

• Predicates ℙ P, Q, R, … (with arity > 0)

• Terms and Formulae defined next𝕋

Terms 𝕋

• Variable is a term

• Constant is a term

• If are terms, is -ary function then is a term

Formulae

Preconditions:

• Terms

• -ary predicate symbol

• formulae

• Variable

True and False FO formulae

• Functions and predicates in FO formulae are ‘uninterpreted’ they can be any

• Variables in FO formulae have no domains what can x, y be?

• What does it mean that this formula is true? or false?

• Depends..

Model for ( , , )𝔽 ℙ 𝕍

• Non-empty set Domain for variables Possibly infinite Non-empty

• For constansts : concrete element • For functions : concrete function • For predicates : subset ℙ (of arity n)

i.e., set of tuples on which is true

Semantics of Predicate Logic

• Formula Over , , 𝔽 ℙ 𝕍

• Model For , , 𝔽 ℙ 𝕍

• ? ( has no free variables)

Inductive Definition

Semantics of Predicate Logic• For of the form

iff , for all

• For of the form iff , for at least one

• For of the form , , Like in propositional logic

• No free variables => any predicate has concrete arguments

• Let model M be: D = {1,2} , others gives F f(1, ..)=1, f(2, 1)=1, f(2,2)=2

2013-03-08 Institute for Applied Information Processing and Communications

Examples

Satisfiable FO formulae is sat

means there is a model:• there is a non-empty domain D for x, y

for example, D={1,2}• there is predicate P, function :

for example, i.e. P(1,2)=true, P(2,.)=false for example, , i.e.

such that

Valid FO formulae

is validiff it is satisfied by any model

Let us check for example the model:• D={1,2}• P={1,2}

i.e., P(1)=P(2)=T• function is any from {1,2} to {1,2}

Some facts about our world

• Gödel proved that every valid FO formula has a finite proof.

• Church-Turing proved that no algorithm exists that can decide if FO formula is invalid

deductionalgorithm

FO formula

may never terminate

if valid

if invalid

Notion of “Theory”

Application Domain

Structures & Objects

Predicates &Functions

ArithmeticNumbers (Integers,

Rationals, Reals)

ComputerPrograms

Arrays, BitvectorsArray-Read,

Array-Write, …

Definition of a Theory

First-Order Theory :

1. Signature Constants Predicates Functions

2. Set of Axioms Sentences (=Formulas without free variables) with

symbols from only

-formula:(non-logic) symbols

from only

: possibly infinite

Example: Theory of Equality

• Signature

Binary equality predicate

Arbitrary constant symbols (no function/predicate symbols!)

• Axioms :

1. (reflexivity)

2. (symmetry)

3. (transitivity)

Model View

• We check satisfiability and validity only wrt models that satisfy axioms “Satisfiability modulo (=‘with respect to’) theories”

All possible Models

Models satisfying all axioms

-Satisfiability

• Green: Models Satisfying all Axioms• Violet: Models Satisfying Formula in Question

-Satisfiable

Not -Satisfiable

-Validity

• Green: Models Satisfying all Axioms• Violet: Models Satisfying Formula in Question

-Valid

Not -Valid

Theory Formulas vs. FO Formulas

TheoryFormula

𝒜→𝝓 𝒜∧𝝓

equisatisfiable

Fragment of a Theory

• Syntactically restricted subset

Quantifier-free fragment

Conjunctive fragment • e.g.:

Scope of Solvers

first order logic

theory of equality

difference logic

Theorem provers

SMT solvers

theory of arrays

Deciding Satisfiability (quantifier free theory): main methods

1. Eager Encoding

Equisatisfiable

propositional formula

one fat SAT call

2. Lazy Encoding

Theory Solver

Conjunctive Fragment

Blocking Clauses

numerous SAT calls

3. DPLL (T)

Example: Theory of Uninterpreted Functions and Equality

• Signature Binary equality predicate Arbitrary constant- and function-symbols

• Axioms :

1.-3. same as in (reflexivity), (symmetry), (transitivity)

(function congruence)Axiom Schema: Template for (infinite number of) axioms

Two-Stage Eager Encoding

(quant.-free) formula

equisatisfiable formula

equisatisfiablepropositional formula

Ackermann’s Reduction

Graph-based Reduction

SAT Solver

Ackermann’s Reduction (from to

• Fresh Variables

, , ...

• Functional Constraints

• formula:

Perform Ackermann’s Reduction for

Graph-Based Reduction (from to propositional)

• Non-Polar Equality Graph

Node per variable

Edge per (dis)equality

• Make it chordal

No chord-free cycles (size > 3)

Graph-Based Reduction (from to propositional)

• Fresh Propositional Variables

Order!

• Triangle : Transitivity Constraints

𝒄 𝒃

SAT Solver

Perform Graph-Based Reduction for

Summary: Eager Encoding

(quant.-free) formula

equisatisfiable formula

equisatisfiablepropositional formula

Ackermann’s Reduction

Graph-based Reduction

SAT Solver

𝝓𝑬=𝝓𝑭𝑪∧ �̂�𝑼𝑬

𝝓𝒑𝒓𝒐𝒑=𝝓𝑻𝑪∧ �̂�𝑬

Lazy Encoding

SAT Solver

Theory Solver

Assignment of Literals

Blocking Clause

𝒔𝒌𝒆𝒍 (𝝓)

SATUNSAT

Conjunctive (quant-free) Fragment of

• Conjunction of theory literals, where literals

Congruence-Closure Algorithm

• Equivalence Classes introduce class for each term

: merge classes of into one larger class

two classes shared terms -- merge classes! (repeat)

from same class:

Merge classes of (repeat)

• Check Disequalities in same class: UNSAT!

Otherwise: SAT!

Perform Congruence Closure for

Lazy Encoding

SAT Solver

Theory Solver

Assignment of Literals

Blocking Clause

𝒔𝒌𝒆𝒍 (𝝓)

SATUNSAT

DPLL(T)

Decide

full assignmentSAT

BCP/PL

partial assignment

Analyze Conflict

conflictUNSAT

Learn & Backtrack

Theory Solver Add Clauses

partial assignment

theory propagation / conflict

partial assignment

Scope of Solvers

first order logic

theory of equality

difference logic

Theorem provers

SMT solvers

theory of arrays

Summary

• Propositional SAT Problem DPLL

• First-Order Theories Examples:

• Satisfiability modulo theories Eager Encoding Lazy Encoding DPLL(T)

Self-check: learning targets

• Explain Satisfiability Modulo Theories• Describe Theory of Uninterpreted Functions

and Equality• Explain and use

Ackermann’s Reduction Graph-based Reduction Congruence Closure DPLL DPLL(T)

• History of satisfiability: http://gauss.ececs.uc.edu/SAT/articles/FAIA185-0003.pdf

• SAT basics: http://gauss.ececs.uc.edu/SAT/articles/sat.pdf

• Conflict Driven Clause Learning: http://gauss.ececs.uc.edu/SAT/articles/FAIA185-0131.pdf

• Armin Biere’s slides: http://fmv.jku.at/rerise14/rerise14-sat-slides.pdf

• SAT game http://www.cril.univ-artois.fr/~roussel/satgame/satgame.php?level=1&lang=eng

• Logic and Computability classes by Georg http://www.iaik.tugraz.at/content/teaching/bachelor_courses/logik_und_berechenbarkeit/ Institute for Applied Information Processing and Communications

some reading

SAT and SMT solvers Ayrat Khalimov (based on Georg Hofferek‘s slides) AKDV 2014.

Documents