DPLLbased Checkers for Satisfiability Modulo Theories Cesare Tinelli

  • Slides: 40
Download presentation
DPLL-based Checkers for Satisfiability Modulo Theories Cesare Tinelli Department of Computer Science The University

DPLL-based Checkers for Satisfiability Modulo Theories Cesare Tinelli Department of Computer Science The University of Iowa Joint work with Jed Hagen (Iowa) Robert Nieuwenhuis, Albert Oliveras (TUC) CMU, Oct 4

Talk Plan n Propositional satisfiability and the DPLL procedure n. A calculus for DPLL

Talk Plan n Propositional satisfiability and the DPLL procedure n. A calculus for DPLL n Satisfiability n The modulo theories DPLL(T 1, …Tn) calculus n Implementing n Some the DPLL(T 1, …Tn) calculus experimental results CMU, Oct 4

Background n Propositional satisfiability (SAT) is one of the most fundamental problems in AI

Background n Propositional satisfiability (SAT) is one of the most fundamental problems in AI and CS. n SAT is decidable, but it is NP-complete. n An effective method for SAT was pioneered by Davis, Putman, Logemann, and Loveland (DPLL). n The best modern SAT solvers (Chaff, Berkmin, Siege, …) are based on DPLL. CMU, Oct 4

The DPLL Procedure as a Calculus Context (partial assignment) CMU, Oct 4

The DPLL Procedure as a Calculus Context (partial assignment) CMU, Oct 4

The DPLL Calculus CMU, Oct 4

The DPLL Calculus CMU, Oct 4

The DPLL Calculus (cont. ) Lits( ) = { all atoms in and their

The DPLL Calculus (cont. ) Lits( ) = { all atoms in and their negation } CMU, Oct 4

Correctness of DPLL = { propositional clauses } Prop. Every derivation tree of |-

Correctness of DPLL = { propositional clauses } Prop. Every derivation tree of |- is finite. Prop. is satisfiable iff |- has a derivation tree with a successful branch. CMU, Oct 4

Talk Plan ü Propositional satisfiability and the DPLL procedure üA calculus for DPLL n

Talk Plan ü Propositional satisfiability and the DPLL procedure üA calculus for DPLL n Satisfiability n The modulo theories DPLL(T 1, …Tn) calculus n Implementing n Some the DPLL(T 1, …Tn) calculus experimental results CMU, Oct 4

Satisfiability Modulo Theories DPLL-based methods can also decide the satisfiability of quantifier-free, first-order formulas

Satisfiability Modulo Theories DPLL-based methods can also decide the satisfiability of quantifier-free, first-order formulas n Often, however, one is interested in the satisfiability of a quantifier-free formula in a given FO theory T n – Example: Is R(a, b) R(b, c) R(a, c) satisfiable? What if R stands for a transitive relation? n Applications: planning, scheduling, verification, compiler optimization, … CMU, Oct 4

Checking Satisfiability Modulo Theories Current approaches: n Eager translation into SAT – Encode problem

Checking Satisfiability Modulo Theories Current approaches: n Eager translation into SAT – Encode problem and theory into an equisatisfiable propositional formula – Feed formula to a SAT-solver n Lazy “translation” into SAT – Couple a SAT solver with a decision procedure for theory CMU, Oct 4

Idea of Lazy Approach Fact: Many theories of interest have (efficient) decision procedures for

Idea of Lazy Approach Fact: Many theories of interest have (efficient) decision procedures for sets of literals. Problem: in practice, dealing with Boolean combinations of literals is as hard as in the propositional case. Solution: use propositional satisfiability technology for the Boolean part. CMU, Oct 4

Previous Lazy Approaches [Ar 00, Aud 02, Ba 02, de. M 02, …] CMU,

Previous Lazy Approaches [Ar 00, Aud 02, Ba 02, de. M 02, …] CMU, Oct 4

Our Approach [Tin 02, ON 03] Embed decision procedures into the SAT solver. More

Our Approach [Tin 02, ON 03] Embed decision procedures into the SAT solver. More abstractly: Embed decision procedures into the DPLL Calculus. CMU, Oct 4

The DPLL(T) Calculus Checked by decision procedure for T iff every model of T

The DPLL(T) Calculus Checked by decision procedure for T iff every model of T that satisfies also satisfies l CMU, Oct 4

The DPLL(T) Calculus CMU, Oct 4

The DPLL(T) Calculus CMU, Oct 4

The DPLL(T) Calculus All the DPLL rules plus: CMU, Oct 4

The DPLL(T) Calculus All the DPLL rules plus: CMU, Oct 4

Correctness of DPLL(T) = {quantifier-free clauses in T’s signature} Prop. Every derivation tree of

Correctness of DPLL(T) = {quantifier-free clauses in T’s signature} Prop. Every derivation tree of |- is finite. Prop. is T-satisfiable iff |- has a derivation tree with a successful branch. CMU, Oct 4

Satisfiability Modulo Multiple Theories n Let T 1, …, Tn be distinct theories with

Satisfiability Modulo Multiple Theories n Let T 1, …, Tn be distinct theories with resp. decision procedures P 1, …, Pn n How can we reason over all of them with DPLL(T)? n Quick Solution: – Combine P 1, …, Pn with the Nelson-Oppen method into a decision procedure for T 1 … Tn – Use DPLL(T) with T = T 1 … Tn CMU, Oct 4

Satisfiability Modulo Multiple Theories n Let T 1, …, Tn be distinct theories with

Satisfiability Modulo Multiple Theories n Let T 1, …, Tn be distinct theories with resp. decision procedures P 1, …, Pn n How can we reason over all of them with DPLL(T)? n Better Solution: – Embed the Nelson-Oppen method directly into the calculus – Turn DPLL(T) into DPLL(T 1, …, Tn ) CMU, Oct 4

The DPLL(T 1, …, Tn) Calculus: Preliminaries n Let n=2, for simplicity n Let

The DPLL(T 1, …, Tn) Calculus: Preliminaries n Let n=2, for simplicity n Let Ti be a theory of signature i for i=1, 2, with 1 2 = n Assume wlog that each input literal has signature 1 or 2 (no mixed literals) CMU, Oct 4

The DPLL(T 1, …, Tn) Calculus: Notation n Lits( , i) = { i-atoms

The DPLL(T 1, …, Tn) Calculus: Notation n Lits( , i) = { i-atoms in and their negation} n i = { i-literals of } n s = { x = y | x, y vars( 1) vars( 2) } CMU, Oct 4

The DPLL(T 1, …, Tn) Calculus All the DPLL rules but with new Only

The DPLL(T 1, …, Tn) Calculus All the DPLL rules but with new Only change CMU, Oct 4

The DPLL(T 1, …, Tn) Calculus (cont. ) New theory rules (i=1, 2): CMU,

The DPLL(T 1, …, Tn) Calculus (cont. ) New theory rules (i=1, 2): CMU, Oct 4

Correctness of DPLL(T 1, …, Tn) A theory T is stably infinite iff =

Correctness of DPLL(T 1, …, Tn) A theory T is stably infinite iff = {T-satisfiable quantifier-free in every qff isclauses satisfiable (T 1. . . T in an infinite modeln)’s of Tsignature } Prop. If T 1, …, Tn are • stably-infinite and • pairwise signature-disjoint then is (T 1. . . Tn)-satisfiable iff |- has a derivation tree with a successful branch. CMU, Oct 4

Talk Plan ü Propositional satisfiability and the DPLL procedure üA calculus for DPLL ü

Talk Plan ü Propositional satisfiability and the DPLL procedure üA calculus for DPLL ü Satisfiability ü The modulo theories DPLL(T 1, …Tn) calculus n Implementing n Some the DPLL(T 1, …Tn) calculus experimental results CMU, Oct 4

Making DPLL Efficient n Literal selection strategies n Intelligent backtracking (backjumping) n Learning (lemma

Making DPLL Efficient n Literal selection strategies n Intelligent backtracking (backjumping) n Learning (lemma generation) CMU, Oct 4

Making DPLL(T 1, …, Tn) Efficient n T-based literal selection strategies n T-based intelligent

Making DPLL(T 1, …, Tn) Efficient n T-based literal selection strategies n T-based intelligent backtracking n T-based learning CMU, Oct 4

Implementing DPLL(T 1, …, Tn) In theory, it suffices to have decision procedures Pi

Implementing DPLL(T 1, …, Tn) In theory, it suffices to have decision procedures Pi s. t. Pi({l 1, …, ln}) = true iff {l 1, …, ln} is Ti-unsatisfiable In practice, it is better if to have a solver for each Ti with additional functionalities CMU, Oct 4

Ti-solver Interface type status = Valid | Unsat | Undef type lit = sign

Ti-solver Interface type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list meth status : pred status explanation : pred lit set assert : lit set backtrack : int unit } CMU, Oct 4

Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign

Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list … meth status (p : pred) : status ensures result = Valid <=> context |=T p & result = Unsat <=> context |=T ~p … } CMU, Oct 4

Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign

Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list … meth explanation (p : pred) : lit set requires status(p) != Undef ensures result context & status(p) = Valid => result |=T p & status(p) = Unsat => result |=T ~p … } CMU, Oct 4

Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign

Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list … meth assert ((sign, p) : lit set requires status(p) = Undef ensures context’ = (sign, p): : context & (sign, p) result & forall (lit result) context’ |=T lit & not(context |=T lit) … } CMU, Oct 4

Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign

Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list … meth backtrack (n : int) : unit requires 1 <= n & n <= length(context) ensures context = lit 1: : … : : litn: : context’ … } CMU, Oct 4

Talk Plan ü Propositional satisfiability and the DPLL procedure üA calculus for DPLL ü

Talk Plan ü Propositional satisfiability and the DPLL procedure üA calculus for DPLL ü Satisfiability ü The modulo theories DPLL(T 1, …Tn) calculus ü Implementing n Some the DPLL(T 1, …Tn) calculus experimental results CMU, Oct 4

Experimental Results T = theory of successor and predecessor + free symbols p(s(x)) =

Experimental Results T = theory of successor and predecessor + free symbols p(s(x)) = x s(p(x)) = x p(x) = p(y) => x = y s(x) = s(y) => x = y 0 pn(x) 0 sn(x) pn(x) pm(x) sn(x) sm(x) (for each n > 0) (for each m, n with m > n > 0) Popular in hardware verification CMU, Oct 4

Experimental Results n T-solver based on a novel congruence closure algorithm [ON 03] n

Experimental Results n T-solver based on a novel congruence closure algorithm [ON 03] n DPLL(T) engine with: – Chaff-style literal selection function – 2 -watched literal unit propagation – conflict set-based backjumping – 1 st-UIP lemma generation n C implementation CMU, Oct 4

Experimental Results n Benchmarks produced with UCLID tool [BLJ 02] n Comparisons with –

Experimental Results n Benchmarks produced with UCLID tool [BLJ 02] n Comparisons with – SVC – 4 SAT-translation methods by Bryant et al. n Machine: Pentium IV, 2. 63 GHz, 512 MB RAM n Times in seconds, with timeout at 6000 s CMU, Oct 4

See external table CMU, Oct 4

See external table CMU, Oct 4

Conclusions n DPLL(T 1, …, Tn) is a sound and complete calculus for satisfiability

Conclusions n DPLL(T 1, …, Tn) is a sound and complete calculus for satisfiability modulo T 1 … Tn. n General framework for integrating decision procedures into the DPLL method. n Decision procedures drive the derivation instead of just validating solutions. n Major optimization techniques from SAT can be lifted to DPLL(T 1, …, Tn). n Initial experimental results are very promising CMU, Oct 4

Further Work (in Progress) n New version of the DPLL(T) calculus, to model more

Further Work (in Progress) n New version of the DPLL(T) calculus, to model more accurately modern SAT engines n Non-clausal version of DPLL(T) n Implementation with more theories n A DPLL(T)-based system for solving integer linear programming (optimization) problems CMU, Oct 4