Deriving small unsatisfiable cores with dominators Ofer Strichman Joint work with Maya Koifman and Roman Gershman

Unsatisfiable cores Problem: given an unsatisfiable CNF, find a ‘small’ subset of clauses that is still unsatisfiable. Hard problems: Minimum Unsatisfiable core (2-complete) [G05] Minimal Unsatisfiable core (Dp-complete) [LS04, OMASM04, H05, NDH06]

Goal Typically part of a larger system (e.g., proof-based abstraction/refinement) Our Goal: a cost-effective algorithm for reducing the core size Reduction size `Velocity’ = clauses / sec.

A fixpoint approach [ZM03] run-till-fix(φ) { Repeat forever: U := unsatcore(φ) if U = φ return U; φ = U }

SAT solvers are complete resolution engines Specifically, if the formula is unsatisfiable: … they can output a resolution proof ending with the empty clause. Our approach is based on analyzing this graph.

Resolution graph L : Empty clause Inferred clauses Original clauses learning Original clauses L : Unsatisfiable core

Dominators A vertex d dominates another vertex m ≠ d, if every path from m to the sink-node contains d. m is called a minion of d ( ) d 12 Finding dominance relation: Lengauer – Tarjan: O(|E|log|V|) m m

Transforming the resolution graph Observation: If d is derivable without its minions M, then M can be removed from the core. d 12 L : L’(d)

Transforming the resolution graph Is there a proof of node d from L’(d)? d 12 L : L’(d)

An alternative proof. Suppose we have an alternative proof of d from L’(d): d 12 L : L’(d)

Then we can... Embed the new proof, and re-iterate. But: how do we find a resolution proof of d? 12 L : L’(d)

Transforming the resolution graph Q: How do we find a resolution proof L’(d) ` d? Recall: SAT can only generate a proof of unsatisfiability (the empty clause). A: Rely on the equivalence L’(d) ` d , L’(d) ^ !d ` () Problem: proof transformation

Proof transformation !d d = (z1 z2) L’(d) ^ !(z1 z2) ` ()

Rewriting the proof For every assumption (:z): For every addition of z rewrite rewrite

Proof transformation !d d = (z1 z2) L’(d) ^ !(z1 z2) ` ()

Proof transformation L’(d) ^ !(z1 z2) ` () L’(d) ` (z1 z2) L’ (d) !d

Proof transformation L’(d) ^ !(z1 z2) ` () L’(d) ` (z1 z2) L’ (d) !d

Proof transformation L’(d) ^ !(z1 z2) ` () L’(d) ` (z1 z2) L’ (d) !d

Proof transformation L’(d) ^ !(z1 z2) ` () L’(d) ` (z1 z2) L’ (d) !d

Proof transformation !d L’(d) ^ !(z1 z2) ` () L’(d) ` (z1 z2) Result is a ‘Clause Implication Graph’ L’ (d) !d

 L’ (d) ^ !d ` () L’ (d) ` d Create resolution graph R Create priority queue of R’s dominators None Select next dominator d Embed new proof in R Output: current leaves of R SAT (L’(d) ^ !d) yes  Remove old proof from R No L’ (d) ^ !d ` () Transform proof into L’ (d) ` d

Using Incremental SAT Reuse all clauses not on a path from the minions to the sink node. 14 d

Results – Accumulated # removed clauses 71 industrial benchmarks (timeout – 1 hour)

Trim-till-fix run-till-fix

71 industrial benchmarks (timeout – 1 hour) Core reduction: Trim-till-fix Run-till-fix

Conclusions Trim-till-fix Room for further research More continues Removes more clauses Room for further research Various combinations with Run-till-fix Different orderings of the dominators Removing variables, not clauses …

Acceleration