Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Satisfiability Modulo Theories

Published byMerryl Hart Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction to Satisfiability Modulo Theories"— Presentation transcript:

1 Introduction to Satisfiability Modulo Theories
Yakir Vizel SMT Seminar Spring 2014

2 Outline Background The SMT World SMT Solving Propositional logic
DPLL-style SAT solvers The SMT World First order logic Theories SMT Solving Eager approach Lazy approach DPLL(T)

3 Motivation Are these two programs equal?
int power3(int in) { int i, out_a; out_a = in; for (i=0; i<2; i++) out_a = out_a * in; return out_a; } int power3_new(int in) { int out_b; out_b = (in * in) * in; return out_b; } In general, this is an undecidable problem No sound and complete method

4 Motivation (2) Only bounded loops in our example
out0_a = in ⋀ out1_a = out0_a * in ⋀ out2_a = out1_a * in out0_b = (in * in) * in Need to prove that ja ⋀ jb  out2_a = out0_b is a valid formula

5 Basic Definitions Assignment to a formula j is a mapping from the variables of j to a domain D (a ⋁ b)  c: a -> 1, b -> 0, c -> 1 Given a formula j it is satisfiable if there exists an assignments s.t. j is evaluated to TRUE it is contradiction if such an assignment does not exist it is a tautology (or valid) if under every assignment it evaluates to TRUE

6 Decision Procedure The Decision Problem for a given formula j is to determine whether j is valid So clearly, a Decision Procedure…  We want it to be Sound and Complete Sound = returns “Valid” when j is valid Complete = terminates, and when j is valid, it returns “Valid” A Theory is decidable if there is a decision procedure for it

7 Formal Reasoning We want to reason about the validity (or satisfiability) of a formula Model Theoretic approach Enumerate possible solutions Need a finite number of candidates Proof Theoretic approach Deductive mechanism Based on axioms and inference rules Forms an inference system

8 Formal Reasoning Three statements Prime number greater than 2 – A
If x is a prime number greater than 2, then x is odd It it not the case that x is not a prime number greater than 2 x is not odd Prime number greater than 2 – A Odd number - B A  B ØØA ØB

9 Inference Rules j1  j2 j1 (M.P) j2 j ¬j (CONTR) FALSE (DOUBLE NEG)
Modus Pones (DOUBLE NEG) ¬¬j ⇔ j

10 Proof Theoretic A  B ØØA ØB A B (premise) 2. ØØA (premise)
(DOUBLE NEG) ¬¬j ⇔ j 3. A (2, DOUBLE NEG) 4. ØB (premise) j1  j j1 (M.P) j2 5. B (1+3, M.P) 6. FALSE (4+5, CONTR)

11 Model Theoretic A  B ØØA ØB A B AB (AB) ⋀ A (AB) ⋀ A ⋀ ¬B 1

12 Propositional Logic Logic: The alphabet:
A (formal) language for making statements about objects and reasoning about properties of these objects The alphabet: Countable set of proposition symbols: a, b, c, … Logical connectives: ⋁ (or), ⋀ (and), ¬ (not/negation), ≣ (equivalence),  (implication) Connectives can be expressed using other connectives (a  b) is the same as (¬a ⋁ b)

13 Propositional Logic (2)
Formula is defined using the following grammar: formula: formula ⋀ formula | ¬formula | (formula) | atom atom: Boolean variable | TRUE | FALSE An example to a data structure that uses this grammar: And-Inverter Graph (AIG) a b c

14 Normal Forms Negation Normal Form Conjunctive Normal Form
Use only or, and and not ¬ appears only on proposition symbols (variables) Conjunctive Normal Form literal: a or Øa clause: disjunction of literals CNF: conjunction of clauses

15 DPLL-style SAT solvers
GRASP, CHAFF, MiniSAT, Glucose Objective: Check satisfiability of a CNF formula Given a CNF formula, is there a satisfying assignment? Approach: Branch: make arbitrary decisions Propagate implication graph Use conflicts to guide inference steps SAT solvers can also generate refutation proofs!

16 Pseudo Code DPLL(j) AddClauses(cnf(j));
if (BCP() == “confl”) return UnSAT; while (true) do if (!Decide()) return SAT; while(BCP() == “confl”) do bl = Analyze(); if (bl < 0) return UnSAT; else BackTrack(bl);

17 The Implication Graph (BCP)
(Øa Ú b) Ù (Øb Ú c Ú d) d b a Øc Decisions Assignment: a Ù b Ù Øc Ù d

18 Propositional Resolution
a Ú b Ú Øc Øa Ú Øc Ú d b Ú Øc Ú d When a conflict occurs, the implication graph is used to guide the resolution of clauses, so that the same conflict will not occur again.

19 Conflict Clauses (a Ú c) Ù (Øa Ú b) Ù (Øb Ú c Ú d) Ù (Øb Ú Ø d)
Decision (Øa Ú c) resolve (Øb Ú c ) resolve b Conflict! Ø Conflict! Conflict! d Assignment: a Ù b Ù Øc Ù d

20 Conflict Clauses Øc Ù (a Ú c) Ù (Øa Ú b) Ù (Øb Ú c Ú d) Ù (Øb Ú Ø d)
( ) (Øa Ú c) (Øb Ú c ) b (c) a Øc d

21 Generating refutations
Refutation = a proof of the null clause Record a DAG containing all resolution steps performed during conflict clause generation. When null clause is generated, we can extract a proof of the null clause as a resolution DAG. Original clauses Derived clauses Null clause

22 Formal Reasoning – Which?
Model Theoretic The SAT solver tries to find an assignment In a way enumerating assignments Makes arbitrary decisions for variables Proof Theoretic The learning scheme when hitting a conflict Uses Resolution as an inference rule The only inference rule v ⋁ A ¬v ⋁ B (RES) A ⋁ B SO… Combination of the two… 

23 Circuit to SAT Can the circuit output be 1? CNF(p) (a Ú Øg) Ù (b Ú Øg)
Ù(Øa Ú Øb Ú g) CNF(p) input variables a g (Øg Ú p) Ù (Øc Ú p) Ù(g Ú c Ú Øp) b output variable p c p is satisfiable when the formula CNF(p) Ù p is satisfiable

24 Questions? Is a SAT Solver a Decision Procedure? Yes!
But it looks for an assignment…? Yes, but can prove the lack of one So, in order to prove the validity of j Prove ¬j is a contradiction

25 First Order Logic The alphabet: Countable set of symbols: a, b, c, …
Logical connectives: ⋁ (or), ⋀ (and), ¬ (not/negation), ≣ (equivalence),  (implication), quantifiers (∀,∃), Non-logical symbols functions (F(x1,…,xn)) Constants (1,2,3,…) Predicate symbols (x > 0)

26 First Order Logic The Decision Problem for FOL is undecidable
There is no sound and complete decision procedure for it Several approaches Limit the syntax Only FOL formulas without quantifiers or function symbols Limit the possible models (assignments) Not always easier Show validity for a given Theory Propositional logic is a “subset” – or formally – a Theory

27 Equality and Uninterpreted Functions
Or in short EUF Based on (x1 = y1 Ù … Ù xn = yn)  f(x1,…,xn) = f(y1,….,yn) NP-Complete problem Meaning  Decidable Polynomial reduction to propositional problem

28 Equality and Uninterpreted Functions
Recall the motivating example out0_a = in ⋀ out1_a = out0_a * in ⋀ out2_a = out1_a * in out0_b = (in * in) * in out0_a = in ⋀ out1_a = F(out0_a, in) ⋀ out2_a = F(out1_a, in) out0_b = F(F(in, in), in) Suitable for any function F

29 Linear Arithemetic Or LIA Formulas of the form Usage
3x + 2y ≤ 5z ⋀ 2x -2y = 0 Equality is a fragment of LIA Usage Code optimizations performed by compilers

30 Arrays Operations on array data-structure Basic operations
A map from an index to an element Basic operations Read an element from an index i Writing an element to index i

31 Satisfiability Modulo Theories
Objective: Given a theory T check satisfiability of a T-formula Approach: Eager encoding Reduce to a SAT problem Lazy encoding Intro to DPLL(T) DPLL(T)

32 Reduction to SAT SMT Solving is based on the observation that a T-formula can be reduced to SAT (x-y≤0) ⋀ (y-z≤0) ⋀ ((z-x≤-1) ⋁ (z-x≤-2)) Use Boolean variables for each conjunct a – (x-y≤0) b – (y-z≤0) c – (z-x≤-1) d – (z-x≤-2) a ⋀ b ⋀ (c ⋁ d)

33 Eager Encoding Reduction to SAT clearly does not capture the semantics
Eagerly encode the semantics into the formula In our example, we have four T-atoms: a,b,c,d Need to capture the relation between the atoms: Are a and b consistent? Are a and ¬b consistent? Are a and b and c consistent? Can lead to 2n relations – Exponential! 

34 Eager Encoding - Example
Back to our examples (x-y≤0) ⋀ (y-z≤0) ⋀ ((z-x≤-1) ⋁ (z-x≤-2)) a ⋀ b ⋀ (c ⋁ d) Clearly (x-y≤0), (y-z≤0) and (z-x≤-1) cannot be all TRUE Thus we can add ¬(a ⋀ b ⋀ c) In a similar manner we add ¬(¬a ⋀ ¬b ⋀ ¬c) ¬(a ⋀ b ⋀ d) ¬(¬a ⋀ ¬b ⋀ ¬d)

35 Eager Encoding – Example (2)
The resulting formula (a ⋀ b ⋀ (c ⋁ d)) ⋀ ¬(a ⋀ b ⋀ c) ⋀ ¬(¬a ⋀ ¬b ⋀ ¬c) ⋀ ¬(a ⋀ b ⋀ d) ⋀ ¬(¬a ⋀ ¬b ⋀ ¬d) The formula is then passed to a SAT solver If it is satisfiable, then so is the original formula Same goes for unsatisfiability Redundancy? ¬(¬a ⋀ ¬b ⋀ ¬d) ¬(¬a ⋀ ¬b ⋀ ¬c)

36 Schematics Encoder SAT-Solver T-Solver SMT formula CNF formula
SAT/UnSAT CNF formula T-Solver CNF + Relations

37 Pseudo Code Eager(j) R = T-Solver(lit(j)); B = e(j) ⋀ e(R);
while (true) do <a, res> = SAT(B); if (res == “UnSAT”) return UnSAT else return SAT;

38 Eager Encoding Pros Cons Easy to implement
SAT solver is used as a black-box Works well for bit-vectors theory Cons Encoding may get too big to handle Search starts only after entire problem is translated

39 Lazy Encoding Recall: reduction to SAT does not capture the semantics
Lazily encode the semantics into the formula How? Less redundancies

40 Lazy Encoding – How it works
Our example (x-y≤0) ⋀ (y-z≤0) ⋀ ((z-x≤-1) ⋁ (z-x≤-2)) a ⋀ b ⋀ (c ⋁ d) Start by trying to solve the propositional formula If UnSAT – done Otherwise, get the assignment a -> TRUE, b -> TRUE, c -> TRUE, d -> FALSE Check if the assignment hold in the theory If yes, a true assignment Otherwise, block the assignment: ¬(a ⋀ b ⋀ c ⋀ ¬d) Solve again

41 Schematics Encoder SAT-Solver T-Solver SMT formula CNF formula
UnSAT CNF formula T-Solver SAT assignment blocking clause

42 Pseudo Code Lazy(j) B = e(j); while (true) do <a, res> = SAT(B);
if (res == “UnSAT”) return UnSAT else <t,res> = T-Solver(T(a)) if (res == “SAT”) return SAT; B = B ⋀ e(t)

43 Lazy Encoding Pros Cons Easy to implement
SAT solver is used as a black-box Need to implement T-Solver Cons SAT Solver must finish entirely before T-inconsistency is checked SAT Solver restarts (at the beginning) if last assignment failed

44 How Can We Improve? The SAT Solver and T-Solver are separate
Each works as a black-box Try to bring them closer together One should help the other

45 Incrementality Problem
SAT Solver restarts (at the beginning) if last assignment failed Keep the state of the SAT solver, and simply resume After a full assignment is found, check with T-Solver If not a real assignment, add a clause and BCP

46 Pseudo Code Lazy-DPLL(j) AddClauses(cnf(e(j)));
if (BCP() == “confl”) return UnSAT; while (true) do if (!Decide()) <t,res> = T-Solver(T(a)) if (res == “SAT”) return SAT; AddClause(e(t)); while(BCP() == “confl”) do bl = Analyze(); if (bl < 0) return UnSAT; else BackTrack(bl); else

47 Use Partial Assignment
Problem SAT Solver must finish entirely before T-inconsistency is checked Try to find a T-inconsistency using only a partial assignment Send partial assignment to T-Solver after k decisions May be hard to find the optimal k

48 Use Partial Assignment
Consider a formula that has (10 ≤ x) and (x < 0) (represented by v and u respectively) v and u are both assigned to TRUE Every call to the T-Solver results in UnSAT May also be due to other reasons Thus, when these two are assigned TRUE we want to block all possible assignments By adding ¬(v ⋀ u)

49 Theory Propagation How do we improve more? Deeper integration 
T-Solver uses current partial assignment to deduce values for other literals Similar to BCP, but using the Theory Improves performance dramatically But makes conflict analysis hard

50 Theory Propagation Consider a formula that has (10 ≤ x), (x < 0), (x ≤ y) and (5 ≤ y) By knowing that (10 ≤ x) and (x ≤ y) are assigned to TRUE, the T-Solver can deduce facts Decisions (10 ≤ x) ¬(x < 0) (x ≤ y) (5 ≤ y)

51 Pseudo Code DPLL_T(j) AddClauses(cnf(e(j)));
if (BCP() == “confl”) return UnSAT; while (true) do if (!Decide()) return SAT; repeat while(BCP() == “confl”) do bl = Analyze(); if (bl < 0) return UnSAT; else BackTrack(bl); <t,res> = T-Solver(T(a)) AddClause(e(t)); until (t == true)

52 Schematics Encoder T-Solver SAT-Solver SMT formula CNF formula
UnSAT/SAT CNF formula T-Solver

53 Combining Theories We have seen how to solve a specific theory
But what if we have 3x + 2y ≤ f(z) ⋀ f(x) -2y = 0 LIA_UF Assuming we have a decision procedure for each theory There is a procedure, called Nelson-Oppen Other conditions as well

54 Advanced Topics Proof generation Interpolants generation
We want something similar to a Resolution Proof in the propositional case Interpolants generation Specific methods for different theories Based on deduction rules Specific usage in model checking

55 Questions?

Download ppt "Introduction to Satisfiability Modulo Theories"

Similar presentations

SMELS: Sat Modulo Equality with Lazy Superposition Christopher Lynch – Clarkson Duc-Khanh Tran - MPI.

SMELS: Sat Modulo Equality with Lazy Superposition Christopher Lynch – Clarkson Duc-Khanh Tran - MPI.
The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.

The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.
Exploiting SAT solvers in unbounded model checking

Exploiting SAT solvers in unbounded model checking
Exploiting SAT solvers in unbounded model checking K. L. McMillan Cadence Berkeley Labs.

Exploiting SAT solvers in unbounded model checking K. L. McMillan Cadence Berkeley Labs.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Completeness and Expressiveness

Completeness and Expressiveness
Satisfiability Modulo Theories (An introduction)

Satisfiability Modulo Theories (An introduction)
SMT Solvers (an extension of SAT) Kenneth Roe. Slide thanks to C. Barrett & S. A. Seshia, ICCAD 2009 Tutorial 2 Boolean Satisfiability (SAT) ⋁ ⋀ ¬ ⋁ ⋀

SMT Solvers (an extension of SAT) Kenneth Roe. Slide thanks to C. Barrett & S. A. Seshia, ICCAD 2009 Tutorial 2 Boolean Satisfiability (SAT) ⋁ ⋀ ¬ ⋁ ⋀
UIUC CS 497: Section EA Lecture #2 Reasoning in Artificial Intelligence Professor: Eyal Amir Spring Semester 2004.

UIUC CS 497: Section EA Lecture #2 Reasoning in Artificial Intelligence Professor: Eyal Amir Spring Semester 2004.
Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 

Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 
Proofs from SAT Solvers Yeting Ge ACSys NYU Nov 20 2007.

Proofs from SAT Solvers Yeting Ge ACSys NYU Nov
1 Logic Logic in general is a subfield of philosophy and its development is credited to ancient Greeks. Symbolic or mathematical logic is used in AI. In.

1 Logic Logic in general is a subfield of philosophy and its development is credited to ancient Greeks. Symbolic or mathematical logic is used in AI. In.
Inference and Reasoning. Basic Idea Given a set of statements, does a new statement logically follow from this. For example If an animal has wings and.

Inference and Reasoning. Basic Idea Given a set of statements, does a new statement logically follow from this. For example If an animal has wings and.
We have seen that we can use Generalized Modus Ponens (GMP) combined with search to see if a fact is entailed from a Knowledge Base. Unfortunately, there.

We have seen that we can use Generalized Modus Ponens (GMP) combined with search to see if a fact is entailed from a Knowledge Base. Unfortunately, there.
Methods of Proof Chapter 7, second half.. Proof methods Proof methods divide into (roughly) two kinds: Application of inference rules: Legitimate (sound)

Methods of Proof Chapter 7, second half.. Proof methods Proof methods divide into (roughly) two kinds: Application of inference rules: Legitimate (sound)
Logic Use mathematical deduction to derive new knowledge.

Logic Use mathematical deduction to derive new knowledge.
Logic.

Logic.
CPSC 422, Lecture 21Slide 1 Intelligent Systems (AI-2) Computer Science cpsc422, Lecture 21 Mar, 4, 2015 Slide credit: some slides adapted from Stuart.

CPSC 422, Lecture 21Slide 1 Intelligent Systems (AI-2) Computer Science cpsc422, Lecture 21 Mar, 4, 2015 Slide credit: some slides adapted from Stuart.
Properties of SLUR Formulae Ondřej Čepek, Petr Kučera, Václav Vlček Charles University in Prague SOFSEM 2012 January 23, 2012.

Properties of SLUR Formulae Ondřej Čepek, Petr Kučera, Václav Vlček Charles University in Prague SOFSEM 2012 January 23, 2012.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

Similar presentations

Ads by Google