400 likes | 543 Views
DPLL-based Checkers for Satisfiability Modulo Theories. Cesare Tinelli Department of Computer Science The University of Iowa Joint work with Jed Hagen (Iowa) Robert Nieuwenhuis, Albert Oliveras (TUC). Talk Plan. Propositional satisfiability and the DPLL procedure A calculus for DPLL
E N D
DPLL-based Checkers for Satisfiability Modulo Theories Cesare Tinelli Department of Computer Science The University of Iowa Joint work with Jed Hagen (Iowa) Robert Nieuwenhuis, Albert Oliveras (TUC) CMU, Oct 4
Talk Plan • Propositional satisfiability and the DPLL procedure • A calculus for DPLL • Satisfiability modulo theories • The DPLL(T1,…Tn) calculus • Implementing the DPLL(T1,…Tn) calculus • Some experimental results CMU, Oct 4
Background • Propositional satisfiability (SAT) is one of the most fundamental problems in AI and CS. • SAT is decidable, but it is NP-complete. • An effective method for SAT was pioneered by Davis, Putman, Logemann, and Loveland (DPLL). • The best modern SAT solvers (Chaff, Berkmin, Siege, …) are based on DPLL. CMU, Oct 4
Context (partial assignment) The DPLL Procedure as a Calculus CMU, Oct 4
The DPLL Calculus CMU, Oct 4
The DPLL Calculus (cont.) Lits() = { all atoms in and their negation } CMU, Oct 4
Correctness of DPLL = { propositional clauses } Prop. Every derivation tree of |- is finite. Prop. is satisfiable iff |- has a derivation tree with a successful branch. CMU, Oct 4
Talk Plan • Propositional satisfiability and the DPLL procedure • A calculus for DPLL • Satisfiability modulo theories • The DPLL(T1,…Tn) calculus • Implementing the DPLL(T1,…Tn) calculus • Some experimental results CMU, Oct 4
Satisfiability Modulo Theories • DPLL-based methods can also decide the satisfiability of quantifier-free, first-order formulas • Often, however, one is interested in the satisfiability of a quantifier-free formula in a given FO theory T • Example: Is R(a,b) R(b,c) R(a,c) satisfiable? What if R stands for a transitive relation? • Applications: planning, scheduling, verification, compiler optimization, … CMU, Oct 4
Checking Satisfiability Modulo Theories Current approaches: • Eager translation into SAT • Encode problem and theory into an equisatisfiable propositional formula • Feed formula to a SAT-solver • Lazy “translation” into SAT • Couple a SAT solver with a decision procedure for the theory CMU, Oct 4
Idea of Lazy Approach Fact: Many theories of interest have (efficient) decision procedures for sets of literals. Problem: in practice, dealing with Boolean combinations of literals is as hard as in the propositional case. Solution: use propositional satisfiability technology for the Boolean part. CMU, Oct 4
Previous Lazy Approaches [Ar00,Aud02,Ba02,deM02,…] CMU, Oct 4
Our Approach [Tin02, ON03] Embed decision procedures into the SAT solver. More abstractly: Embed decision procedures into the DPLL Calculus. CMU, Oct 4
Checked by decision procedure for T The DPLL(T) Calculus iff every model of T that satisfies also satisfies l CMU, Oct 4
The DPLL(T) Calculus CMU, Oct 4
The DPLL(T) Calculus All the DPLL rules plus: CMU, Oct 4
Correctness of DPLL(T) = {quantifier-free clauses in T’s signature} Prop. Every derivation tree of |- is finite. Prop. is T-satisfiable iff |- has a derivation tree with a successful branch. CMU, Oct 4
Satisfiability Modulo Multiple Theories • Let T1,…, Tn be distinct theories with resp. decision procedures P1,…,Pn • How can we reason over all of them with DPLL(T)? • Quick Solution: • Combine P1,…,Pn with the Nelson-Oppen method into a decision procedure for T1 … Tn • Use DPLL(T) with T =T1 … Tn CMU, Oct 4
Satisfiability Modulo Multiple Theories • Let T1,…, Tn be distinct theories with resp. decision procedures P1,…,Pn • How can we reason over all of them with DPLL(T)? • Better Solution: • Embed the Nelson-Oppen method directly into the calculus • Turn DPLL(T) into DPLL(T1,…,Tn ) CMU, Oct 4
The DPLL(T1,…,Tn) Calculus: Preliminaries • Let n=2, for simplicity • Let Ti be a theory of signature i for i=1,2, with 1 2 = • Assume wlog that each input literal has signature 1 or 2 (no mixed literals) CMU, Oct 4
The DPLL(T1,…,Tn) Calculus: Notation • Lits(, i) = {i-atoms in and their negation} • i = { i-literals of } • s = { x = y | x, y vars(1) vars(2) } CMU, Oct 4
Only change The DPLL(T1,…,Tn) Calculus All the DPLL rules but with new CMU, Oct 4
The DPLL(T1,…,Tn) Calculus (cont.) New theory rules (i=1,2): CMU, Oct 4
Correctness of DPLL(T1,…,Tn) A theory T is stably infinite iff every T-satisfiable qff is satisfiable in an infinite model of T • = { quantifier-free clauses in • (T1...Tn)’s signature } • Prop. If T1, …, Tn are • stably-infinite and • pairwise signature-disjoint • then is (T1...Tn)-satisfiable iff • |- has a derivation tree with a successful branch. CMU, Oct 4
Talk Plan • Propositional satisfiability and the DPLL procedure • A calculus for DPLL • Satisfiability modulo theories • The DPLL(T1,…Tn) calculus • Implementing the DPLL(T1,…Tn) calculus • Some experimental results CMU, Oct 4
Making DPLL Efficient • Literal selection strategies • Intelligent backtracking(backjumping) • Learning (lemma generation) CMU, Oct 4
Making DPLL(T1,…,Tn) Efficient • T-based literal selection strategies • T-based intelligent backtracking • T-based learning CMU, Oct 4
Implementing DPLL(T1,…,Tn) • In theory, • it suffices to have decision proceduresPi s.t. • Pi({l1, …, ln}) = true • iff • {l1, …, ln} is Ti-unsatisfiable • In practice, • it is better if to have a solver for each Ti with additional functionalities CMU, Oct 4
Ti-solver Interface type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list meth status : pred status meth explanation : pred lit set meth assert : lit lit set meth backtrack : int unit } CMU, Oct 4
Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list … methstatus (p : pred) : status ensures result = Valid <=> context |=T p & result = Unsat <=> context |=T ~p … } CMU, Oct 4
Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list … methexplanation (p : pred) : lit set requires status(p) != Undef ensures result context & status(p) = Valid => result |=T p & status(p) = Unsat => result |=T ~p … } CMU, Oct 4
Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list … methassert ((sign,p) : lit) : lit set requires status(p) = Undef ensurescontext’ = (sign,p)::context & (sign,p) result & forall (lit result) context’ |=T lit & not(context |=T lit) … } CMU, Oct 4
Ti-solver Specification type status = Valid | Unsat | Undef type lit = sign * pred Class Solver { attr context : lit list … methbacktrack (n : int) : unit requires 1 <= n & n <= length(context) ensures context = lit1:: … ::litn::context’ … } CMU, Oct 4
Talk Plan • Propositional satisfiability and the DPLL procedure • A calculus for DPLL • Satisfiability modulo theories • The DPLL(T1,…Tn) calculus • Implementing the DPLL(T1,…Tn) calculus • Some experimental results CMU, Oct 4
Experimental Results T = theory of successor and predecessor + free symbols p(s(x)) = x s(p(x)) = x p(x) = p(y) => x = y s(x) = s(y) => x = y 0 pn(x) (for each n > 0) 0 sn(x) (for each n > 0) pn(x) pm(x) (for each m,n with m > n > 0) sn(x) sm(x) (for each m,n with m > n > 0) Popular in hardware verification CMU, Oct 4
Experimental Results • T-solver based on a novel congruence closure algorithm [ON03] • DPLL(T) engine with: • Chaff-style literal selection function • 2-watched literal unit propagation • conflict set-based backjumping • 1st-UIP lemma generation • C implementation CMU, Oct 4
Experimental Results • Benchmarks produced with UCLID tool [BLJ02] • Comparisons with • SVC • 4 SAT-translation methods by Bryant et al. • Machine: Pentium IV, 2.63 GHz, 512MB RAM • Times in seconds, with timeout at 6000s CMU, Oct 4
See external table CMU, Oct 4
Conclusions • DPLL(T1,…,Tn) is a sound and complete calculus for satisfiability modulo T1…Tn. • General framework for integrating decision procedures into the DPLL method. • Decision procedures drive the derivation instead of just validating solutions. • Major optimization techniques from SAT can be lifted to DPLL(T1,…,Tn). • Initial experimental results are very promising CMU, Oct 4
Further Work (in Progress) • New version of the DPLL(T) calculus, to model more accurately modern SAT engines • Non-clausal version of DPLL(T) • Implementation with more theories • A DPLL(T)-based system for solving integer linear programming (optimization) problems CMU, Oct 4