decision procedures and verifjcation
play

Decision Procedures and Verifjcation NAIL094 Petr Kuera Charles - PowerPoint PPT Presentation

Decision Procedures and Verifjcation NAIL094 Petr Kuera Charles University 2019/20 (6th lecture) Petr Kuera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 1 / 42 Satisfjability Modulo Theories (SMT)


  1. Interpretation Formula 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) is true. there is a structure under which is satisfjable (unquantifjed) variables An assignment of a domain element to each of the free defjnes semantic of functions, predicates, constants A domain 9 / 42 Is the following formula true in natural numbers � ? ϕ = (∃ x )[ x + 0 = 1 ] Depends on the interpretation of the signature ( 0 , 1 , + , = ) Interpretation of signature Σ consists of Interpretation of the symbols in Σ

  2. Interpretation Formula 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) is true. there is a structure under which is satisfjable (unquantifjed) variables An assignment of a domain element to each of the free defjnes semantic of functions, predicates, constants A domain 9 / 42 Is the following formula true in natural numbers � ? ϕ = (∃ x )[ x + 0 = 1 ] Depends on the interpretation of the signature ( 0 , 1 , + , = ) Interpretation of signature Σ consists of Interpretation of the symbols in Σ

  3. Interpretation Formula 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) is true. there is a structure under which is satisfjable (unquantifjed) variables An assignment of a domain element to each of the free defjnes semantic of functions, predicates, constants A domain 9 / 42 Is the following formula true in natural numbers � ? ϕ = (∃ x )[ x + 0 = 1 ] Depends on the interpretation of the signature ( 0 , 1 , + , = ) Interpretation of signature Σ consists of Interpretation of the symbols in Σ

  4. Interpretation A domain defjnes semantic of functions, predicates, constants An assignment of a domain element to each of the free (unquantifjed) variables Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 9 / 42 Is the following formula true in natural numbers � ? ϕ = (∃ x )[ x + 0 = 1 ] Depends on the interpretation of the signature ( 0 , 1 , + , = ) Interpretation of signature Σ consists of Interpretation of the symbols in Σ Formula ϕ is satisfjable ⇔ there is a structure under which ϕ is true.

  5. Theory all variables are quantifjed 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) can be derived by inference rules remaining sentences of -theory is usually specifjed with a set of axioms from which -formula without free variables -sentence — -sentences consists of -theory Restricts the structures which are consistent with the theory 10 / 42 Assume signature Σ . Σ -theory T puts restrictions on interpretations of symbols in Σ .

  6. Theory Restricts the structures which are consistent with the theory all variables are quantifjed Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 10 / 42 Assume signature Σ . Σ -theory T puts restrictions on interpretations of symbols in Σ . Σ -theory T consists of Σ -sentences Σ -sentence — Σ -formula without free variables Σ -theory is usually specifjed with a set of axioms from which remaining sentences of T can be derived by inference rules

  7. Theory Restricts the structures which are consistent with the theory all variables are quantifjed Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 10 / 42 Assume signature Σ . Σ -theory T puts restrictions on interpretations of symbols in Σ . Σ -theory T consists of Σ -sentences Σ -sentence — Σ -formula without free variables Σ -theory is usually specifjed with a set of axioms from which remaining sentences of T can be derived by inference rules

  8. Theory Restricts the structures which are consistent with the theory all variables are quantifjed Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 10 / 42 Assume signature Σ . Σ -theory T puts restrictions on interpretations of symbols in Σ . Σ -theory T consists of Σ -sentences Σ -sentence — Σ -formula without free variables Σ -theory is usually specifjed with a set of axioms from which remaining sentences of T can be derived by inference rules

  9. Example Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 11 / 42 T -Satisfjability and T -Validity Assume signature Σ and Σ -theory T Defjnition ( T -satisfjability and validity) A formula ϕ is T -satisfjable if there exists an interpretation which satisfjes both the formula ϕ and the sentences of T A formula ϕ is T -valid if every interpretation which satisfjes the sentences of T also satisfjes ϕ Consider formula in theory T of linear arithmetic

  10. Petr Kučera (Charles University) Example Decision Procedures and Verifjcation 2019/20 (6th lecture) 11 / 42 T -Satisfjability and T -Validity Assume signature Σ and Σ -theory T Defjnition ( T -satisfjability and validity) A formula ϕ is T -satisfjable if there exists an interpretation which satisfjes both the formula ϕ and the sentences of T A formula ϕ is T -valid if every interpretation which satisfjes the sentences of T also satisfjes ϕ Consider formula in theory T of linear arithmetic ϕ = ( ( x ≤ 5 ) ∨ ( x > y ) ) ∧ ( ( x > 5 ) ∨ ( x < y ) )

  11. Petr Kučera (Charles University) Example Decision Procedures and Verifjcation 2019/20 (6th lecture) 11 / 42 T -Satisfjability and T -Validity Assume signature Σ and Σ -theory T Defjnition ( T -satisfjability and validity) A formula ϕ is T -satisfjable if there exists an interpretation which satisfjes both the formula ϕ and the sentences of T A formula ϕ is T -valid if every interpretation which satisfjes the sentences of T also satisfjes ϕ Consider formula in theory T of linear arithmetic ϕ = ( ( x ≤ 5 ) ∨ ( x > y ) ) ∧ ( ( x > 5 ) ∨ ( x < y ) ) ϕ is T -satisfjable (e.g. set x = 4 , y = 5 ) ϕ is not T -valid

  12. Petr Kučera (Charles University) Example Decision Procedures and Verifjcation 2019/20 (6th lecture) 11 / 42 T -Satisfjability and T -Validity Assume signature Σ and Σ -theory T Defjnition ( T -satisfjability and validity) A formula ϕ is T -satisfjable if there exists an interpretation which satisfjes both the formula ϕ and the sentences of T A formula ϕ is T -valid if every interpretation which satisfjes the sentences of T also satisfjes ϕ Consider formula in theory T of linear arithmetic ϕ = ( x < y ) ∧ ( y < z ) ∧ ( z < x ) ϕ is not T -satisfjable …nor it is T -valid

  13. Example Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 11 / 42 T -Satisfjability and T -Validity Assume signature Σ and Σ -theory T Defjnition ( T -satisfjability and validity) A formula ϕ is T -satisfjable if there exists an interpretation which satisfjes both the formula ϕ and the sentences of T A formula ϕ is T -valid if every interpretation which satisfjes the sentences of T also satisfjes ϕ Consider formula in theory T of linear arithmetic ( ∀ x )( ∀ y )( ∀ z )[ x < y ∧ y < z → x < z ] ϕ is a T -valid Σ -sentence

  14. Example Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 11 / 42 T -Satisfjability and T -Validity Assume signature Σ and Σ -theory T Defjnition ( T -satisfjability and validity) A formula ϕ is T -satisfjable if there exists an interpretation which satisfjes both the formula ϕ and the sentences of T A formula ϕ is T -valid if every interpretation which satisfjes the sentences of T also satisfjes ϕ Consider formula in theory T of linear arithmetic ϕ = ( x ≤ x ) ∧ ¬( x < x ) ϕ is T -valid

  15. Equality refmexivity symmetry transitivity Then the following is a -valid sentence Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 12 / 42 Assume a theory T which contains the following axioms of equality ( ∀ x )[ x = x ] ( ∀ x )( ∀ y )[ x = y → y = x ] ( ∀ x )( ∀ y )( ∀ z )[ x = y ∧ y = z → x = z ]

  16. Equality refmexivity symmetry transitivity Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 12 / 42 Assume a theory T which contains the following axioms of equality ( ∀ x )[ x = x ] ( ∀ x )( ∀ y )[ x = y → y = x ] ( ∀ x )( ∀ y )( ∀ z )[ x = y ∧ y = z → x = z ] Then the following is a T -valid sentence ( ∀ x )( ∀ y )( ∀ z )[((( x = y ) ∧ ¬ ( y = z )) → ¬ ( x = z ))]

  17. Problem to be Solved SMT solvers aim to solve the following problem Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 13 / 42 Assume a signature Σ and a Σ -theory T T -Satisfiability Instance: A quantifjer-free Σ -formula ϕ Question: Is ϕ a T -satisfjable formula?

  18. Conjunctive Fragment Conjunctive fragment possibly returns a model (satisfying interpretation) Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 14 / 42 Conjunctive fragment of theory T with signature Σ consists of formulas that are conjunctions of Σ -literals. Assume a fjxed signature Σ and a Σ -theory T Decision procedure DP T for the conjunctive fragment T takes a conjunction ψ of Σ -literals as the input, decides if ψ is T -satisfjable,

  19. Example: Decision procedure for the theory of equality -unsatisfjable if and only if there exists an inequality edge 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) . using only edges in to such that there is a path from is Decision procedure where Defjnition (Equality graph) 15 / 42 Assume a conjunction ϕ of Σ -literals of form x = y and x ≠ y Equality graph for a formula ϕ is an undirected graph G ( V , E = , E ≠ ) The nodes in V correspond to variables in ϕ Edge { x , y } ∈ E = if and only if ϕ contains Σ -literal x = y Edge { x , y } ∈ E ≠ if and only if ϕ contains Σ -literal x ≠ y .

  20. Example: Decision procedure for the theory of equality Defjnition (Equality graph) where Decision procedure Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 15 / 42 Assume a conjunction ϕ of Σ -literals of form x = y and x ≠ y Equality graph for a formula ϕ is an undirected graph G ( V , E = , E ≠ ) The nodes in V correspond to variables in ϕ Edge { x , y } ∈ E = if and only if ϕ contains Σ -literal x = y Edge { x , y } ∈ E ≠ if and only if ϕ contains Σ -literal x ≠ y . ϕ is T -unsatisfjable if and only if there exists an inequality edge { x , y } ∈ E ≠ such that there is a path from x to y using only edges in { x , y } ∈ E = .

  21. Example: Decision procedure for the theory of equality Formula is -unsatisfjable Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 16 / 42 ϕ = ( x 1 ≠ x 2 ) ∧ ( x 2 = x 3 ) ∧ ( x 3 = x 4 ) ∧ ( x 4 = x 1 )

  22. Example: Decision procedure for the theory of equality Formula 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) -unsatisfjable is 16 / 42 ϕ = ( x 1 ≠ x 2 ) ∧ ( x 2 = x 3 ) ∧ ( x 3 = x 4 ) ∧ ( x 4 = x 1 ) x 1 ≠ x 2 x 1 x 2 x 4 = x 1 x 2 = x 3 x 4 x 3 x 3 = x 4

  23. Example: Decision procedure for the theory of equality Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 16 / 42 ϕ = ( x 1 ≠ x 2 ) ∧ ( x 2 = x 3 ) ∧ ( x 3 = x 4 ) ∧ ( x 4 = x 1 ) x 1 ≠ x 2 x 1 x 2 x 4 = x 1 x 2 = x 3 x 4 x 3 x 3 = x 4 Formula ϕ is T -unsatisfjable

  24. Case Splitting Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 17 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 Checking T -satisfjability of ϕ can be split into the following four cases

  25. Case Splitting — Case 1 Case 1 Formula is not -satisfjable Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 18 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 ↓ ↓ ϕ 1 = x 1 = x 2 ∧ x 1 = x 2 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4

  26. Case Splitting — Case 1 Case 1 Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 18 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 ↓ ↓ ϕ 1 = x 1 = x 2 ∧ x 1 = x 2 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 Formula ϕ 1 is not T -satisfjable

  27. Case Splitting — Case 2 Case 2 Formula is not -satisfjable Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 19 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 ↓ ↓ ϕ 2 = x 1 = x 2 ∧ x 1 = x 4 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4

  28. Case Splitting — Case 2 Case 2 Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 19 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 ↓ ↓ ϕ 2 = x 1 = x 2 ∧ x 1 = x 4 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 Formula ϕ 2 is not T -satisfjable

  29. Case Splitting — Case 3 Case 3 Formula is not -satisfjable Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 20 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 ↓ ↓ ϕ 3 = x 1 = x 3 ∧ x 1 = x 2 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4

  30. Case Splitting — Case 3 Case 3 Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 20 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 ↓ ↓ ϕ 3 = x 1 = x 3 ∧ x 1 = x 2 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 Formula ϕ 3 is not T -satisfjable

  31. Case Splitting — Case 4 Case 4 Formula is not -satisfjable Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 21 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 ↓ ↓ ϕ 4 = x 1 = x 3 ∧ x 1 = x 4 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4

  32. Case Splitting — Case 4 Case 4 Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 21 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 ↓ ↓ ϕ 4 = x 1 = x 3 ∧ x 1 = x 4 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 Formula ϕ 4 is not T -satisfjable

  33. None of these cases is Case Splitting -satisfjable, hence is not -satisfjable Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 22 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 Checking T -satisfjability of ϕ can be split into the following four cases 1 x 1 = x 2 ∧ x 1 = x 2 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 2 x 1 = x 2 ∧ x 1 = x 4 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 3 x 1 = x 3 ∧ x 1 = x 2 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 4 x 1 = x 3 ∧ x 1 = x 4 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4

  34. Case Splitting Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 22 / 42 Consider formula ϕ defjned as ( x 1 = x 2 ∨ x 1 = x 3 ) ∧ ( x 1 = x 2 ∨ x 1 = x 4 ) ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 Checking T -satisfjability of ϕ can be split into the following four cases 1 x 1 = x 2 ∧ x 1 = x 2 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 2 x 1 = x 2 ∧ x 1 = x 4 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 3 x 1 = x 3 ∧ x 1 = x 2 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 4 x 1 = x 3 ∧ x 1 = x 4 ∧ x 1 ≠ x 2 ∧ x 1 ≠ x 3 ∧ x 1 ≠ x 4 None of these cases is T -satisfjable, hence ϕ is not T -satisfjable

  35. Case Splitting Case splitting is ineffjcient Number of cases can be exponential in the size of the original formula Does not exploit the learning capabilities of CDCL solvers Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 23 / 42

  36. SMT Approach — Idea Utilize the learning capabilities of SAT Combination of and a SAT solver SAT solver fjnds a partial assignment satisfying the boolean structure of the formula checks if the conjunction of the corresponding -literals in the partial assignment is -satisfjable. Modular (and effjcient) solution Avoids explicit case splitting Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 24 / 42

  37. SMT Approach — Idea Utilize the learning capabilities of SAT SAT solver fjnds a partial assignment satisfying the boolean structure of the formula checks if the conjunction of the corresponding -literals in the partial assignment is -satisfjable. Modular (and effjcient) solution Avoids explicit case splitting Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 24 / 42 Combination of DP T and a SAT solver

  38. SMT Approach — Idea Utilize the learning capabilities of SAT SAT solver fjnds a partial assignment satisfying the boolean structure of the formula checks if the conjunction of the corresponding -literals in the partial assignment is -satisfjable. Modular (and effjcient) solution Avoids explicit case splitting Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 24 / 42 Combination of DP T and a SAT solver

  39. SMT Approach — Idea Utilize the learning capabilities of SAT SAT solver fjnds a partial assignment satisfying the boolean structure of the formula Modular (and effjcient) solution Avoids explicit case splitting Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 24 / 42 Combination of DP T and a SAT solver DP T checks if the conjunction of the corresponding Σ -literals in the partial assignment is T -satisfjable.

  40. SMT Approach — Idea Utilize the learning capabilities of SAT SAT solver fjnds a partial assignment satisfying the boolean structure of the formula Modular (and effjcient) solution Avoids explicit case splitting Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 24 / 42 Combination of DP T and a SAT solver DP T checks if the conjunction of the corresponding Σ -literals in the partial assignment is T -satisfjable.

  41. SMT Approach — Idea Utilize the learning capabilities of SAT SAT solver fjnds a partial assignment satisfying the boolean structure of the formula Modular (and effjcient) solution Avoids explicit case splitting Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 24 / 42 Combination of DP T and a SAT solver DP T checks if the conjunction of the corresponding Σ -literals in the partial assignment is T -satisfjable.

  42. Propositional Skeleton result of replacing each atom with its boolean encoder. Example The encoder of atom is The encoder of atom is The propositional skeleton of formula is defjned as Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 25 / 42 Boolean encoder of an atom a is a unique boolean variable e ( a ) . Propositional skeleton of a formula ϕ is denoted as e ( ϕ ) and is the

  43. Propositional Skeleton result of replacing each atom with its boolean encoder. Example The encoder of atom is The propositional skeleton of formula is defjned as Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 25 / 42 Boolean encoder of an atom a is a unique boolean variable e ( a ) . Propositional skeleton of a formula ϕ is denoted as e ( ϕ ) and is the The encoder of atom x = y is e ( x = y )

  44. Propositional Skeleton result of replacing each atom with its boolean encoder. Example The propositional skeleton of formula is defjned as Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 25 / 42 Boolean encoder of an atom a is a unique boolean variable e ( a ) . Propositional skeleton of a formula ϕ is denoted as e ( ϕ ) and is the The encoder of atom x = y is e ( x = y ) The encoder of atom x = z is e ( x = z )

  45. Propositional Skeleton result of replacing each atom with its boolean encoder. Example The propositional skeleton of formula is defjned as Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 25 / 42 Boolean encoder of an atom a is a unique boolean variable e ( a ) . Propositional skeleton of a formula ϕ is denoted as e ( ϕ ) and is the The encoder of atom x = y is e ( x = y ) The encoder of atom x = z is e ( x = z ) ϕ = ( x = y ) ∨ ( x = z ) e ( ϕ ) = e ( x = y ) ∨ e ( x = z )

  46. Assume a NNF formula Compute the propositional skeleton of Set initial propositional formula SAT solver will be iteratively called with Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 26 / 42 Integrating a SAT Solver With DP T ϕ = ( x = y ) ∧ (( y = z ∧ ¬( x = z )) ∨ ( x = z ))

  47. Assume a NNF formula Set initial propositional formula SAT solver will be iteratively called with Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 26 / 42 Integrating a SAT Solver With DP T ϕ = ( x = y ) ∧ (( y = z ∧ ¬( x = z )) ∨ ( x = z )) Compute the propositional skeleton of ϕ e ( ϕ ) = e ( x = y ) ∧ (( e ( y = z ) ∧ ¬ e ( x = z )) ∨ e ( x = z ))

  48. Assume a NNF formula Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 26 / 42 Integrating a SAT Solver With DP T ϕ = ( x = y ) ∧ (( y = z ∧ ¬( x = z )) ∨ ( x = z )) Compute the propositional skeleton of ϕ e ( ϕ ) = e ( x = y ) ∧ (( e ( y = z ) ∧ ¬ e ( x = z )) ∨ e ( x = z )) Set initial propositional formula B = e ( ϕ ) SAT solver will be iteratively called with B

  49. Assume it returned a satisfying assignment: Run on conjunction Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 27 / 42 Integrating a SAT Solver With DP T B = e ( x = y ) ∧ (( e ( y = z ) ∧ ¬ e ( x = z ) ) ∨ e ( x = z ) ) Run a SAT solver on B

  50. Assume it returned a satisfying assignment: Run on conjunction Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 27 / 42 Integrating a SAT Solver With DP T B = e ( x = y ) ∧ (( e ( y = z ) ∧ ¬ e ( x = z ) ) ∨ e ( x = z ) ) Run a SAT solver on B α = { e ( x = y ) , e ( y = z ) , ¬ e ( x = z )}

  51. Petr Kučera (Charles University) Assume it returned a satisfying assignment: Decision Procedures and Verifjcation 2019/20 (6th lecture) 27 / 42 Integrating a SAT Solver With DP T B = e ( x = y ) ∧ (( e ( y = z ) ∧ ¬ e ( x = z ) ) ∨ e ( x = z ) ) Run a SAT solver on B α = { e ( x = y ) , e ( y = z ) , ¬ e ( x = z )} Run DP T on conjunction ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ¬( x = z )

  52. declares unsatisfjable Extend by adding clause blocking assignment Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 28 / 42 Integrating a SAT Solver With DP T ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ¬ ( x = z )

  53. 28 / 42 declares 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) blocking assignment by adding clause Extend unsatisfjable Integrating a SAT Solver With DP T ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ¬ ( x = z ) y y y = = x z x ≠ z x z

  54. 28 / 42 Extend 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) blocking assignment by adding clause Integrating a SAT Solver With DP T ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ¬ ( x = z ) y y y = = x z x ≠ z x z DP T declares ̂ Th ( α ) unsatisfjable

  55. 28 / 42 Petr Kučera (Charles University) 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ¬ ( x = z ) y y y = = x z x ≠ z x z DP T declares ̂ Th ( α ) unsatisfjable Extend B by adding clause ¬ ̂ Th ( α ) blocking assignment α B ← B ∧ ( ¬ e ( x = y ) ∨ ¬ e ( y = z ) ∨ e ( x = z ))

  56. Assume it returned a satisfying assignment Run on conjunction Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 29 / 42 Integrating a SAT Solver With DP T B = e ( x = y ) ∧ (( e ( y = z ) ∧ ¬ e ( x = z ) ) ∨ e ( x = z ) ) ∧ ( ¬ e ( x = y ) ∨ ¬ e ( y = z ) ∨ e ( x = z ) ) Run a SAT solver on B

  57. Run Assume it returned a satisfying assignment on conjunction Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 29 / 42 Integrating a SAT Solver With DP T B = e ( x = y ) ∧ (( e ( y = z ) ∧ ¬ e ( x = z ) ) ∨ e ( x = z ) ) ∧ ( ¬ e ( x = y ) ∨ ¬ e ( y = z ) ∨ e ( x = z ) ) Run a SAT solver on B α = { e ( x = y ) , e ( y = z ) , e ( x = z )}

  58. Assume it returned a satisfying assignment Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 29 / 42 Integrating a SAT Solver With DP T B = e ( x = y ) ∧ (( e ( y = z ) ∧ ¬ e ( x = z ) ) ∨ e ( x = z ) ) ∧ ( ¬ e ( x = y ) ∨ ¬ e ( y = z ) ∨ e ( x = z ) ) Run a SAT solver on B α = { e ( x = y ) , e ( y = z ) , e ( x = z )} Run DP T on conjunction ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ( x = z )

  59. declares satisfjable The original formula is -satisfjable Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 30 / 42 Integrating a SAT Solver With DP T ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ( x = z )

  60. 30 / 42 declares 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) -satisfjable is The original formula satisfjable Integrating a SAT Solver With DP T ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ( x = z ) y y y = = x z x = z x z

  61. 30 / 42 The original formula 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) -satisfjable is Integrating a SAT Solver With DP T ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ( x = z ) y y y = = x z x = z x z DP T declares ̂ Th ( α ) satisfjable

  62. 30 / 42 Petr Kučera (Charles University) 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) = ( x = y ) ∧ ( y = z ) ∧ ( x = z ) y y y = = x z x = z x z DP T declares ̂ Th ( α ) satisfjable The original formula ϕ is T -satisfjable

  63. 31 / 42 Petr Kučera (Charles University) SAT solver 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) α DP T e ( t ) t SAT solver works with propositional skeleton B If B is unsatisfjable, then ϕ is T -unsatisfjable If B is satisfjable, satisfying assignment α is passed to DP T as a conjunction ̂ Th ( α ) DP T checks T -satisfjability of ̂ Th ( α ) If ̂ Th ( α ) is T -satisfjable, then ϕ is T -satisfjable If ̂ Th ( α ) is not T -satisfjable, DP T returns blocking clauses t also called lemma, e.g. t = ¬̂ Th ( α ) e ( t ) is added to B

  64. 31 / 42 Petr Kučera (Charles University) SAT solver 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) α DP T e ( t ) t SAT solver works with propositional skeleton B If B is unsatisfjable, then ϕ is T -unsatisfjable If B is satisfjable, satisfying assignment α is passed to DP T as a conjunction ̂ Th ( α ) DP T checks T -satisfjability of ̂ Th ( α ) If ̂ Th ( α ) is T -satisfjable, then ϕ is T -satisfjable If ̂ Th ( α ) is not T -satisfjable, DP T returns blocking clauses t also called lemma, e.g. t = ¬̂ Th ( α ) e ( t ) is added to B

  65. 31 / 42 Petr Kučera (Charles University) SAT solver 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) α DP T e ( t ) t SAT solver works with propositional skeleton B If B is unsatisfjable, then ϕ is T -unsatisfjable If B is satisfjable, satisfying assignment α is passed to DP T as a conjunction ̂ Th ( α ) DP T checks T -satisfjability of ̂ Th ( α ) If ̂ Th ( α ) is T -satisfjable, then ϕ is T -satisfjable If ̂ Th ( α ) is not T -satisfjable, DP T returns blocking clauses t also called lemma, e.g. t = ¬̂ Th ( α ) e ( t ) is added to B

  66. 31 / 42 Petr Kučera (Charles University) SAT solver 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) α DP T e ( t ) t SAT solver works with propositional skeleton B If B is unsatisfjable, then ϕ is T -unsatisfjable If B is satisfjable, satisfying assignment α is passed to DP T as a conjunction ̂ Th ( α ) DP T checks T -satisfjability of ̂ Th ( α ) If ̂ Th ( α ) is T -satisfjable, then ϕ is T -satisfjable If ̂ Th ( α ) is not T -satisfjable, DP T returns blocking clauses t also called lemma, e.g. t = ¬̂ Th ( α ) e ( t ) is added to B

  67. 31 / 42 Petr Kučera (Charles University) SAT solver 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) α DP T e ( t ) t SAT solver works with propositional skeleton B If B is unsatisfjable, then ϕ is T -unsatisfjable If B is satisfjable, satisfying assignment α is passed to DP T as a conjunction ̂ Th ( α ) DP T checks T -satisfjability of ̂ Th ( α ) If ̂ Th ( α ) is T -satisfjable, then ϕ is T -satisfjable If ̂ Th ( α ) is not T -satisfjable, DP T returns blocking clauses t also called lemma, e.g. t = ¬̂ Th ( α ) e ( t ) is added to B

  68. 31 / 42 Petr Kučera (Charles University) SAT solver 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) α DP T e ( t ) t SAT solver works with propositional skeleton B If B is unsatisfjable, then ϕ is T -unsatisfjable If B is satisfjable, satisfying assignment α is passed to DP T as a conjunction ̂ Th ( α ) DP T checks T -satisfjability of ̂ Th ( α ) If ̂ Th ( α ) is T -satisfjable, then ϕ is T -satisfjable If ̂ Th ( α ) is not T -satisfjable, DP T returns blocking clauses t also called lemma, e.g. t = ¬̂ Th ( α ) e ( t ) is added to B

  69. 31 / 42 Petr Kučera (Charles University) SAT solver 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) α DP T e ( t ) t SAT solver works with propositional skeleton B If B is unsatisfjable, then ϕ is T -unsatisfjable If B is satisfjable, satisfying assignment α is passed to DP T as a conjunction ̂ Th ( α ) DP T checks T -satisfjability of ̂ Th ( α ) If ̂ Th ( α ) is T -satisfjable, then ϕ is T -satisfjable If ̂ Th ( α ) is not T -satisfjable, DP T returns blocking clauses t also called lemma, e.g. t = ¬̂ Th ( α ) e ( t ) is added to B

  70. 31 / 42 Petr Kučera (Charles University) SAT solver 2019/20 (6th lecture) Decision Procedures and Verifjcation Integrating a SAT Solver With DP T ̂ Th ( α ) α DP T e ( t ) t SAT solver works with propositional skeleton B If B is unsatisfjable, then ϕ is T -unsatisfjable If B is satisfjable, satisfying assignment α is passed to DP T as a conjunction ̂ Th ( α ) DP T checks T -satisfjability of ̂ Th ( α ) If ̂ Th ( α ) is T -satisfjable, then ϕ is T -satisfjable If ̂ Th ( α ) is not T -satisfjable, DP T returns blocking clauses t also called lemma, e.g. t = ¬̂ Th ( α ) e ( t ) is added to B

  71. 32 / 42 return UNSAT 2019/20 (6th lecture) Decision Procedures and Verifjcation Petr Kučera (Charles University) while true do return SAT Integration of a SAT solver and DP T (1) Function LAZY-BASIC( ϕ ) Input: Formula ϕ Output: SAT if ϕ is T -satisfjable, UNSAT if not B ← e ( ϕ ) ( α, r ) ← SAT-solver( B ) if r = UNSAT then ( t , r ) ← Deduction( ̂ Th ( α ) ) // Calls DP T ( α ) if r = SAT then B ← B ∧ e ( t )

  72. Requirements 2 and 3 guarantee termination Requirement 1 guarantees soundness directly into the CDCL procedure of the SAT solver Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 33 / 42 Integration of a SAT solver and DP T (2) Assume Deduction( ̂ Th ( α ) ) returns UNSAT and a formula t Formula t should satisfy the following requirements: 1 The formula t is T -valid 2 The atoms in t are restricted to those appearing in ϕ 3 The encoding of t contradicts α , i.e. e ( t ) is blocking The cooperation can be much more effjcient if DP T is integrated

  73. Requirements 2 and 3 guarantee termination Requirement 1 guarantees soundness directly into the CDCL procedure of the SAT solver Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 33 / 42 Integration of a SAT solver and DP T (2) Assume Deduction( ̂ Th ( α ) ) returns UNSAT and a formula t Formula t should satisfy the following requirements: 1 The formula t is T -valid 2 The atoms in t are restricted to those appearing in ϕ 3 The encoding of t contradicts α , i.e. e ( t ) is blocking The cooperation can be much more effjcient if DP T is integrated

  74. Requirements 2 and 3 guarantee termination Requirement 1 guarantees soundness directly into the CDCL procedure of the SAT solver Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 33 / 42 Integration of a SAT solver and DP T (2) Assume Deduction( ̂ Th ( α ) ) returns UNSAT and a formula t Formula t should satisfy the following requirements: 1 The formula t is T -valid 2 The atoms in t are restricted to those appearing in ϕ 3 The encoding of t contradicts α , i.e. e ( t ) is blocking The cooperation can be much more effjcient if DP T is integrated

  75. Requirements 2 and 3 guarantee termination Requirement 1 guarantees soundness directly into the CDCL procedure of the SAT solver Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 33 / 42 Integration of a SAT solver and DP T (2) Assume Deduction( ̂ Th ( α ) ) returns UNSAT and a formula t Formula t should satisfy the following requirements: 1 The formula t is T -valid 2 The atoms in t are restricted to those appearing in ϕ 3 The encoding of t contradicts α , i.e. e ( t ) is blocking The cooperation can be much more effjcient if DP T is integrated

  76. Requirements 2 and 3 guarantee termination Requirement 1 guarantees soundness directly into the CDCL procedure of the SAT solver Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 33 / 42 Integration of a SAT solver and DP T (2) Assume Deduction( ̂ Th ( α ) ) returns UNSAT and a formula t Formula t should satisfy the following requirements: 1 The formula t is T -valid 2 The atoms in t are restricted to those appearing in ϕ 3 The encoding of t contradicts α , i.e. e ( t ) is blocking The cooperation can be much more effjcient if DP T is integrated

  77. Requirements 2 and 3 guarantee termination Requirement 1 guarantees soundness directly into the CDCL procedure of the SAT solver Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 33 / 42 Integration of a SAT solver and DP T (2) Assume Deduction( ̂ Th ( α ) ) returns UNSAT and a formula t Formula t should satisfy the following requirements: 1 The formula t is T -valid 2 The atoms in t are restricted to those appearing in ϕ 3 The encoding of t contradicts α , i.e. e ( t ) is blocking The cooperation can be much more effjcient if DP T is integrated

  78. Requirements 2 and 3 guarantee termination Requirement 1 guarantees soundness directly into the CDCL procedure of the SAT solver Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 33 / 42 Integration of a SAT solver and DP T (2) Assume Deduction( ̂ Th ( α ) ) returns UNSAT and a formula t Formula t should satisfy the following requirements: 1 The formula t is T -valid 2 The atoms in t are restricted to those appearing in ϕ 3 The encoding of t contradicts α , i.e. e ( t ) is blocking The cooperation can be much more effjcient if DP T is integrated

  79. Requirements 2 and 3 guarantee termination Requirement 1 guarantees soundness directly into the CDCL procedure of the SAT solver Petr Kučera (Charles University) Decision Procedures and Verifjcation 2019/20 (6th lecture) 33 / 42 Integration of a SAT solver and DP T (2) Assume Deduction( ̂ Th ( α ) ) returns UNSAT and a formula t Formula t should satisfy the following requirements: 1 The formula t is T -valid 2 The atoms in t are restricted to those appearing in ϕ 3 The encoding of t contradicts α , i.e. e ( t ) is blocking The cooperation can be much more effjcient if DP T is integrated

Recommend


More recommend