Easy Generation and Efficient Validation of Proofs for SAT and QBF - PowerPoint PPT Presentation

Easy Generation and Efficient Validation of Proofs for SAT and QBF Marijn J.H. Heule 1/37

Introduction to SAT and QBF Clausal Proof Systems for SAT and QBF Abstract Proof System for SAT Inprocessing Clausal Proofs for QBF Preprocessing Future Directions abd Conclusions 2/37

Dress Code as Satisfiability Problem Propositional logic: ◮ Boolean variables : tie and shirt ◮ negation : ¬ (not) ◮ disjunction ∨ disjunction (or) ◮ conjunction ∧ conjunction (and) Three conditions / clauses: ◮ clearly one should not wear a tie without a shirt ( ¬ tie ∨ shirt ) ◮ not wearing a tie nor a shirt is impolite ( tie ∨ shirt ) ◮ wearing a tie and a shirt is overkill ¬ ( tie ∧ shirt ) ≡ ( ¬ tie ∨ ¬ shirt ) Is ( ¬ tie ∨ shirt ) ∧ ( tie ∨ shirt ) ∧ ( ¬ tie ∨ ¬ shirt ) satisfiable? 3/37

A Small Satisfiability (SAT) Problem ( x 5 ∨ x 8 ∨ ¯ x 2 ) ∧ ( x 2 ∨ ¯ x 1 ∨ ¯ x 3 ) ∧ (¯ x 8 ∨ ¯ x 3 ∨ ¯ x 7 ) ∧ (¯ x 5 ∨ x 3 ∨ x 8 ) ∧ (¯ x 6 ∨ ¯ x 1 ∨ ¯ x 5 ) ∧ ( x 8 ∨ ¯ x 9 ∨ x 3 ) ∧ ( x 2 ∨ x 1 ∨ x 3 ) ∧ (¯ x 1 ∨ x 8 ∨ x 4 ) ∧ (¯ x 9 ∨ ¯ x 6 ∨ x 8 ) ∧ ( x 8 ∨ x 3 ∨ ¯ x 9 ) ∧ ( x 9 ∨ ¯ x 3 ∨ x 8 ) ∧ ( x 6 ∨ ¯ x 9 ∨ x 5 ) ∧ ( x 2 ∨ ¯ x 3 ∨ ¯ x 8 ) ∧ ( x 8 ∨ ¯ x 6 ∨ ¯ x 3 ) ∧ ( x 8 ∨ ¯ x 3 ∨ ¯ x 1 ) ∧ (¯ x 8 ∨ x 6 ∨ ¯ x 2 ) ∧ ( x 7 ∨ x 9 ∨ ¯ x 2 ) ∧ ( x 8 ∨ ¯ x 9 ∨ x 2 ) ∧ (¯ x 1 ∨ ¯ x 9 ∨ x 4 ) ∧ ( x 8 ∨ x 1 ∨ ¯ x 2 ) ∧ ( x 3 ∨ ¯ x 4 ∨ ¯ x 6 ) ∧ (¯ x 1 ∨ ¯ x 7 ∨ x 5 ) ∧ (¯ x 7 ∨ x 1 ∨ x 6 ) ∧ (¯ x 5 ∨ x 4 ∨ ¯ x 6 ) ∧ (¯ x 4 ∨ x 9 ∨ ¯ x 8 ) ∧ ( x 2 ∨ x 9 ∨ x 1 ) ∧ ( x 5 ∨ ¯ x 7 ∨ x 1 ) ∧ (¯ x 7 ∨ ¯ x 9 ∨ ¯ x 6 ) ∧ ( x 2 ∨ x 5 ∨ x 4 ) ∧ ( x 8 ∨ ¯ x 4 ∨ x 5 ) ∧ ( x 5 ∨ x 9 ∨ x 3 ) ∧ (¯ x 5 ∨ ¯ x 7 ∨ x 9 ) ∧ ( x 2 ∨ ¯ x 8 ∨ x 1 ) ∧ (¯ x 7 ∨ x 1 ∨ x 5 ) ∧ ( x 1 ∨ x 4 ∨ x 3 ) ∧ ( x 1 ∨ ¯ x 9 ∨ ¯ x 4 ) ∧ ( x 3 ∨ x 5 ∨ x 6 ) ∧ (¯ x 6 ∨ x 3 ∨ ¯ x 9 ) ∧ (¯ x 7 ∨ x 5 ∨ x 9 ) ∧ ( x 7 ∨ ¯ x 5 ∨ ¯ x 2 ) ∧ ( x 4 ∨ x 7 ∨ x 3 ) ∧ ( x 4 ∨ ¯ x 9 ∨ ¯ x 7 ) ∧ ( x 5 ∨ ¯ x 1 ∨ x 7 ) ∧ ( x 5 ∨ ¯ x 1 ∨ x 7 ) ∧ ( x 6 ∨ x 7 ∨ ¯ x 3 ) ∧ (¯ x 8 ∨ ¯ x 6 ∨ ¯ x 7 ) ∧ ( x 6 ∨ x 2 ∨ x 3 ) ∧ (¯ x 8 ∨ x 2 ∨ x 5 ) Does there exist an assignment satisfying all clauses? 4/37

Search for a satisfying assignment (or proof none exists) ( x 5 ∨ x 8 ∨ ¯ x 2 ) ∧ ( x 2 ∨ ¯ x 1 ∨ ¯ x 3 ) ∧ (¯ x 8 ∨ ¯ x 3 ∨ ¯ x 7 ) ∧ (¯ x 5 ∨ x 3 ∨ x 8 ) ∧ (¯ x 6 ∨ ¯ x 1 ∨ ¯ x 5 ) ∧ ( x 8 ∨ ¯ x 9 ∨ x 3 ) ∧ ( x 2 ∨ x 1 ∨ x 3 ) ∧ (¯ x 1 ∨ x 8 ∨ x 4 ) ∧ (¯ x 9 ∨ ¯ x 6 ∨ x 8 ) ∧ ( x 8 ∨ x 3 ∨ ¯ x 9 ) ∧ ( x 9 ∨ ¯ x 3 ∨ x 8 ) ∧ ( x 6 ∨ ¯ x 9 ∨ x 5 ) ∧ ( x 2 ∨ ¯ x 3 ∨ ¯ x 8 ) ∧ ( x 8 ∨ ¯ x 6 ∨ ¯ x 3 ) ∧ ( x 8 ∨ ¯ x 3 ∨ ¯ x 1 ) ∧ (¯ x 8 ∨ x 6 ∨ ¯ x 2 ) ∧ ( x 7 ∨ x 9 ∨ ¯ x 2 ) ∧ ( x 8 ∨ ¯ x 9 ∨ x 2 ) ∧ (¯ x 1 ∨ ¯ x 9 ∨ x 4 ) ∧ ( x 8 ∨ x 1 ∨ ¯ x 2 ) ∧ ( x 3 ∨ ¯ x 4 ∨ ¯ x 6 ) ∧ (¯ x 1 ∨ ¯ x 7 ∨ x 5 ) ∧ (¯ x 7 ∨ x 1 ∨ x 6 ) ∧ (¯ x 5 ∨ x 4 ∨ ¯ x 6 ) ∧ (¯ x 4 ∨ x 9 ∨ ¯ x 8 ) ∧ ( x 2 ∨ x 9 ∨ x 1 ) ∧ ( x 5 ∨ ¯ x 7 ∨ x 1 ) ∧ (¯ x 7 ∨ ¯ x 9 ∨ ¯ x 6 ) ∧ ( x 2 ∨ x 5 ∨ x 4 ) ∧ ( x 8 ∨ ¯ x 4 ∨ x 5 ) ∧ ( x 5 ∨ x 9 ∨ x 3 ) ∧ (¯ x 5 ∨ ¯ x 7 ∨ x 9 ) ∧ ( x 2 ∨ ¯ x 8 ∨ x 1 ) ∧ (¯ x 7 ∨ x 1 ∨ x 5 ) ∧ ( x 1 ∨ x 4 ∨ x 3 ) ∧ ( x 1 ∨ ¯ x 9 ∨ ¯ x 4 ) ∧ ( x 3 ∨ x 5 ∨ x 6 ) ∧ (¯ x 6 ∨ x 3 ∨ ¯ x 9 ) ∧ (¯ x 7 ∨ x 5 ∨ x 9 ) ∧ ( x 7 ∨ ¯ x 5 ∨ ¯ x 2 ) ∧ ( x 4 ∨ x 7 ∨ x 3 ) ∧ ( x 4 ∨ ¯ x 9 ∨ ¯ x 7 ) ∧ ( x 5 ∨ ¯ x 1 ∨ x 7 ) ∧ ( x 5 ∨ ¯ x 1 ∨ x 7 ) ∧ ( x 6 ∨ x 7 ∨ ¯ x 3 ) ∧ (¯ x 8 ∨ ¯ x 6 ∨ ¯ x 7 ) ∧ ( x 6 ∨ x 2 ∨ x 3 ) ∧ (¯ x 8 ∨ x 2 ∨ x 5 ) Play the SAT game: http://www.cril.univ-artois.fr/~roussel/satgame/satgame.php 5/37

Motivation Satisfiability solvers are used in amazing ways... ◮ Hardware verification: Centaur x86 verification ◮ Combinatorial problems: ◮ van der Waerden numbers [Dransfield, Marek, and Truszczynski, 2004; Kouril and Paul, 2008] ◮ Gardens of Eden in Conway’s Game of Life [Hartman, Heule, Kwekkeboom, and Noels, 2013] ◮ Erdős Discrepancy Problem [Konev and Lisitsa, 2014] 6/37

Motivation Satisfiability solvers are used in amazing ways... ◮ Hardware verification: Centaur x86 verification ◮ Combinatorial problems: ◮ van der Waerden numbers [Dransfield, Marek, and Truszczynski, 2004; Kouril and Paul, 2008] ◮ Gardens of Eden in Conway’s Game of Life [Hartman, Heule, Kwekkeboom, and Noels, 2013] ◮ Erdős Discrepancy Problem [Konev and Lisitsa, 2014] ..., but satisfiability solvers have errors. ◮ Documented bugs in SAT, SMT, and QBF solvers [Brummayer and Biere, 2009; Brummayer et al., 2010] ◮ Competition winners have contradictory results (HWMCC winners from 2011 and 2012) ◮ Implementation errors often imply conceptual errors 6/37

Introduction to QBF A quantified Boolean formula (QBF) is a propositional formula where variables are existentially ( ∃ ) or universally ( ∀ ) quantified. a ∨ c ) ∧ (¯ Consider the formula ∀ a ∃ b , c . ( a ∨ b ) ∧ (¯ b ∨ ¯ c ) 1 0 c 0 b ⊤ A model is: a 1 c b ⊤ 0 1 a ∨ c ) ∧ (¯ Consider the formula ∃ b ∀ a ∃ c . ( a ∨ b ) ∧ (¯ b ∨ ¯ c ) 0 a 0 ⊥ b 0 ⊥ A counter-model is: 1 a c 1 1 ⊥ 7/37

Motivation for our QBF Proof System Lots of “discrepancies” and unique results in QBF solvers: ◮ i.e., results that disagree with the majority of solvers. To gain confidence in QBF results they need to be validated: ◮ existing methods cannot validate some QBF preprocessing. QBF preprocessing is crucial for fast performance: ◮ most state-of-the-art solvers use the preprocessor bloqqer; ◮ current methods can produce exponentially large proofs or require exponential checking time in worst case; ◮ some techniques cannot be checked with these methods. 8/37

Clausal Proof Systems for SAT and QBF 9/37

Ideal Properties of a Proof System for SAT Solvers Resolution Proofs Zhang and Malik, 2003 Van Gelder, 2008; Biere, 2008 Clausal Proofs Easy to Emit Goldberg and Novikov, 2003 Van Gelder, 2008 Clausal proofs + clause deletion Compact Heule, Hunt, Jr., and Wetzler [STVR 2014] Optimized clausal proof checker Checked Efficiently Heule, Hunt, Jr., and Wetzler [FMCAD ’13] Clausal RAT proofs Expressive Heule, Hunt, Jr., and Wetzler [CADE 2013] RAT proofs + clause deletion Wetzler, Heule, and Hunt, Jr. [SAT 2014] 10/37

Clausal Proof System Learn: add a clause * Preserve satisfiability Unsatisfiable * Learn empty clause init ( π. ) ψ Satisfiable * Forget last clause Forget: remove a clause * Preserve unsatisfiablity 11/37

Abstract Proof System for SAT Inprocessing joint work with Matti Järvisalo and Armin Biere 12/37

Inprocessing: Advantages Interleave burst of preprocessing-style inference steps with conflict-driven clause-learning search Combine various preprocessing techniques ◮ Variable elimination, subsumption, self-subsuming resolution, failed literals, equivalent literals, blocked clause elimination, hidden tautology elimination, unhiding, . . . Lingeling ats [Biere, 2013] SAT Competition 2013 Applications SAT+UNSAT instances 300 instances, 1-h timeout per instance Configuration #solved SAT UNSAT flags default 182 90 92 no inprocessing 158 89 69 –inprocessing=0 no pre/inprocessing 144 80 64 –plain=1 13/37

Abstract Inprocessing Characterize inprocessing solving as a transition system State ϕ [ ρ ] σ ◮ ϕ : current “irredundant” clauses ◮ ρ : current “redundant” clauses ◮ ϕ and ϕ ∧ ρ are satisfiability-equivalent, ϕ | = ρ is not required ◮ σ : sequence of literal-clause pairs � l : C � for model reconstruction Legal next states ϕ ′ [ ρ ′ ] σ ′ ϕ [ ρ ] σ of ϕ [ ρ ] σ expressed by rules: ϕ ′ [ ρ ′ ] σ ′ 14/37

The Rules ϕ [ ρ ] σ ϕ [ ρ ∧ C ] σ Forget Learn ϕ [ ρ ∧ C ] σ ♯ ϕ [ ρ ] σ Strengthen ϕ [ ρ ∧ C ] σ ϕ ∧ C [ ρ ] σ Weaken ϕ [ ρ ∧ C ] σ ∪ � l : C � ♭ ϕ ∧ C [ ρ ] σ Learn new redundant clause C to ρ . ◮ Generic precondition ♯ : ϕ ∧ ρ and ϕ ∧ ρ ∧ C are satisfiability-equivalent. Forget redundant clause C from ρ . Strengthen ϕ by making redundant C irredundant Weaken ϕ by making irredundant C redundant ◮ Generic precondition ♭ : ϕ and ϕ ∧ C are satisfiability-equivalent. ◮ A sound and complete proof system 15/37

Intuition why Learn has to take redundancy into account ϕ [ ρ ] σ Learn ϕ [ ρ ∧ C ] σ ♯ ◮ Q: Could the precondition ♯ of Learn “ ϕ ∧ ρ and ϕ ∧ ρ ∧ C are satisfiability-equivalent” be weakened to “ ϕ and ϕ ∧ C are satisfiability-equivalent” i.e., must the redundant clauses be taken into account for Learn? ◮ A: ρ is essential: ignoring ρ breaks main invariant ϕ sat-eq ϕ ∧ ρ ◮ Consider F = ( a ) . 1. Initial state ( a ) [ ∅ ] �� 2. Obtain ∅ [( a )] � a :( a ) � through Weaken. 3. In case ρ were ignored in ♯ : apply Learn and derive ∅ [( a ) ∧ (¯ a )] � a :( a ) � . ◮ Does not preserve satisfiability: ( a ) ∧ (¯ a ) is unsatisfiable. 16/37