c omputing u nsat c ores o f b oolean a nd smt f ormulas computing small unsatisfiable cores in...

COMPUTING UNSAT CORES OF BOOLEAN AND SMT FORMULAS

Computing Small Unsatisfiable Coresin Satisfiability Modulo TheoriesAlessandro Cimatti, Alberto Griggio and Roberto Sebastiani

Algorithms for Computing Minimal Unsatisfiable Subsets of ConstraintsMark H. Liffiton and Karem A. Sakallah

Lecturer: Bat-Chen Golden

EXAMPLE

SAT/UNSAT? Why?

UNSAT CORES Given an unsatisfiable CNF formula which consists

of the set of clauses C, an “Unsat core” of is a subset of clauses which is unstasifiable.

For the formula from our example

The subsets we found are Unsat cores of :{}, {}, {}

But also the following sets are Unsat cores of : {}, {}

MINIMAL UNSAT CORES Given an unsatisfiable CNF formula which consists of the set

of clauses C, a “Minimal Unsat core” or “Minimal Unsat Subset” (MUS) of is a subset of clauses which holds:

is unsatisfiable is satisfiable

The subsets we found are minimal Unsat cores of :{}, {}, {}

While the following sets are not minimal Unsat cores of : {} ( is redundant),

{} (many clauses are redundant)

OUR PLAN In the first part of this lecture we will get to know a

sound and complete algorithm for computing all MUSes of an unsatisfiable CNF formula .

The algorithm is taken from the paper “Algorithms for Computing Minimal Unsatisfiable Subsets of Constraints” by Mark H. Liffiton and Karem A. Sakallah (2007).

They have implemented the algorithm in a tool called “CAMUS”.

In the second part of the lecture we will see how this algorithm can be used to find unsatisfiable subsets of constraints in a SMT formula

EXAMPLE

Let’s “correct” : Remove clauses from it until it becomes satisfiable

CORRECTING SUBSETS Given an unsatisfiable CNF formula which consists

of the set of clauses C, a “Correcting subset” of is a subset of clauses for which is satisfiable.

Given an unsatisfiable CNF formula which consists of the set of clauses C, a “Minimal correcting subset” (MCS) of is a subset of clauses for which:

is satisfiable. is unsatisfiable.

The sets we found before are all the MCSes of 𝜑

CONNECTION BETWEEN MUSES AND MCSES

𝐶1𝐶2

𝐶1𝐶3

𝐶4𝐶1

𝐶5𝐶6

CONNECTION BETWEEN MUSES AND MCSES

𝐶1𝐶2

𝐶1𝐶3

𝐶4𝐶1

𝐶5𝐶6

HITTING SETS

{

{

{{

We are interested in finding minimal hitting sets, where minimal means removing any element from the set makes it no longer a hitting set. Notice that we are not interested in finding a minimum hitting set (a minimal hitting set with the smallest possible number of elements), which is the famous NP-Hard problem.

CONNECTION BETWEEN MUSES AND MCSES

𝐶1𝐶2𝐶3

𝐶4

𝐶5

𝐶6

𝐶2𝐶2

𝐶3

𝐶4𝐶5

𝐶6

𝐶2

OUR APPROACH We will find all MUSes of in two independent phases: Phase 1: Find all MCSes of Phase 2: Compute all minimal hitting sets of the group of MCSes

found in the previous phase.

Why is this better than directly computing all MUSes? “In practice, it is easier to find satisfiable subsets of constraints

than unsatisfiable subsets. Thus, finding MCSes (equivalent to finding their complementary subsets) is easier than finding MUSes directly. This follows from the relative simplicity of problems in NP (e.g., Sat) as compared to those in Co-NP (e.g., Unsat).”

Two phases: Advantage: independency. Disadvantage: if phase 1 fails – the whole process fails.

PHASE 1: FIND ALL MCSES What is the naïve way to find all correcting sets

(leaving minimality a side)? Remove all possible subsets one by one and see if

the remaining set is satisfiable.

Now, how do we enforce minimality? By removing subsets in increasing size and making

sure we don’t add a superset of a previous found MCS.

And how do we implement this?

PHASE 1: FIND ALL MCSES Our goal will be to be able to construct from for any

given another CNF formula, , which intuitively means “ after removing at most k clauses”.

In other words, will be satisfiable iff is satisfiable for some set of clauses which holds ||.

PHASE 1: FIND ALL MCSES First, we will construct from , by adding “Clause-

Selector” Variables:

Then, we will add an “AtMost” constraint

This constraint means “we don’t permit an assignment which gives true to more than k literals from this group”

𝜑𝑘′ =𝜑 ′⋀ 𝐴𝑡𝑀𝑜𝑠𝑡( {¬ 𝑦1 ,¬ 𝑦2 ,…,¬ 𝑦6 } ,𝑘)

PHASE 1: FIND ALL MCSES We

𝑤h𝑎𝑡 𝑑𝑜𝑒𝑠 incremental  𝑚𝑒𝑎𝑛?

PHASE 2: FIND ALL MINIMAL HITTING SETS OF THE MCSES

What is the naïve way to find a (not all) hitting set of all MCSes (leaving minimality a side)?

Randomly pick a clause from an MCS which haven’t been covered yet.

Now, how do we enforce minimality? After picking a random clause we make sure it will not be

redundant by picking an MCS it appears in and removing the other clauses in it from all the other MCSes.

For this process to always produce a valid hitting set we need to make sure no MCS includes another.

And how do we implement this?

PHASE 2: FIND ALL MINIMAL HITTING SETS OF THE MCSES

PHASE 2: FIND ALL MINIMAL HITTING SETS OF THE MCSES

PHASE 2: FIND ALL MINIMAL HITTING SETS OF THE MCSES

What should change if we want to find all hitting set of the MCSes?

Instead of making a random choice of clause and MCS containing it we will use backtracking to go over all the possible choices.

Note: this algorithm can produce duplicate outputs, for example:

for the input MCSes {{C1,C2}, {C1,C3}}, The output {C1} will be produced twice.

An optimization can be made to prevent this.

PHASE 2: FIND ALL MINIMAL HITTING SETS OF THE MCSES

CONCLUSION OF FIRST ARTICLE Our mission was to find all MUSes of an

unsatisfiable CNF formula . We used the connection between MUSes and

MCSes to construct a two-phase algorithm: First phase – we computed all MCSes directly,

using “Clause-Selector” Variables and “AtMost” constraints.

Second phase – we computed all minimal hitting sets of the MCSes (which are the wanted MUSes) using a backtracking algorithm.

SECOND ARTICLE From now on we will discuss the article “A Simple

and Flexible Way of Computing Small Unsatisfiable Cores in SAT Modulo Theories” by Alessandro Cimatti, Alberto Griggio, and Roberto Sebastiani.

As its name implies, the article presents an algorithm for computing an unsat core for an SMT formula, based on a given algorithm for computing unsat cores for boolean formulas (such as the one we just saw).

EXAMPLE OVER EQUALITY LOGIC Reminder- the process of an SMT solver is more or

less the following:

𝜑=(𝑥1=1 )⋀ (𝑥1=2 )

𝜑𝐵=B1⋀ 𝐵2

π={B1=true ,𝐵2=𝑡𝑟𝑢𝑒 }

¬ (𝑥1=1 )⋁¬ (𝑥1=2 )

EXAMPLE OVER EQUALITY LOGIC Reminder- the process of an SMT solver is more or

less the following:

Generally there could be more iterations where the sat solver returns “sat” and the T-solver returns “unsat”, and each such iteration adds a “learning clause”

𝜑 ′𝐵=B1⋀ 𝐵2 ⋀ (¬𝐵1∨¬𝐵2)

𝑈𝑁𝑆𝐴𝑇 !

THE BASIC CONCEPTS BEHIND THE ALGORITHM

The algorithm will be based on the following two observations:

The final Boolean formula created by this process is always unsatisfiable

Otherwise we could have continued (we are assuming the formula is T-unsat, otherwise there is no unsat core to find).

The “learning clauses” returned by the T-solver are always T-tautologies (satisfied by all possible assignments)

The T-solver returns “false” only when a contradiction is found. The opposite of a contradiction is a tautology.

THE ALGORITHM

(UNSAT by observation 1)

{B1 ,𝐵2 ,(¬𝐵1∨¬𝐵2)}𝑆𝐴𝑇 𝑈𝑁𝑆𝐴𝑇 𝐶𝑂𝑅𝐸𝐸𝑋𝑇𝑅𝐴𝐶𝑇𝑂𝑅

𝜑=(𝑥1=1 )⋀ (𝑥1=2 )𝑇 −𝑆𝑂𝐿𝑉𝐸𝑅

“Unabstract”

{ (𝑥1=1 ) , (𝑥1=2 ) }

Remove “learning clauses”, they are tautologies (by observation 2)

{ (𝑥1=1 ) , (𝑥1=2 ) ,(¬ (𝑥1=1 )∨¬ (𝑥1=2 ))}

The end