A Progressive Approach for Satisfiability Modulo Theories

1
A Progressive Approach for Satisfiability Modulo
Theories

• Hossein M. Sheini
• Karem A. Sakallah
• Electrical Engineering and Computer Science
• University of Michigan, Ann Arbor, Michigan, USA
• Constraints and Verification 2006
• Isaac Newton Institute for Mathematical Sciences

2
Outline

• Problem formulation applications
• Algorithmic components
• Boolean solver
• Unit 2-variable-per-inequality integer solver
• General-purpose ILP solver
• Solution strategies
• Related approaches
• Experimental evaluation
• Conclusions and future work

3
Satisfiability Modulo TheoriesConjunctive Normal
Form (SMT-CNF)

• Variables
• Boolean
• Integer
• Atoms
• Boolean variable
• Integer UTVPI
• Integer constraint
• Literal atom or negation of atom
• Clause disjunction of literals
• Formula conjunction of clauses

4
SMT-CNF

• Find an assignment to all Boolean (and integer)
  variables such that
• OR prove that no such solution exists

5
Satisfiability Modulo Theories (SMT)

• SMT is the problem of deciding the satisfiability
  of a quantifier-free formula in one or more
  first-order theories.
• Theories of interest are logics of
• Equality (E)
• Integer Unit-Two-Variable-Per-Inequality (UTVPI)
  (U)
• Integer Linear Arithmetic (C)

6
Satisfiability Modulo Theories (SMT)

• SMT formula

7
Example SMT-CNF Instance
8
Applications of SMT

• Verification (SW, HW)
• Model checking of timed automata
• Microprocessor verification
• Program verification
• Buffer over-run vulnerabilities
• Scheduling
• Temporal reasoning
• Job-shop scheduling

9
Solution Algorithm Version 1
Invoke Solvers Sequentially

• Enumerate Boolean solutions
• Check consistency of implied integer constraints

10
Problem Decomposition Indicator Variables
11
Boolean Satisfiability

• DPLL-style search to find a solution to a Boolean
  CNF formula or to prove no such solution exists
• Major algorithmic advances in last decade
• Conflict analysis
• Clause recording (learning)
• Non-chronological backtracking
• Efficient BCP using watched literals
• Random restarts
• Adaptive decision heuristics (VSIDS, etc.)
• MiniSAT
• N. Eén, N. Sörensson, An Extensible SAT-solver
  SAT03

12
UTVPI Integer Constraint Solver
Jaffar et als polynomial-time incremental
algorithm

• Maintain a transitively-closed and tightened set
  of UTVPI constraints
• Generate and add all implied UTVPI constraints
  every time a new constraint is added

13
UTVPI Algorithm Example
14
Algorithm Version 1
Boolean Solver
Formula
Decision Tree
Implication Graph
15
Algorithm Version 1
UTVPI Solver
Formula
Boolean Solution
16
Pros/Cons of Version 1 Algorithm

• Pros
• Loose integration of Boolean and UTVPI/ILP
  solvers
• Cons
• Late detection of conflicts
• Inability to analyze UTVPI/ILP conflicts
• Possibility of enumerating several solutions that
  are inconsistent for the same reason
• Extra work if unsatisfiability is due to logical
  constraints

17
Solution Algorithm Version 2

• Integrate UTVPI solver into the Boolean solver
• Check consistency of relevant integer constraints
  off-line with a generic ILP solver

18
Algorithm Version 2
19
Algorithm Version 2
20
Solution Algorithm Version 3
Conservatively abstract formula Replace equality
with one-way implication
21
Algorithm Version 3
22
Final Version of Combined Algorithm

• Always Enforce only one-way implication from
  indicator variable to its UTVPI constraint
• Sometimes Enforce equality between indicator
  variable and its UTVPI constraint when
  computationally cheap

23
Final Version on Example Formula
24
Handling non-UTVPI Constraints

• Solution So far

UTVPI constraints sharing both variables with
non-UTVPI constraints
to Integer Programming Solver
UNSAT
25
Offline Learning Cutting Planes
NEW
26
Learning on Example Formula
27
Progressive Solving Scheme

• Gradual Concretization of the Formula
• Gradual Activation of Theory Solvers

28
Implementation

• ARIO Satisfiability Modulo Theories (SMT) Solver
  written in C
• More info at http//www.eecs.umich.edu/ario

29
Comparison to Other Methods
DPLL(T) - Ario Version 2
Ario Version 1
MathSAT
Strategy for Linking Theories
UCLID
equality
?X
?X
?X
?X
?X
Ario Final
?X
Ario Version 3
MLLP
conditional
?X
?X
?X
?X
Big-M Simplex/BB
Branch-and-Check
Lazy
Tight
Eager
Strategy for Solving Theories
30
Experimental Evaluation

• Wisconsin Safety Analysis (WiSA)
• Fischer's mutual exclusion protocol
• MathSAT CIRC
• CIRC Safety Checking of RTL Circuits

31
Wisconsin Safety Analysis (WiSA)
32
Wisconsin Safety Analysis (WiSA)

33
Fischer's Mutual Exclusion Protocol(Encoded for
MathSAT)
34
MathSAT CIRC Suite

• Generated for MathSAT, verifying properties for
  some simple circuits.

Copied from MathSAT TACAS 2005 paper comparing
accumulated time of CIRC benchmarks for MathSAT,
CVC and ICS
35
RTCL - Safety Properties for RTL Circuits
36
Conclusions and Future Work

• Judicious integration/use of solvers
• Boolean reasoning (constraint propagation,
  conflict analysis, non-chronological
  backtracking, etc.) is key to scalability
• Incrementality is essential for performance
• Further benchmarking, tuning, competition?