# A Scalable Algorithm for Minimal Unsatisfiable Core Extraction Nachum Dershowitz¹ Ziyad Hanna² Alexander Nadel¹, ² 1 Tel-Aviv University 2 Intel SAT’06.

## Presentation on theme: "A Scalable Algorithm for Minimal Unsatisfiable Core Extraction Nachum Dershowitz¹ Ziyad Hanna² Alexander Nadel¹, ² 1 Tel-Aviv University 2 Intel SAT’06."— Presentation transcript:

A Scalable Algorithm for Minimal Unsatisfiable Core Extraction Nachum Dershowitz¹ Ziyad Hanna² Alexander Nadel¹, ² 1 Tel-Aviv University 2 Intel SAT’06 Conference, Seattle; 12.08.2006

Agenda Introduction Related Work Complete Resolution Refutation (CRR) Algorithm Resolution-Refutation-based Pruning (RRP) Experimental Results

What is unsatisfiable core extraction?  Given an unsatisfiable CNF formula: Introduction clause negative literal positive literal F = ( a + b ) ( ¬ b + c ) ( ¬c ) ( ¬a + c ) ( b + c )

 An unsat. core is an unsatisfiable subset of its clauses: F = ( a + b ) ( ¬ b + c ) ( ¬c ) ( ¬a + c ) ( b + c ) Introduction What is unsatisfiable core extraction?  Given an unsatisfiable CNF formula:

 An unsat. core is an unsatisfiable subset of its clauses: F = ( a + b ) ( ¬ b + c ) ( ¬c ) ( ¬a + c ) ( b + c ) Introduction What is unsatisfiable core extraction?  Given an unsatisfiable CNF formula:  Core is minimal if removal of any clause makes it satisfiable U1 and U3 are minimal U2 is not minimal, since U3  U2

Introduction Our contribution: A Minimal Unsatisfiable Core (MUC) extraction algorithm  practical: handles Formal Verification benchmarks  faster than MUC algorithms  smaller cores than suboptimal methods

Agenda Introduction Related Work Complete Resolution Refutation (CRR) Algorithm Resolution-Refutation-based Pruning (RRP) Experimental Results

Related Work Theoretical algorithms Suboptimal algorithms  Adaptive core search (Bruni et al., 2001)  AMUSE (Oh et al., 2004)  Empty-clause Cone (EC) (Zhang et al., 2003; Goldberg et al., 2003) Algorithms, guaranteeing minimality of the core  MUP (Huang, 2005)  Naïve

Related Work (Suboptimal) Empty-clause Cone (EC) (Zhang et al. 2003; Goldberg et al. 2003)  Modern SAT solvers produce a resolution refutation of given unsatisfiable formula  Each conflict clause is a resolvent of initial clauses or previously recorded conflict clauses  The empty clause is the last conflict clause  Initial clauses, connected to the empty clause, compose the unsatisfiable core

Related Work (Suboptimal) Empty-clause Cone until Fixed Point (EC-fp) (Zhang et. all; 2003)  Invoke EC until fixed point is reached EC and EC-fp characteristic  Fast and scalable The only algorithms scalable on large benchmarks  The resulting cores can still be reduced

Related Work (Naïve-MUC) Naïve MUC  For every clause I in formula F Invoke SAT solver on F \ I If F \ I is unsatisfiable  I does belong to MUC  Remove I from F  F is a Minimal Unsatisfiable Core

Agenda Introduction Related Work Complete Resolution Refutation (CRR) Algorithm Resolution-Refutation-based Pruning (RRP) Experimental Results

CRR and Naïve Naïve is the most efficient MUC algorithm on large FV benchmarks CRR can be seen as a refinement of Naïve  Always hold a resolution refutation of current unsat. core  Check if it is possible to exclude an initial clause I by invoking a SAT solver on both  Remaining initial clauses, except I (like Naïve)  Conflict clauses, s.t. I was not required to derive them If I can be excluded, a new resolution refutation, not containing I, is constructed

Complete Resolution Refutation (CRR) Algorithm: Resolution Refutation Resolution refutation is a directed acyclic graph (dag) R: R( In  Co, E ) Initial clauses - sources of R Conflict clauses, including  - the only sink of R Edges – resolution relations between clauses

Complete Resolution Refutation (CRR) Algorithm: Definitions Re(R, I) / Re E (R, I) / Re G (R, I) vertices / edges / sub-graph reachable from I in R UnRe(R, I) – vertices, unreachable from I in R A resolution refutation, containing only clauses, connected to, is non-redundant

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b a  d   b a  b   d CRR by example  Initial clauses are on the right I1I1 I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 I8I8

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b a  d   b a  d b   d a  b aa  Build non-redundant resolution refutation One initial clause is dropped I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 I8I8 C2C2 C3C3 C4C4 C5C5 C6C6

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b a  d   b a  d b   d a  b aa  Consider clause I 8 for removal I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 I8I8 I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 I8I8 C2C2 C3C3 C4C4 C5C5 C6C6

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b a  d   b a  d b   d a  b aa  UnRe(I 8 ) Consider clause I 8 for removal Invoke SAT solver on I’ = UnRe(I 8 ) I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 I8I8 C2C2 C3C3 C4C4 C5C5 C6C6

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b b   d aa Invoke SAT solver on I’ = UnRe(I 8 ) Doesn’t know about resolution relation between clauses I’ 1 I’ 2 I’ 3 I’ 4 I’ 5 I’ 6 I’ 7 I’ 8

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b b   d aa The instance is unsatisfiable a  b I’ 1 I’ 2 I’ 3 I’ 4 I’ 5 I’ 6 I’ 7 I’ 8 C’ 2 C’ 3  a  b C’ 1

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b b   d aa A new refutation R’ is composed  Re G (I 8 ) is dropped a  b I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 C3C3 C5C5 C7C7 C8C8  a  b C9C9

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b b   d aa Make R’ non-redundant a  b I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 C3C3 C5C5 C7C7 C8C8  a  b C9C9

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b b   d aa Make R’ non-redundant a  b I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 C3C3 C5C5 C7C7 C8C8

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b b   d aa Consider I 7 for removal a  b I2I2 I3I3 I4I4 I5I5 I6I6 I7I7 C3C3 C5C5 C7C7 C8C8 UnRe(I 7 )

I’ 6 I’ 7 CRR by Example bb  a   c  a  c  c  b a  b   d b   d aa UnRe(I 7 ) is satisfiable with a=b=c=d=0 I’ 1 I’ 2 I’ 3 I’ 4 I’ 5

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b b   d aa I 7 is marked as belonging to a MUC The refutation is not changed a  b I2I2 I3I3 I4I4 I5I5 I6I6 I 7 + C3C3 C5C5 C7C7 C8C8

CRR by Example bb  a   c  a  c  c  b a  b   d a  d  b b   d aa Every other initial clause also belongs to MUC a  b I 2 + I 3 + I 4 + I5 +I5 + I 6 + I 7 + C3C3 C5C5 C7C7 C8C8

Complete Resolution Refutation (CRR) Algorithm 1.Build a resolution refutation R(In  Co; E) using a SAT solver 2.Reduce R(In  Co; E) to be non-redundant 3.While unmarked clause exists in In 1.I  PickUnmarkedClause(In) 2.Invoke a SAT solver on UnRe(R, I) 3.If UnRe(R, I) is satisfiable then 1.Mark I as MUC member 4.else 1.Let R’(In’  Co’; E’) be resolution refutation, built by the solver 2.In  In \ {I}; Co  (Co  Co’) \ Re(R, I); E  (E  E’) \ Re E (R, I) 3.Reduce R(In  Co; E) to be non-redundant 4.Return In

CRR vs. Naïve CRR reuses all relevant conflict clauses  No need to re-derive important lemmas CRR may remove a number of initial clauses simultaneously  While reducing the resolution refutation to be non- redundant (at each stage of the algorithm)

CRR: More Features CRR can be stopped anytime after the first resolution refutation is constructed  Accepts time thresholds There is a place for improvement  Work on the heuristic for picking clauses  Hold the resolution refutation in-memory, rather than on disk  Resolution-Refutation-based Pruning Next

Agenda Introduction Related Work Complete Resolution Refutation (CRR) Algorithm Resolution-Refutation-based Pruning (RRP) Experimental Results

Resolution Refutation-based Pruning For each I, speed-up the examination if I can be removed by Using a certain property of Re G (I) to cut-off the search space for the SAT solver, invoked on UnRe(I)

RRP: Definitions Definitions  An assignment  falsifies clause I, if every literal of I is 0 under   = {a=0; b=0; c=1} falsifies I = a  b   c  We define an i-path in a resolution refutation to be a directed path starting with an initial clause an ending with the empty clause  An assignment  falsifies an i-path, if it falsifies every clause in the i-path

RRP: Main Theorem Theorem:  Let R(I  V, E) be a resolution refutation. Let  be an assignment.  If  satisfies UnRe(I), then there exists an i-path, starting with I, falsified by . Note: Re G (I) contains every i-path, starting with I

RRP: Main Theorem by Example There is one i-path, starting with I 7 : {I 7, C 7, C 8 } Any assignment  satisfying UnRe(I 7 ) falsifies the clauses I 7,, C 7 and C 8  Must have {a=0; d=0; b=0} Otherwise,  would satisfy a vertex cut in R  The empty clause is derivable from any vertex cut in R. Contradiction. bb  a   c  a  c  c  b a  b   d a  d  b b   d aa a  b I2I2 I3I3 I4I4 I5I5 I6I6 C3C3 C5C5 C7C7 C8C8 I7I7 UnRe(I 7 ) i-path

RRP: Theorem Application The SAT should check if there is a model to UnRe(I) All the possible models of UnRe(I) must falsify some i-path in Re G (I) Restrict the SAT solver to check only such assignments that falsify some i-path in Re G (I)

RRP Decision heuristic first invokes RRP H function  RRP H explores Re G (I) in DFS manner Always is trying to falsify a certain i-path  If RRP H returns a literal, it is picked as a decision literal, otherwise  A normal decision heuristic is invoked RRP B – a change in backtracking engine The currently visited clause D  Re G, initialized to I, is maintained by RRP H and RRP B

RRP H : Decision Heuristic Norm D is not satisfied nor falsified / Return a negation of an unassigned literal from D SatFalse EoT EoP D has a parent / D  Par(D) D is satisfied D is falsified All visited / D  Par(D) D has an unvisited child / D  Child(D) D has no parent D has no children True / Return ?

RRP B : Backtracking Engine On conflict, the solver may need to backtrack in Re G (C) in addition to regular backtracking Let backtracking level (in search space) be bl Denote by mdl(D) the maximal decision level of D’s literals If bl < mdl(D)  Let B be the first predecessor of D, such that bl  mdl(B)  D  B

Agenda Introduction Related Work Complete Resolution Refutation (CRR) Algorithm Resolution-Refutation-based Pruning (RRP) Experimental Results

We demonstrate that for benchmark Formal Verification families:  Our algorithm runs faster than other algorithms for MUC extraction  Our algorithm finds smaller cores compared to the sub-optimal algorithms

Experimental Results We implemented CRR and RRP in a simplified version of the industrial solver Eureka We used 4 Formal Verification families  Barrel; Longmult; Fvp-unsat.2.0; Pipe_unsat_1.0 Relative resolution hardness of a resolution refutation R( In  Co, E ) is ( | In | + | Co | ) / | In |

Experimental Results: Instances InstVarClsEC R.R. Hrd. 4pipe4237802131.4 4p_1_o4647745541.7 4p_2_o4941822071.7 4p_3_o5233894731.6 4p_4_o5525964801.6 3p_k2391274051.5 4p_k5095794891.5 5p_k55251891091.4 InstVarClsEC R.R. Hrd. barrel5140753831.8 barrel6230689311.8 barrel73523137651.9 barrel85106200831.8 longmult4196660692.6 longmult5239774313.6 longmult6284888535.6 longmult733191033514.2

Experimental Results: MUC Algorithms CRR vs. Naive  Plain CRR outperforms Naïve on every benchmark  CRR+RRP outperforms Naïve on 15/16 benchmarks  The speed-up is Usually, between 4 to 10x Sometimes, it is 34x (hardest barrel instance) Sometimes, it is 2.5x (hardest longmult instance)

Experimental Results: MUC Algorithms RRP Impact  RRP improves the performance on most instances  The greatest speed-up is ~2.5x  RRP is usually unhelpful only on longmult family

Experimental Results: MUC Algorithms logmult family case  Hard for CRR, even harder for RRP  Reason is relative resolution hardness Reaches 14.2 for the hardest longmult instance Varies between 1.4-1.9 on every instance of other families Sizes of cores do not vary much between different MUC algorithms

Experimental Results: Suboptimal Algorithms Next: Compare CRR and CRR+RRP with sub-optimal algorithms EC and EC-fp

Experimental Results: CRR vs. Suboptimal Algorithms CRR+RRP vs. suboptimal algorithms  Core sizes Average gain over EC is 30% Average gain over EC-fp is 11%  Execution time Usually, EC and EC-fp are orders of magnitude faster, but CRR+RRP is faster than EC-fp on two hardest instances of barrel

Conclusions We presented:  Complete Resolution Refutation (CRR) algorithm for Minimal Unsatisfiable Core extraction  Resolution-Refutation-based pruning (RRP), enhancing CRR Our algorithm is:  Faster than existing MUC algorithms by a factor of 6 (or more) on large problems with non-overly hard resolution proofs  Able to find smaller cores than suboptimal algorithms by 11% on average

Thanks!

Download ppt "A Scalable Algorithm for Minimal Unsatisfiable Core Extraction Nachum Dershowitz¹ Ziyad Hanna² Alexander Nadel¹, ² 1 Tel-Aviv University 2 Intel SAT’06."

Similar presentations