ULTIMATELY INCREMENTAL SAT Alexander Nadel 1, Vadim Ryvchin 1,2, and Ofer Strichman 2 1 – Intel, Haifa, Israel 2 – Technion, Haifa, Israel SAT’14, Vienna, Austria

Introduction  Incremental SAT is at the core of a variety of applications  Assumptions are widely used in Incremental SAT  Preprocessing is essential for performance

Recall: SatELite Preprocessing

Recall: Clause Database Simplification 1. Propagation of unit clauses 2. Elimination of satisfied clauses 3. Removal of falsified literals from clauses

Incremental SAT under Assumptions

Temporary vs. Pervasive clauses  We say that a clause is temporary if it is either an assumption or was derived from one or more assumptions, and pervasive otherwise.

Temporary vs. Pervasive α1=aα1=a α1=aα1=a Legend: α2=bα2=b α2=bα2=b α 3 =¬a v c v d α 4 =¬b v ¬d α 5 =¬c v e α 6 =¬c v ¬e α 7 =c v dα 8 =¬d α 9 =¬c α 10 =c Input clauses Pervasive conflict clauses Assumptions Temporary conflict clauses

Temporary Partial Resolution α1=aα1=a α1=aα1=a Legend: α2=bα2=b α2=bα2=b α 3 =¬a v c v d α 4 =¬b v ¬d α 5 =¬c v e α 6 =¬c v ¬e α 7 =c v dα 8 =¬d α 9 =¬c α 10 =c Input clauses Pervasive conflict clauses Assumptions Temporary conflict clauses

Temporary Partial Resolution α1=aα1=a α1=aα1=a Legend: α2=bα2=b α2=bα2=b α 7 =c v dα 8 =¬d α 10 =c Assumptions Temporary conflict clauses

Assumptions.. as decision.. as unit clauses Compatible with Inc. SAT+- Conflict clauses are pervasive+- Simplification-+ Preprocessing-+

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Ofer Strichman. Sharing information between SAT instances, Dec 2000, Patent Ofer Strichman. Pruning techniques for the SAT-based bounded model checking problem. CHARME'01. Jesse Whittemore, Joonyoung Kim, and Karem A. Sakallah. SATIRE: A new incremental satisfiability engine, DAC’01

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Ofer Strichman. Sharing information between SAT instances, Dec 2000, Patent Ofer Strichman. Pruning techniques for the SAT-based bounded model checking problem. CHARME'01. Jesse Whittemore, Joonyoung Kim, and Karem A. Sakallah. SATIRE: A new incremental satisfiability engine, DAC’01

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Niklas Een and Niklas Sorensson. An extensible SAT-solver, SAT’03.

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Niklas Een and Niklas Sorensson. An extensible SAT-solver, SAT’03.

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Alexander Nadel and Vadim Ryvchin. Efficient SAT solving under assumptions, SAT'12.

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Alexander Nadel and Vadim Ryvchin. Efficient SAT solving under assumptions, SAT'12.

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Alexander Nadel and Vadim Ryvchin. Efficient SAT solving under assumptions, SAT'12.

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Alexander Nadel, Vadim Ryvchin, and Ofer Strichman. Preprocessing in incremental SAT, SAT'12.

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Alexander Nadel, Vadim Ryvchin, and Ofer Strichman. Preprocessing in incremental SAT, SAT'12.

Previous Approaches AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All Alexander Nadel, Vadim Ryvchin, and Ofer Strichman. Preprocessing in incremental SAT, SAT'12.

Our New Approach AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All UI-SATOneYesIncrementalIncremental T2P

Our New Approach AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All UI-SATOneYesIncrementalIncremental T2P

Our New Approach AlgorithmInstancesAssumption as units SatELiteAssumption -dep. Clauses Clause SharingMultipleYesNoDiscard Minisat-AlgOneNo Keep All Assumption prop. MultipleYesFullT2P Incremental SatELite OneNoIncrementalKeep All UI-SATOneYesIncrementalIncremental T2P

Incremental SatELite (NRS’12) Freeze Assumptions // For current call Preprocess Solve // might run in-processing UnFreeze Assumptions

Incremental SatELite (NRS’12) Remove subsumptions. For each eliminated variable in elimination order: if (*) // decide heuristically Re-Eliminate else Re-Introduce Freeze Assumptions // For current call Preprocess Solve // might run in-processing UnFreeze Assumptions

Incremental SatELite (NRS’12) Remove subsumptions. For each eliminated variable in elimination order: if (*) // decide heuristically Re-Eliminate else Re-Introduce Freeze Assumptions // For current call Preprocess Solve // might run in-processing UnFreeze Assumptions

Incremental SatELite (SAT’12) Remove subsumptions. For each eliminated variable in elimination order: if (*) // decide heuristically Re-Eliminate else Re-Introduce Freeze Assumptions // For current call Preprocess Solve // might run in-processing UnFreeze Assumptions

Incremental SatELite (SAT’12) Remove subsumptions. For each eliminated variable in elimination order: if (*) // decide heuristically Re-Eliminate else Re-Introduce Preprocess Solve // might run in-processing

Incremental SatELite (SAT’12) Undo Previous Assumptions Add assumptions as temporary unit clauses Remove subsumptions. For each eliminated variable in elimination order: if (*) // decide heuristically Re-Eliminate else Re-Introduce Preprocess Solve // might run in-processing

Data Structures  We need to keep relevant data to undo assumptions.  SubsumedClauses Per clause – set of clauses subsumed by it

Subsumption (Example)  Two clauses: c 1 =(a  b) c 2 =(a  b  c)  Normal subsumption: Delete c 2  Our Subsumption: if c 1 marked as temporary: c 1 subsumes c 2  Add(c 2 ) to SubsumedClauses[c 1 ] Delete c 2

Data Structures  We need to keep relevant data to undo assumptions.  SubsumedClauses Per clause – set of clauses subsumed by it  Resol - Partial Resolution for temporary clauses If at least one of the parent clauses is temporary, then a new vertex is added to the resolution graph : o Conflict Analyze o Variable Elimination o Self Subsumption

Self-Subsumption (Example) Two clauses: c 1 =(a  b) c 2 =(a  ¬b  c)  Normal self-subsumption: Create a new clause c 3 = Resol(c 1, c 2 ) = (a  c) Delete c 2 (Normally implemented just as removal of ¬b from c 2 )  In our case (in addition to normal): c 3 subsumes c 2  Add c 2 to SubsumedClauses[c 3 ]

Remove Subsumptions  1: function SelfSubsume(Clause c)  2: for each lit p   c do  3: for each c’ subsumed by c[p := ¬p] do  4: if c is temporary then  5: c’’ = res(c, c’);  6. SubsumedClauses[c].Add(c’)  7: Remove c’ from clause db;  8: AddClause(c’’);  9: else Remove ¬p from c;

Remove Subsumptions  1: function Subsume(Clause c)  2: Pick the literal p in c that has the shortest occur list;  3: for each c′ ∈ occur(p) do  4:occur(p) = {c | p ∈ c, c ∈ φ}  5: if c is a subset of c′ then  6:Remove c′ from the clauses database;  7: if c is temporary then  8:SubsumedClauses[c].Add(c′);

Undo Assumptions Assumptions: Iteration i : b, a Iteration i+1: b

Undo Assumptions (Incremental T2P) α1=aα1=a α1=aα1=a Legend: α2=bα2=b α2=bα2=b α 7 =c v dα 8 =¬d α 10 =c Assumptions Temporary conflict clauses

Undo Assumptions (Incremental T2P) α1=aα1=a α1=aα1=a Legend: α2=bα2=b α2=bα2=b α 7 =c v dα 8 =¬d α 10 =c Assumptions Temporary conflict clauses Add SubsumedClauses[α 1 ] back to clause database

Undo Assumptions (Incremental T2P) α1=aα1=a α1=aα1=a Legend: α2=bα2=b α2=bα2=b α 7 =c v dα 8 =¬d α 10 =c Assumptions Temporary conflict clauses ¬a

Undo Assumptions (Incremental T2P) Legend: α2=bα2=b α2=bα2=b α 8 =¬d α 10 =c Pervasive conflict clauses Assumptions Temporary conflict clauses α 7 =¬a v c v d Add SubsumedClauses[α 7 ] back to clause database

Undo Assumptions (Incremental T2P) Legend: α 7 =¬a v c v d α 10 =c Pervasive conflict clauses Assumptions Temporary conflict clauses ¬a α2=bα2=b α2=bα2=b α 8 =¬d

Undo Assumptions (Incremental T2P) Legend: α 10 =¬a v c Assumptions Temporary conflict clauses α2=bα2=b α2=bα2=b α 8 =¬d Add SubsumedClauses[α 10 ] back to clause database

Undo Assumptions (Incremental T2P) Legend: α 10 =¬a v c Assumptions Temporary conflict clauses ¬a α2=bα2=b α2=bα2=b α 8 =¬d

Undo Assumptions (Incremental T2P) Legend: α 10 =¬a v c Assumptions Temporary conflict clauses α2=bα2=b α2=bα2=b α 8 =¬d

Experimental Results  Benchmark Set: Instances generated by BMC (without look-ahead) under assumptions o Generated by an incremental model checker May be invoked multiple times with different assumptions and properties Essential to reduce the debug loop time for validation engineers 3 satisfiable families – 128 instances 4 unsatisfiable families – 81 instances Algorithm Implementation in Intel’s internal Fiver SAT Solver Timeout: 3600sec  Machines: Intel ® Xeon ® 4Ghz 32Gb of memory

Experimental Results

MethodTime-outsRun-time Clause Sharing28223,424 Minisat-Alg.14159,423 Assumption Prop.24182,530 Incremental SatELite16209,781 UI-SAT164,176

Thank You!