efficient sat solving under assumptions alexander nadel 1 and vadim ryvchin 1,2 1 – intel, haifa,...
TRANSCRIPT
Efficient SAT Solving Under AssumptionsAlexander Nadel1 and Vadim Ryvchin1,2
1 – Intel, Haifa, Israel
2 – Technion, Haifa, Israel
SAT’12, Trento, Italy
Motivation: Real-Life Experience at Intel
Critical non-incremental property unsolved in 48 hours by the SAT solver during FV of Intel’s latest design
The default flow: Minisat-like incremental SAT solving under assumptions • The negation of the property is the only assumption in our case
Solution: model the property as a unit clause solved in 30 minutes!• Propagation of the single assumption by SatELite was extremely helpful:
resulted in “chain reaction”
Our paper generalizes the case-study to incremental SAT solving under assumptions
Basic Definitions
Input: {}
– formula in CNF form = {} – set of assumptions
• – a literal (unit clause)
Invocation decides the satisfiability of:
Recall: Clause Database Simplification
1. Propagation of unit clauses
2. Elimination of satisfied clauses
3. Removal of falsified literals from clauses
Used in leading SAT solvers Compliant with incremental solving
Recall: SatELite Preprocessing
1. Variable Elimination
2. Subsumption
3. Self-subsuming resolution
Used in leading SAT solvers Non-Compliant with incremental solving
Approaches to Incremental SAT Solving under Assumption Literal-based Single instance (LS):
• One incremental solver instance • Assumptions are chosen as first decisions
Clause-based Multiple instances (CM): • Multiple solver instances • Assumptions are provided as temporary unit clauses
• LS is the current state-of-the-art
Literal-based Single instance (LS) Create instance For each incremental call do
1. Run solver over
The same instance of the solver is reused
Clause-based Multiple instances (CM)
For each incremental call do1. Create new instance
o Where the set Ai comprise the temporary clauses
2. Add pervasive conflict clauses to the instanceo Pervasive clauses: conflict clauses generated during previous
invocation that do not depend on
• Solve
A new solver instance is created each time
Temporary vs. Pervasive
C1 C2 C3 C4 C5 C6 C7 C8
C10C11 C12
C13 C14 C15
C20C19C21C17 C18
C22 C23=()
C9
C16
Input clausesLegend: Derived clauses Temporary input clauses
Temporary vs. Pervasive
C1 C2 C3 C4 C5 C6 C7 C8
C10C11 C12
C13 C14 C15
C20C19C21C17 C18
C22 C23=()
C9
C16
Input clausesLegend: Derived clauses Temporary input clauses
Temporary conflict clauses
Temporary vs. Pervasive
C1 C2 C3 C4 C5 C6 C7 C8
C10C11 C12
C13 C14 C15
C20C19C21C17 C18
C22 C23=()
C9
C16
Input clausesLegend: Pervasive conflict clauses
Temporary input clauses
Temporary conflict clauses
LS vs. CM LS: Efficient Learning
All conflict clauses are pervasiveHeuristics take advantage of incrementalityAssumptions are not propagated by simplification
CM: Efficient Assumption PropagationSome conflict clauses are temporaryHeuristics start from zero at every invocationAssumptions are propagated by simplification
The problem: How to Propagate Assumptions with SatELite in Incremental SAT? Our experience showed that propagating assumptions with
SatELite is vital
SatELite could not be used to propagate assumptions for either LS or CM in incremental settings:
LS: • Incremental SatELite was not well-defined (before our other paper to be
presented next )• It is still unknown how to propagate assumption using SatELite, even if
SatELite is applied incrementally
CM:• It was undefined how to distinguish between temporary and pervasive
conflict clauses after applying SatELite
Outline of Our Work
1. Enabling assumption propagation with SatELite for incremental SAT by making SatELite and CM compliant
• Much simpler than doing the same for LS
2. Mitigate the advantages of LS over CM by:• Transforming temporary clauses to pervasive• Solving related incremental chunks using one SAT instance (if
limited look-ahead information is available)
Our algorithms outperform LS on Intel instances of incremental SAT under assumption.
Make SatELite Compliant with CM SatELite over temporary clauses:
• Variable elimination / Self-subsuming resolution : o new clause is marked as temporary iff or is temporary
• Subsumption:o no change
Improve Learning Efficiency The problem:
• Our algorithm propagates assumptions with SatELite, but:• Conflict clause learning is still more efficient for LS, since:
o All the conflict clauses are pervasive for LSo Some conflict clauses are temporary for CM
Solution: transform temporary conflict clauses to pervasive after CM’s invocation
Transform Temporary to Pervasive – T2P
For every temporary clause : transform to pervasive by adding to every assumption depends on• By analyzing the resolution derivation
Problem: Conflict clauses might become much longer Solution: Limit the size
• The threshold is controlled by a parameter: T2P Threshold
Transform Temporary to Pervasive – T2P
α1=a
Legend:
α2=b α3=¬a v c v d α4=¬b v ¬d α5=¬c v e α6=¬c v ¬e
α7=c v d α8=¬d α9=¬c
α10=c
α11=
Input clauses
Pervasive conflict clauses
Assumptions Temporary conflict clauses
Transform Temporary to Pervasive – T2P
α1=a
Legend:
α2=b α3=¬a v c v d α4=¬b v ¬d α5=¬c v e α6=¬c v ¬e
α7=c v d α8=¬d α9=¬c
α10=c
α11=
Input clauses
Pervasive conflict clauses
Assumptions Temporary conflict clauses
¬a
Transform Temporary to Pervasive – T2P
Legend:
α2=b α3=¬a v c v d α4=¬b v ¬d α5=¬c v e α6=¬c v ¬e
α7=¬a v c v d α8=¬d α9=¬c
α10=c
α11=
Input clauses
Pervasive conflict clauses
Assumptions Temporary conflict clauses
¬b
Transform Temporary to Pervasive – T2P
Legend:
α3=¬a v c v d α4=¬b v ¬d α5=¬c v e α6=¬c v ¬e
α7=¬a v c v d α8=¬b v ¬d α9=¬c
α10=c
α11=
Input clauses
Pervasive conflict clauses
Assumptions Temporary conflict clauses
¬a ¬b
Transform Temporary to Pervasive – T2P
Legend:
α3=¬a v c v d α4=¬b v ¬d α5=¬c v e α6=¬c v ¬e
α7=¬a v c v d α8=¬b v ¬d α9=¬c
α10=¬a v ¬b v c
α11=
Input clauses
Pervasive conflict clauses
Assumptions Temporary conflict clauses
¬a v ¬ b
Transform Temporary to Pervasive – T2P
Legend:
α3=¬a v c v d α4=¬b v ¬d α5=¬c v e α6=¬c v ¬e
α7=¬a v c v d α8=¬b v ¬d α9=¬c
α10=¬a v ¬b v c
α11=
Input clauses
Pervasive conflict clauses
Assumptions Temporary conflict clauses
Transform Temporary to Pervasive – T2P
Legend:
α3=¬a v c v d α4=¬b v ¬d α5=¬c v e α6=¬c v ¬e
α9=¬c
α10=¬a v ¬b v c
α11=
Input clauses
Pervasive conflict clauses
Assumptions Temporary conflict clauses
Improve the Efficiency of Heuristics The problem:
• Our algorithm propagates assumptions with SatELite, and• We know how to make all the clauses pervasive, but:• Heuristics are still incremental for LS, while our algorithm needs to
collect information from scratch for each invocation
Solution: use a single SAT solver instance for multiple calls, if step look-ahead information is available
Step Look-AheadF1 A1F2 A2…Fk Ak
Fj*k+1 Aj*k+1Fj*k+2 Aj*k+2…Fj*k+k Aj*k+k
Fk+1 Ak+1Fk+2 Ak+2…Fk+k Ak+k
Essential conditions for applying step look-ahead:
Step (window) 1:– available at invocation 1
- equisatisfiability
Step (window) i>1: similar
LS Using Step Look-Ahead Adjustment of LS to take advantage of step look-ahead
• Proposed recently in the context of BMC by Khasidashvili&Nadel, HVC’11
Single instance Literal-based with Step look-ahead (LSS):• All step (window) clauses are added at once• Assumptions are chosen as first decisions• Advantage over LS: has a wider view of the problem• The same drawback as LS: no simplification over assumptions; no
preprocessing
LSS – Window 2F1 A1F2 A2F3 A3
Fj*k+1 Aj*k+1Fj*k+2 Aj*k+2…Fj*k+k Aj*k+k
F4 A4F5 A5F6 A6
1.
2. For j=4..61. Solve(, )
Our Algorithm: CLMSF1 A1F2 A2…Fk Ak
Fj*k+1 Aj*k+1Fj*k+2 Aj*k+2…Fj*k+k Aj*k+k
Fk+1 Ak+1Fk+2 Ak+2…Fk+k Ak+k
CLMS: Multiple instances Clause/Literal-based with Step look-aheadCLMS invokes the SAT solver for each window k times over a single SAT instance
Solve(, , ): Solve formula Using temporal clauses Under assumptions
Our Algorithm: CLMS – Window 1F1 A1F2 A2F3 A3
Fj*k+1 Aj*k+1Fj*k+2 Aj*k+2…Fj*k+k Aj*k+k
F4 A4F5 A5F6 A6
1. Create Instance
2. (temporary clauses)
3. Optionally:1. Freeze
2. Apply SatELite to
4. For j=1..3 do1. Solve(, , )
5. Optionally: Transform temporary to pervasive
6. Store pervasive in
7. Delete Instance
Our Algorithm: CLMS – Window 2F1 A1F2 A2F3 A3
Fj*k+1 Aj*k+1Fj*k+2 Aj*k+2…Fj*k+k Aj*k+k
F4 A4F5 A5F6 A6
1. Create Instance
2. (temporary clauses)
3. Optionally:1. Freeze
2. Apply SatELite to
4. For j=4..6 do1. Solve(, , )
5. Optionally: Transform temporary to pervasive
6. Store pervasive in
7. Delete Instance
Experimental Results Benchmark Set:
• Instances generated by incremental BMC under assumptionso Generated by an incremental model checker
• May be invoked multiple times with different assumptions and properties• Essential to reduce the debug loop time for validation engineers
• 3 satisfiable families – 128 instances• 4 unsatisfiable families – 81 instances • Algorithm Implementation in Intel’s internal Eureka SAT Solver• Timeout: 3600sec
Machines:• Intel® Xeon® 4Ghz 32Gb of memory
Variables To Assumptions Ratio
Unsatisfiable Instances
State-of-the-art LS
Unsatisfiable Instances
State-of-the-art CM
Unsatisfiable Instances
2nd: SatELite with temporary clauses + CLMS step 10 + T2P Thr. 100
Unsatisfiable InstancesWinner: SatELite with temporary clauses + CLMS step 50; No T2P
Unsatisfiable Instances: Summary CM outperforms LS, since:
• The average clause size is higher for LS by 1-2 orders of magnitude
• Simplification removes 1-2 orders of magnitude more clauses for CM
Unsurprisingly, both CLMS (the step) and SatELite are helpful
T2P is not helpful, since:• SatELite is slowed down significantly due to T2P
Satisfiable Instances
State-of-the-art CM
Satisfiable Instances
SatELite with temporary clauses + CLMS step 50; No T2P
Satisfiable Instances
2nd: State-of-the-art LS
Satisfiable Instances
Winner: SatELite with temporary clauses + CLMS step 10 + T2P Thr. 100
Satisfiable Instances: Summary LS is second best:
• Incrementality for heuristics proves to be essential for relatively easy satisfiable instances
The combination of our algorithms proves to be the best• SatELite with temporary clauses• CLMS with step 10 • T2P with threshold 100
Experimental Results: Summary The following algorithm proves to be the best overall (2nd
on unsatisfiable and 1st on satisfiable):• SatELite with temporary clauses• CLMS with step 10 • T2P with threshold 100
The gap between our algorithms and LS is especially significant on hard unsatisfiable instances.
Thank You!