1 / 36

Automated Theorem Proving - PowerPoint PPT Presentation

Automated Theorem Proving. Lecture 3 Satisfiability modulo theories. Arithmetic programs. In addition, integer-valued variables with affine operations.  Formula := A |   |    A  Atom := b | t = 0 | t > 0 | t  0 t  Term := c | x | t + t | t – t | ct b  SymBoolConst

Related searches for Automated Theorem Proving

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

PowerPoint Slideshow about 'Automated Theorem Proving' - orien

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Automated Theorem Proving

Lecture 3

Satisfiability modulo theories

• In addition, integer-valued variables with affine operations

•  Formula := A |   |   

A  Atom := b | t = 0 | t > 0 | t  0

t  Term := c | x | t + t | t – t | ct

b  SymBoolConst

x  SymIntConst

c  {…,-1,0,1,…}

• A formula is a boolean combination of literals

• Each literal is a positive or negative atom

• Each atom is either a boolean variable or a linear constraint over integer variables

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

Arithmetic

Solver

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

b = T, e = T

Arithmetic

Solver

Satisfiable

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

b = T, e = T

Arithmetic

Solver

a = F

Unsatisfiable

b = T, c = T, e = T

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

b = T, e = T

Arithmetic

Solver

a = T

Unsatisfiable

b = T, d = T, e = T

A collection of m constraints over n variables:

a11 x1 + a12 x2 + … + a1n xn + c1  0

a21 x1 + a22 x2 + … + a2n xn + c2  0

am1 x1 + am2 x2 + … + amn xn + cm  0

a1 x1 + a2 x2 + … + an xn + c> 0

a1 x1 + a2 x2 + … + an xn + c-1 0

a1 x1 + a2 x2 + … + an xn + c 0

(-a1)x1 + (-a2)x2 + … + (-an xn) + (-c) 0

a1 x1 + a2 x2 + … + an xn + c= 0

Satisfiability problem for affine constraints

A collection of m constraints over n variables:

a11 x1 + a12 x2 + … + a1n xn + c1  0

a21 x1 + a22 x2 + … + a2n xn + c2  0

am1 x1 + am2 x2 + … + amn xn + cm  0

Does there exist an assignment of x1,x2, …,xn over the

integers such that each constraint is satisfied ?

• Integer linear programming

• NP-complete

• Approximate integers by rationals/reals

• Linear programming

• Polynomial time (Khachian 1978, Karmarkar 1984)

• Simplex algorithm (Dantzig 63)

• exponential worst-case time

• polynomial behavior in practice

Affine Constraints

x1 x2 …xn

y1 a11 a12 … a1n c1

y2 a21 a22 … a2n c2

ym am1 am2 … amn cm

Row variables

Column variables

y1 = a11 x1 + a12 x2 + … + a1n xn + c1

y2 = a21 x1 + a22 x2 + … + a2n xn + c2

ym = am1 x1 + am2 x2 + … + amn xn + cm

y1  0

y2  0

ym  0

x – y + 1  0

x + y + 3  0

-x + -4  0

x y

a 1 -1 1

b 1 1 3

c -1 0 -4

x = 0

a = 0

y = 0

b = 0

x1 x2 …xn

y1 a11 a12 … a1n c1

y2 a21 a22 … a2n c2

ym am1 am2 … amn cm

x1 = 0x2 = 0…xn = 0

y1 = c1

y2 = c2

ym = cm

• A tableau is feasible if the sample point satisfies

• all sign constraints.

• Otherwise, drop a subset of sign constraints to

• get a feasible tableau.

• For each unsatisfied sign constraint:

• Look for a different point satisfying the constraint

• while preserving existing constraints

• If such a point is found, add the constraint

• Otherwise, declare unsatisfiable

• Declare satisfiable

Exchange row i and column j:

1. Solve for xj

yi = ai1 x1 + … + aij xj + … + ain xn + ci

xj = (-1/aij) (ai1 x1 + … + (-1)yi + … + ain xn + ci)

2. Substitute in row k  i

yk = ak1 x1 + … + akj xj + … + akn xn + ck

yk = (ak1 – akjai1/aij) x1 + … + (akj/aij)yi + … + (akn – akjain/aij) xn + (ck – akjci/aij)

x1 …xj …xn

y1 a11 … a1j … a1n c1

yi ai1 … aij … ain ci

ym am1 … amj … amn cm

x1 …yi…xn

y1 (a11 – a1jai1/aij)… (a1j/aij) … (a1n – a1jain/aij)(c1 – a1jci/aij)

xj (- ai1/aij) … (1/aij) … (- ain/aij)(-ci/aij)

ym (am1 – amjai1/aij) … (amj/aij) … (amn – amjain/aij)(cm – amjci/aij)

A pivot operation preserves the solution set

of any tableau.

a 1 -1 1

b 1 1 3

c -1 0 -4

x y

a 1 -1 1

b 1 1 3

c -1 0 -4

Drop sign

constraint

for c

Pivot

a and x

a b

x 1/2 1/2 -2

y -1/2 1/2 -1

c -1/2 -1/2 -2

a y

x 1 1 -1

b 1 2 2

c -1 -1 -3

Pivot

b and y

x = 0

a = 0

y = 0

b = 0

A row variable is manifestly maximized if every non-zero

entry, other than the entry in the constant column, in its

row is negative and lies in a column owned by a restricted

variable.

m n x

y 1 -1 2 0

l -1 -3 0 -1

• - l is manifestly maximized in the above tableau.

• l is constrained to be at most -1.

• y is not manifestly maximized in the above tableau.

A column variable is manifestly unbounded if every

negative entry in its column is in a row owned by an

unrestricted variable.

x u

l 1 -1 0

y -1 -1 1

z -1 -2 -1

m 0 1 2

• x is manifestly unbounded in the above tableau.

• x can take arbitrarily large values.

• u is not manifestly unbounded in the above tableau.

• Given a feasible tableau T and a variable v, there

• is a sequence of pivot operations on T leading to a

• tableau T’ such that either

• v is manifestly maximized in T’, or

• 2. v is manifestly unbounded in T’

• Create initial tableau T with only those sign constraints that are

• satisfied by the sample point of T

• 2. If every row variable satisfies its sign constraint, return satisfiable

• 3. Pick a row k owned by variable y such that the sign constraint is

• not satisfied by the sample point of T

• 4. If y is manifestly maximized in T, return unsatisfiable

• 5. Pick a column j such that akj is positive

• 6. If every restricted row has a non-negative entry in column j,

• perform Pivot(k,j). y becomes manifestly unbounded in T.

• Therefore, add the sign constraint for y. Go to 2.

• 7. (i, j) = ComputePivot(k)

• 8. Perform Pivot(T,i,j)

• 9. If the sample point of T satisfies the sign constraint for y, then

• add the sign constraint for y. Go to 2.

• 9. Go to 4

• If a row variable y is not manifestly maximized

• either there is a positive entry in some column

• or there is a negative entry in a column owned by an unrestricted variable

• Create initial tableau T with only those sign constraints that are

• satisfied by the sample point of T

• 2. If every row variable satisfies its sign constraint, return satisfiable

• 3. Pick a row k owned by variable y such that the sign constraint is

• not satisfied by the sample point of T

• 4. If y is manifestly maximized in T, return unsatisfiable

• 5’. Pick a column j such that akj is negative and the variable in column j

• is unrestricted.

• 6. If every restricted row has a non-positive entry in column j,

• perform Pivot(k,j). y becomes manifestly unbounded in T.

• Therefore, add the sign constraint for y. Go to 2.

• 7. (i, j) = ComputePivot(k)

• 8. Perform Pivot(T,i,j)

• 9. If the sample point of T satisfies the sign constraint for y, then

• add the sign constraint for y. Go to 2.

• 9. Go to 4

Difference Constraints

Three different kinds of constraints:

x – y  c

x  c

-y  c

• - very common in program verification

• satisfiability procedure more efficient than

• for general affine constraints

• - satisfiability procedure complete for integers

Vertex x

Constraint x – y  c

Edge from y to x

with weight c

Reduction to a graph problem

Introduce a new variable z to denote the value 0

x - z  c

x  c

z - y  c

-y  c

- Add a new vertex s.

- Add an edge with weight 0 from s to every other vertex v.

The set of constraints is satisfiable iff

there is no negative cycle in the graph.

If there is a negative cycle in the graph, the set of

constraints is unsatisfiable.

x1 - x2  c1

x2 - x3  c2

xn - x1  cn

0  c1 + c2 + … + cn < 0

If there is no negative cycle in the graph, the set of

constraints is satisfiable.

d(s) := 0

for each vertex v  s:

d(v) := 

for each vertex:

for each edge (u,v):

if d(v) > d(u) + weight(u,v)

d(v) := d(u) + weight(u,v)

for each edge (u,v):

if d(v) > d(u) + weight(u,v)

Graph contains a negative-weight cycle

If there is no negative cycle in the graph, then

d(v) - d(u)  weight(u,v) for each edge (u,v).

Model: Assign to variable x the value d(x) –d(z).