Advertisement
1 / 36

Automated Theorem Proving PowerPoint PPT Presentation


  • 70 Views
  • Uploaded on 25-05-2012
  • Presentation posted in: General

Automated Theorem Proving. Lecture 3 Satisfiability modulo theories. Arithmetic programs. In addition, integer-valued variables with affine operations.  Formula := A |   |    A  Atom := b | t = 0 | t > 0 | t  0 t  Term := c | x | t + t | t – t | ct b  SymBoolConst - PowerPoint PPT Presentation

Download Presentation

Automated Theorem Proving

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Automated theorem proving l.jpg

Automated Theorem Proving

Lecture 3

Satisfiability modulo theories


Arithmetic programs l.jpg

Arithmetic programs

  • In addition, integer-valued variables with affine operations

  •  Formula := A |   |   

    A  Atom := b | t = 0 | t > 0 | t  0

    t  Term := c | x | t + t | t – t | ct

    b  SymBoolConst

    x  SymIntConst

    c  {…,-1,0,1,…}


Satisfiability modulo arithmetic l.jpg

Satisfiability modulo arithmetic

  • A formula is a boolean combination of literals

  • Each literal is a positive or negative atom

  • Each atom is either a boolean variable or a linear constraint over integer variables


Slide4 l.jpg

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e


Slide5 l.jpg

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

Arithmetic

Solver


Slide6 l.jpg

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

b = T, e = T

Arithmetic

Solver

Satisfiable


Slide7 l.jpg

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

b = T, e = T

Arithmetic

Solver

a = F

Unsatisfiable

b = T, c = T, e = T


Slide8 l.jpg

x  y  (a  z > 0)  (a  x > y)  y + z  x

b  x  y

c  z > 0

d  x > y

e  y + z  x

b  (a  c)  (a  d)  e

b = T, e = T

Arithmetic

Solver

a = T

Unsatisfiable

b = T, d = T, e = T


Affine constraints l.jpg

Affine constraints

A collection of m constraints over n variables:

a11 x1 + a12 x2 + … + a1n xn + c1  0

a21 x1 + a22 x2 + … + a2n xn + c2  0

am1 x1 + am2 x2 + … + amn xn + cm  0

a1 x1 + a2 x2 + … + an xn + c> 0

a1 x1 + a2 x2 + … + an xn + c-1 0

a1 x1 + a2 x2 + … + an xn + c 0

(-a1)x1 + (-a2)x2 + … + (-an xn) + (-c) 0

a1 x1 + a2 x2 + … + an xn + c= 0


Satisfiability problem for affine constraints l.jpg

Satisfiability problem for affine constraints

A collection of m constraints over n variables:

a11 x1 + a12 x2 + … + a1n xn + c1  0

a21 x1 + a22 x2 + … + a2n xn + c2  0

am1 x1 + am2 x2 + … + amn xn + cm  0

Does there exist an assignment of x1,x2, …,xn over the

integers such that each constraint is satisfied ?


Solving affine constraints l.jpg

Solving affine constraints

  • Integer linear programming

    • NP-complete

  • Approximate integers by rationals/reals

  • Linear programming

    • Polynomial time (Khachian 1978, Karmarkar 1984)

  • Simplex algorithm (Dantzig 63)

    • exponential worst-case time

    • polynomial behavior in practice


Slide12 l.jpg

Simplex Algorithm for

Affine Constraints


Tableau l.jpg

Tableau

x1 x2 …xn

y1 a11 a12 … a1n c1

y2 a21 a22 … a2n c2

ym am1 am2 … amn cm

Row variables

Column variables

Read it as:

y1 = a11 x1 + a12 x2 + … + a1n xn + c1

y2 = a21 x1 + a22 x2 + … + a2n xn + c2

ym = am1 x1 + am2 x2 + … + amn xn + cm

y1  0

y2  0

ym  0


Slide14 l.jpg

x – y + 1  0

x + y + 3  0

-x + -4  0

x y

a 1 -1 1

b 1 1 3

c -1 0 -4


Slide15 l.jpg

c = 0

x = 0

a = 0

y = 0

b = 0


Sample point l.jpg

Sample point

x1 x2 …xn

y1 a11 a12 … a1n c1

y2 a21 a22 … a2n c2

ym am1 am2 … amn cm

x1 = 0x2 = 0…xn = 0

y1 = c1

y2 = c2

ym = cm


Slide17 l.jpg

  • A tableau is feasible if the sample point satisfies

  • all sign constraints.

  • Otherwise, drop a subset of sign constraints to

  • get a feasible tableau.

  • For each unsatisfied sign constraint:

  • Look for a different point satisfying the constraint

  • while preserving existing constraints

  • If such a point is found, add the constraint

  • Otherwise, declare unsatisfiable

  • Declare satisfiable


Pivot operation l.jpg

Pivot operation

Exchange row i and column j:

1. Solve for xj

yi = ai1 x1 + … + aij xj + … + ain xn + ci

xj = (-1/aij) (ai1 x1 + … + (-1)yi + … + ain xn + ci)

2. Substitute in row k  i

yk = ak1 x1 + … + akj xj + … + akn xn + ck

yk = (ak1 – akjai1/aij) x1 + … + (akj/aij)yi + … + (akn – akjain/aij) xn + (ck – akjci/aij)


Slide19 l.jpg

x1 …xj …xn

y1 a11 … a1j … a1n c1

yi ai1 … aij … ain ci

ym am1 … amj … amn cm

x1 …yi…xn

y1 (a11 – a1jai1/aij)… (a1j/aij) … (a1n – a1jain/aij)(c1 – a1jci/aij)

xj (- ai1/aij) … (1/aij) … (- ain/aij)(-ci/aij)

ym (am1 – amjai1/aij) … (amj/aij) … (amn – amjain/aij)(cm – amjci/aij)


Observation l.jpg

Observation

A pivot operation preserves the solution set

of any tableau.


Slide21 l.jpg

x y

a 1 -1 1

b 1 1 3

c -1 0 -4

x y

a 1 -1 1

b 1 1 3

c -1 0 -4

Drop sign

constraint

for c

Pivot

a and x

a b

x 1/2 1/2 -2

y -1/2 1/2 -1

c -1/2 -1/2 -2

a y

x 1 1 -1

b 1 2 2

c -1 -1 -3

Pivot

b and y


Slide22 l.jpg

c = 0

x = 0

a = 0

y = 0

b = 0


Manifestly maximized row variable l.jpg

Manifestly maximized row variable

A row variable is manifestly maximized if every non-zero

entry, other than the entry in the constant column, in its

row is negative and lies in a column owned by a restricted

variable.

m n x

y 1 -1 2 0

l -1 -3 0 -1

  • - l is manifestly maximized in the above tableau.

  • l is constrained to be at most -1.

  • y is not manifestly maximized in the above tableau.


Manifestly unbounded column variable l.jpg

Manifestly unbounded column variable

A column variable is manifestly unbounded if every

negative entry in its column is in a row owned by an

unrestricted variable.

x u

l 1 -1 0

y -1 -1 1

z -1 -2 -1

m 0 1 2

  • x is manifestly unbounded in the above tableau.

  • x can take arbitrarily large values.

  • u is not manifestly unbounded in the above tableau.


Observation25 l.jpg

Observation

  • Given a feasible tableau T and a variable v, there

  • is a sequence of pivot operations on T leading to a

  • tableau T’ such that either

  • v is manifestly maximized in T’, or

  • 2. v is manifestly unbounded in T’


Algorithm l.jpg

Algorithm

  • Create initial tableau T with only those sign constraints that are

  • satisfied by the sample point of T

  • 2. If every row variable satisfies its sign constraint, return satisfiable

  • 3. Pick a row k owned by variable y such that the sign constraint is

  • not satisfied by the sample point of T

  • 4. If y is manifestly maximized in T, return unsatisfiable

  • 5. Pick a column j such that akj is positive

  • 6. If every restricted row has a non-negative entry in column j,

  • perform Pivot(k,j). y becomes manifestly unbounded in T.

  • Therefore, add the sign constraint for y. Go to 2.

  • 7. (i, j) = ComputePivot(k)

  • 8. Perform Pivot(T,i,j)

  • 9. If the sample point of T satisfies the sign constraint for y, then

  • add the sign constraint for y. Go to 2.

  • 9. Go to 4


Observation27 l.jpg

Observation

  • If a row variable y is not manifestly maximized

    • either there is a positive entry in some column

    • or there is a negative entry in a column owned by an unrestricted variable


Algorithm28 l.jpg

Algorithm

  • Create initial tableau T with only those sign constraints that are

  • satisfied by the sample point of T

  • 2. If every row variable satisfies its sign constraint, return satisfiable

  • 3. Pick a row k owned by variable y such that the sign constraint is

  • not satisfied by the sample point of T

  • 4. If y is manifestly maximized in T, return unsatisfiable

  • 5’. Pick a column j such that akj is negative and the variable in column j

  • is unrestricted.

  • 6. If every restricted row has a non-positive entry in column j,

  • perform Pivot(k,j). y becomes manifestly unbounded in T.

  • Therefore, add the sign constraint for y. Go to 2.

  • 7. (i, j) = ComputePivot(k)

  • 8. Perform Pivot(T,i,j)

  • 9. If the sample point of T satisfies the sign constraint for y, then

  • add the sign constraint for y. Go to 2.

  • 9. Go to 4


Slide29 l.jpg

Pratt’s Algorithm for

Difference Constraints


Difference constraints l.jpg

Difference constraints

Three different kinds of constraints:

x – y  c

x  c

-y  c

  • - very common in program verification

  • satisfiability procedure more efficient than

  • for general affine constraints

  • - satisfiability procedure complete for integers


Reduction to a graph problem l.jpg

Variable x

Vertex x

Constraint x – y  c

Edge from y to x

with weight c

Reduction to a graph problem

Introduce a new variable z to denote the value 0

x - z  c

x  c

z - y  c

-y  c

- Add a new vertex s.

- Add an edge with weight 0 from s to every other vertex v.


Theorem l.jpg

Theorem

The set of constraints is satisfiable iff

there is no negative cycle in the graph.


Soundness l.jpg

Soundness

If there is a negative cycle in the graph, the set of

constraints is unsatisfiable.

x1 - x2  c1

x2 - x3  c2

xn - x1  cn

0  c1 + c2 + … + cn < 0


Completeness l.jpg

Completeness

If there is no negative cycle in the graph, the set of

constraints is satisfiable.


Bellman ford algorithm l.jpg

Bellman-Ford algorithm

d(s) := 0

for each vertex v  s:

d(v) := 

for each vertex:

for each edge (u,v):

if d(v) > d(u) + weight(u,v)

d(v) := d(u) + weight(u,v)

for each edge (u,v):

if d(v) > d(u) + weight(u,v)

Graph contains a negative-weight cycle


Completeness36 l.jpg

Completeness

If there is no negative cycle in the graph, then

d(v) - d(u)  weight(u,v) for each edge (u,v).

Model: Assign to variable x the value d(x) –d(z).