In this thesis, we present new linear arithmetic techniques for SMT (sa- tisfiability modulo theories) solving. To be more precise, the techniques that we present in Chapters 3–6 are meant to be integrated inside a the- ory solver for CDCL(T) [69], which is a framework used by most SMT solvers [9, 41, 42, 50, 57].9
CDCL(T) [69], also called DPLL(T), is a very general framework that describes a set of interactions between a CDCL-based (conflict-driven-clause- learning-based) SAT solver [141] and a theory solver for a given theory T [130].10 If a SAT solver and a theory solver are combined based on these interactions, then they become a decision procedure for ground formulas in clause normal form over the given theory T . Originally, these interactions were described through an interface for the theory solver and included four operations: (i) assert a literal, (ii) check currently asserted literals for theory satisfiability, (iii) return conflict explanation, and (iv) backtrack.
These interactions are used in CDCL(T) as follows: CDCL(T) first cre- ates a propositional abstraction of the input formula, i.e., it replaces the theory atoms with fresh propositional variables. A map from propositional variables to theory atoms is created as part of this abstraction. Second,
9
In Chapter 7, we describe the implementation of our techniques in our theory solver SPASS-IQ. In Chapter 8, we describe the implementation of our own CDCL(LA) solver SPASS-SATT based on SPASS-IQ.
10
A theory solver is a decision procedure for the conjunctive fragment of the theory; so systems of linear inequalities in the case of linear arithmetic.
CDCL(T) uses a CDCL-based SAT solver to find a propositional model that satisfies the abstracted formula. Next, CDCL(T) checks whether the propositional model is also theory satisfiable, i.e., CDCL(T) asserts in its theory solver the theory literals corresponding to the propositional model and checks them for theory satisfiability. If the propositional model is the- ory satisfiable, then the overall problem is theory satisfiable and CDCL(T) can stop the search. If the theory solver finds a conflict between the asser- ted literals, then it returns a conflict explanation. The SAT solver uses the conflict explanation for a conflict analysis that determines a good point for backtracking. Then the SAT solver goes back to the second step and selects a different propositional model that satisfies the abstracted formula. The problem is unsatisfiable if the SAT solver cannot find another propositional model that satisfies the abstracted formula.
There also have been several papers since CDCL(T) was first presented that extend the set of interactions [11, 58, 114, 115]. The most prominent examples are (i) theory propagation [130], i.e., propagating literals based on theory reasoning; (ii) theory learning [130], i.e., using theory reasoning to find and learn clauses implied by the input formula; and (iii) (weakened) early pruning [130], i.e., checking intermediate propositional models for the- ory satisfiability in order to find conflicts earlier in the SAT search. These additional interactions may not be necessary for a complete decision proce- dure, but they have a great impact on practical efficiency.
It is also very important for the practical efficiency of CDCL(T) that the theory solver fulfills certain properties: generation of minimal conflict explanations, high incremental efficiency, and efficient backtracking. We developed our linear arithmetic techniques with these properties in mind.
2.6.1 Propositional Abstraction
The input of CDCL(LA)11 is a ground linear arithmetic formula in clause normal form, or formally:
F :=V kCk := V k W iLki,
where F is the whole formula, the Ci are the clauses in the formula, and the Lij are the literals in the formula. Each literal Lij is either a linear inequality aT
i x≤ bi (with bi ∈ Q), a negated linear inequality ¬(aTi x ≤ bi) (with bi ∈ Q), a propositional variable pl, or a negated propositional variable ¬(pl). However, most CDCL(LA) implementations (SPASS-SATT included) use a different representation internally.
Firstly, most SMT theory solvers rely on the tableau representation, which means that they cannot handle linear inequalities directly. We resolve this (as explained in Chapter 2.4.2) through the introduction of a slack variable si for each inequality appearing in our formula F . The result is a
11
tableau Ax = s and a formula F0 in clause normal form, where all literals are either propositional variables pl, negated propositional variables ¬(pl), variable bounds xi ≤ bi or xi≥ bi(with bi ∈ Q), or negated variable bounds ¬(xi ≤ bi) or ¬(xi ≥ bi) (with bi ∈ Q). Moreover, the combination of tableau Ax = s and formula F0 is equisatisfiable to the original formula F .
We can also get rid of the negated bounds by using equivalent bounds that rely on δ-rationals (see also Chapter 2.3.2):
¬(xi≤ bi) ≡ xi≥ bi+ δ if xi is a rational variable, ¬(xi≥ bi) ≡ xi≤ bi− δ if xi is a rational variable, ¬(xi≤ bi) ≡ xi≥ bi+ 1 if xi is an integer variable, ¬(xi≥ bi) ≡ xi≤ bi− 1 if xi is an integer variable.
This means we now have a tableau Ax = s and a formula F0 in clause normal form, where all literals are either propositional variables pl, negated propositional variables ¬(pl), or variable bounds xi ≤ bi or xi ≥ bi (with bi ∈ Qδ).
Next, we abstract our bounds to propositional variables. We do so by replacing each occurrence of a bound xi≤ bi over a rational variable with a fresh propositional variable pl and each symmetrical occurrence xi≥ bi+ δ with the negated literal¬(pl). Analogously, we replace each occurrence of a bound xi ≤ bi over an integer variable with a fresh propositional variable pl and each symmetrical occurrence xi ≥ bi+ 1 with the negated literal¬(pl). We maintain the connection between propositional variables and abstracted bounds by storing their relationship with the help of a map. The result is an equisatisfiable combination of a tableau Ax = s, a formula F00 in clause normal form, where all literals are either propositional variables plor negated propositional variables ¬(pl), and a function f that maps some of the propositional variables to bounds.
The SAT solver can now run on the propositional CNF formula F00and select a model/set of literals. The corresponding bounds to the selected literals are then asserted by the theory solver with the help of the function f . The asserted bounds together with the tableau Ax = s define a linear arithmetic problem in tableau representation. Naturally, all asserted bounds correspond to a (negated) inequality in the original formula F . What might be less obvious is that this set of (negated) inequalities is equisatisfiable to the set of asserted bounds and the tableau Ax = s. Therefore, we are also able to represent all linear arithmetic subproblems of F through our transformed formula.