## Algorithms and Data Structures III (course 1DL481) Uppsala University – Spring 2023 Report for Assignment 1 by Team 7

Anderson LEONG

Louis HENKEL

6th February 2023

## Problem 3: Boolean Satisfiability (SAT)

**Task a: Ordered Resolution.** Consider the following formula in conjunctive normal form (CNF):

$$\varphi \equiv (x_1 \lor x_2) \land (x_3 \lor x_4) \land (x_5 \lor x_6) \land (\neg x_1 \lor \neg x_3) \land (\neg x_1 \lor \neg x_5)$$
$$\land (\neg x_3 \lor \neg x_5) \land (\neg x_2 \lor \neg x_4) \land (\neg x_2 \lor \neg x_6) \land (\neg x_4 \lor \neg x_6)$$

We apply resolution by selecting the variables in their own given order. In blue are the new clauses from the resolution.

$$\varphi \equiv (x_1 \lor x_2) \land (x_3 \lor x_4) \land (x_5 \lor x_6) \land (\neg x_1 \lor \neg x_3) \land (\neg x_1 \lor \neg x_5) \\ \land (\neg x_3 \lor \neg x_5) \land (\neg x_2 \lor \neg x_4) \land (\neg x_2 \lor \neg x_6) \land (\neg x_4 \lor \neg x_6) \\ \equiv (x_2 \lor \neg x_3) \land (x_2 \lor \neg x_5) \land (x_3 \lor x_4) \land (x_5 \lor x_6) \land (\neg x_3 \lor \neg x_5) \\ \land (\neg x_2 \lor \neg x_4) \land (\neg x_2 \lor \neg x_6) \land (\neg x_4 \lor \neg x_6) \\ \equiv (\neg x_3 \lor \neg x_4) \land (\neg x_3 \lor \neg x_6) \land (\neg x_5 \lor \neg x_4) \land (\neg x_5 \lor \neg x_6) \\ \land (x_3 \lor x_4) \land (x_5 \lor x_6) \land (\neg x_3 \lor \neg x_5) \land (\neg x_4 \lor \neg x_6) \\ \equiv (x_4 \lor \neg x_6) \land (x_4 \lor \neg x_5) \land (\neg x_4 \lor \neg x_5) \land (\neg x_5 \lor \neg x_6) \\ \land (x_5 \lor x_6) \land (\neg x_4 \lor \neg x_6) \\ \equiv (\neg x_5 \lor \neg x_6) \land (\neg x_6) \land (\neg x_5) \land (x_5 \lor x_6) \\ \equiv (\neg x_6) \land (x_6) \\ \equiv ()$$

As we reach the empty clause, the formula is unsatisfiable.

Task b: DPLL. Consider again the formula  $\varphi$  given in Task a. Explain in detail how the DPLL algorithm, when applied to  $\varphi$ , determines whether the formula is satisfiable. Assume that the variables are selected in the order given by their index (i.e.,  $x_1$  before  $x_2$  before ...), and that they are assigned 1 (i.e., True) before they are assigned 0 (i.e., False). Remember to perform unit propagation and to apply the pure-literal rule where possible, in order to prune parts of the search space.

Task c: CDCL. Consider the following CNF formula:

$$(x_1 \lor x_8 \lor \neg x_2) \land (x_1 \lor \neg x_3) \land (x_2 \lor x_3 \lor x_4) \land (\neg x_4 \lor \neg x_5) \land (x_7 \lor \neg x_4 \lor \neg x_6) \land (x_5 \lor x_6)$$

Assume that  $x_7$  has been assigned 0 at decision level 2, and that  $x_8$  has been assigned 0 at decision level 3. Moreover, assume that the current decision assignment is  $x_1 = 0$  at decision level 5. Draw a resulting implication graph. Does the graph contain any conflicts? If so, then mark these clearly, and provide a conflict clause.

**Task d: Encoding.** Describe your encoding, citing either [?], or [?, Section 2.2.2], or both, if you use their ideas: first explain the meaning of the Boolean variables that you use in your formula  $\varphi_{d,c,e}$ ; then explain the encodings by the help functions of the hint that you actually use (there is no need to explain ATMOST $(k, x_1, \ldots, x_n)$  if you use [?]); and finally explain how the constraints of the problem are encoded using those variables and help functions.

We chose the programming language  $\langle \dots \rangle$ , for which a compiler or interpreter is available on the Linux computers of the IT department. All source code is uploaded with this report. The compilation and running instructions are  $\langle \dots \rangle$ .

We validated the correctness of our encoding and implementation by checking its outputs on many instances via the provided polynomial-time solution checker.

Task e: Experiments. We chose the SAT solver MiniSat for our experiments. We used or did not use the provided script for running the experiments and tabling their results under Linux Ubuntu 18.04 (64 bit) on an Intel Xeon E5520 of 2.27 GHz, with 4 processors of 4 cores each, with a 70 GB RAM and an 8 MB L3 cache (a ThinLinc computer of the IT department).

The results are in Table 1. The trivially unsatisfiable instances (which are the ones that violate the inequality  $e \leq \left\lfloor \frac{d-1}{c-1} \right\rfloor$ ) that were actually attempted in our experiments are  $\langle 8,2,8 \rangle$ ,  $\langle 10,2,10 \rangle$ ,  $\langle 12,2,12 \rangle$ ,  $\langle 14,2,14 \rangle$ ,  $\langle 16,2,16 \rangle$ ,  $\langle 15,3,8 \rangle$ ,  $\langle \dots \rangle$ ,  $\langle 16,4,6 \rangle$ ,  $\langle \dots \rangle$ , and  $\langle \dots \rangle$ . We observe that our encoding detects their trivial unsatisfiability in  $\langle \dots \rangle$  time.

| d  | c | e  | status               | time | d  | c | e  | status               | time | d  | c | e  | status               | time |
|----|---|----|----------------------|------|----|---|----|----------------------|------|----|---|----|----------------------|------|
| 8  | 2 | 7  | sat                  |      | 12 | 3 | 4  | sat                  |      | 16 | 4 | 5  | sat                  |      |
| 8  | 2 | 8  | unsat                |      | 12 | 3 | 5  | unsat                |      | 16 | 4 | 6  | unsat                |      |
| 10 | 2 | 9  | $\operatorname{sat}$ |      | 15 | 3 | 6  | $\operatorname{sat}$ |      | 20 | 4 | 4  | $\operatorname{sat}$ |      |
| 10 | 2 | 10 | unsat                |      | 15 | 3 | 7  | $\operatorname{sat}$ |      | 20 | 4 | 5  | $\operatorname{sat}$ |      |
| 12 | 2 | 11 | $\operatorname{sat}$ |      | 15 | 3 | 8  | unsat                |      | 20 | 4 | 6  | ?                    |      |
| 12 | 2 | 12 | unsat                |      | 18 | 3 | 6  | $\operatorname{sat}$ |      | 24 | 4 | 4  | $\operatorname{sat}$ |      |
| 14 | 2 | 12 | $\operatorname{sat}$ |      | 18 | 3 | 7  | $\operatorname{sat}$ |      | 24 | 4 | 5  | $\operatorname{sat}$ |      |
| 14 | 2 | 13 | $\operatorname{sat}$ |      | 18 | 3 | 8  | ?                    |      | 24 | 4 | 6  | ?                    |      |
| 14 | 2 | 14 | unsat                |      | 21 | 3 | 6  | $\operatorname{sat}$ |      | 28 | 4 | 4  | $\operatorname{sat}$ |      |
| 16 | 2 | 10 | $\operatorname{sat}$ |      | 21 | 3 | 7  | $\operatorname{sat}$ |      | 28 | 4 | 5  | $\operatorname{sat}$ |      |
| 16 | 2 | 11 | $\operatorname{sat}$ |      | 21 | 3 | 8  | $\operatorname{sat}$ |      | 28 | 4 | 6  | $\operatorname{sat}$ |      |
| 16 | 2 | 12 | $\operatorname{sat}$ |      | 21 | 3 | 9  | ?                    |      | 28 | 4 | 7  | ?                    |      |
| 16 | 2 | 13 | $\operatorname{sat}$ |      | 24 | 3 | 6  | $\operatorname{sat}$ |      | 32 | 4 | 3  | $\operatorname{sat}$ |      |
| 16 | 2 | 14 | $\operatorname{sat}$ |      | 24 | 3 |    | $\operatorname{sat}$ |      | 32 | 4 |    | $\operatorname{sat}$ |      |
| 16 | 2 | 15 | $\operatorname{sat}$ |      | 24 | 3 | 9  | $\operatorname{sat}$ |      | 32 | 4 | 9  | $\operatorname{sat}$ |      |
| 16 | 2 | 16 | unsat                |      | 24 | 3 | 10 | ?                    |      | 32 | 4 | 10 | sat                  |      |

Table 1: Cruise design: satisfiability and runtime (in seconds) using MiniSat, with a timeout of 60.0 CPU seconds; a timeout is denoted by 't/o'; if no timeout occurred, then proven satisfiability is denoted by 'sat' and proven unsatisfiability by 'unsat', else trivial unsatisfiability is denoted by 'unsat' and the unknown status is denoted by '?'.

## Problem 4: SAT Modulo Theories (SMT)

**Task a: Encoding of instructions.** We encode the transition between program states as follows for each MiniASM instruction:

```
push<sub>i</sub>:
       - In English: \langle \dots \rangle.
       - In SMT syntax: \langle \dots \rangle.
• pop:
       - In English: \langle \dots \rangle.
       - In SMT syntax: \langle \dots \rangle.
• dup:
       - In English: \langle \dots \rangle.
       - In SMT syntax: \langle \dots \rangle.
• plus:
       - In English: \langle \dots \rangle.
       - In SMT syntax: \langle \dots \rangle.
• neg:
       - In English: \langle \dots \rangle.
       - In SMT syntax: \langle \dots \rangle.
• read:
       - In English: \langle \dots \rangle.
       - In SMT syntax: \langle \dots \rangle.
• write:
       - In English: \langle \dots \rangle.
       - In SMT syntax: \langle \dots \rangle.
```

Task b: Partial-correctness checker. Describe your encoding. The final assert call, which ensures that the SMT solver produces unsat when needed, is  $\langle ... \rangle$ .

We chose the SMT solver Z3 for our experiments. We chose the programming language  $\langle \dots \rangle$ , for which a compiler or interpreter is available on the Linux computers of the IT department. All source code is uploaded with this report. The compilation and running instructions are  $\langle \dots \rangle$ .

Let swap be the abbreviation of  $push_0$ ; write;  $push_1$ ; write;  $push_0$ ; read;  $push_1$ ; read, that is changing the order of the two top-most numbers on the stack:

- 1. The program  $push_{10}$ ; read is or is not reported by Z3 to be partially correct, because  $\langle \dots \rangle$ .
- 2. The program  $push_1$ ; dup; dup; write; read  $\langle \dots \rangle$

- 3. The program  $push_1$ ; dup; read; dup; neg; plus; plus  $\langle \dots \rangle$
- 4. The program  $push_1$ ;  $push_0$ ; read; write;  $push_0$ ; read; read  $\langle \dots \rangle$
- 5. The program  $push_{10}$ ;  $push_0$ ;  $swap \langle ... \rangle$
- 6. The program  $push_{10}$ ; dup; read; swap;  $push_1$ ; plus; read;  $plus \langle \dots \rangle$
- 7. The program  $push_{10}$ ; dup;  $push_1$ ; plus; dup;  $push_1$ ; plus; plus;

When Z3 produces sat for a partial-correctness check, the output of get-model means  $\langle \dots \rangle$ .

Task c: Partial-equivalence checker. Describe your encoding. The final assert call, which ensures that the SMT solver produces unsat when needed, is  $\langle ... \rangle$ .

We chose the SMT solver Z3 for our experiments. We chose the programming language  $\langle \dots \rangle$ , for which a compiler or interpreter is available on the Linux computers of the IT department. All source code is uploaded with this report. The compilation and running instructions are  $\langle \dots \rangle$ .

Assuming that variable x is stored at heap address 0 and variable y is stored at heap address 1, the program t := x; x := y; y := t, translated into

```
push<sub>0</sub>; read; push<sub>1</sub>; read; push<sub>0</sub>; write; push<sub>1</sub>; write
```

and the program x := x + y; y := x - y; x := x - y, translated into

push<sub>0</sub>; read; push<sub>1</sub>; read; plus; dup; push<sub>1</sub>; read; neg; plus; dup; push<sub>1</sub>; write; neg; plus; push<sub>0</sub>; write

are or are not reported by Z3 to be partially equivalent, because  $\langle \dots \rangle$ . When Z3 produces sat for a partial-equivalence check, the output of get-model means  $\langle \dots \rangle$ .

Task d: Extended language. We encode the transition between program states for the  $cmp_o$  instruction as follows:

- In English:  $\langle \dots \rangle$ .
- In SMT syntax:  $\langle \dots \rangle$ .

For encoding the  $\mathsf{jmp}_j$  instruction (where  $j \geq 0$ ), we propose  $\langle \dots \rangle$ . The difficulty of encoding one or more  $\mathsf{jmp}_j$  instructions lies in  $\langle \dots \rangle$ . With our approach for encoding  $\mathsf{jmp}_j$ , the partial correctness of programs is determined by  $\langle \dots \rangle$ .

## Feedback to the Teachers