# Satisfiability of CNF formulas

In this tutorial we will explore how to solve the satisfiability problem for propositional formulas in conjunctive normal form (CNF). Example:

\begin{align}
    \varphi \; \equiv\; (x_1 \vee \neg x_3) \wedge (x_2 \vee x_3 \vee \neg x_1).
\end{align}

## The DIMACS format

The DIMACS format is a concrete syntax for propositional formulas in CNF. The following self-explanatory example of the DIMACS syntax corresponds to the formula above.

The following code constructs a SAT instance and feeds it to the Z3 solver.

In [1]:
%%script z3 -dimacs -in

p cnf 3 2
1 -3 0
2 3 -1 0

sat
-1 -2 -3 


In [11]:
%%script z3 -dimacs -in

c Pierce law
c First lets transform to dnf formula negating the pierce law
c ((x1 -> x2) -> x1) -> x1
c x1 -> x2:      not x1 or x2
c (x1 -> x2) -> x1:     (not (not x1 or x2) or x1) <=> (x1 or not x2 or x1) <=> (x1 or not x2)
c ((x1 -> x2) -> x1) -> x1: not (x1 or not x2) or x1 <=> not x1 or x2 or x1

p dnf 1 2
-1 0
1 0
-2 0

unsat


 The output is a satisfying assignment, in this case all three variables are set to false works.

**Exercise 1 [Tautologies].** The Z3 solver tells us whether the input CNF formula is satisfiable. Consider the following satisfiable formulas:

\begin{align}
    \varphi_1 &\ \equiv\ x_1 \vee \neg x_1 & \textrm{ (excluded middle)} \\
    \varphi_2 &\ \equiv\ ((x_1 \to x_2) \to x_1) \to x_1 & \textrm{ (Pierce's law)}.
\end{align}

These formulas are not only satisfiable, but even *tautologies*, in the sense that *every* truth assignment satisfies them.
How can we use Z3 in order to check that the formulas above are tautologies?

## The Z3 Python interface

Encoding more elaborated CNF formulas in the DIMACS format by hand can be tedious.
To this end, we will be using Z3 programmatically in Python.
The following example shows how the previous two examples are encoded in Python. Note that there is no need to put the formula in CNF (but we must be careful to write formulas which do have a short CNF equivalent).

In [2]:
from z3 import *
x = Bool('x')

# excluded middle
solve(Not(Or(x, Not(x))))

# Pierce's law
y = Bool('y')
solve(Not(Implies(Implies(Implies(x, y), x), x)))

no solution
no solution


**Exercise 2 [Pigeonhole principle]. **
This exercise shows a family of formulas, some of which are satisfiable and some unsatisfiable, s.t. there is a great disparity of difficulty posed by these instances to resolution-based solvers, such as Z3.
The *pigeonhole principle* says that it is possible to fit $m$ pigeons inside $n$ pigeonholes (with no collisions) if, and only if, $m \leq n $.

- Write a CNF formula $\varphi_{mn}$ encoding the pigeonhole principle.
*Hint: Use propositional variables of the form $x_{ij}$ encoding the fact that pigeon $i$ is in hole $j$, with $1 \leq i \leq m$ and $1 \leq j \leq n$*.

- Write a Python program that, given $m$ and $n$, generates the DIMACS format for $\varphi_{mn}$ and feeds it to Z3. Which one of the following is more difficult for Z3 to solve: satisfiable or unsatisfiable instances?

In [17]:
%%time
#this will give statistics on the time needed to run the cell

def pidgeonhole_formula(m=7, n=6):
    # A matrix of propositional variables can be created as follows
    mkvar = lambda i, j: "x" + str(i) + "_" + str(j)

    x = [ [ Bool(mkvar(i, j)) for j in range(n) ] for i in range(m) ]

    # Pro tip: The associative And(...) and Or(...) operators can also take a list of formulas:
    pidgeon_has_a_hole = []
    for i in range(m):
        pidgeon_has_a_hole.append(Or(x[i]))
    one_hole_per_pidgeon = [Or(Not(x[i][j]), Not(x[i][k])) for i in range(m) for j in range(n) for k in range(j+1,n)]
    one_pidgeon_per_hole = [Or(Not(x[i][k]), Not(x[j][k])) for i in range(m) for j in range(i+1, m) for k in range(n)]
    formula = And(And(pidgeon_has_a_hole), And(one_pidgeon_per_hole), And(one_hole_per_pidgeon))
#     print(formula)
    return formula

print(solve(pidgeonhole_formula(m=3, n=3)))



[x0_2 = True,
 x1_1 = False,
 x2_0 = False,
 x2_2 = False,
 x0_0 = False,
 x0_1 = False,
 x1_0 = True,
 x1_2 = False,
 x2_1 = True]
None
CPU times: user 20 ms, sys: 0 ns, total: 20 ms
Wall time: 20.5 ms


**Exercise 3 [All satisfying assignments].** The Z3 solver returns some satisfying assignment, just in case it exists. How can we use Z3 in order to construct all satisfying assignments? Write a Python program that returns all satisfying assignments of a given SAT instance and test it on the Pigeonhole formulas from the previous exercise.

In [21]:
%%time
#this will give statistics on the time needed to run the cell

# this procedure returns an assignment (as a dictionary) if any exists
def model(phi):
    
    # create a SAT instance
    s = Solver()
    s.add(phi)

    # return a satisfying assignment as a dictionary
    return s.model() if s.check() == sat else []

p = Bool("p")
q = Bool("q")
r = Bool("r")
phi = Or(And(p, Not(q)), r)
m = model(phi)

def all_solutions(phi):
    m = model(phi)
    sols = []
    while m:
        sols.append(m)
        last_valuation_formula = []
        for key in m:
            if m[key]:
                last_valuation_formula.append(Bool(str(key)))
            else:
                last_valuation_formula.append(Not(Bool(str(key))))
        phi = And(phi, Not(And(last_valuation_formula)))
        m = model(phi)
    return sols

# print(all_solutions(phi))
print(len(all_solutions(pidgeonhole_formula(m=5, n=5))))

24


**Exercise 4 [Pebbling formulas].** This example shows that solvers can be fast on certain (unsatisfiable) fragments of SAT.
For an $n \times n$ grid, the $\psi_n$ *pebbling formula* says that:
1. There is a pebble on the bottom left vertex.
2. A vertex is pebbled if both the neighbour to the left and below are pebbled.
3. There is no pebble on the top right vertex.

The formula $\psi_n$ is clearly unsatisfiable. We are interested to determine whether this is a hard or an easy SAT instance.
- Write down the CNF formula $\psi_n$. Does this formula belong to some efficient class of SAT instances?
- Write a Python program using Z3 to test satisfiability for $\psi_n$. For how large $n$ is the running time feasible (e.g., <1 sec.)?