1 Motivations and Goals
Many procedures for SAT and SATrelated problems (e.g. Analytic Tableaux [smullyan1], DPLL [davis7], OBDDs [bryant2]) rely their efficiency on the detection of partial truth assignments satisfying an input propositional formula , which allows to state that (i) is satisfiable and (ii) all total assignments extending satisfy . In particular, when it comes to SATbased problems requiring the complete enumeration of satisfying assignments (e.g. #SAT [GSS09HBSAT], Lazy SMT [BSST09HBSAT], AllSAT and AllSMT [allsmt], satisfiability of modal and description logics [ST09HBSAT], Weighted Model Integration [MorPasSeb17]), the ability of enumerating satisfying partial assignments which are as small as possible is essential, because each of them avoids the enumeration of the whole subtree of total assignments extending it, whose size is exponential in the number of unassigned propositions.
In this paper we analyze the notion of partialassignment satisfiability –in particular when dealing with nonCNF and existentiallyquantified formulas– raising a flag about the ambiguities and subtleties of this concept, and investigating their practical consequences. We notice, analyze and discuss the following facts.^{1}^{1}1Not necessarily in this order.
First, despite its widespread (implicit) usage
in algorithms,
there seems to be no general and universallyagreed notion of
partialassignment satisfaction.
Most authors do not
define partialassignment satisfaction explicitly, or define it only when dealing with
(tautologyfree) CNF formulas (e.g. [KBK09HBSAT]).
We stress the fact that this is not simply an issue of
the meaning of the word “satisfy”: regardless which “verb
” one
might use for it (e.g. “satisfy”, “entail”, “imply”, “evaluate to
true”,…), we would like a universallyagreed criterion
to establishing that, if a partial truthassignment “verb
”s a formula
, then (i) is satisfiable and (ii) all total truth
assignments extending it satisfy .
Second, for (tautologyfree) CNF formulas the sentence “a partial truth assignment satisfies a formula ” may be indifferently be interpreted either as “ evaluates to true ” (i.e. “applying to makes true”) or as “ entails ” (i.e. “all total assignments extending satisfy ”) because in this case the two concepts are equivalent. Consequently, satisfiability and enumeration algorithms for CNF formulas typically use evaluation to true as criterion to conclude that the current partial assignment satisfies the input formula, because it is much cheaper and easier to implement than entailment.
Third, and most importantly, for nonCNF formulas evaluation to true is strictly stronger than entailment, and they have complementary properties. Consequently, whereas using evaluation to true as partialassignment satisfiability criterion is much cheaper and easier to implement, adopting entailment allows for detecting satisfiability earlier and thus for producing smaller partial truth assignments. We also show that, whereas equivalent formulas are always entailed by the same partial assignments, this is not the case for evaluation to true, that is, equivalent formulas are not always evaluated to true by the same partial assignments. This would be an embarrassing fact if we adopted evaluation to true as the definition of partialassignment satisfiability for nonCNF formulas. We remark that standard Tseitinstyle CNFization does not solve these issues, because it may loose information regarding partialassignment evaluation to true or entailment.
Fourth, the same issues apply also for existentiallyquantified formulas, even CNF ones. This is very important, because in many application domains, fundamental operations —like preimage computation in symbolic model checking (see e.g. [burch1]) or predicate abstraction in SW verification (see e.g. [graf_predabs97, beyercgks09])— require dealing with existentiallyquantified formulas and with the enumeration of partial assignments “satisfying” them.
Fifth, different algorithms handling nonCNF formulas implicitly implement different notions of partialassignment satisfaction. E.g., Analytic Tableaux [smullyan1] and (nonCNF) DPLL [davis7] implicitly enumerate partial assignment evaluating to true the input formulas, whereas OBDDs [bryant2] implicitly enumerate partial assignment entailing them. Also, e.g., techniques like pureliteral filtering [sebastiani07, BSST09HBSAT] in lazy SMT implicitly aim at reducing a total assignment to a partial one evaluating to true the input formula.
Overall, the theoretical considerations above suggest to adopt entailment as general definition of partialassignment satisfiability, although evaluation to true is a cheaper though lesseffective criterion which can (most) often be adopted in actual implementations. However, since partial assignments entailing are in general subsets of those evaluating to true , using entailment rather than evaluation to true as satisfiability criterion allows for producing smaller partial assignments, and hence possibly drastically reducing their number, in particular in the presence of existentiallyquantified formulas. This may drive the development of more effective assignmentenumeration algorithms.
Motivation.
The analysis presented in this paper was triggered by the effort of conceiving more efficient procedures for predicate abstraction in SMT for improving Weighted Model Integration [MorPasSeb17, morettin_aij19], which forced me to elaborate on the distinction between evaluation to true and entailment. Before then, I personally used to see partialassignment satisfiability as entailment (see [gsinfocomp2000]) without paying attention to this distinction.
Content.
The rest of the paper is organized as follows. §2 provides the necessary notation, terminology and concepts used in the paper. §3 introduces evaluation to true and entailment for generic propositional formulas and discusses their relative properties and use. §4 lifts the discussion to existentiallyquantified formulas. §5 provides some conclusions and futurework suggestions.
2 Background
In this section we introduce the notation and terminology adopted in this paper. Moreover, in order to avoid any ambiguity (although at the risk of being a little pedantic), we recall the standard syntax and semantics of propositional logics, plus some basic facts.
Notation.
In what follows T, F, ? denote the truth values “true”, “false” and “unknown” respectively; , denote the logic constants “true” and “false” respectively; , denote propositional atoms; denote propositional formulas; denote truth value assignments. The symbols and denote disjoint sets of propositional atoms. More precisely, , and denote generic propositional formulas built on , and respectively; and denote total and a partial assignments on respectively; denote total assignments on . (All above symbols may possibly have subscripts).
Syntax.
A propositional formula is defined inductively as follows: the constants and (denoting the truth values true and false) are formulas; a propositional atom is a formula; if and are formulas, then and are formulas. We use the standard Boolean abbreviations: “” for “”, “” for “”, “” for “”. A literal is either an atom (a positive literal) or its negation (a negative literal). (If is a negative literal , then by “” we conventionally mean rather than .) A clause is a disjunction of literals . A cube is a conjunction of literals . is in Conjunctive Normal Form (CNF) iff it is a conjunction of clauses: .
Semantics.
Given , a map is a total truth assignment for . We assume and . We represent as a set of literals . We sometimes represent also as a cube which we denote as “” so that to distinguish the set and the cube representations.
A map s.t. and is a partial truth assignment for . As with total assignments, we can represent as a set of literals or as a cube, denoted with “”. Using a threevalue logic we extend to as by assigning to ? (unknown) the unassigned atoms in . Then we extend the semantics of to any formula on as described in Figure 2. We say that evaluates to true [resp. false] if [resp. ].
By “apply a partial assignment to ” we mean “substitute all instances of each assigned in with the truth value in assigned by and then apply recursively the standard propagation of truth values through the Boolean connectives described in Figure 2. We denote by “” (“residual of under ”) the formula resulting from applying to . The following fact follows straightforwardly.
Property 1
is iff and is iff .
Notice that total assignments are a subcase of partial ones, so that all above definitions and facts apply also to total assignments .
Given a total truth assignment on and some formulas on , the sentence “ satisfies ”, written “”, is defined recursively on the structure of as follows: , , if and only if , if and only if , if and only if and . (The definition of for the other connectives follows straightforwardly from their definition in terms of .) is satisfiable iff for some total truth assignment on . is valid (written “”) iff for every total truth assignment on . entails (written “”) iff, for every total assignment on , if then . and are equivalent iff and . Consequently: is unsatisfiable iff is valid; iff is valid; a clause is valid (aka is a tautology) iff both and occur in it for some ; a CNF formula is valid iff either it is or all its clauses are tautologies. We say that a CNF formula is tautologyfree iff none of its clauses is a tautology.
The following facts follow straightforwardly and are of interest for our discussion.
Property 2
Let be a total truth assignment on and be formulas on .

iff .

If and are equivalent, then iff .

iff is (also, by Property 1, iff ).

Checking if satisfies requires at most a polynomial amounts of steps.
Notice that Property 2(i) justifies the usage of “” for both satisfiability and entailment.
CNFization.
Every generic formula on can be encoded into a CNF formula on for some by applying (variants of) Tseitin CNFization [tseitin1], consisting e.g. in applying recursively bottomup the rewriting rule:
(1) 
until the resulting formula is in CNF, where are literals, and is the validitypreserving CNF conversion based on DeMorgan rules (e.g., ). is s.t. iff exists a total assignment on s.t. , and the size of is linear wrt. that of .
Existentiallyquantified formulas.
A total truth assignment satisfies , written “”, iff exists a total truth assignment on s.t. . We call the Shannon expansion ] of the existentiallyquantified formula the propositional formula on defined as
(2) 
Notice that some may be inconsistent or . The following property derives directly from the above definitions.
Property 3
Let be a formula on
and be a total truth assignment on .
Then
iff .
3 Partialassignment satisfiability for propositional formulas
We wish to provide a satisfactory definition of partialassignment satisfiability for a generic propositional formula —i.e., non necessarily (tautologyfree) CNF. ^{size=,color=green!40}^{size=,color=green!40}todo: size=,color=green!40Cambiare narrazione. Unfortunately…
One first possibility is to see partialassignment satisfiability as evaluation to true.
Definition 1
We say that a partial truth assignment evaluates to true iff (or, equivalently by Property 1, iff ). We denote this fact with “”.
One second possibility is to see partialassignment satisfiability as entailment.
Definition 2
We say that a partial truth assignment entails if and only if, for every total truth assignments s.t., satisfies . We denote this fact with “”.
Notice that both evaluation to true and entailment are semantic definitions. Due to Property 1, evaluation to true has also an easytocheck syntactic characterization as “”.
In substance, Definition 1 extends to partial assignments Property 2(iii), whereas Definition 2 extends to partial assignments Property 2(i). Ideally, a suitable definition of partialassignment satisfiability should verify all statements in Property 2, in particular (ii) and (iv). In practice, unfortunately, at least for generic (nonCNF) formulas, we see this is not the case.
When the formula is in CNF and does not contain valid clauses –which however are easy to eliminate by preprocessing– then Definitions 1 and 2 are equivalent: iff . In fact, if then, for every s.t. , and thus , hence ; also, if then is a valid CNF formula which does not contain valid clauses, so that must be , hence .
Unfortunately, when dealing with generic (nonCNF) formulas, we notice that Definitions 1 and 2 are not equivalent, the former being strictly stronger than the latter. In fact, as above, if then , whereas the converse is not true: e.g., if and , then but . This leads to the following statement.
Proposition 1
If a partial truth assignment evaluates to true , then it also entails , but the converse does not hold.
Example 1
Let s.t. and s.t. each is a cube and is valid and does not contain occurrences of the atoms . Then but is the valid formula , so that .
We try to build a counterpart of Property 2 for Definitions 1 and 2 respectively, but in both cases we fail to achieve all points (i)(iv) in Property 2, resulting into complementary situations.
From Definition 1 we easily derive the following. (Here “” [resp. “”] denotes facts from Property 2 which are [resp. are not] preserved.)
Property 4
Let be a partial truth assignment on and be formulas on .

If then , but not vice versa.

If and are equivalent, this does not imply that iff .

iff is (also, iff by Property 1).

Checking if requires at most a polynomial amount of steps.
From Definition 2 we easily derive the following.
Property 5
Let be a partial truth assignment on and be formulas on .

iff .

If and are equivalent, then iff .

iff is a valid formula, not necessarily (also, in general ).

Checking if is coNPcomplete. ^{2}^{2}2In fact, checking the validity of translates into verifying that the empty assignment entails it.
On the one hand, the advantage of adopting evaluation to true for checking partialassignment satisfiability is that it matches the intuition and practical need that the process of checking it should be fast (Property 4(iv)). On the other hand, the main drawback is that that equivalent although syntactically different formulas may be satisfied by different sets of partial assignments (Property 4(ii)), which looks theoretically awkward.
On the one hand, the advantage of adopting entailment for checking partialassignment satisfiability is that it matches the intuition and theoretical requirement that equivalent formulas should be satisfied by the same assignments, even partial ones (Property 5(ii)). On the other hand, the price to pay is that the resulting problem is coNPcomplete (Property 5(iv)), because it is equivalent to checking the validity of the residual .
Due to Proposition 1, every partial assignments entailing the input formula is a subset of some other(s) evaluating to true it. Therefore, for an assignmentenumeration algorithm, being able to enumerate partial assignments entailing the input formula rather than simply evaluating to true it may (even drastically) reduce the number of the satisfying assignment enumerated.
For instance we notice that, when applied to satisfiable formulas, OBDDs [bryant2] produce branches representing partial assignments which entail the input formula (Definition 2), because if then is valid (Property 5(iii)), so that its corresponding subOBDD is reduced into the node. Instead SAT/AllSAT algorithms like Analytic Tableaux ^{3}^{3}3Notice that Analytic Tableaux may generate duplicated or subsumed assignments (see [dagostino1, gsinfocomp2000]) [smullyan1] or “classic” DPLL ^{4}^{4}4Classic DPLL procedure [davis7] was designed to work for CNF formulas. Nevertheless it is easy to produce nonCNF a version of this procedure (see e.g. [armando5]). [davis7] produce branches representing partial assignments which evaluate to true the input formula (Definition 1) because, unlike with OBDDs, as soon as it is produced (a branch corresponding to) an assignment s.t. but , they do not realize it and proceed the search until they extend it to some s.t. , extending the search tree of up to branches.
Example 2
Consider . Figure 3 represents the OBDD for and the search trees corresponding to AllSAT executions of Analytic Tableaux and (nonCNF) DPLL on . ^{5}^{5}5Here in DPLL the pureliteral rule [davis7] is not used because in AllSAT it may hinder the enumeration of some relevant models (see, e.g., [sebastiani_frocos07]). The former produces the single assignment . Notice that but . The latter two produce the assignments .
Notice that neither Analytic Tableaux nor DPLL can produce alone.
One may argue that in SAT/AllSAT the distinction between and is not much relevant in practice, because we can CNFize upfront the input formulas —typically by variants of Tseitin CNFization— removing tautological clauses, and this distinction does not hold for (tautologyfree) CNF formulas. However, we notice that with Tseitin CNFization we may loose information regarding entailment or evaluation to true. In fact, if on is the result of Tseitin CNFizing , then:

does not imply that there exists a total assignment on s.t. ;

does not imply that there exists a total assignment on s.t. .
Example 3
Consider
and its Tseitin CNFized version:
On the one hand, is such that .
On the other hand, there is no total truth assignment on
s.t. . In fact, neither
nor .
Consider
and its Tseitin CNFized version:
Although is such that ,
there is no total truth assignment on
s.t. :
since
;
since ;
and are both inconsistent
with .
4 Dealing with existentiallyquantified formulas
In many application domains, fundamental operations —like preimage computation in symbolic model checking (see e.g. [burch1]) or predicate abstraction in SW verification (see e.g. [graf_predabs97, beyercgks09])— require dealing with existentiallyquantified formulas and with the enumeration of partial assignments satisfying them. Thus, we lift the discussion of §3 to existentiallyquantified formulas, and we wish to provide a satisfactory definition of partialassignment satisfiability for an existentiallyquantified propositional formula. ^{size=,color=green!40}^{size=,color=green!40}todo: size=,color=green!40non lo facciamo pero’… cambiare la narrazione.
One first possibility is to see partialassignment satisfiability as evaluation to true, leveraging Definition 1 and Property 3 to the existentiallyquantified case. By (2) and Definition 1, iff is , that is, iff there exists some s.t. is , that is, iff there exists some s.t. evaluates to true . This leads to the following definition and relative property.
Definition 3
We say that a partial truth assignment on evaluates to true if and only if, there exists a total truth assignment on s.t. .
Property 6
Let be a formula on
and be a partial assignment on .
Then
iff .
One second possibility is to see partialassignment satisfiability as entailment, leveraging Definition 2 and Property 3 to the existentiallyquantified case. We notice that iff, for every total assignment s.t. , , that is, by Property 3 for every total assignments s.t. exists a total assignment on s.t. . This leads to the following definition and relative property.
Definition 4
We say that a partial truth assignment on entails , written , if and only if , for every total truth assignment on extending , there exists a total truth assignment on s.t. satisfies .
Property 7
Let be a formula on
and be a partial assignment on .
Then
iff .
Notice the nesting order of forall/exists in Definition 4: “for every exists s.t. …”. In fact, distinct ’s may satisfy distinct disjuncts in ], requiring thus distinct ’s.
Due to Proposition 1 and Property 3 we have that (Definition 3) is strictly stronger than (Definition 4). Remarkably, and unlike with the unquantified case, this is the case even if is a tautologyfree CNF formula! (Intuitively, this can be seen as a consequence of the fact that ] is not in CNF even if is in CNF.)
Example 4
Consider
and the tautologyfree CNF formula on :
Then we have that
so that but
.
Thus, we have that but
.
4.1 A Relevant Example Application: Predicate Abstraction.
Given a propositional formula on and a set of formulas on denoting relevant “predicates” and a set of fresh proposition s.t. each labels , then the Predicate Abstraction of wrt. is defined as follows [graf_predabs97]:
(3) 
is typically computed as disjunction of mutuallyinconsistent partial assignments (cubes) on s.t. and is equivalent to [allsmt, cavada_fmcad07_predabs]. ^{6}^{6}6Notice that predicate Abstraction is most often referred to SMT formulas and , so that (3) involves also the existential quantification of firstorder theoryspecific variables and are theoryconsistent SMT assignments [graf_predabs97, allsmt, cavada_fmcad07_predabs]. However, restricting our discussion to the purelypropositional case suffices for our purposes and makes the explanation much simpler.
We notice that in the computation of such cubes the distinction between and may be very relevant: whereas it would be desirable to look for partial assignments entailing to keep them small and hence reduce their number, most algorithms can reveal only when evaluates to true it, and are thus incapable of producing partial assignments s.t. and . This happens every time that, for some and some on (subsets of) , both and are satisfiable but they are satisfied by distinct sets of assignmets on (Definition 4), so that but .
Example 5
Therefore, having algorithms able to stop extending as soon as , even when , would produce much more compact formulas.
5 Conclusions and Future Work
We have shown that, when dealing with nonCNF formulas or with existentiallyquantified formulas, we may have two distinct notions of partialassignment satisfiability, entailment and evaluation to true, with different properties, and that adopting one or the other may influence the effectiveness of assignmentenumeration procedures.
In the next future we wish to investigate the adoption of partialassignment reduction techniques exploiting entailment rather than evaluation to true, in particular in AllSMT and predicate abstraction. A possible candidate can be Dualization [DBLP:conf/ictai/MohleB18]. Also, we wish to investigate the tradeoff between the cost of detecting entailment wrt. the effectiveness in reducing the number of enumerated assignments, in particular when the latter may have computationallyhard consequences (e.g. WMI [MorPasSeb17, morettin_aij19]).
Acknowledgements
The analysis described in this paper strongly benefitted from interesting discussions, either personal or via email, with Armin Biere, Alessandro Cimatti, Allen van Gelder, David Mitchell, Sibylle Möhle, Laurent Simon, Armando Tacchella, and Stefano Tonetta, whom are all warmly thanked.
Comments
There are no comments yet.