1 / 34

Carnegie Mellon University

Boolean Satisfiability with Transitivity Constraints. Randal E. Bryant Miroslav N. Velev. Carnegie Mellon University. http://www.cs.cmu.edu/~bryant. Outline. Application Domain Verify correctness of a pipelined processor Based on Burch-Dill correspondence checking Burch & Dill, CAV ‘94

dasan
Download Presentation

Carnegie Mellon University

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Boolean Satisfiability with Transitivity Constraints Randal E. Bryant Miroslav N. Velev Carnegie Mellon University http://www.cs.cmu.edu/~bryant

  2. Outline • Application Domain • Verify correctness of a pipelined processor • Based on Burch-Dill correspondence checking • Burch & Dill, CAV ‘94 • Verification Task • Decide validity of formula in logic of equality with uninterpreted functions • Translate into equational logic • Propositional logic with equations of form vi = vj • Bryant, German & Velev, CAV ’99 • Goel, Sahid, Zhou, Aziz, & Singhal, CAV ‘98 • New Contribution • Efficient handling of transitivity constraints

  3. e 1 f T F Ù e Ø 0 = x f 0 T Ú = F T F d 0 Decision Problem • Logic of Equality with Uninterpreted Functions (EUF) • Truth Values • Dashed Lines • Model control signals • Domain Values • Solid lines • Model data words • Task • Determine whether formula is universally valid • True for all interpretations of variables and function symbols

  4. Eliminating Function Applications • Verification Task • Prove: x = f(f(x))  x = f(f(f(x)))  x = f(x) • Instance of: x = y x = f(y) x = f(x) • Ackermann’s Method • Replace: f(x)  f1 f(f(x))  f2 f(f(f(x)))  f3 • Gives: x = f2 x = f3 x = f1 • Functional Consistency Constraints x = f1 f1 = f2 f1= f2  f2 = f3 x = f2  f1 = f3

  5. Eliminating Funct. Apps. (cont.) • Equational Formula • Complement of substituted formula + consistency constraints Clauses Origin x = f2 x = f3x f1[x = f2 x = f3 x = f1]  (x f1  f1 = f2) x= f1 f1 = f2  (f1f2  f2 = f3) f1= f2  f2 = f3  (x f2 f1 = f3) x = f2  f1 = f3 • Verification Task • Prove that equational formula is not satisfiable x = f2 x = f3x f1  (x f1  f1 = f2)  (f1f2  f2 = f3)  (x f2 f1 = f3)

  6. Solving Equational Formulas • Historically • E.g., Nelson & Oppen ‘80 • Create special purpose search engine • Davis-Putnam search • Data structure to maintain equivalence classes • Question • Can we translate problem into pure propositional logic? • Would enable use of BDDs or SAT checkers

  7. Replacing Equations by Variables • Relational Variables • Goel, Sahid, Zhou, Aziz, & Singhal, CAV ‘98 • Replace vi = vj by propositional variable ei,j • Propositional Formula Fsat • Relabeling: x v1f1  v2f2  v3f3  v4 Clauses Origin e13 e14e12x = f2 x = f3x f1  (e12 e23)  (x f1  f1 = f2)  (e23 e34)  (f1f2  f2 = f3)  (e13 e24)  (x f2 f1 = f3) e13 e14e12  (e12 e23)  (e23 e34)  (e13 e24)

  8. Need for Transitivity Constraints • Propositional Formula Fsat e13 e14e12  (e12 e23)  (e23 e34)  (e13 e24) • Solution e13 = true e14 = true e12 = false e23 = true e34 = true e24 = true • Transitivity Violation in Solution e13 = true e23 = true e12 = false • Corresponds to x = f2andf2= f1butx f1

  9. Handling Transitivity Constraints: Goel, et al., CAV ’98 • Complexity • Finding solution to Fsat that satisfies transitivity constraints is NP-Hard • Even when Fsat represented as OBDD • Their method • Enumerate implicants of Fsat from OBDD representation • Discard any implicant that contains transitivity violation • Eventually find solution or run out of implicants • Our Experiments • Works well for small benchmarks • Far too many implicants for larger benchmarks

  10. Handling Transitivity Constraints: Our Method • Idea • Generate propositional formula Ftrans expressing transitivity constraints • Satisfy formula FsatFtrans • Using OBDDs or SAT checker • Sources of Efficiency • Equational structure very sparse • Far fewer than n(n-1)/2 relational variables • Only need to enforce limited set of transitivity constraints • With OBDDs, can reduce set of relational variables • Only those in true support of Fsat

  11. Benchmark Circuits • Single Issue Pipeline: 1xDLX-C • Analogous to DLX model in Hennessy & Patterson • Verified in ‘94 by Burch & Dill • Dual Issue Pipeline #1: 2xDLX-CA • Second pipeline can only handle R-R and R-I instructions • Burch (DAC ‘96) required 28 manual case splits, 3 commutative diagrams, and 1800s. • Dual Issue Pipeline #2: 2xDLX-CC • Second pipeline can also handle all instructions

  12. Verifying Original Benchmarks • None Require Transitivity Constraints • Fsat is unsatisfiable in every case • Circuits don’t make use of transitivity in forwarding or stall decisions • Performance Circuit OBDD Secs. FGRASP Secs. 1xDLX-C 0.2 3 2xDLX-CA 11. 176 2xDLX-CC 29. 5,035

  13. Transitivity Benchmarks • Modified, but Correct Circuits • Modify forwarding logic ESrc1=MDest ESrc1=MDest (ESrc1=ESrc2ESrc2=MDest) • Equivalent under transitivity • Circuit names 1xDLX-Ct, 2xDLX-CAt, 2xDLX-CCt • Buggy Circuits • 100 buggy versions of 2xDLX-CC • Each contains single modification of control logic • Must ensure that counterexample satisfies transitivity constraints

  14. 1xDLX-C Equation Structure • Vertices • For each vi • 13 different register identifiers • Edges • For each equation • Control stalling and forwarding logic • 27 relational variables • Out of 78 possible

  15. 2DLX-CCt Equation Structure • Equations • Between 25 different register identifiers • 143 relational variables • Out of 300 possible

  16. = =  = = = = = Graph Interpretation of Transitivity • Transitivity Violation • Cycle in graph • Exactly one edge has ei,j= false

  17.   Exploiting Chords • Chord • Edge connecting two non-adjacent vertices in cycle Property • Sufficient to enforce transitivity constraints for all chord-free cycles • If transitivity holds for all chord-free cycles, then holds for arbitrary cycles

  18. Enumerating Chord-Free Cycles • Strategy • Enumerate chord-free cycles in graph • Each cycle of length k yields k transitivity constraints Problem • Potentially exponential number of chord-free cycles 1 2 k • • • 2k+k chord-free cycles • • •

  19. 2k+1 chord-free cycles Adding Chords • Strategy • Add edges to graph to reduce number of chord-free cycles 1 2 k • • • 2k+k chord-free cycles • • • Trade-Off • Reduces formula size • Increases number of relational variables

  20. Chordal Graph • Definition • Every cycle of length > 3 has a chord • Goal • Add minimum number of edges to make graph chordal • Relation to Sparse Gaussian Elimination • Choose pivot ordering that minimizes fill-in • NP-hard • Simple heuristics effective

  21. Original 27 relational variables 286 cycles 858 clauses Augmented 33 relational variables 40 cycles 120 clauses Adding Chordal Edges to 1xDLX-C

  22. Original 143 relational variables 2,136 cycles 8,364 clauses Augmented 193 relational variables 858 cycles 2,574 clauses Adding Chordal Edges to 2xDLX-CCt

  23. SAT Checker on Good Circuits • Strategy • Run on clauses encoding Fsat and Ftrans • FGRASP Performance (Secs.) Circuit FsatFsatFtrans 1xDLX-C 3 4 1xDLX-Ct --- 9 2xDLX-CA 176 1,275 2xDLX-CAt --- 896 2xDLX-CC 5,035 9,932 2xDLX-CCt --- 15,003 • Observation • Much more challenging with transitivity constraints imposed

  24. SAT Checker on Buggy Circuits • Performance Penalty with Transitivity Constraints • Geometric average slowdown = 2.3X

  25. Using OBDDs • Possible Strategy • Build OBDDs for Fsat and Ftrans • Compute FsatFtrans • Find satisfying solution

  26. Limitation of OBDDs • OBDD for Ftrans can be of exponential size • Regardless of variable ordering • Formal result • Relational variables forming k X k mesh • OBDD representation has (2k/4) nodes • Experimental Results • Unable to build OBDD of Ftrans for large benchmarks 6 X 6 mesh

  27. Better Use of OBDDs • Strategy • Build OBDD for Fsat • Determine relational variables in true support • Easy with OBDD • Generate Ftrans for these variables • Compute conjunction and find satisfying solution • Performance • When Fsat unsatisfiable, no further steps required • For other benchmarks, yields tractable Ftrans

  28. 2DLX-CCt Reduced Constraints • Relational variables • 46 original • 6 chordal • OBDD Representation • 7,168 nodes

  29. Reduced Constraints: Average-Case Buggy Circuit • Relational Variables • 17 original • 3 chordal • OBDD Representation • 70 nodes

  30. Reduced Constraints: Worst-Case Buggy Circuit • Relational variables • 52 original • 16 chordal • OBDD Representation • 93,937 nodes

  31. OBDDs on Good Circuits • CUDD Performance (Secs.) Circuit Time 1xDLX-C 0.2 1xDLX-Ct 2 2xDLX-CA 11 2xDLX-CAt 109 2xDLX-CC 29 2xDLX-CCt 441 • Observation • Significantly more effort with transitivity constraints • Better performance than FGRASP

  32. OBDDs on Buggy Circuits • Performance Penalty with Transitivity Constraints • Geometric average slowdown = 1.01X

  33. Conclusion • Equational Formulas can be Solved by Propositional Methods • Exploit sparse structure of equations • Reduces number of variables • Reduces formula size • With OBDDs, can identify essential relational variables • In true support of Fsat • Can use either SAT checker or OBDDs • OBDDs do best for unsatisfiable formulas

  34. Extension • Formulas with Ordering Constraints • Constraints of form vivj • Symbolic Solution • Introduce variables ai,j and aj,i for each constraint virelvj • ai,j true when vivj • Solution defines partial ordering • Application • Scheduling problems

More Related