1 / 34

# Carnegie Mellon University

Boolean Satisfiability with Transitivity Constraints. Randal E. Bryant Miroslav N. Velev. Carnegie Mellon University. http://www.cs.cmu.edu/~bryant. Outline. Application Domain Verify correctness of a pipelined processor Based on Burch-Dill correspondence checking Burch &amp; Dill, CAV ‘94

## Carnegie Mellon University

E N D

### Presentation Transcript

1. Boolean Satisfiability with Transitivity Constraints Randal E. Bryant Miroslav N. Velev Carnegie Mellon University http://www.cs.cmu.edu/~bryant

2. Outline • Application Domain • Verify correctness of a pipelined processor • Based on Burch-Dill correspondence checking • Burch & Dill, CAV ‘94 • Verification Task • Decide validity of formula in logic of equality with uninterpreted functions • Translate into equational logic • Propositional logic with equations of form vi = vj • Bryant, German & Velev, CAV ’99 • Goel, Sahid, Zhou, Aziz, & Singhal, CAV ‘98 • New Contribution • Efficient handling of transitivity constraints

3. e 1 f T F Ù e Ø 0 = x f 0 T Ú = F T F d 0 Decision Problem • Logic of Equality with Uninterpreted Functions (EUF) • Truth Values • Dashed Lines • Model control signals • Domain Values • Solid lines • Model data words • Task • Determine whether formula is universally valid • True for all interpretations of variables and function symbols

4. Eliminating Function Applications • Verification Task • Prove: x = f(f(x))  x = f(f(f(x)))  x = f(x) • Instance of: x = y x = f(y) x = f(x) • Ackermann’s Method • Replace: f(x)  f1 f(f(x))  f2 f(f(f(x)))  f3 • Gives: x = f2 x = f3 x = f1 • Functional Consistency Constraints x = f1 f1 = f2 f1= f2  f2 = f3 x = f2  f1 = f3

5. Eliminating Funct. Apps. (cont.) • Equational Formula • Complement of substituted formula + consistency constraints Clauses Origin x = f2 x = f3x f1[x = f2 x = f3 x = f1]  (x f1  f1 = f2) x= f1 f1 = f2  (f1f2  f2 = f3) f1= f2  f2 = f3  (x f2 f1 = f3) x = f2  f1 = f3 • Verification Task • Prove that equational formula is not satisfiable x = f2 x = f3x f1  (x f1  f1 = f2)  (f1f2  f2 = f3)  (x f2 f1 = f3)

6. Solving Equational Formulas • Historically • E.g., Nelson & Oppen ‘80 • Create special purpose search engine • Davis-Putnam search • Data structure to maintain equivalence classes • Question • Can we translate problem into pure propositional logic? • Would enable use of BDDs or SAT checkers

7. Replacing Equations by Variables • Relational Variables • Goel, Sahid, Zhou, Aziz, & Singhal, CAV ‘98 • Replace vi = vj by propositional variable ei,j • Propositional Formula Fsat • Relabeling: x v1f1  v2f2  v3f3  v4 Clauses Origin e13 e14e12x = f2 x = f3x f1  (e12 e23)  (x f1  f1 = f2)  (e23 e34)  (f1f2  f2 = f3)  (e13 e24)  (x f2 f1 = f3) e13 e14e12  (e12 e23)  (e23 e34)  (e13 e24)

8. Need for Transitivity Constraints • Propositional Formula Fsat e13 e14e12  (e12 e23)  (e23 e34)  (e13 e24) • Solution e13 = true e14 = true e12 = false e23 = true e34 = true e24 = true • Transitivity Violation in Solution e13 = true e23 = true e12 = false • Corresponds to x = f2andf2= f1butx f1

9. Handling Transitivity Constraints: Goel, et al., CAV ’98 • Complexity • Finding solution to Fsat that satisfies transitivity constraints is NP-Hard • Even when Fsat represented as OBDD • Their method • Enumerate implicants of Fsat from OBDD representation • Discard any implicant that contains transitivity violation • Eventually find solution or run out of implicants • Our Experiments • Works well for small benchmarks • Far too many implicants for larger benchmarks

10. Handling Transitivity Constraints: Our Method • Idea • Generate propositional formula Ftrans expressing transitivity constraints • Satisfy formula FsatFtrans • Using OBDDs or SAT checker • Sources of Efficiency • Equational structure very sparse • Far fewer than n(n-1)/2 relational variables • Only need to enforce limited set of transitivity constraints • With OBDDs, can reduce set of relational variables • Only those in true support of Fsat

11. Benchmark Circuits • Single Issue Pipeline: 1xDLX-C • Analogous to DLX model in Hennessy & Patterson • Verified in ‘94 by Burch & Dill • Dual Issue Pipeline #1: 2xDLX-CA • Second pipeline can only handle R-R and R-I instructions • Burch (DAC ‘96) required 28 manual case splits, 3 commutative diagrams, and 1800s. • Dual Issue Pipeline #2: 2xDLX-CC • Second pipeline can also handle all instructions

12. Verifying Original Benchmarks • None Require Transitivity Constraints • Fsat is unsatisfiable in every case • Circuits don’t make use of transitivity in forwarding or stall decisions • Performance Circuit OBDD Secs. FGRASP Secs. 1xDLX-C 0.2 3 2xDLX-CA 11. 176 2xDLX-CC 29. 5,035

13. Transitivity Benchmarks • Modified, but Correct Circuits • Modify forwarding logic ESrc1=MDest ESrc1=MDest (ESrc1=ESrc2ESrc2=MDest) • Equivalent under transitivity • Circuit names 1xDLX-Ct, 2xDLX-CAt, 2xDLX-CCt • Buggy Circuits • 100 buggy versions of 2xDLX-CC • Each contains single modification of control logic • Must ensure that counterexample satisfies transitivity constraints

14. 1xDLX-C Equation Structure • Vertices • For each vi • 13 different register identifiers • Edges • For each equation • Control stalling and forwarding logic • 27 relational variables • Out of 78 possible

15. 2DLX-CCt Equation Structure • Equations • Between 25 different register identifiers • 143 relational variables • Out of 300 possible

16. = =  = = = = = Graph Interpretation of Transitivity • Transitivity Violation • Cycle in graph • Exactly one edge has ei,j= false

17.   Exploiting Chords • Chord • Edge connecting two non-adjacent vertices in cycle Property • Sufficient to enforce transitivity constraints for all chord-free cycles • If transitivity holds for all chord-free cycles, then holds for arbitrary cycles

18. Enumerating Chord-Free Cycles • Strategy • Enumerate chord-free cycles in graph • Each cycle of length k yields k transitivity constraints Problem • Potentially exponential number of chord-free cycles 1 2 k • • • 2k+k chord-free cycles • • •

19. 2k+1 chord-free cycles Adding Chords • Strategy • Add edges to graph to reduce number of chord-free cycles 1 2 k • • • 2k+k chord-free cycles • • • Trade-Off • Reduces formula size • Increases number of relational variables

20. Chordal Graph • Definition • Every cycle of length > 3 has a chord • Goal • Add minimum number of edges to make graph chordal • Relation to Sparse Gaussian Elimination • Choose pivot ordering that minimizes fill-in • NP-hard • Simple heuristics effective

21. Original 27 relational variables 286 cycles 858 clauses Augmented 33 relational variables 40 cycles 120 clauses Adding Chordal Edges to 1xDLX-C

22. Original 143 relational variables 2,136 cycles 8,364 clauses Augmented 193 relational variables 858 cycles 2,574 clauses Adding Chordal Edges to 2xDLX-CCt

23. SAT Checker on Good Circuits • Strategy • Run on clauses encoding Fsat and Ftrans • FGRASP Performance (Secs.) Circuit FsatFsatFtrans 1xDLX-C 3 4 1xDLX-Ct --- 9 2xDLX-CA 176 1,275 2xDLX-CAt --- 896 2xDLX-CC 5,035 9,932 2xDLX-CCt --- 15,003 • Observation • Much more challenging with transitivity constraints imposed

24. SAT Checker on Buggy Circuits • Performance Penalty with Transitivity Constraints • Geometric average slowdown = 2.3X

25. Using OBDDs • Possible Strategy • Build OBDDs for Fsat and Ftrans • Compute FsatFtrans • Find satisfying solution

26. Limitation of OBDDs • OBDD for Ftrans can be of exponential size • Regardless of variable ordering • Formal result • Relational variables forming k X k mesh • OBDD representation has (2k/4) nodes • Experimental Results • Unable to build OBDD of Ftrans for large benchmarks 6 X 6 mesh

27. Better Use of OBDDs • Strategy • Build OBDD for Fsat • Determine relational variables in true support • Easy with OBDD • Generate Ftrans for these variables • Compute conjunction and find satisfying solution • Performance • When Fsat unsatisfiable, no further steps required • For other benchmarks, yields tractable Ftrans

28. 2DLX-CCt Reduced Constraints • Relational variables • 46 original • 6 chordal • OBDD Representation • 7,168 nodes

29. Reduced Constraints: Average-Case Buggy Circuit • Relational Variables • 17 original • 3 chordal • OBDD Representation • 70 nodes

30. Reduced Constraints: Worst-Case Buggy Circuit • Relational variables • 52 original • 16 chordal • OBDD Representation • 93,937 nodes

31. OBDDs on Good Circuits • CUDD Performance (Secs.) Circuit Time 1xDLX-C 0.2 1xDLX-Ct 2 2xDLX-CA 11 2xDLX-CAt 109 2xDLX-CC 29 2xDLX-CCt 441 • Observation • Significantly more effort with transitivity constraints • Better performance than FGRASP

32. OBDDs on Buggy Circuits • Performance Penalty with Transitivity Constraints • Geometric average slowdown = 1.01X

33. Conclusion • Equational Formulas can be Solved by Propositional Methods • Exploit sparse structure of equations • Reduces number of variables • Reduces formula size • With OBDDs, can identify essential relational variables • In true support of Fsat • Can use either SAT checker or OBDDs • OBDDs do best for unsatisfiable formulas

34. Extension • Formulas with Ordering Constraints • Constraints of form vivj • Symbolic Solution • Introduce variables ai,j and aj,i for each constraint virelvj • ai,j true when vivj • Solution defines partial ordering • Application • Scheduling problems

More Related