Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAT-Based Decision Procedures for Subsets of First-Order Logic

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SAT-Based Decision Procedures for Subsets of First-Order Logic"— Presentation transcript:

1 SAT-Based Decision Procedures for Subsets of First-Order Logic
Part II: Separation Logic Randal E. Bryant Carnegie Mellon University

2 Outline Background Equality with Uninterpreted Functions
SAT-based Decision Procedures Equality with Uninterpreted Functions Translating to propositional formula Exploiting positive equality and sparse transitivity Separation Logic Hybrid encoding techniques

3 Separation Logic with Uninterpreted Functions (SUF)
Suitable for verifying wider class of systems Terms (T ) Integer Expressions ITE(F, T1, T2) If-then-else Fun (T1, …, Tk) Function application T Increment T – 1 Decrement Formulas (F ) Boolean Expressions F, F1  F2, F1  F2 Boolean connectives T1 = T2 Equation T1 < T2 Inequality Pred(T1, …, Tk) Predicate application Mention UCLID tool; examples of formulas

4 SUF  Separation Logic v b
Eliminate function and predicate applications using fresh variables and ITE expressions [Bryant, German, Velev, CAV’99] f(x)  v1 and f(y)  ITE(x = y, v1, v2) Terms (T ) Integer Expressions ITE(F, T1, T2) If-then-else Fun (T1, …, Tk) Function application T Increment T Decrement v Integer variable In the end, as the “sep pred” animation comes, say “The name separation logic comes from the fact that equalities and inequalities express the separation between variable values” Create a slide to answer questions about what positive equality is; leave out positive equality and simply mention that it is Bryant et al technique Formulas (F ) Boolean Expressions F, F1  F2, F1  F2 Boolean connectives T1 = T2 Equation T1 < T2 Inequality Pred(T1, …, Tk) Predicate application b Boolean variable Separation Predicate

5 Eager Boolean Encoding Methods for Separation Logic
Separation Logic Formula Small Domain Encoding (SD) Per-Constraint Encoding (EIJ) Boolean Formula SAT Solver satisfiable/unsatisfiable Say that the efficiency of the overall procedure depends on (1) efficiency of encoding process, (2) SAT time

6 Small Domain Encoding (SD)
[Bryant, Lahiri, Seshia, CAV’02] x  y  y  z  z  x+1 0x1x0  0y1y0  0y1y0  0z1z0  0z1z0  0x1x0 + 1 Observation: To check satisfiability, need to consider all possible relative orderings of finitely-many expressions x x+1 y z The leading 0 is there to deal with overflow – maybe create a slide to deal with that question. x x+1 y z Values increase Can use Boolean encoding of finite range of values 4 values in this case, so 2-bit encoding

7 Per-Constraint Encoding (EIJ)
[Strichman, Seshia, Bryant, CAV’02] x  y  y  z  z  x+1 e1 y  z z  x+1 x  y e2 e3 e1  e2  e3 Overall Boolean Encoding e1  e2  e4 e4 x  z New Separation Predicate Transitivity Constraints e4   e3

8 Enforcing Transitivity Constraints
x  y + c1 c1 + c4 c3 + c2 c3 + c4 x c1 c3 c4 c1 + c2 y x z c1 c2 y Graph Representation of Separation Constraints Directed multigraph where edges labeled by constants Fourier-Motzkin Elimination Eliminate nodes in succession Possibly exponential growth in edges

9 Introducing New Predicates
x  y + c1 c1 + c4 c3 + c2 c3 + c4 x c1 c1 + c2 c3 c4 y x z Sample Predicates c1 c2 e1 x  y + c1 e2 y  z + c2 e3 x  z + c1 + c2 e4 x  y + c2 y Sample Transitivity Constraint e1  e2  e3 Sample Ordering Constraint (for c1 < c2) e4  e1

10 Comparing Eager Encoding Methods
Of SD and EIJ encoding methods, which one is better? Comparison with respect to Size of resulting Boolean formula Performance of SAT solver

11 Size of Boolean Encoding: SD better than EIJ
Let N be size of original separation logic formula Size of a directed acyclic graph representation SD encoding size is worst-case O(N2) EIJ encoding size is worst-case O(2N) Can generate O(2N) transitivity constraints > EIJ 54465 SD Boolean Encoding Size Method Example: N = 6813 ELF.RF10 is the example benchmark

12 Impact on SAT problem: SD vs EIJ
Experimentally compared zChaff performance on SD and EIJ encodings of several unsatisfiable formulas Sample result: Method # Boolean variables # CNF Clauses # Conflict Clauses zChaff Time (sec) EIJ 57211 169387 150 0.56 SD 23112 67699 15811 21.63 The number of Boolean input variables for each benchmark: 22s: SD=23112, EIJ=57211 OOO.t12: SD=, EIJ= EIJ better than SD for zChaff

13 Impact on SAT: Why is EIJ better than SD?
Conjecture: For SD, SAT solver has to “discover” transitivity constraints as conflict clauses Violation of transitivity constraint might be discovered only after assigning bits of several bit-vectors EIJ adds all such constraints a priori Less learning and backtracking required by the SAT solver

14 Eager Encoding Tradeoffs
SD encoding Polynomial size encoding Worse for SAT solvers EIJ encoding Worst-case exponential size encoding Better for SAT solvers Can we automatically select between SD and EIJ based on the input formula?

15 Selection Strategy C > T ? Problem: Can we use a different metric?
Seshia, Lahiri, Bryant, DAC ‘03 Problem: Computationally hard to estimate number of transitivity constraints Can we use a different metric? Idea: Identify feature of the input formula that varies monotonically with run-time of EIJ (but not with run-time of SD) Estimate number of transitivity constraints, C YES NO C > T ? Use SD encoding Use EIJ encoding

16 A Good Formula Feature: Number of Separation Predicates
Mention that we looked at several different features, and number of separation predicates in the original formula worked best Describe the plot: x and y axes, log scales, normalized run times, which lines to look at – SD and EIJ

17 A Good Formula Feature: Number of Separation Predicates
Mention that we looked at several different features, and number of separation predicates in the original formula worked best Describe the plot: x and y axes, log scales, normalized run times, which lines to look at – SD and EIJ

18 Revised Selection Strategy
Easy to count number of separation predicates Very approximate measure of # of transitivity constraints Constraints only relate predicates that share variables Also need to automate setting of threshold T Statistically estimate from “training” set of benchmarks Count number of separation predicates, m YES NO m > T ? Use SD encoding Use EIJ encoding

19 Identifying Variable Classes
Æ Ç Ç u ¸ v Æ {x,y,z} shared z ¸ x+1 u = v-2 x ¸ y y ¸ z {u,v} shared Assignments to {u,v} are independent of those to {x,y,z}

20 Hybrid Encoding Technique
Separation Logic Formula Compute 1. Variable classes based on predicates 2. Number of separation predicates for each class {x,y,z}, m1 {u,v}, mk m1 > T ? mk > T ? YES NO SD EIJ Encode each class using SD or EIJ based on local decision Encoded Boolean Formula

21 Automatically Selecting a Threshold Value: Intuition
EIJ run time increases drastically beyond a certain number of separation predicates

22 Automatically Selecting a Threshold Value using Clustering
Cluster total time (Y-axis) values, minimizing variance of each cluster

23 Experimental Evaluation Setup
Compared Hybrid against SD and EIJ encodings Cooperating Validity Checker (CVC) based on lazy encoding method [Stump et al.’02] Stanford Validity Checker (SVC) – non SAT-based [Barrett et al. ’96] CVC & SVC can handle more expressive logics than SUF Benchmarks 49 unsatisfiable SUF formulas Load-store unit, out-of-order unit, device driver code, compiler validation, DLX pipeline Threshold value calculated from subset of 16 benchmarks Worked well for 39 out of the 49 benchmarks Setup Used zChaff SAT solver Imposed timeout of 1800 sec. on total time (Encoding+SAT)

24 Hybrid vs. SD (39/49 benchmarks)
Hybrid better Add annotations indicating which regions correspond to “hybrid better” etc. Point out that no timeouts for hybrid SD better

25 Hybrid vs. EIJ (39/49 benchmarks)
Hybrid better EIJ better

26 Hybrid vs. Lazy Encoding (CVC) (39/49 benchmarks)
Hybrid better CVC better

27 Hybrid vs. Non-SAT-based Procedure (SVC) (39/49 benchmarks)
Hybrid better SVC better

28 SD outperforms Hybrid on 10/49 benchmarks
Hybrid better Add a slide to deal with the question of the threshold of 100 arising from the paper SD better

29 Conclusions & Ongoing Work
Hybrid combination of EIJ and SD encodings is robust to formula variations outperforms lazy encoding methods (CVC) outperforms non-SAT-based methods (SVC) Ongoing & Future work Alternate estimators for number of transitivity constraints Threshold setting technique based on clustering applies to other CAD problems too Combination of lazy and eager encoding techniques might perform well on satisfiable formulas? More on UCLID project webpage

Download ppt "SAT-Based Decision Procedures for Subsets of First-Order Logic"

Similar presentations

Hybrid BDD and All-SAT Method for Model Checking Orna Grumberg Joint work with Assaf Schuster and Avi Yadgar Technion – Israel Institute of Technology.

Hybrid BDD and All-SAT Method for Model Checking Orna Grumberg Joint work with Assaf Schuster and Avi Yadgar Technion – Israel Institute of Technology.
Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.

Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.
SMT Solvers (an extension of SAT) Kenneth Roe. Slide thanks to C. Barrett & S. A. Seshia, ICCAD 2009 Tutorial 2 Boolean Satisfiability (SAT) ⋁ ⋀ ¬ ⋁ ⋀

SMT Solvers (an extension of SAT) Kenneth Roe. Slide thanks to C. Barrett & S. A. Seshia, ICCAD 2009 Tutorial 2 Boolean Satisfiability (SAT) ⋁ ⋀ ¬ ⋁ ⋀
P-Optimal CSP Solvers Applied to Software Security P-Optimal CSP Solvers Applied to Software Security Ahmed Abdel Mohsen and Karl Lieberherr College of.

P-Optimal CSP Solvers Applied to Software Security P-Optimal CSP Solvers Applied to Software Security Ahmed Abdel Mohsen and Karl Lieberherr College of.
Interactive Configuration

Interactive Configuration
On Solving Presburger and Linear Arithmetic with SAT Ofer Strichman Carnegie Mellon University.

On Solving Presburger and Linear Arithmetic with SAT Ofer Strichman Carnegie Mellon University.
Technion 1 Generating minimum transitivity constraints in P-time for deciding Equality Logic Ofer Strichman and Mirron Rozanov Technion, Haifa, Israel.

Technion 1 Generating minimum transitivity constraints in P-time for deciding Equality Logic Ofer Strichman and Mirron Rozanov Technion, Haifa, Israel.
IBM Labs in Haifa © 2005 IBM Corporation Adaptive Application of SAT Solving Techniques Ohad Shacham and Karen Yorav Presented by Sharon Barner.

IBM Labs in Haifa © 2005 IBM Corporation Adaptive Application of SAT Solving Techniques Ohad Shacham and Karen Yorav Presented by Sharon Barner.
1 NP-Complete Problems. 2 We discuss some hard problems:  how hard? (computational complexity)  what makes them hard?  any solutions? Definitions 

1 NP-Complete Problems. 2 We discuss some hard problems:  how hard? (computational complexity)  what makes them hard?  any solutions? Definitions 
Panel on Decision Procedures Panel on Decision Procedures Randal E. Bryant Lintao Zhang Nils Klarlund Harald Ruess Sergey Berezin Rajeev Joshi.

Panel on Decision Procedures Panel on Decision Procedures Randal E. Bryant Lintao Zhang Nils Klarlund Harald Ruess Sergey Berezin Rajeev Joshi.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
Weizmann Institute Deciding equality formulas by small domain instantiations O. Shtrichman The Weizmann Institute Joint work with A.Pnueli, Y.Rodeh, M.Siegel.

Weizmann Institute Deciding equality formulas by small domain instantiations O. Shtrichman The Weizmann Institute Joint work with A.Pnueli, Y.Rodeh, M.Siegel.
Carnegie Mellon University Boolean Satisfiability with Transitivity Constraints Boolean Satisfiability with Transitivity Constraints

Carnegie Mellon University Boolean Satisfiability with Transitivity Constraints Boolean Satisfiability with Transitivity Constraints
Randal E. Bryant Carnegie Mellon University SRC ‘07 Word-Level Modeling and Verification of Systems Using Selective Term-Level Abstraction Sanjit A. Seshia.

Randal E. Bryant Carnegie Mellon University SRC ‘07 Word-Level Modeling and Verification of Systems Using Selective Term-Level Abstraction Sanjit A. Seshia.
Nikolaj Bjørner Microsoft Research Lecture 3. DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3.

Nikolaj Bjørner Microsoft Research Lecture 3. DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3.
Carnegie Mellon University Decision Procedures Customized for Formal Verification Decision Procedures Customized for Formal Verification

Carnegie Mellon University Decision Procedures Customized for Formal Verification Decision Procedures Customized for Formal Verification
Interpolants [Craig 1957] G(y,z) F(x,y)

Interpolants [Craig 1957] G(y,z) F(x,y)
1 Boolean Satisfiability in Electronic Design Automation (EDA ) By Kunal P. Ganeshpure.

1 Boolean Satisfiability in Electronic Design Automation (EDA ) By Kunal P. Ganeshpure.
1 Satisfiability Modulo Theories Sinan Hanay. 2 Boolean Satisfiability (SAT) Is there an assignment to the p 1, p 2, …, p n variables such that  evaluates.

1 Satisfiability Modulo Theories Sinan Hanay. 2 Boolean Satisfiability (SAT) Is there an assignment to the p 1, p 2, …, p n variables such that  evaluates.
Modeling Data in Formal Verification Bits, Bit Vectors, or Words Randal E. Bryant Carnegie Mellon University.

Modeling Data in Formal Verification Bits, Bit Vectors, or Words Randal E. Bryant Carnegie Mellon University.

Similar presentations

Ads by Google