Computing Abstractions by integrating BDDs and SMT Solvers - PowerPoint PPT Presentation

About This Presentation
Title:

Computing Abstractions by integrating BDDs and SMT Solvers

Description:

Computing Abstractions by integrating BDDs and SMT Solvers. Alessandro Cimatti ... Predicate Abstraction with BDDs and SMT. FMCAD'07, Austin, TX. Index of the talk ... – PowerPoint PPT presentation

Number of Views:73
Avg rating:3.0/5.0
Slides: 31
Provided by: alessandr86
Category:

less

Transcript and Presenter's Notes

Title: Computing Abstractions by integrating BDDs and SMT Solvers


1
Computing Abstractions by integrating BDDs and
SMT Solvers
  • Alessandro Cimatti
  • Fondazione Bruno Kessler, Trento, Italy

Joint work withR. Cavada, A. Franzen, K.
Krishnamani,M. Roveri, R. Shyamasundar
2
Index of the talk
  • Background Predicate Abstraction
  • Predicate Abstraction via AllSMT
  • Predicate Abstraction via BDDs SMT
  • Experiments
  • Conclusions and Future Work

2
3
not P0
P0
?0(X)
01
00
000
001
P2
?2(X)
not P1
101
100
not P2
State vars X
Abstract State vars P
P1
Invar(X)
Init(X)
Init(P)
Trans(X, X')
?1(X)
Invar(P)
010
011
10
11
Trans(P,P')
FMCAD'07, Austin, TX
3
Predicate Abstraction with BDDs and SMT
4
CEGAR
When impreciseabstraction!
FMCAD'07, Austin, TX
4
Predicate Abstraction with BDDs and SMT
5
Computing Abstractions
  • Given concrete program over X
  • Given set of predicates ?i(X) associated to
    abstract variable Pi
  • Obtain the corresponding abstract program
  • For example, Trans(P, P') is defined by
  • ? X X'.( CTrans(X, X') ? ?i Pi ? ?i(X) ? ?i Pi' ?
    ?i(X') )
  • Basic computation existential quantification

5
6
Index of the talk
  • Background Predicate Abstraction
  • Predicate Abstraction via AllSMT
  • Predicate Abstraction via BDDs SMT
  • Experiments
  • Conclusions and Future Work

FMCAD'07, Austin, TX
6
Predicate Abstraction with BDDs and SMT
7
Existential quantification
  • Let F(x, V) be a formula where
  • V are boolean variables (important vars)
  • x are the other variables
  • Compute a boolean formula equivalent to ? x.F(x,
    V)
  • Example (boolean case)
  • ? B.(A ? (B ? C))
  • V A, C
  • Example
  • ? x y.( (P ? x y 2) ? (Q ? x y lt 10) ?
    x y gt 12 )
  • V P, Q

7
8
All SMT
  • LNO'06 use SMT solver on F(x, V)
  • Compute all satisfiable assignments to V
  • SMTAbstract(Phi, V)
  • res false
  • loop
  • mu SMT(Phi)
  • if mu UNSAT then return res
  • else
  • vmu restrict(V, mu)
  • res res or vmu
  • Phi Phi and vmu

8
9
AllSMT at work (boolean case)
In fact, ? B.(A and (B or C))reduces to(A
and (true or C))or(A and (false or C))that
is, A
  • ? B.(A ? (B ? C))
  • V A, C
  • First iteration
  • mu A, C, B
  • vmu A, C
  • blocking clause A or C
  • Second iteration
  • mu A, C, B
  • vmu A, C
  • blocking clause A ? C
  • Third iteration unsat
  • Result (A ? C) ? (A ? C) ? A

9
10
AllSMT at work
  • ? x y.(P ? (x y 2)) ? (Q ? (x y lt 10)) ? (x
    y gt 12)
  • V P, Q
  • First iteration
  • mu P, (x y 2), Q, (x y lt 10), (x y gt
    12)
  • vmu P, Q
  • blocking clause P ? Q
  • Second iteration
  • mu P, (x y 2), Q, (x y lt 10), (x y gt
    12)
  • vmu P, Q
  • blocking clause P ? Q
  • Third iteration unsat
  • Result P

10
11
AllSMT a closer look
  • Limit case F purely boolean, disjoint clauses,
    all variables are important
  • (P11 ? ? P1n) ?
  • ?
  • (Pm1 ? ? Pmn)
  • blow up in number of disjuncts
  • even prime implicants blow up !!!
  • Intuition
  • the approach constructs the DNF of the result
  • enumerating all the disjuncts

11
12
Index of the talk
  • Background Predicate Abstraction
  • Predicate Abstraction via AllSMT
  • Predicate Abstraction via BDDs SMT
  • Experiments
  • Conclusions and Future Work

FMCAD'07, Austin, TX
12
Predicate Abstraction with BDDs and SMT
13
The big picture
FMCAD'07, Austin, TX
13
Predicate Abstraction with BDDs and SMT
14
Binary Decision Diagrams
  • Binary Decision Diagrams
  • canonical representation for boolean functions
  • ITE nodes
  • fixed order on test variables
  • (A ? (B ? C))
  • Reduction rules
  • only one occurrence of the same subtree
  • if(P, b, b) b
  • Can blow up in space
  • Order of variables can make huge difference

true
false
14
15
More on BDDs
  • Core of traditional EDA tools
  • Often replaced by SAT techniques
  • Capacity, automation,
  • Yes, but
  • In practice, can be extremely efficient
  • They provide QBF functionalities
  • ? x.F(x, V) F(false, V) ? F(true, V)
  • Fundamental operation in model checking

15
16
BDD-based Abstraction
  • BddAbstract(b, V)
  • if (b True) or (b False) then
  • return b
  • tt BddAbstract(BddThen(b), V)
  • ee BddAbstract(BddElse(b), V)
  • if var(b) in V then
  • return BddITE(var(v), tt, ee)
  • else
  • return BddOr(tt, ee)

16
17
BddThAbstract
  • Our idea
  • extend BDD-based quantification
  • to deal with theory constraints
  • Intuitive reduction
  • ? x.F(x, V)
  • ? x.F(C1(x), , Cn(x), V)
  • ? x A1, , An.(F(A1, , An, V) ? ?i (Ai ? Ci(x))
    )
  • ? A1, , An.F(A1, , An, V)
  • this is BddAbstract, but
  • "modulo theory", i.e. interpreting each Ai as
    Ci(x)
  • Result
  • A BDD whose paths are all theory consistent

17
18
  • BddThAbstract(b, C, V) if (b True) or (b
    False) then return b if
    BooleanAtom(var(v)) then tt
    BddThAbstract(BddThen(b), C, V) ee
    BddThAbstract(BddElse(b), C, V) if (var(b)
    in V) then return BddITE(var(v), tt, ee)
    else return BddOr(tt, ee) else cv
    VarToConstraint(var(v)) if
    ThInconsistent(C,cv) then tt False
    else tt BddThAbstract(BddThen(b),
    C?cv, V) if ThInconsistent(C, ?cv) then
    ee False else ee
    BddThAbstract(BddElse(b), C??cv,V) return
    BddOr(tt, ee)

18
19
Architecture SMT BDD
  • An SMT solver without selection heuristic
  • NOT a theory solver!
  • Contains stack and implication graph
  • Can learn theory lemmas
  • Carries out BCP

19
20
Index of the talk
  • Background Predicate Abstraction
  • Predicate Abstraction via AllSMT
  • Predicate Abstraction via BDDs SMT
  • Experiments
  • Conclusions and Future Work

FMCAD'07, Austin, TX
20
Predicate Abstraction with BDDs and SMT
21
Experiments
  • Implemented combining NuSMV and MathSAT
  • Test cases networks of Timed Automata
  • Parameters
  • number of automata
  • number of states
  • number of transitions
  • Remark
  • absolute time is global to all processes
  • Timeout at 900s

21
22
Experimental Evaluation
22
23
Experimental Evaluation
23
24
Experimental Evaluation
24
25
Conclusions and Future Work
  • A new approach for computing abstractions
  • BDD-based top level, SMT solver for consistency
  • Significantly faster
  • within BDD capacity
  • when many disjunct
  • Future directions
  • Conjunctive partitioning of the matrix
  • Better memoizing
  • Any time ?
  • Experiments within CEGAR loop
  • NuSMV MathSAT
  • Hybrid systems, word-level circuits

25
26
Thanks for your attention

27
Related Work
  • BDDs for SMT
  • DDDs
  • HarVey switched from BDDs to SAT
  • Armando simplifies boolean structure in SMT
  • Shuijers does not deal with quantification
  • LTL satisfiability, based on prime implicants
    CAV'07
  • SAT-based existential quantification in the
    boolean case
  • McMillan, Gupta et al

27
28
Experiemental Evaluation
FMCAD'07, Austin, TX
28
Predicate Abstraction with BDDs and SMT
29
Experiemental Evaluation
FMCAD'07, Austin, TX
29
Predicate Abstraction with BDDs and SMT
30
Experiemental Evaluation
FMCAD'07, Austin, TX
30
Predicate Abstraction with BDDs and SMT
Write a Comment
User Comments (0)
About PowerShow.com