a theory of abstraction for arrays
play

A Theory of Abstraction for Arrays Steven German IBM T.J. Watson - PowerPoint PPT Presentation

Feb 19, 2023 •289 likes •630 views

A Theory of Abstraction for Arrays Steven German IBM T.J. Watson Research Center October 2011 1 November 10, 2011 The Problem of Verifying Systems with Arrays Large arrays are often a barrier to verifying hardware designs Many previous

  1. A Theory of Abstraction for Arrays Steven German IBM T.J. Watson Research Center October 2011 1 November 10, 2011

  2. The Problem of Verifying Systems with Arrays • Large arrays are often a barrier to verifying hardware designs • Many previous approaches to abstracting arrays • Abstracting arrays over a bounded time interval – Many approaches, including: Velev et al 1977; Ganai et al 2004 and 2005; Manolios et al 2006 • Prefer methods that: – Build unbounded-time sequential models – Are fully automatic • Most directly related previous approach by Bjesse [FMCAD 2008] • Limitations of previous approach – No reduction when latency from array read to output is unbounded – Clock gating introduces unbounded latency 2 November 10, 2011

  3. New Results of This Paper • New mathematical principle for abstraction of arrays – New principle allows unbounded latency from array read to output – Based on Small Model Theorem for a word-level logic with arrays – Previous approaches are based on principle of overapproximating behavior • Automatic algorithm for constructing abstract models – Algorithm can build small abstract models for complex industrial designs • Abstract models are sound and complete for safety properties • To obtain these results, need to develop mathematical theory • Details are in a longer version of paper, available from author 3 November 10, 2011

  4. Traditional Abstract Models of Arrays Modeled address: Normal array semantics Modeled Unmodeled address: Nondeterministic value Modeled 1. Replace array with smaller array that overapproximates • Sound for safety properties 2. Restrict safety property to cases where modeled addresses are read modeled → p p 4 November 10, 2011

  5. Unbounded Latency • Bjesse 2008 shows how to define modeled ( k ) to mean “ k cycles in past, a modeled address was read” – Example: modeled (2) ∧ modeled (3) → p – Solution for bounded latency • For unbounded latency, not helpful to use “Array reads at all times in past were to modeled addresses” – Only true in unabstracted model • New idea: Define a formula that means “Output at current time does not depend on reading unmodeled array addresses at any time in past” 5 November 10, 2011

  6. A New Approach to Array Abstraction • Read, write to modeled addresses have normal semantics • Choose modeled addresses nondeterministically (as in Bjesse 2008) • Read to unmodeled addresses returns special value ⊥ • Value ⊥ propagates according to semantic rules • Property p � = ⊥ → p = true p • Sound provided: At all times, For all inputs, Number of array addresses p depends on ≤ Number of modeled addresses • If there is a counterexample to safety property p , some nondeterministic choice of modeled addresses finds the counterexample • Goal of talk is to make these ideas more clear 6 November 10, 2011

  7. Steps to Realize New Approach 1. Define mathematical meaning of dependence of a signal on an array address 2. Give automatic method for determining that at all times, for all inputs, signal p depends on ≤ n array addresses 3. Show that the proof method is sound • Mathematics is different from traditional approach, where soundness follows easily from overapproximate behavior on ummodeled addresses 7 November 10, 2011

  8. A Term Logic with Arrays Two kinds of expressions: signal expressions and array expressions . • Signal expressions 1. Signal variable – Represents word level signal 2. op ( e 1 , . . . , e k ) , where e 1 , . . . , e k are signal expressions – Represents block of combinational logic 3. mux ( control , data 1 , data 2 ) , where control , data 1 , data 2 are signal expressions. Use data forwarding properties in abstract models. 4. a [ addr ] , where a is an array expression and addr is a signal expression. • Array expressions 1. Array variable 2. write ( a, addr, value ) , where a is an array expression and addr, value are signal expressions 8 November 10, 2011

  9. Signal and Array Values • Finite set of signal values (word-level), V • Bottom value, ⊥ �∈ V , represents subscripting array out of range • Extended set of signal values, V + = V ∪ {⊥} • Set of array values, V → V + 9 November 10, 2011

  10. States A state σ is a function mapping all signal and array variables to values. • For signal variable s , σ ( s ) ∈ V • For array variable a , σ ( a ) ∈ ( V → V ) • States are used to represent initial conditions of systems 10 November 10, 2011

  11. Semantics of Expressions The semantics of expressions maps a state and an expression to a value. • For signal expression se , σ 〚 se 〛 ∈ V + • For array expression ae , σ 〚 ae 〛 ∈ ( V → V + ) • Purpose of semantics is to allow reasoning about system with reduced arrays • Reading an array outside its domain produces bottom value ⊥ • Writing an array to an address in V outside domain of array, does not change value of array • Writing an array with address ⊥ causes all elements of array to be ⊥ • Operator expression op ( e 1 , . . . , e n ) produces output ⊥ if any input is ⊥ • Multiplexor mux ( e 1 , e 2 , e 3 ) produces output ⊥ if control input e 1 is ⊥ or selected input e 2 , e 3 is ⊥ 11 November 10, 2011

  12. Operational Semantics • A system M is defined by state variables and next-state expressions N ( s ) is the next-state expression for state variable s • Define s k to be an expression for state variable s at time k s 0 = s s k is k th expansion of N ( s ) • Value of s at time k in initial state σ is σ 〚 s k 〛 12 November 10, 2011

  13. Checking Safety Properties • System M • Safety property represented by output signal p ( p = 1 iff property is true) • Let T be a set of states • Safety property p holds over all initial states in T iff ∀ σ ∈ T , ∀ k ≥ 0 : σ 〚 p k 〛 = 1 • This check corresponds to model checking the design on arrays of original size – Construct circuit representation of σ 〚 p k 〛 using the next-state expressions • We will show how to check safety properties over arrays of a smaller size 13 November 10, 2011

  14. Essential Array Indices Depending on the state, some indices of an array do not need to be evaluated • Example: Let E be the expression write ( write ( a, e 1 , a [1]) , e 2 , a [2]) [ f ] If σ 〚 f 〛 = σ 〚 e 2 〛 = ⇒ { f, 2 } If σ 〚 f 〛 � = σ 〚 e 2 〛 ∧ σ 〚 f 〛 = σ 〚 e 1 〛 = ⇒ { f, 1 } If σ 〚 f 〛 � = σ 〚 e 2 〛 ∧ σ 〚 f 〛 � = σ 〚 e 1 〛 = ⇒ { f } In every state, set of needed index expressions is an element of the set S = {{ f } , { f, 1 } , { f, 2 }} For general case, we can define a function • Essential Indices, eindx ( exp , σ, array variable ) �→ { array indices } ⊆ V – Array indices that must be read from array variable to evaluate exp in σ • Idea of Small Model Theorem For any state σ , no matter how large the array a in σ , there exists a state σ ′ where a has size 2, and σ ′ 〚 E 〛 = σ 〚 E 〛 14 November 10, 2011

  15. Small Model Using Essential Indices The semantics σ 〚 exp 〛 and the function eindx ( exp, σ, a ) have the following relationship: Lemma . For all exp, σ, a , there exists a state σ ′ such that • σ ′ ≤ σ • For all array variables a , dom( σ ′ ( a )) = eindx ( exp, σ, a ) • σ ′ 〚 exp 〛 = σ 〚 exp 〛 • The state σ ′ is a small model for the value of expression exp in state σ Definition. A state σ ′ is called a substate of σ , written σ ′ ≤ σ iff • For all signal variables s , σ ′ ( s ) = σ ( s ) , and • For all array variables a , σ ′ ( a ) ⊆ σ ( a ) 15 November 10, 2011

  16. Checking Safety Properties with Small Arrays • Let T be a set of states and a an array variable such that a has size n for all states in T • Let m be k ≥ 0 | eindx ( p k , σ, a ) | ≤ n m = max max σ ∈T ∀ σ ∈ T , ∀ k ≥ 0 , there is a state σ ′ where a has size m and σ ′ 〚 p k 〛 = σ 〚 p k 〛 • Let T ′ be the set of substates of states in T where a has size m • Assume for all initial states in T , that p is evaluated without subscript errors • Then, ( p = 1) is always true in executions from initial states in T iff ( p = 1 ∨ p = ⊥ ) is always true in executions from initial states in T ′ • Model where array a has size m is sound and complete for safety property p • See conference paper for proof 16 November 10, 2011

  17. Size of the Abstract Model | eindx ( p k , σ, a ) | is difficult to compute! • The function max k ≥ 0 max σ | eindx ( p k , σ, a ) | , for a fixed k • Case splitting overapproximates max σ • Example: Let E be the expression write ( write ( a, e 1 , a [1]) , e 2 , a [2]) [ f ] ⇒ { f, 2 } If σ 〚 f 〛 = σ 〚 e 2 〛 = If σ 〚 f 〛 � = σ 〚 e 2 〛 ∧ σ 〚 f 〛 = σ 〚 e 1 〛 = ⇒ { f, 1 } If σ 〚 f 〛 � = σ 〚 e 2 〛 ∧ σ 〚 f 〛 � = σ 〚 e 1 〛 = ⇒ { f } In every state, set of index expressions is an element of the two-level set S = {{ f } , { f, 1 } , { f, 2 }} ∀ σ ∃ s ∈ S : eindx ( E, σ, a ) ⊆ σ ( s ) • The set S overapproximates eindx • Recursive algorithm constructs the two-level set for any expression • A fixed point computation can find a set of expressions that overapproximates the largest set of index expressions over the sequence p 0 , p 1 , p 2 , . . . 17 November 10, 2011

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Topic 22 2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be

Topic 22 2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be

Topic 22 2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be "Computer Science is a science of abstraction declared and used -creating the right model for a problem and int[][] mat = new int[3][4];

334 views • 4 slides
2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be "Computer

2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be "Computer

Topic 26 2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be "Computer Science is a science of abstraction declared and used -creating the right model for a problem and int[][] mat = new int[3][4]; devising

51 views • 4 slides
Data Abstraction Copying Arrays. Sorting Arrays. 2D Arrays. Janyl Jumadinova September 30 and

Data Abstraction Copying Arrays. Sorting Arrays. 2D Arrays. Janyl Jumadinova September 30 and

Data Abstraction Copying Arrays. Sorting Arrays. 2D Arrays. Janyl Jumadinova September 30 and October 5, 2020 Janyl Jumadinova Data Abstraction Copying Arrays. Sorting Arrays. 2D Arrays. September 30 and October 5, 2020 1 / 15 Copying Arrays

624 views • 19 slides
CS356 : Discussion #5 Assembly Procedures and Arrays Procedures Functions are a key abstraction

CS356 : Discussion #5 Assembly Procedures and Arrays Procedures Functions are a key abstraction

CS356 : Discussion #5 Assembly Procedures and Arrays Procedures Functions are a key abstraction in software They break down a problem into subproblems. Reusable functionality: they can be invoked from many points. Well-defined

366 views • 17 slides
Topic 26 Two Dimensional Arrays "Computer Science is a science of abstraction -creating the

Topic 26 Two Dimensional Arrays "Computer Science is a science of abstraction -creating the

Topic 26 Two Dimensional Arrays "Computer Science is a science of abstraction -creating the right model for a problem and devising the appropriate mechanizable techniques to solve it." -Alfred Aho and Jeffery Ullman Based on slides

351 views • 16 slides
Efficient Interpolation for the Theory of Arrays Tanja Schindler Jochen Hoenicke University of

Efficient Interpolation for the Theory of Arrays Tanja Schindler Jochen Hoenicke University of

Efficient Interpolation for the Theory of Arrays Tanja Schindler Jochen Hoenicke University of Freiburg July 23, 2017 Motivation Interpolation for the Theory of Arrays model checkers use interpolants to automatically generate invariants

318 views • 28 slides
Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a

Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a

Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a general quality or characteristic, apart from concrete realities, specific objects, or actual instances. 2 Abstraction Abstraction is

478 views • 21 slides
Objectives: Discuss arrays Syntax Multi-dimensional arrays Arrays

Objectives: Discuss arrays Syntax Multi-dimensional arrays Arrays

Arrays Objectives: Discuss arrays Syntax Multi-dimensional arrays Arrays Definition Variables that store many objects of the same class. access elements using brackets [ ] Their indices start at 0 They are

812 views • 11 slides
Programming Abstraction in C++ Eric S. Roberts and Julie Zelenski Stanford University 2010

Programming Abstraction in C++ Eric S. Roberts and Julie Zelenski Stanford University 2010

Enumeration Types Data and Memory Pointers Arrays Pointers and Arrays Records Programming Abstraction in C++ Eric S. Roberts and Julie Zelenski Stanford University 2010 Enumeration Types Data and Memory Pointers Arrays Pointers and

918 views • 68 slides
PHP Arrays Arrays in PHP are quite versa1le See

PHP Arrays Arrays in PHP are quite versa1le See

PHP Arrays Arrays in PHP are quite versa1le See h5p://php.net/manual/en/language.types.array.php We can use them as we use tradi1onal arrays, indexing

387 views • 20 slides
Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software

Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software

Outline Introduction Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software Counterexample-Guided Abstraction Refinement Computing Existential Abstractions of Programs Version 1.0, 2010 Checking the

429 views • 12 slides
Arrays Arrays and Methods Searching Sorting Arrays Reading: => Continue with

Arrays Arrays and Methods Searching Sorting Arrays Reading: => Continue with

Arrays Arrays and Methods Searching Sorting Arrays Reading: => Continue with section 2.1 1 Arrays and Array Elements as Method Arguments As noted previously, an array element can be used in any context expecting an

1.06k views • 59 slides
1 Arrays Arrays The array's element type is the type of values it stores The size of an array

1 Arrays Arrays The array's element type is the type of values it stores The size of an array

CSC 2014 Java Bootcamp Lecture 3 Arrays ARRAYS Arrays Arrays An array is an object that holds a set of values Square brackets (the index operator) are used to refer to a specific element in the array Each value can be accessed by a numeric

119 views • 7 slides
Craig Interpolation for Integer Arithmetic, Uninterpreted Functions, and the Theory of Arrays

Craig Interpolation for Integer Arithmetic, Uninterpreted Functions, and the Theory of Arrays

Craig Interpolation for Integer Arithmetic, Uninterpreted Functions, and the Theory of Arrays Angelo Brillout 1 Daniel Kroening 2 ome Leroux 3 J er ummer 4 Thomas Wahl 2 Philipp R 1 ETH Zurich 2 University of Oxford 3 Laboratoire

989 views • 50 slides
Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful

Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful

Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful for storing data in a table, or pixel information, for example syntax is very similar to one-dimensional array Two-dimensional Arrays

273 views • 23 slides
Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful

Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful

Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful for storing data in a table, or pixel information, for example syntax is very similar to one-dimensional array Two-dimensional Arrays

299 views • 17 slides
Programmable Microfluidics William Thies*, J.P. Urbanski , Mats Cooper , David Wentzlaff*,

Programmable Microfluidics William Thies*, J.P. Urbanski , Mats Cooper , David Wentzlaff*,

Programmable Microfluidics William Thies*, J.P. Urbanski , Mats Cooper , David Wentzlaff*, Todd Thorsen , and Saman Amarasinghe * * Computer Science and Artificial Intelligence Laboratory Hatsopoulos Microfluids Laboratory

319 views • 16 slides
Lets Build a Processor Almost ready to move into chapter 5 and start building a processor

Lets Build a Processor Almost ready to move into chapter 5 and start building a processor

Lets Build a Processor Almost ready to move into chapter 5 and start building a processor First, lets review Boolean Logic and build the ALU well need (Material from Appendix B) operation a 32 ALU result 32 b 32 86

1.23k views • 73 slides
Processor Datapath Levels in Processor Design We can talk about design at a variety of levels

Processor Datapath Levels in Processor Design We can talk about design at a variety of levels

Processor Datapath Levels in Processor Design We can talk about design at a variety of levels (from low to high): Circuit design: transistors, resistors, capacitors, etc. Building gates, flip-flops, etc. Logic design: putting gates

269 views • 6 slides
CS 31: Intro to Systems Digital Logic Martin Gagn Swarthmore College January 31, 2017

CS 31: Intro to Systems Digital Logic Martin Gagn Swarthmore College January 31, 2017

CS 31: Intro to Systems Digital Logic Martin Gagn Swarthmore College January 31, 2017 Youre going to want scratch papr today borrow some if needed. Quick Announcements Late Policy Reminder 3 late days total for the whole

706 views • 43 slides
for genetic programming W. B. Langdon CREST lab, Department of Computer Science Slides

for genetic programming W. B. Langdon CREST lab, Department of Computer Science Slides

A Many Threaded CUDA Interpreter for genetic programming W. B. Langdon CREST lab, Department of Computer Science Slides presented at EuroGP 2010, LNCS 6021, p146-158 Introduction Running tree GP on graphics hardware How 8692 times

750 views • 20 slides
Using Form al Techniques for Design for Verifiability Rolf Drechsler University of Brem en DFKI

Using Form al Techniques for Design for Verifiability Rolf Drechsler University of Brem en DFKI

Using Form al Techniques for Design for Verifiability Rolf Drechsler University of Brem en DFKI Gm bH Germ any drechsler@uni-brem en.de Verification It is important Trust me! Very powerful tools in the market Formal

178 views • 14 slides
Outline Combinational & sequential logic Single-cycle CPU Multi-cycle CPU 1

Outline Combinational & sequential logic Single-cycle CPU Multi-cycle CPU 1

Outline Combinational & sequential logic Single-cycle CPU Multi-cycle CPU 1 Combinational Element combinational n n input output logic Output determined entirely by input Contains no storage element 2 Examples of

1.15k views • 94 slides
Outline Introduction Space-Time Simulation Time Parallel Simulation Fix-up

Outline Introduction Space-Time Simulation Time Parallel Simulation Fix-up

Outline Introduction Space-Time Simulation Time Parallel Simulation Fix-up Computations Simulation & Modeling Example: Parallel Cache Simulation Time Parallel Simulations Problem-Specific Approach to Create Massively

65 views • 4 slides

More recommend