Towards Bit-Width-Independent Proofs in SMT Solvers Aina Niemetz 1 - PowerPoint PPT Presentation

Towards Bit-Width-Independent Proofs in SMT Solvers Aina Niemetz 1 Mathias Preiner 1 Andrew Reynolds 2 Yoni Zohar 1 Clark Barrett 1 Cesare Tinelli 2 1. Stanford University, Stanford, USA 2. The University of Iowa, Iowa City, USA 1 Towards Bit-Width-Independent Proofs in SMT Solvers

Why Bit-width Independence? LLVM [Image from Lattner 2012] Alive [Lopes et al. 2015] Language + tool for: Writing optimizations Verifying them Generating code Name: AddSub:1604 Name: muldivrem:876 Name: AndOrXor:1733 1 1 1 Pre: C == width(%a) - 1 Pre: C u>= 1<<(width(C)-1) %cmp1 = icmp ne %A, 0 2 2 2 %a = ashr %x, C %r = udiv %x, C %cmp2 = icmp ne %B, 0 3 3 3 4 %r = sub 0, %a 4 => 4 %r = or %cmp1, %cmp2 5 => 5 %c = icmp ult %x, C 5 => 6 %r = lshr %x, C 6 %r = select %c, 0, 1 6 %C = or %A, %B 7 %r = icmp ne %C, 0 AndOrXor:1733 is correct IFF ( A � = 0 ∨ B � = 0) ⇔ ( A | B � = 0) is VALID Alive proves validity up to a certain bit-width 2 Towards Bit-Width-Independent Proofs in SMT Solvers

Why Bit-width Independence? LLVM [Image from Lattner 2012] Alive [Lopes et al. 2015] Language + tool for: Writing optimizations Verifying them Generating code Name: AddSub:1604 Name: muldivrem:876 Name: AndOrXor:1733 1 1 1 Pre: C == width(%a) - 1 Pre: C u>= 1<<(width(C)-1) %cmp1 = icmp ne %A, 0 2 2 2 %a = ashr %x, C %r = udiv %x, C %cmp2 = icmp ne %B, 0 3 3 3 4 %r = sub 0, %a 4 => 4 %r = or %cmp1, %cmp2 5 => 5 %c = icmp ult %x, C 5 => 6 %r = lshr %x, C 6 %r = select %c, 0, 1 6 %C = or %A, %B 7 %r = icmp ne %C, 0 AndOrXor:1733 is correct IFF ( A � = 0 ∨ B � = 0) ⇔ ( A | B � = 0) is VALID Alive proves validity up to a certain bit-width 2 Towards Bit-Width-Independent Proofs in SMT Solvers

Why Bit-width Independence? LLVM [Image from Lattner 2012] Alive [Lopes et al. 2015] Language + tool for: Writing optimizations Verifying them Generating code Name: AddSub:1604 Name: muldivrem:876 Name: AndOrXor:1733 1 1 1 Pre: C == width(%a) - 1 Pre: C u>= 1<<(width(C)-1) %cmp1 = icmp ne %A, 0 2 2 2 %a = ashr %x, C %r = udiv %x, C %cmp2 = icmp ne %B, 0 3 3 3 4 %r = sub 0, %a 4 => 4 %r = or %cmp1, %cmp2 5 => 5 %c = icmp ult %x, C 5 => 6 %r = lshr %x, C 6 %r = select %c, 0, 1 6 %C = or %A, %B 7 %r = icmp ne %C, 0 AndOrXor:1733 is correct IFF ( A � = 0 ∨ B � = 0) ⇔ ( A | B � = 0) is VALID Our Goal: proving validity for every bit-width 2 Towards Bit-Width-Independent Proofs in SMT Solvers

Outline Our Goal: proving validity for every bit-width How to express? How to solve? Case Studies 3 Towards Bit-Width-Independent Proofs in SMT Solvers

Outline Our Goal: proving validity for every bit-width How to express? How to solve? Case Studies 3 Towards Bit-Width-Independent Proofs in SMT Solvers

Bit-vectors in SMT-LIB 2 Many-sorted First-order Logic Sorts: σ 1 , σ 2 , . . . Sorted equality, functions, predicates ( x � = 3 000 ∨ y � = 3 000) ⇔ ( x | 3 y � = 3 000) What Do We Need? Variables ranging over bit-vectors of unspecified bit-width Constants with unspecified bit-width 0 . . . 0 ( x � = k 0 . . . 0 ∨ y � = k 0 . . . 0) ⇔ ( x | k y � = k 0 . . . 0) No such thing as “ σ k ” Many-sorted first-order logic does not seem like a natural fit 4 Towards Bit-Width-Independent Proofs in SMT Solvers

Language for Bit-vectors of Parametric Width Language ( x 1 � = z 0 ∨ x 2 � = z 0 ) ⇔ ( x 1 | x 2 � = z 0 ) Unsorted equal, functions, predicates Bit-vector variables: X = { x 1 , . . . } Bit-vector constants: Z = { z 1 , . . . } ( z 0 & x 1 ) < u x 2 Integer terms: N = { 0 , n + m , . . . } Auxiliary Maps Pair of maps: ω = � ω b , ω N � ω b : X ∪ Z → N symbolic bit-width ω N : Z → N symbolic value Not every ω can be used Validity: always w.r.t. a given ω considering all integer interpretations Variant of [Pichora 2003] 5 Towards Bit-Width-Independent Proofs in SMT Solvers

Language for Bit-vectors of Parametric Width Language ( x 1 � = z 0 ∨ x 2 � = z 0 ) ⇔ ( x 1 | x 2 � = z 0 ) with Unsorted equal, functions, predicates ω b ( x 1 ) = ω b ( x 2 ) = ω b ( z 0 ) = k Bit-vector variables: X = { x 1 , . . . } ω N ( z 0 ) = 0 Bit-vector constants: Z = { z 1 , . . . } ( z 0 & x 1 ) < u x 2 Integer terms: N = { 0 , n + m , . . . } with ω b ( x 1 ) = ω b ( x 2 ) = ω b ( z 0 ) = k Auxiliary Maps ω N ( z 0 ) = k Pair of maps: ω = � ω b , ω N � ω b : X ∪ Z → N symbolic bit-width ω N : Z → N symbolic value Not every ω can be used Validity: always w.r.t. a given ω considering all integer interpretations Variant of [Pichora 2003] 5 Towards Bit-Width-Independent Proofs in SMT Solvers

Language for Bit-vectors of Parametric Width Language ( x 1 � = z 0 ∨ x 2 � = z 0 ) ⇔ ( x 1 | x 2 � = z 0 ) with Unsorted equal, functions, predicates ω b ( x 1 ) = ω b ( x 2 ) = ω b ( z 0 ) = k Bit-vector variables: X = { x 1 , . . . } ω N ( z 0 ) = 0 Bit-vector constants: Z = { z 1 , . . . } ( z 0 & x 1 ) < u x 2 Integer terms: N = { 0 , n + m , . . . } with ω b ( x 1 ) = ω b ( x 2 ) = ω b ( z 0 ) = k Auxiliary Maps ω N ( z 0 ) = k Pair of maps: ω = � ω b , ω N � Bad ω ω b : X ∪ Z → N symbolic bit-width ω b ( x 1 ) = k , ω b ( x 2 ) = k + 1 ω N : Z → N symbolic value Not every ω can be used Validity: always w.r.t. a given ω considering all integer interpretations Variant of [Pichora 2003] 5 Towards Bit-Width-Independent Proofs in SMT Solvers

Outline Our Goal: proving validity for every bit-width How to express? How to solve? Case Studies 6 Towards Bit-Width-Independent Proofs in SMT Solvers

Solving Bit-vector Formulas with Parametric Width Possibilities Bit-blasting Specialized solver Translation to strings Translation to integers From Bit-vectors to Integers Semantics for many operators is already built-in (exceptions: & , | , . . . ) Benefit from advancements in integer-solving Need also UF and quantifiers Strings with UF and quantifiers are not well-supported 7 Towards Bit-Width-Independent Proofs in SMT Solvers

Solving Bit-vector Formulas with Parametric Width Possibilities Bit-blasting Specialized solver Translation to strings Translation to integers From Bit-vectors to Integers Semantics for many operators is already built-in (exceptions: & , | , . . . ) Benefit from advancements in integer-solving Need also UF and quantifiers Strings with UF and quantifiers are not well-supported 7 Towards Bit-Width-Independent Proofs in SMT Solvers

Translation Tr : BV �→ NIA k = ω b ( x ) x �→ x ω N ( z ) mod 2 k z �→ F (4 , 13) = �→ = x < u y �→ x < y 13 1101 − 3 �→ F ( k , x ) < F ( k , y ) x < s y F ( k , x ) = 2 · ( x mod 2 k − 1 ) − x ( x + y ) mod 2 k ( x · y ) mod 2 k x + y �→ x · y �→ y = 0 ? 2 k − 1 : x ÷ y x div y �→ x mod y �→ y = 0 ? x : x mod y 2 k − 1 − x (2 k − x ) mod 2 k ∼ x �→ − x �→ ( x · 2 y ) mod 2 k ( x ÷ 2 y ) mod 2 k x < < y �→ x > > y �→ x · 2 k + y i =0 2 i · min( x [ i ] , y [ i ]) Σ k x ◦ y �→ x & y �→ i =0 2 i · max( x [ i ] , y [ i ]) i =0 2 i · | x [ i ] − y [ i ] | Σ k Σ k x | y �→ x ⊕ y �→ ϕ �→ Tr ( ϕ ) 8 Towards Bit-Width-Independent Proofs in SMT Solvers

Translation Tr : BV �→ NIA k = ω b ( x ) x �→ x ω N ( z ) mod 2 k z �→ F (4 , 13) = �→ = x < u y �→ x < y 13 1101 − 3 �→ F ( k , x ) < F ( k , y ) x < s y F ( k , x ) = 2 · ( x mod 2 k − 1 ) − x ( x + y ) mod 2 k ( x · y ) mod 2 k x + y �→ x · y �→ y = 0 ? 2 k − 1 : x ÷ y x div y �→ x mod y �→ y = 0 ? x : x mod y 2 k − 1 − x (2 k − x ) mod 2 k ∼ x �→ − x �→ ( x · 2 y ) mod 2 k ( x ÷ 2 y ) mod 2 k x < < y �→ x > > y �→ x · 2 k + y i =0 2 i · min( x [ i ] , y [ i ]) Σ k x ◦ y �→ x & y �→ i =0 2 i · max( x [ i ] , y [ i ]) i =0 2 i · | x [ i ] − y [ i ] | Σ k Σ k x | y �→ x ⊕ y �→ � (0 ≤ x < 2 k ) ϕ �→ Tr ( ϕ ) ∧ 8 Towards Bit-Width-Independent Proofs in SMT Solvers

Translation Tr : BV �→ NIA k = ω b ( x ) x �→ x ω N ( z ) mod 2 k z �→ F (4 , 13) = �→ = x < u y �→ x < y 13 1101 − 3 �→ F ( k , x ) < F ( k , y ) x < s y F ( k , x ) = 2 · ( x mod 2 k − 1 ) − x ( x + y ) mod 2 k ( x · y ) mod 2 k x + y �→ x · y �→ y = 0 ? 2 k − 1 : x ÷ y x div y �→ x mod y �→ y = 0 ? x : x mod y 2 k − 1 − x (2 k − x ) mod 2 k ∼ x �→ − x �→ ( x · 2 y ) mod 2 k ( x ÷ 2 y ) mod 2 k x < < y �→ x > > y �→ x · 2 k + y i =0 2 i · min( x [ i ] , y [ i ]) Σ k x ◦ y �→ x & y �→ i =0 2 i · max( x [ i ] , y [ i ]) i =0 2 i · | x [ i ] − y [ i ] | Σ k Σ k x | y �→ x ⊕ y �→ � (0 ≤ x < 2 k ) ϕ �→ Tr ( ϕ ) ∧ 8 Towards Bit-Width-Independent Proofs in SMT Solvers