a theory of abstraction for arrays
play

A Theory of Abstraction for Arrays Steven German IBM T.J. Watson - PowerPoint PPT Presentation

Feb 19, 2023 •289 likes •630 views

A Theory of Abstraction for Arrays Steven German IBM T.J. Watson Research Center October 2011 1 November 10, 2011 The Problem of Verifying Systems with Arrays Large arrays are often a barrier to verifying hardware designs Many previous

  1. A Theory of Abstraction for Arrays Steven German IBM T.J. Watson Research Center October 2011 1 November 10, 2011

  2. The Problem of Verifying Systems with Arrays • Large arrays are often a barrier to verifying hardware designs • Many previous approaches to abstracting arrays • Abstracting arrays over a bounded time interval – Many approaches, including: Velev et al 1977; Ganai et al 2004 and 2005; Manolios et al 2006 • Prefer methods that: – Build unbounded-time sequential models – Are fully automatic • Most directly related previous approach by Bjesse [FMCAD 2008] • Limitations of previous approach – No reduction when latency from array read to output is unbounded – Clock gating introduces unbounded latency 2 November 10, 2011

  3. New Results of This Paper • New mathematical principle for abstraction of arrays – New principle allows unbounded latency from array read to output – Based on Small Model Theorem for a word-level logic with arrays – Previous approaches are based on principle of overapproximating behavior • Automatic algorithm for constructing abstract models – Algorithm can build small abstract models for complex industrial designs • Abstract models are sound and complete for safety properties • To obtain these results, need to develop mathematical theory • Details are in a longer version of paper, available from author 3 November 10, 2011

  4. Traditional Abstract Models of Arrays Modeled address: Normal array semantics Modeled Unmodeled address: Nondeterministic value Modeled 1. Replace array with smaller array that overapproximates • Sound for safety properties 2. Restrict safety property to cases where modeled addresses are read modeled → p p 4 November 10, 2011

  5. Unbounded Latency • Bjesse 2008 shows how to define modeled ( k ) to mean “ k cycles in past, a modeled address was read” – Example: modeled (2) ∧ modeled (3) → p – Solution for bounded latency • For unbounded latency, not helpful to use “Array reads at all times in past were to modeled addresses” – Only true in unabstracted model • New idea: Define a formula that means “Output at current time does not depend on reading unmodeled array addresses at any time in past” 5 November 10, 2011

  6. A New Approach to Array Abstraction • Read, write to modeled addresses have normal semantics • Choose modeled addresses nondeterministically (as in Bjesse 2008) • Read to unmodeled addresses returns special value ⊥ • Value ⊥ propagates according to semantic rules • Property p � = ⊥ → p = true p • Sound provided: At all times, For all inputs, Number of array addresses p depends on ≤ Number of modeled addresses • If there is a counterexample to safety property p , some nondeterministic choice of modeled addresses finds the counterexample • Goal of talk is to make these ideas more clear 6 November 10, 2011

  7. Steps to Realize New Approach 1. Define mathematical meaning of dependence of a signal on an array address 2. Give automatic method for determining that at all times, for all inputs, signal p depends on ≤ n array addresses 3. Show that the proof method is sound • Mathematics is different from traditional approach, where soundness follows easily from overapproximate behavior on ummodeled addresses 7 November 10, 2011

  8. A Term Logic with Arrays Two kinds of expressions: signal expressions and array expressions . • Signal expressions 1. Signal variable – Represents word level signal 2. op ( e 1 , . . . , e k ) , where e 1 , . . . , e k are signal expressions – Represents block of combinational logic 3. mux ( control , data 1 , data 2 ) , where control , data 1 , data 2 are signal expressions. Use data forwarding properties in abstract models. 4. a [ addr ] , where a is an array expression and addr is a signal expression. • Array expressions 1. Array variable 2. write ( a, addr, value ) , where a is an array expression and addr, value are signal expressions 8 November 10, 2011

  9. Signal and Array Values • Finite set of signal values (word-level), V • Bottom value, ⊥ �∈ V , represents subscripting array out of range • Extended set of signal values, V + = V ∪ {⊥} • Set of array values, V → V + 9 November 10, 2011

  10. States A state σ is a function mapping all signal and array variables to values. • For signal variable s , σ ( s ) ∈ V • For array variable a , σ ( a ) ∈ ( V → V ) • States are used to represent initial conditions of systems 10 November 10, 2011

  11. Semantics of Expressions The semantics of expressions maps a state and an expression to a value. • For signal expression se , σ 〚 se 〛 ∈ V + • For array expression ae , σ 〚 ae 〛 ∈ ( V → V + ) • Purpose of semantics is to allow reasoning about system with reduced arrays • Reading an array outside its domain produces bottom value ⊥ • Writing an array to an address in V outside domain of array, does not change value of array • Writing an array with address ⊥ causes all elements of array to be ⊥ • Operator expression op ( e 1 , . . . , e n ) produces output ⊥ if any input is ⊥ • Multiplexor mux ( e 1 , e 2 , e 3 ) produces output ⊥ if control input e 1 is ⊥ or selected input e 2 , e 3 is ⊥ 11 November 10, 2011

  12. Operational Semantics • A system M is defined by state variables and next-state expressions N ( s ) is the next-state expression for state variable s • Define s k to be an expression for state variable s at time k s 0 = s s k is k th expansion of N ( s ) • Value of s at time k in initial state σ is σ 〚 s k 〛 12 November 10, 2011

  13. Checking Safety Properties • System M • Safety property represented by output signal p ( p = 1 iff property is true) • Let T be a set of states • Safety property p holds over all initial states in T iff ∀ σ ∈ T , ∀ k ≥ 0 : σ 〚 p k 〛 = 1 • This check corresponds to model checking the design on arrays of original size – Construct circuit representation of σ 〚 p k 〛 using the next-state expressions • We will show how to check safety properties over arrays of a smaller size 13 November 10, 2011

  14. Essential Array Indices Depending on the state, some indices of an array do not need to be evaluated • Example: Let E be the expression write ( write ( a, e 1 , a [1]) , e 2 , a [2]) [ f ] If σ 〚 f 〛 = σ 〚 e 2 〛 = ⇒ { f, 2 } If σ 〚 f 〛 � = σ 〚 e 2 〛 ∧ σ 〚 f 〛 = σ 〚 e 1 〛 = ⇒ { f, 1 } If σ 〚 f 〛 � = σ 〚 e 2 〛 ∧ σ 〚 f 〛 � = σ 〚 e 1 〛 = ⇒ { f } In every state, set of needed index expressions is an element of the set S = {{ f } , { f, 1 } , { f, 2 }} For general case, we can define a function • Essential Indices, eindx ( exp , σ, array variable ) �→ { array indices } ⊆ V – Array indices that must be read from array variable to evaluate exp in σ • Idea of Small Model Theorem For any state σ , no matter how large the array a in σ , there exists a state σ ′ where a has size 2, and σ ′ 〚 E 〛 = σ 〚 E 〛 14 November 10, 2011

  15. Small Model Using Essential Indices The semantics σ 〚 exp 〛 and the function eindx ( exp, σ, a ) have the following relationship: Lemma . For all exp, σ, a , there exists a state σ ′ such that • σ ′ ≤ σ • For all array variables a , dom( σ ′ ( a )) = eindx ( exp, σ, a ) • σ ′ 〚 exp 〛 = σ 〚 exp 〛 • The state σ ′ is a small model for the value of expression exp in state σ Definition. A state σ ′ is called a substate of σ , written σ ′ ≤ σ iff • For all signal variables s , σ ′ ( s ) = σ ( s ) , and • For all array variables a , σ ′ ( a ) ⊆ σ ( a ) 15 November 10, 2011

  16. Checking Safety Properties with Small Arrays • Let T be a set of states and a an array variable such that a has size n for all states in T • Let m be k ≥ 0 | eindx ( p k , σ, a ) | ≤ n m = max max σ ∈T ∀ σ ∈ T , ∀ k ≥ 0 , there is a state σ ′ where a has size m and σ ′ 〚 p k 〛 = σ 〚 p k 〛 • Let T ′ be the set of substates of states in T where a has size m • Assume for all initial states in T , that p is evaluated without subscript errors • Then, ( p = 1) is always true in executions from initial states in T iff ( p = 1 ∨ p = ⊥ ) is always true in executions from initial states in T ′ • Model where array a has size m is sound and complete for safety property p • See conference paper for proof 16 November 10, 2011

  17. Size of the Abstract Model | eindx ( p k , σ, a ) | is difficult to compute! • The function max k ≥ 0 max σ | eindx ( p k , σ, a ) | , for a fixed k • Case splitting overapproximates max σ • Example: Let E be the expression write ( write ( a, e 1 , a [1]) , e 2 , a [2]) [ f ] ⇒ { f, 2 } If σ 〚 f 〛 = σ 〚 e 2 〛 = If σ 〚 f 〛 � = σ 〚 e 2 〛 ∧ σ 〚 f 〛 = σ 〚 e 1 〛 = ⇒ { f, 1 } If σ 〚 f 〛 � = σ 〚 e 2 〛 ∧ σ 〚 f 〛 � = σ 〚 e 1 〛 = ⇒ { f } In every state, set of index expressions is an element of the two-level set S = {{ f } , { f, 1 } , { f, 2 }} ∀ σ ∃ s ∈ S : eindx ( E, σ, a ) ⊆ σ ( s ) • The set S overapproximates eindx • Recursive algorithm constructs the two-level set for any expression • A fixed point computation can find a set of expressions that overapproximates the largest set of index expressions over the sequence p 0 , p 1 , p 2 , . . . 17 November 10, 2011

Recommend

Topic 22 2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be

Topic 22 2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be

Topic 22 2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be "Computer Science is a science of abstraction declared and used -creating the right model for a problem and int[][] mat = new int[3][4];

334 views • 4 slides
2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be "Computer

2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be "Computer

Topic 26 2D Arrays in Java Two Dimensional Arrays Arrays with multiple dimensions may be "Computer Science is a science of abstraction declared and used -creating the right model for a problem and int[][] mat = new int[3][4]; devising

51 views • 4 slides
Data Abstraction Copying Arrays. Sorting Arrays. 2D Arrays. Janyl Jumadinova September 30 and

Data Abstraction Copying Arrays. Sorting Arrays. 2D Arrays. Janyl Jumadinova September 30 and

Data Abstraction Copying Arrays. Sorting Arrays. 2D Arrays. Janyl Jumadinova September 30 and October 5, 2020 Janyl Jumadinova Data Abstraction Copying Arrays. Sorting Arrays. 2D Arrays. September 30 and October 5, 2020 1 / 15 Copying Arrays

624 views • 19 slides
CS356 : Discussion #5 Assembly Procedures and Arrays Procedures Functions are a key abstraction

CS356 : Discussion #5 Assembly Procedures and Arrays Procedures Functions are a key abstraction

CS356 : Discussion #5 Assembly Procedures and Arrays Procedures Functions are a key abstraction in software They break down a problem into subproblems. Reusable functionality: they can be invoked from many points. Well-defined

366 views • 17 slides
Topic 26 Two Dimensional Arrays "Computer Science is a science of abstraction -creating the

Topic 26 Two Dimensional Arrays "Computer Science is a science of abstraction -creating the

Topic 26 Two Dimensional Arrays "Computer Science is a science of abstraction -creating the right model for a problem and devising the appropriate mechanizable techniques to solve it." -Alfred Aho and Jeffery Ullman Based on slides

351 views • 16 slides
Efficient Interpolation for the Theory of Arrays Tanja Schindler Jochen Hoenicke University of

Efficient Interpolation for the Theory of Arrays Tanja Schindler Jochen Hoenicke University of

Efficient Interpolation for the Theory of Arrays Tanja Schindler Jochen Hoenicke University of Freiburg July 23, 2017 Motivation Interpolation for the Theory of Arrays model checkers use interpolants to automatically generate invariants

318 views • 28 slides
Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a

Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a

Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a general quality or characteristic, apart from concrete realities, specific objects, or actual instances. 2 Abstraction Abstraction is

478 views • 21 slides
Objectives: Discuss arrays Syntax Multi-dimensional arrays Arrays

Objectives: Discuss arrays Syntax Multi-dimensional arrays Arrays

Arrays Objectives: Discuss arrays Syntax Multi-dimensional arrays Arrays Definition Variables that store many objects of the same class. access elements using brackets [ ] Their indices start at 0 They are

812 views • 11 slides
Programming Abstraction in C++ Eric S. Roberts and Julie Zelenski Stanford University 2010

Programming Abstraction in C++ Eric S. Roberts and Julie Zelenski Stanford University 2010

Enumeration Types Data and Memory Pointers Arrays Pointers and Arrays Records Programming Abstraction in C++ Eric S. Roberts and Julie Zelenski Stanford University 2010 Enumeration Types Data and Memory Pointers Arrays Pointers and

918 views • 68 slides
PHP Arrays Arrays in PHP are quite versa1le See

PHP Arrays Arrays in PHP are quite versa1le See

PHP Arrays Arrays in PHP are quite versa1le See h5p://php.net/manual/en/language.types.array.php We can use them as we use tradi1onal arrays, indexing

387 views • 20 slides
Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software

Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software

Outline Introduction Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software Counterexample-Guided Abstraction Refinement Computing Existential Abstractions of Programs Version 1.0, 2010 Checking the

429 views • 12 slides
Arrays Arrays and Methods Searching Sorting Arrays Reading: => Continue with

Arrays Arrays and Methods Searching Sorting Arrays Reading: => Continue with

Arrays Arrays and Methods Searching Sorting Arrays Reading: => Continue with section 2.1 1 Arrays and Array Elements as Method Arguments As noted previously, an array element can be used in any context expecting an

1.06k views • 59 slides
1 Arrays Arrays The array's element type is the type of values it stores The size of an array

1 Arrays Arrays The array's element type is the type of values it stores The size of an array

CSC 2014 Java Bootcamp Lecture 3 Arrays ARRAYS Arrays Arrays An array is an object that holds a set of values Square brackets (the index operator) are used to refer to a specific element in the array Each value can be accessed by a numeric

119 views • 7 slides
Craig Interpolation for Integer Arithmetic, Uninterpreted Functions, and the Theory of Arrays

Craig Interpolation for Integer Arithmetic, Uninterpreted Functions, and the Theory of Arrays

Craig Interpolation for Integer Arithmetic, Uninterpreted Functions, and the Theory of Arrays Angelo Brillout 1 Daniel Kroening 2 ome Leroux 3 J er ummer 4 Thomas Wahl 2 Philipp R 1 ETH Zurich 2 University of Oxford 3 Laboratoire

989 views • 50 slides
Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful

Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful

Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful for storing data in a table, or pixel information, for example syntax is very similar to one-dimensional array Two-dimensional Arrays

273 views • 23 slides
Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful

Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful

Lecture 11 Multidimensional arrays Two-dimensional Arrays Just an array of arrays useful for storing data in a table, or pixel information, for example syntax is very similar to one-dimensional array Two-dimensional Arrays

299 views • 17 slides
Arrays (2) Higher-Dimensional Arrays Arrays of Character Strings Topics Variables and Arrays

Arrays (2) Higher-Dimensional Arrays Arrays of Character Strings Topics Variables and Arrays

Computer Programming Arrays (2) Higher-Dimensional Arrays Arrays of Character Strings Topics Variables and Arrays (review) One-Dimensional Arrays (review) High-Dimensional Arrays Declaration of higher dimensional arrays

464 views • 28 slides
Definability of Accelerated Relations in a Theory of Arrays and its Applications F. Alberti 1 , S.

Definability of Accelerated Relations in a Theory of Arrays and its Applications F. Alberti 1 , S.

Definability of Accelerated Relations in a Theory of Arrays and its Applications F. Alberti 1 , S. Ghilardi 2 , N. Sharygina 1 1 University of Lugano, Switzerland 2 University of Milan, Italy 9th International Symposium on Frontiers of Combining

1.49k views • 116 slides
Data Abstraction Announcements Data Abstraction Data Abstraction Programmers Compound

Data Abstraction Announcements Data Abstraction Data Abstraction Programmers Compound

Data Abstraction Announcements Data Abstraction Data Abstraction Programmers Compound values combine other values together All A date: a year, a month, and a day A geographic position: latitude and longitude Data abstraction

430 views • 19 slides
Arrays (contd) Arrays (contd) The previous example creates

Arrays (contd) Arrays (contd) The previous example creates

Arrays An array is a set of variables of the same type accessed by their index Arrays (Savitch, Chapter 7.1-7.2) int[] day = new int[4]; TOPICS 31 28 31 30 Array

419 views • 7 slides
Deciding satisfiability problems by rewrite-based deduction: Experiments in the theory of arrays

Deciding satisfiability problems by rewrite-based deduction: Experiments in the theory of arrays

Deciding satisfiability problems by rewrite-based deduction: Experiments in the theory of arrays Maria Paola Bonacina, Dept. of Computer Science, U. Iowa, USA Soon: Dip. Informatica, Universit degli Studi di Verona, Italy Joint work with:

496 views • 35 slides
Unification with Abstraction and Theory Instantiation in Saturation-based Reasoning Giles Reger 1

Unification with Abstraction and Theory Instantiation in Saturation-based Reasoning Giles Reger 1

Unification with Abstraction and Theory Instantiation in Saturation-based Reasoning Giles Reger 1 , Martin Suda 2 , and Andrei Voronkov 1 , 2 , 3 1 School of Computer Science, University of Manchester, UK 2 TU Wien, Vienna, Austria 3 Easychair

910 views • 79 slides
Category theory for computer science generality abstraction

Category theory for computer science generality abstraction

Category theory for computer science generality abstraction convenience constructiveness Overall idea look at all objects exclusively through relationships between them capture relationships between objects as

1.11k views • 87 slides
EE 355 Unit 5 Multidimensional Arrays Mark Redekopp 2 MULTIDIMENSIONAL ARRAYS 3

EE 355 Unit 5 Multidimensional Arrays Mark Redekopp 2 MULTIDIMENSIONAL ARRAYS 3

1 EE 355 Unit 5 Multidimensional Arrays Mark Redekopp 2 MULTIDIMENSIONAL ARRAYS 3 Multidimensional Arrays Thus far arrays can be thought of 1-dimensional (linear) sets 0 1 2 3 4 5 only indexed with 1 value (coordinate) 01

534 views • 28 slides

More recommend