1 / 22

Verifying Programs with BDDs Sept. 21, 2004

Verifying Programs with BDDs Sept. 21, 2004. 15-213 “The course that gives CMU its Zip!”. Topics Representing Boolean functions with Binary Decision Diagrams Application to program verification. 15-213, F’04. class07-bdd.ppt. Decision Structures. Vertex represents decision

jed
Download Presentation

Verifying Programs with BDDs Sept. 21, 2004

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Verifying Programs with BDDsSept. 21, 2004 15-213“The course that gives CMU its Zip!” • Topics • Representing Boolean functions with Binary Decision Diagrams • Application to program verification 15-213, F’04 class07-bdd.ppt

  2. Decision Structures • Vertex represents decision • Follow green (dashed) line for value 0 • Follow red (solid) line for value 1 • Function value determined by leaf value. Truth Table Decision Tree

  3. Variable Ordering • Assign arbitrary total ordering to variables • e.g., x1 < x2 < x3 • Variables must appear in ascending order along all paths OK Not OK Properties • No conflicting variable assignments along path • Simplifies manipulation

  4. a a a Reduction Rule #1 Merge equivalent leaves

  5. x x x x x x y z y z y z Reduction Rule #2 Merge isomorphic nodes

  6. x y y Reduction Rule #3 Eliminate Redundant Tests

  7. Example OBDD • Canonical representation of Boolean function • For given variable ordering • Two functions equivalent if and only if graphs isomorphic • Can be tested in linear time • Desirable property: simplest form is canonical. Initial Graph Reduced Graph

  8. Constants Variable Unique unsatisfiable function Treat variable as function Unique tautology Typical Function Odd Parity • (x1 x2 )  x4 • No vertex labeled x3 • independent of x3 • Many subgraphs shared Linear representation Example Functions

  9. More Complex Functions • Functions • Add 4-bit words a and b • Get 4-bit sum s • Carry output bit Cout • Shared Representation • Graph with multiple roots • 31 nodes for 4-bit adder • 571 nodes for 64-bit adder • Linear growth!

  10. A op B a a b c c d d 0 1 0 1 Apply Operation • Concept • Basic technique for building OBDD from Boolean formula. A op B  | Result • OBDD representing composite function • AopB Arguments A, B, op • A and B: Boolean Functions • Represented as OBDDs • op: Boolean Operation (e.g., ^, &, |)

  11. Recursive Calls Apply Execution Example Argument A Argument B • Optimizations • Dynamic programming • Early termination rules Operation |

  12. a b c d 0 1 Apply Result Generation • Recursive calling structure implicitly defines unreduced BDD • Apply reduction rules bottom-up as return from recursive calls Recursive Calls Without Reduction With Reduction

  13. x y v1 = ~x v2 = ~y v3 = v1 & v2 v4 = ~v3 Program Verification Straight-Line Evaluation • Do these functions produce identical results? int bitOr(int x, int y) { return ~(~x & ~y); } int test_bitOr(int x, int y) { return x | y; } v5 = x | y t = v4 == v5

  14. x x2 y0 x2 x0 y1 x1 x0 y1 y0 x1 y2 y2 0 1 0 1 0 0 1 0 0 1 1 1 0 1 1 1 1 1 0 1 0 0 0 0 y v1 = ~x v2 = ~y Symbolic Execution (3-bit word size)

  15. v3 = v1 & v2 y1 y0 y2 y1 y1 y2 y0 y0 y2 1 1 1 0 0 0 0 0 0 0 0 1 1 1 1 1 1 0 x0 x2 x2 x0 x0 x1 x1 x1 x2 v4 = ~v3 v5 = x | y t = v4 == v5 1 Symbolic Execution (cont.)

  16. x y v1 = ~x v2 = ~y v3 = v1 & v2 v4 = ~v3 Counterexample Generation Straight-Line Evaluation • Find values of x & y for which these programs produce different results int bitOr(int x, int y) { return ~(~x & ~y); } int bitXor(int x, int y) { return x ^ y; } v5 = x ^ y t = v4 == v5

  17. x2 y2 y1 y0 y2 x1 0 0 0 1 1 1 x2 x1 x0 t = v4 == v5 y1 x0 v4 = ~v3 v5 = x ^ y y0 1 0 x0 x2 x1 y1 y0 y2 y2 y0 y1 x = 111 y = 001 0 0 0 1 1 1 Symbolic Execution

  18. Performance: Good int addXY(int x, int y) { return x+y; } int addYX(int x, int y) { return y+x; }

  19. Performance: Bad int mulXY(int x, int y) { return x*y; } int mulYX(int x, int y) { return y*x; }

  20. What if Multiplication were Easy? int factorK(int x, int y) { int K = XXXX...X; int rangeOK = 1 < x && x <= y; int factorOK = x*y == K; return !(rangeOK && factorOK); } int one(int x, int y) { return 1; }

  21. Evaluation • Strengths • Provides 100% guarantee of correctness • Performance very good for Datalab functions • Weaknesses • Important integer functions have exponential blowup • Not practical for programs that build and operate on large data structures

  22. Some History • Origins • Lee 1959, Akers 1976 • Idea of representing Boolean function as BDD • Hopcroft, Fortune, Schmidt 1978 • Recognized that ordered BDDs were like finite state machines • Polynomial algorithm for equivalence • Bryant 1986 • Proposed as useful data structure + efficient algorithms • McMillan 1993 • Developed symbolic model checking • Method for verifying complex sequential systems • Bryant 1991 • Proved that multiplication has exponential BDD • No matter how variables are ordered

More Related