Integrating an AIG Package, Simulator, and SAT Solver Alan Mishchenko Robert Brayton Department of EECS UC Berkeley

Overview AIG, SIM, SAT Traditional use of SIM and SAT Motivation for a deeper integration Additional book-keeping Window-based computing Local fanout for nodes in the window Local structural support for nodes in the window Modified SAT takes advantage of the local fanout Modified SIM takes advantage of the local support Experiments Conclusion and future work 2

And-Inverter Graph (AIG) AIG is a Boolean network composed of two-input ANDs and inverters. cdab 00 01 11 10 1 F(a,b,c,d) = ab + d(ac’+bc) b c a d 6 nodes 4 levels F(a,b,c,d) = ac’(b’d’)’ + c(a’d’)’ = ac’(b+d) + bc(a+d) cdab 00 01 11 10 1 a c b d 7 nodes 3 levels

Simulation (SIM) Assigns particular (or random) values at the primary inputs Multiple simulation patterns are packed into 32- or 64-bit strings Simulates in a topological order Works well for an AIG due to The uniformity of AND-nodes Speed of bitwise simulation Topological ordering of memory reducing CPU cache misses when accessing the simulation patterns 1 2 3 4 1 a b c d 1 2 3 4 1 1 2 3 4 1 1 2 3 4 1 1 1 1

Boolean Satisfiability (SAT) SAT solver takes the CNF representation of the problem It performs branch-and-bound on the CNF to find a counter-example (CEX), or prove that none exists a 1 2 3 4 5 6 7 8 (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (¬b + ¬c + ¬d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) (a + b + c) (a + b + ¬c) (¬a + b + ¬c) (a + c + d) (¬a + c + d) (¬a + c + ¬d) (¬b + ¬c + ¬d) (¬b + ¬c + d) b b c c c d d d d d Courtesy Karem Sakallah, University of Michigan

SIM and SAT SIM is faster than SAT (P vs NP) SIM is often used before SAT to disprove easy properties But it takes SAT longer to disprove properties not disproved by SIM This is why, state-of-the-art engines re-simulate CEXes returned by earlier SAT calls to disprove new properties before trying SAT on them The problem is Re-simulating each assignment over a large AIG is very slow But, if we do not re-simulate, SAT is very slow Previous solution: batching Collect and re-simulate N (for example, N=16) assignments at once Both SIM and SAT runtime is better (but is still slow) In this work, we propose a better solution It is based on a deeper integration of SIM and SAT

Case Study: SAT sweeping SAT sweeping computes functionally equivalent nodes, to be used in Combinational / sequential synthesis and verification Computing structural choices needed to improve area/delay after tech-mapping Transferring names from the initial netlist to the netlist after synthesis (with modifications) Optimization with don’t-cares and redundancy removal SAT sweeping is hard for AIGs with 100+ logic levels and 1M+ of nodes Efficient use of SIM and SAT is needed In this work, SAT sweeping is used as a case-study to illustrate a deeper integration of SIM and SAT Past work on SAT sweeping F. Lu, L. Wang, K. Cheng, R. Huang. “A circuit SAT solver with signal correlation guided learning”. Proc. DATE ‘03. A. Kuehlmann, “Dynamic transition relation simplification for bounded property checking”. Proc. ICCAD ’04. A. Mishchenko, S. Chatterjee, R. Jiang, and R. K. Brayton, "FRAIGs: A unifying representation for logic synthesis and verification". ERL Technical Report, EECS Dept., UC Berkeley, March 2005.

Proposed SAT Sweeping Ecosystem

Window-Based Computation Our goals: scalability, fast runtime, low-memory Considering the whole circuit is counter-productive Instead, we consider a “moving window” SIM and SAT work on nodes in the window Book-keeping info is kept only for these nodes Windowing is dynamic When computation moves to a different location, window is updated (and book-keeping information re-computed) Boolean network (AIG) Target nodes Current window Future window Previous window

Circuit-Based Solver (CBS) Works on nodes in a window Data structure resizes when new nodes are added to the window Uses circuit for BCP and CNF for learned clauses Otherwise, similar to MiniSAT / Glucose Generates incomplete assignments This reduces work by both SAT and SIM Incomplete assignments are possible due to the use of “J-frontier”, a key feature of CBS

Local Fanout Our SAT solver works on the circuit Propagating in the direction of fanins is easy Propagating in the direction of fanouts requires having fanout info available Using global fanout info (fanouts for all nodes) is not efficient This is because SAT solver propagates constraints to all fanouts, including those outside of the cone of influence of the target node(s) This is why we maintain local fanout info Only for the nodes in the window (excluding side nodes and their fanouts) Local fanout is kept in a dedicated manager and dynamically updated Boolean network (AIG) Target node whose value is computed by the SAT solver Useless fanouts Useful fanouts Current window Node looked at by the solver

Local Structural Support When SAT solver produces a CEX, window is re-simulated In the process, even nodes whose values did not change are re-simulated Computation can be improved using structural support of the nodes This way if a CEX is incomplete, re-simulation is applied to a fraction of the nodes, which reduces runtime, without changing the result of simulation Representing global structural support takes more time and memory This is why we keep local supports, only for the nodes in the window Local support is kept in a dedicated manager and dynamically updated Boolean network (AIG) Target node whose simulation info is being re-computed by SIM A fraction of the window is re-simulated when support info is used The complete window is re-simulated when support info is not used Primary inputs whose values have changed according to the CEX Primary inputs whose values did not change

Deeper Integration of SIM and SAT Recall that previous work resorts to batching Collects and re-simulates N (for example, N=16) assignments at once Both SIM and SAT take less time (but still slow) In this work, we propose a better solution The idea is to perform eager re-simulation (no batching) of CEXes while relying on deeper integration of SIM and SAT The runtime is not a problem because Circuit-based SAT is fast and results in incomplete assignments SIM is fast when applied to only affected nodes in the window The cumulative runtime reduction of SAT sweeping is 2-5x

Experimental Results Preliminary experiments, comparing two SAT solvers CNF-based solver MiniSAT Circuit-based solver CBS developed for the proposed ecosystem The benchmarks are two AIGs derived by recording the sequence of SAT calls while processing a large design with Sequential signal correspondence (command scorr in ABC) Computing structural choices (command dch in ABC)

Experimental Results

Discussion CBS is faster than MiniSAT because It does not need to generate and load CNF Saves time because the majority of runs are easy (solved by BCP without conflicts) It generates incomplete assignments Less BCP to do and less work for the simulator It uses local fanout and incremental window updating

Conclusion Reviewed state-of-the-art in SIM and SAT Motivated the need for a deeper integration Showed how to achieve it by designing new engines for SIM and SAT Developed a new AIG package to enable efficient windowing and managing local fanouts/supports in the window Experimental results show that the new circuit-based solver CBS is efficient Future work Finish integration and tuning of SAT and SIM, as discussed above Propagate changes to relevant ABC packages (&cec, &scorr, dch, pdr, …) Extend the ecosystem to work with don’t-cares (resub, mfs, …) Customize circuit-based solver for other netlists (XAIG, MXAIG, MIG, 4LUT, …)

Abstract This paper focuses on problems where the interdependence of simulation and Boolean satisfiability (SAT) is critical. A modified AIG data-structure is proposed to optimize the speed of logic manipulation for large problems of this type. Experimental results confirm that the new implementation is faster, compared to the old one, in which runtime and scalability has been a known issue.