Georg Hofferek, Ashutosh Gupta, Bettina Könighofer, Jie-Hong Roland Jiang and Roderick Bloem Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Institute for Applied Information Processing and Communications Graz University of Technology, Austria 2013-10-21

Motivation: Concurrency Issues Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Motivation: Concurrency Issues Image Source: http://www.gabenies.com/tips-tools/does-multitasking-really-work/ Concurrency needs careful control! Institute for Applied Information Processing and Communications 2013-10-21

Example: Concurrent Execution Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Example: Concurrent Execution Institute for Applied Information Processing and Communications 2013-10-21

“Black” Boxes  Uninterpreted Functions Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Abstraction ( ) ( ) “Black” Boxes  Uninterpreted Functions Institute for Applied Information Processing and Communications 2013-10-21

Application Example: Pipelined Processors Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Application Example: Pipelined Processors Basic elements are the same use uninterpreted functions = Burch & Dill Paradigm (see Hofferek, Bloem, MemoCODE’11)

Overview Motivation: Pipeline Controller Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Overview Motivation: Pipeline Controller Synthesis Problem  Quantified Formulas Interpolation Single Multiple Proof Requirements Colorable Local-First Proof Transformations Results & Conclusion Institute for Applied Information Processing and Communications 2013-10-21

Synthesis Problem  Quantified Formulas Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Synthesis Problem  Quantified Formulas Ψ=∀ 𝑚𝑒𝑚, 𝑟𝑒𝑔, 𝑝𝑖𝑝𝑒𝑙𝑖𝑛𝑒𝑠𝑡𝑎𝑡𝑒 . ∃ 𝑠𝑡𝑎𝑙𝑙, 𝑓𝑜𝑟𝑤𝑎𝑟𝑑 . ∀ 𝑚𝑒 𝑚 ′ , 𝑟𝑒 𝑔 ′ , 𝑝𝑖𝑝𝑒𝑙𝑖𝑛𝑒𝑠𝑡𝑎𝑡 𝑒 ′ . Φ stall, forward: Boolean control signals mem, reg, pipelinestate: Uninterpreted domain Compute Certificates: 𝑠𝑡𝑎𝑙𝑙, 𝑓𝑜𝑟𝑤𝑎𝑟𝑑 =𝒇(𝑚𝑒𝑚, 𝑟𝑒𝑔, 𝑝𝑖𝑝𝑒𝑙𝑖𝑛𝑒𝑠𝑡𝑎𝑡𝑒) Institute for Applied Information Processing and Communications 2013-10-21

Craig Interpolant 𝐶𝑁𝐹 Φ = 𝐶 1 ∧ 𝐶 2 ∧ 𝐶 3 ∧…∧ 𝐶 𝑛−1 ∧ 𝐶 𝑛 = ⊥ Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Craig Interpolant 9 𝐶𝑁𝐹 Φ = 𝐶 1 ∧ 𝐶 2 ∧ 𝐶 3 ∧…∧ 𝐶 𝑛−1 ∧ 𝐶 𝑛 = ⊥ Interpolant 𝑰: 𝐴→𝐼 𝐼→¬𝐵, in other words: 𝐼∧𝐵= ⊥ 𝑉 𝐼 ⊆𝑉 𝐴 ∩ 𝑉(𝐵) A B B I A

Expanding Formula for Single Interpolation Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Expanding Formula for Single Interpolation 10 ∀ 𝑎 ∃𝑐 ∀ 𝑏 . Φ 𝑎 ,𝑐, 𝑏 is valid ¬Φ 𝑎 , 0, 𝑏 0 ∧¬Φ 𝑎 ,1, 𝑏 1 is unsatisfiable Expansion of ∃ Renaming of 𝑏 Negation

Certificate via Interpolation Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Certificate via Interpolation 11 ¬Φ 𝑎 ,0, 𝑏 0 ∧¬Φ 𝑎 ,1, 𝑏 1 = ⊥ Interpolant 𝑰 𝑎 : ¬Φ 𝑎 , 0, 𝑏 0 →𝐼 𝐼 is 1, whenever 0 not allowed 𝐼→Φ 𝑎 , 1, 𝑏 1 Whenever 𝐼 is 1, 1 is allowed A B 0 not allowed 1 not allowed Boolean Case: see Jiang et al., ICCAD’09

Multiple Control Signals Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Multiple Control Signals 12 Interdependence! e.g. two signals must have same value Iterative Resubstitution Many SMT calls Increasing “difficulty” Multiple Coordinated Interpolants  Only one proof required  Special requirements towards proof

Expansion for Multiple Interpolants Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Expansion for Multiple Interpolants 13 Formula: ∀ 𝑎 ∃ 𝑐 0 , 𝑐 1 ∀ 𝑏 . Φ 𝑎 , 𝑏 , 𝑐 0 , 𝑐 1 =⊤ Expansion: ¬Φ 𝑎 , 𝑏 00 ,0,0 ∧ ¬Φ 𝑎 , 𝑏 10 ,1,0 ∧ ¬Φ 𝑎 , 𝑏 01 ,0,1 ∧ ¬Φ 𝑎 , 𝑏 11 ,1,1 = ⊥ “Partitions”: 𝜙 00 , 𝜙 01 , 𝜙 10 , 𝜙 11

Definitions: Colorable, Local, Global Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Definitions: Colorable, Local, Global 14 Partitions ≈ Colors: ¬ Φ 00 𝑎 , 𝑏 00 ∧¬ Φ 10 𝑎 , 𝑏 10 ∧¬ Φ 01 𝑎 , 𝑏 01 ∧¬ Φ 11 𝑎 , 𝑏 11 Local Symbols: 𝑏 00 , 𝑏 10 , 𝑏 01 , 𝑏 11 (colored) Global Symbols: 𝑎 („colorless“) Colorable: 𝒙=𝒚 , 𝒖=𝒗 , 𝒘=𝒛 Non-colorable: 𝒙=𝒖 Generalization of notions for single interpolation

(Reasonable) Assumptions on Proofs Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof (Reasonable) Assumptions on Proofs 15 Pure Resolution Proofs All internal nodes are resolution nodes Theory reasoning via tautology clauses E.g. Transitivity: (𝑎≠𝑏∨𝑏≠𝑐∨𝑎=𝑐) Leaves: Clause from one partition Theory tautology Root: ⊥ New Literals: Defined via theory by “existing” ones veriT Solver [www.verit-solver.org]

Requirements towards Proof Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Requirements towards Proof 16 Colorability “No literals or leaves with symbols from two partitions” Achieved in two steps Remove non-colorable literals Split non-colorable leaves Local-first “Local literals are resolved before global literals” Achieved by standard reordering

Removing non-colorable Literals Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Removing non-colorable Literals 17 𝑎≠𝑏 ⇒ 𝑎≠𝑥 ∨ 𝑥≠𝑏 Tautology (Transitivity), “defining” 𝑎≠𝑏 Tautology (Transitivity), “using” 𝑎≠𝑏 𝑎≠𝑥 ∨ 𝑥≠𝑏 ∨ 𝑎=𝑏 𝑎≠𝑏 ∨ 𝑏≠𝑦 ∨ 𝑎=𝑦 Replace

Split Non-Colorable Leaves Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Split Non-Colorable Leaves 18 𝑎≠𝑥 ∨ 𝑥≠𝑦 ∨ 𝑎=𝑦 𝑥≠𝑏 ∨ 𝑏≠𝑦 ∨ 𝑥=𝑦 𝑎≠𝑥 ∨ 𝑥≠𝑏 ∨ 𝑏≠𝑦 ∨ 𝑎=𝑦 𝑥 𝑎 𝑏 𝑦

Making Proof Local-First Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Making Proof Local-First 19 Standard Pivot Reordering Techniques e.g. D’Silva, Kroening, Purandare, and Weissenbacher, VMCAI 2010

Computing Multiple Interpolants Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Computing Multiple Interpolants 20 ¬𝜑 𝑎 , 𝑏 0 ,0,0 ∧ ¬𝜑 𝑎 , 𝑏 1 ,1,0 ∧¬𝜑 𝑎 , 𝑏 2 ,0,1 ∧ ¬𝜑 𝑎 , 𝑏 3 ,1,1 Local Literals 0 Local Literals 1 Local Literals 2 Local Literals 3 Global Literals ⊥ 𝐼 0 𝐼 1

Computing Multiple Interpolants Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Computing Multiple Interpolants 21 ¬𝜑 𝑎 , 𝑏 0 ,0,0 ∧ ¬𝜑 𝑎 , 𝑏 1 ,1,0 ∧¬𝜑 𝑎 , 𝑏 2 ,0,1 ∧ ¬𝜑 𝑎 , 𝑏 3 ,1,1 Constants 0, 0 Constants 1, 0 Constants 0, 1 Constants 1, 1 Multiplexer Cf. Pudlaks’ Interpolation Procedure (JSL’97) ⊥ 𝐼 0 𝐼 1

Experimental Results pipe: Illustrative pipeline example (MemoCODE’11) Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Experimental Results 22 pipe: Illustrative pipeline example (MemoCODE’11) 1.6 seconds instead of 14 hours proc: Simple 2-stage pipelined processor 2 control signals 28.1 seconds illu02-08: Scalable illustrative example 2-8 control signals Mutual interdependence

Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Scalability: illu02-08 08: 1270s

Conclusion Multiple Coordinated Interpolants Uninterpreted Functions Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Conclusion 24 Multiple Coordinated Interpolants just one proof Uninterpreted Functions Good abstraction Concurrency issues Full potential unleashed No reductions to propositional logic Improvement: Several orders of magnitude Future work Colorable and/or local-first proofs from SMT solver More theories (e.g. linear arithmetic)

Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Appendix Detailed slide on some issues that were left out of the main presentation for time reasons Institute for Applied Information Processing and Communications 11/21/2018

Resubstitution Expanding 𝑐 0 only: Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Resubstitution Expanding 𝑐 0 only: ∀ 𝑎 ∃ 𝑐 1 ∀ 𝑏 . Φ 𝑎 , 𝑏 ,0, 𝑐 1 ∨ ∃ 𝑐 1 ∀ 𝑏 . Φ 𝑎 , 𝑏 ,1, 𝑐 1  Still (mixed) quantifiers Same full expansion required for first interpolation: ¬Φ 𝑎 , 𝑏 00 ,0,0 ∧¬Φ 𝑎 , 𝑏 01 ,0,1 ∧¬Φ 𝑎 , 𝑏 10 ,1,0 ∧ ¬Φ 𝑎 , 𝑏 11 ,1,1 A B Institute for Applied Information Processing and Communications 2013-10-21

A Processor IF DE EX MEM WB REG Tough: 64-bit datapath Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof A Processor 28 IF DE EX MEM WB REG ALU How do I pipeline that? Tough: 64-bit datapath very complex arithmetic logic unit

A Pipelined Processor REG MEM IF DE EX MEM WB ALU That’s trivial! Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof A Pipelined Processor 29 REG MEM ALU IF DE EX MEM WB That’s trivial!

A Pipelined Processor REG MEM IF DE EX MEM WB ALU r1 = 15 r2 = 2 Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof A Pipelined Processor 30 r1 = 15 r2 = 2 r1 = 1 r2 = 2 r1 = 15 r2 = 17 Instructions: r1 := mem[1] r2 := r1 + r2 REG 15 MEM mem[1] = 15 ALU IF DE EX MEM WB r1 := mem[1] r1 := mem[1] r1 := mem[1] r1 := 15 r2 := r1 + r2 r2 := 15 + 2 r2 := 17 r2 := 17 15 stall forward

A Pipelined Processor IF DE EX MEM WB REG Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof A Pipelined Processor 31 IF DE EX MEM WB REG ALU stall forward Not so trivial!  Hard to implement  Hard to test  Easy to specify

Sufficient Condition: Commutative Diagram Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Sufficient Condition: Commutative Diagram 32 Burch & Dill, for verification instr1 instr2 instr3 non- pipelined = flush flush = instr1 instr2 instr3 pipelined flushed flushed Pipelined and non-pipelined processor give same result for any instruction sequence

Commutative Diagram in Logic Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Commutative Diagram in Logic 33 Burch & Dill, for verification instr non- pipelined flush flush EX ALU instr pipelined  = (mem’,reg’) = flush  non-pipe-instr (mem,reg)  (mem’’,reg’’) = pipe-instr  flush (mem,reg)  (mem’,reg’) = (mem’’,reg’’) Pipeline correct iff  valid.

Commutative Diagram in Logic Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Commutative Diagram in Logic 34 Burch & Dill, for verification instr non- pipelined flush flush EX ALU instr pipelined  written in logic with uninterpreted functions, arrays, and equality Part of : res_ex = ALU(opc_de, arg1_de, arg2_de)

Removing non-colorable Literals Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof Removing non-colorable Literals 35 𝑎≠𝑏 ⇒ 𝑎≠𝑥 ∨ 𝑥≠𝑏 Tautology (Transitivity) Tautology (Transitivity) 𝑎≠𝑥 ∨ 𝑥≠𝑏 ∨ 𝑎=𝑏 𝑎≠𝑏 ∨ 𝑏≠𝑦 ∨ 𝑎=𝑦 Replace 𝑎≠𝑥 ∨ 𝑥≠𝑏 ∨ 𝑏≠𝑦 ∨ 𝑎=𝑦