ATLASAutomatic Term-Level Abstraction

Bryan Brady, Sanjit SeshiaOSQ 201005/13/2010

HDLs are PLs

• Verilog is a programming language• We want to prove certain properties about

hardware (software) designs– Are two versions of a circuit (program) equivalent?– Does my circuit (program) satisfy property P?

Equivalence Checking

Circuit 1

i0 i1 in

=

Circuit 2

i0 i1 in

?

Equivalence Checking (Can be hard!)

i0 i1 in

=

i0 i1 in

?

* *

Abstraction

i0 i1 in

=

i0 i1 in

?

* *f f

Abstraction Challenges

• Hard to do manually even for small circuits/programs

• Requires knowledge of circuit/program design• Can result in spurious counter-examples• How do we deal with this?

Automatic Abstraction

• Combination of random simulation and static analysis

• Identify candidate functional blocks for abstraction (modules/functions) using random simulation

• For the functional blocks aren’t pruned in the random simulation phase, use static analysis to compute conditions under which it is precise to abstract

Computing Safe Abstractions

Promising Results

SMT Runtime

Benchmark Abs NoAbs

PIPE 1.86s 171.09s

CALC 23.86s 133.72s

Y86-NT 1350.95s 1736.66s

Y86-STALL 221.89s 1302.27s

Y86-STD 51.95s 1239.77s

Question

• Are there any software examples that might benefit from this technique?

Example

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

=

=

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

V2=T

16

20

16 16

20

16 16outout

out_ok

pc_ok

4 4

16

V3=T

V5=F

V4=F

V1=F

V7=T

V8=T

V10=T

V9=T

V6=F

V11=T

V12=F

V13=F

V14=F

V15=T

V16=F

1) Initial State

Interpretation Condition

Computation

Example

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

=

=

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

V2=T

16

20

16 16

20

16 16outout

out_ok

pc_ok

4 4

16

V3=T

V5=F

V4=F

V1=F

V7=T

V8=T

V10=T

V9=T

V6=F

V11=T

V12=F

V13=F

V14=F

V15=T

V16=F

1) Initial State2) Update +4 Nodes

Interpretation Condition

Computation

V13=T

V5=T

Example

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

=

=

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

V2=T

16

20

16 16

20

16 16outout

out_ok

pc_ok

4 4

16

V3=T

V5=T

V4=F

V1=F

V7=T

V8=T

V10=T

V9=T

V6=F

V11=T

V12=F

V13=T

V14=F

V15=T

V16=F

1) Initial State2) Update +4 Nodes3) Update PC Latch

Nodes

Interpretation Condition

Computation

V4=T

V12=T

Example

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

=

=

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

V2=T

16

20

16 16

20

16 16outout

out_ok

pc_ok

4 4

16

V3=T

V5=T

V4=T

V1=F

V7=T

V8=T

V10=T

V9=T

V6=F

V11=T

V12=T

V13=T

V14=F

V15=T

V16=F

1) Initial State2) Update +4 Nodes3) Update PC Latch

Nodes4) Update ITE Nodes

Interpretation Condition

Computation

V1=JMP==instr[19:16]

Example

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

=

=

JMP

IMem

=

PC+4

ALU

[19:16]

[15:0]

01

V2=T

16

20

16 16

20

16 16outout

out_ok

pc_ok

4 4

16

V3=T

V5=T

V4=T

V7=T

V8=T

V10=T

V9=T

V6=F

V11=T

V12=T

V13=T

V14=F

V15=T

V16=F

1) Initial State2) Update +4 Nodes3) Update PC Latch

Nodes4) Update ITE Nodes5) Update out_ok Node

Interpretation Condition

Computation

V1=JMP==instr[19:16]

V16=JMP==instr[19:16]