A method for formal verification of constraint solving and related devices
By transforming the constraint expressions in formal verification into optimization problems, and utilizing abstract syntax trees and distance functions, the solutions to optimization problems are quickly obtained. This solves the inefficiency of the Z3 solver under long variable lengths and achieves efficient constraint solving.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- HUAWEI TECH CO LTD
- Filing Date
- 2021-08-31
- Publication Date
- 2026-06-19
AI Technical Summary
The existing Z3 solver introduces a large number of intermediate variables into the expanded SAT formula when handling nonlinear calculations with long variable lengths, resulting in low solution efficiency and an inability to efficiently solve constraint-solving problems in formal verification.
The constraint expressions in formal verification are transformed into optimization problems. By generating an abstract syntax tree and determining the distance function of the root node, the optimization method is used to quickly solve the optimization problem, avoiding the expansion of the constraint expressions into Boolean satisfiability problems.
It significantly improves the solution efficiency of the constraint solver, enabling it to quickly find feasible solutions to constraint expressions and improve the efficiency of formal verification.
Smart Images

Figure CN115729554B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of computers, and more particularly to a method and related equipment for formal verification of constraint solving. Background Technology
[0002] With the development of computer technology, constraint-based solvers are widely used in fields such as electronic design automation (EDA) tools, requirements analysis, program verification, code security measurement and security analysis.
[0003] In formal verification, the Z3 solver developed by Microsoft supports logic from various background theories, including integer arithmetic, real number arithmetic, and floating-point arithmetic. For satisfiability modulo theories (SMT) formulas, the Z3 solver expands the SMT formulas into Boolean logic satisfiability (SAT) formulas containing only binary variables, and then uses the SAT formula solver to determine their satisfiability. This method uses digital adder, subtractor, multiplier, and divider circuits from basic integrated circuit principles to convert the corresponding addition, subtraction, multiplication, division, and modulo operations in the logic of the background theory into corresponding digital circuits. Since the inputs and outputs of the digital circuits are all binary numbers, the corresponding logic operations of the background theory are transformed into SAT formulas composed only of binary variables.
[0004] However, because the Z3 solver needs to expand the SMT formula into a SAT formula using integrated circuits, the nonlinear calculation operations during the expansion process require a large number of intermediate variables. When there are too many nonlinear calculation operators in the formula, the expanded SAT formula will introduce a large number of intermediate variables, which will significantly reduce the solution efficiency of the SAT solver. Correspondingly, since each bit in the SMT formula will be expanded into a Boolean variable in the SAT formula, when the length of the variables in the formula is too long, such as a 256-bit binary array variable (bit vector, BV), a large number of intermediate variables will also be introduced into the expanded SAT formula, further reducing the solution efficiency of the SAT solver, resulting in very low solution efficiency for the constraint solver. Summary of the Invention
[0005] This application provides a method for solving constraints in formal verification, transforming the constraint satisfiability problem in formal verification into an optimization problem. The optimization problem is then solved quickly using optimization methods, and the resulting solution represents a possible feasible solution to the constraint expression, significantly improving the efficiency of the constraint solver. This application also provides a corresponding solver, computer device, computer-readable storage medium, chip system, and computer program product.
[0006] The first aspect of this application provides a method for formally verifying constraint solutions, comprising: acquiring input data, the input data including constraint expressions; generating an abstract syntax tree (AST) to represent the constraint expressions, the AST including root nodes and non-root nodes; determining a distance function of the root nodes based on the AST, the distance function of the root nodes representing the distance between the assignment of the constraint expression and a feasible solution of the constraint expression; determining a feasible solution of the constraint expression based on the distance function of the root nodes; and outputting a feasible solution of the constraint expression.
[0007] The abstract syntax tree (AST) in this application can be used to represent constraint expressions. Specifically, the abstract syntax tree includes a root node, leaf nodes, and non-root and non-leaf nodes. Leaf nodes are variable nodes, such as binary array variable nodes or Boolean variable nodes. The root node is a "comparison operator" node or a "Boolean logic operator" node. Non-root and non-leaf nodes are "computation operator" nodes, "comparison operator" nodes, or "Boolean logic operator" nodes.
[0008] The first aspect involves acquiring input data, including constraint expressions, generating an abstract syntax tree (AST) to represent the constraint expressions, determining the distance function of the root node based on the AST, where the distance function of the root node represents the distance between the assignment of the constraint expression and the feasible solution of the constraint expression, and determining and outputting the feasible solution of the constraint expression based on the distance function of the root node. This transforms the constraint expression satisfiability problem in formal verification into an optimization problem, and quickly solves the optimization problem using optimization methods. The solution to the optimization problem obtained is the possible feasible solution of the constraint expression, eliminating the need to expand the constraint expression into a Boolean satisfiability problem, thus greatly improving the solution efficiency of the constraint solver.
[0009] In one possible implementation of the first aspect, the above steps: determining the distance function of the root node based on the abstract syntax tree include: generating the distance function of the nodes of the abstract syntax tree and / or the expression of the nodes of the abstract syntax tree; determining the distance function of the root node based on the distance function of the nodes of the abstract syntax tree and / or the expression of the nodes of the abstract syntax tree.
[0010] In this possible implementation, when the node is a boolean variable node, a comparison operator node, or a boolean logic operator node, a distance function for the node is generated. When the node is a binary array variable node or a calculation operator node, an expression for the node can be generated. Based on this, a distance function for the root node is generated, improving the feasibility of the solution.
[0011] In a possible implementation of the first aspect, the nodes of the abstract syntax tree include a first type of node and a second type of node. The first type of node includes a binary array variable node and a calculation operator node. The second type of node includes a boolean variable node, a comparison operator node, and a boolean logic operator node. The root node is a second type of node. The above steps of generating a distance function and / or an expression for the nodes of the abstract syntax tree include: determining an expression for the first type of node based on a preset algorithm, and the expression for the nodes of the abstract syntax tree is the expression for the first type of node; and / or, determining a distance function for the second type of node based on a preset algorithm, and the distance function for the nodes of the abstract syntax tree is the distance function for the second type of node, where the preset algorithm is used to calculate the node expression and the distance function.
[0012] In this possible implementation, the output type of the first type of node is a binary array variable. The first type of node includes a binary array variable node and a calculation operator node. The output type of the second type of node is a boolean variable. The second type of node includes a boolean variable node, a comparison operator node, and a boolean logic operator node. Among them, the second type of node, for example, includes a logical AND operator node, a logical OR operator node, a less than or equal to node, a greater than or equal to node, a less than node, a greater than node, an equal to node, and a not equal to node. The operation logic of the preset algorithm includes: the distance function of the logical AND operator node is the sum of the distance functions of all child nodes; the distance function of the logical OR operator node is the product of the distance functions of all child nodes; if a ≤ b, the distance function of the less than or equal to node is 0, otherwise it is |a - b|; if a ≥ b, the distance function of the greater than or equal to node is 0, otherwise it is |a - b|; if a < b, the distance function of the less than node is 0, otherwise it is |a - b| + 1; if a > b, the distance function of the greater than node is 0, otherwise it is |a - b| + 1; if a == b, the distance function of the equal to node is 0, otherwise it is |a - b|; if a ≠ b, the distance function of the not equal to node is 0, otherwise it is 1. Based on this, an expression for the first type of node and a distance function for the second type of node are generated, improving the feasibility of the solution.
[0013] In one possible implementation of the first aspect, the above steps: determining the distance function of the root node based on the distance function of the nodes of the abstract syntax tree and / or the expression of the nodes of the abstract syntax tree, include: determining the child nodes of the root node from the abstract syntax tree; determining the distance function of the root node based on the distance function of the child nodes of the root node and / or the expression of the child nodes of the root node.
[0014] In this possible implementation, the child nodes of the root node are found, and then the distance function of the root node is determined based on the distance function and / or expression of the child nodes of the root node. The distance function and / or expression of the child nodes of the root node are determined by the distance functions and / or expressions of the child nodes at the next level of the root node. The distance function of the root node is determined by recursively traversing the entire abstract syntax tree, improving the feasibility of the solution. In one possible implementation of the first aspect, the above steps: determining a feasible solution to the constraint expression based on the distance function of the root node include: using the distance function of the root node as the objective function of the optimization method, and using the optimization method to determine the solution to the optimization problem. The solution to the optimization problem that makes the objective function zero is the feasible solution to the constraint expression. If no feasible solution is found, the optimization method is called repeatedly to determine the solution to the optimization problem until a feasible solution to the constraint expression is found or a preset time is exceeded.
[0015] In this possible implementation, the distance function of the root node is used as the objective function of the optimization method. The optimization method is used to determine the solution to the optimization problem. Specifically, given an initial value, the initial value is input into the objective function and the value is recursively optimized until the objective function reaches a minimum value. The value that makes the objective function reach a minimum value is called the solution to the optimization problem. The solution to the optimization problem obtained is a possible feasible solution to the constraint expression. The solution to the optimization problem that makes the objective function take the value of zero is the feasible solution to the constraint expression. If no feasible solution is found, the initial value can be updated, and the optimization method can be called cyclically until a feasible solution is found or a preset time is exceeded, thus improving the feasibility of the solution.
[0016] In one possible implementation of the first aspect, the optimization method includes at least one of local optimization methods and global optimization methods.
[0017] In this possible implementation, local optimization is a method for finding extrema, that is, under a set of constraints that are equality or inequality, making the objective function reach a local extremum. Local optimization methods typically use iterative algorithms. Commonly used iterative algorithms include gradient descent, stochastic gradient descent, quasi-Newton optimization, and conjugate optimization. Global optimization methods, during the iterative optimization process, can also incorporate methods that can escape local optima constraints, such as Markov chain Monte Carlo sampling (MCMC), which can escape local optima constraints and find the globally optimal solution to the optimization problem, thereby improving the accuracy of feasible solutions to the constraint expressions.
[0018] In one possible implementation of the first aspect, the constraint expression is a formula for the satisfiability problem based on a specific background theory.
[0019] In this possible implementation, the constraint expression is based on the satisfiability modulo theories (SMT) formula, which improves the feasibility of the solution.
[0020] In one possible implementation of the first aspect, the above steps, after obtaining the input data, include: converting the constraint expression into a satisfiability problem formula based on the QF_BV background theory.
[0021] In this possible implementation, for constraint expressions that do not satisfy the satisfiability problem under the QF_BV background theory, it is necessary to convert the constraint expressions into satisfiability problem formulas based on the QF_BV background theory, thereby improving the feasibility of the solution.
[0022] In one possible implementation of the first aspect, the above steps: obtaining input data include: obtaining the program to be verified and its specification, wherein the program to be verified is represented by a mathematical model and the specification is a mathematical description; converting the program to be verified and its specification into input data using an intermediate verification language; and after determining the feasible solution of the constraint expression based on the distance function of the root node, the steps include: when a feasible solution of the constraint expression exists, determining that the formal verification of the program to be verified has passed.
[0023] In this possible implementation, the solution of the constraint expression can be applied to the verification program. The program to be verified is represented by a mathematical model, which is reduced to a mathematical description and converted into constraint expressions. When a feasible solution exists, the formal verification of the program to be verified is confirmed to be successful, thus improving the applicability of the solution.
[0024] In a second aspect, this application provides a solver for performing the methods described in the first aspect or any possible implementation thereof. Specifically, the computer device includes modules or units for performing the methods described in the first aspect or any possible implementation thereof, such as: an acquisition unit, a generation unit, a first determination unit, a second determination unit, an output unit, a conversion unit, and a third determination unit.
[0025] A third aspect of this application provides a computer device including a processor, a communication interface, and a memory. The memory is used to store program code, and the processor is used to invoke the program code in the memory to cause a controller to execute the method in the first aspect or any possible implementation thereof.
[0026] The fourth aspect of this application provides a computer-readable storage medium storing one or more computer-executable instructions, wherein when the computer-executable instructions are executed by a processor, the processor performs a method as described in the first aspect or any possible implementation thereof.
[0027] The fifth aspect of this application provides a computer program product that stores one or more computer-executable instructions, wherein when the computer-executable instructions are executed by a processor, the processor executes a method as described in the first aspect or any possible implementation thereof.
[0028] A sixth aspect of this application provides a chip system including at least one processor and an interface for receiving data and / or signals. The interface is used to support a computer device in implementing the functions described in the first aspect or any possible implementation thereof. In one possible design, the chip system may further include a memory for storing necessary program instructions and data for the computer device. This chip system may be composed of chips or may include chips and other discrete devices.
[0029] In this embodiment, input data is acquired, including constraint expressions. An abstract syntax tree (AST) is generated to represent the constraint expressions. The distance function of the root node is determined based on the AST, where the distance function of the root node represents the distance between the assignment of the constraint expression and the feasible solution of the constraint expression. The feasible solution of the constraint expression is determined based on the distance function of the root node and output. Thus, the constraint expression satisfiability problem in formal verification is transformed into an optimization problem. The solution of the optimization problem is quickly solved using optimization methods. The solution of the optimization problem obtained is the possible feasible solution of the constraint expression. It is not necessary to expand the constraint expression into a Boolean satisfiability problem to solve, which greatly improves the solution efficiency of the constraint solver. Attached Figure Description
[0030] Figure 1 A schematic diagram of a formal verification scenario for software;
[0031] Figure 2 A schematic diagram of an embodiment of the formal verification constraint solving method provided in this application;
[0032] Figure 3 A schematic diagram of an abstract syntax tree provided for embodiments of this application;
[0033] Figure 4 A schematic diagram of another embodiment of the formal verification constraint solving method provided in this application;
[0034] Figure 5 A schematic diagram illustrating the solution process for feasible solutions to constraint expressions provided in embodiments of this application;
[0035] Figure 6 This is a schematic diagram illustrating the application of the MCMC method provided in the embodiments of this application;
[0036] Figure 7 A schematic diagram of an embodiment of the solver provided in this application;
[0037] Figure 8 This is a schematic diagram of one embodiment of the computer device provided in this application. Detailed Implementation
[0038] The terms “comprising” and “having”, and any variations thereof, in the specification and claims of this application are intended to cover non-exclusive inclusion, for example, a process, method, system, product, or device that includes a series of steps or units is not necessarily limited to those steps or units that are explicitly listed, but may include other steps or units that are not explicitly listed or that are inherent to such process, method, product, or device.
[0039] This application provides a method for formally verifying constraint solutions, which improves the solution efficiency of constraint solvers. This application also provides a corresponding solver, computer device, computer-readable storage medium, chip system, and computer program product. These are described in detail below.
[0040] like Figure 1As shown, in formal verification of software, satisfiability modulo theories (SMT) solvers can be applied. Specifically, taking formal verification of a program as an example, such as verifying the program's memory safety, functional correctness, termination, and real-time performance, the formal verification of the program can be transformed into verifying the satisfiability of the SMT formula, i.e., whether a feasible solution exists. By inputting the SMT formula, i.e., the constraint expression, into the SMT solver, it can be determined whether the SMT formula has a feasible solution. If a feasible solution exists, the formal verification of the program to be verified is considered successful, and the reliability, correctness, and security of the program to be verified are verified, indicating that there are no program errors (bugs) relative to its specification.
[0041] The formal verification constraint solving method provided in this application embodiment is described below in conjunction with the application scenarios of the solver mentioned above. Figure 2 As shown, one embodiment of the formal verification constraint solving method provided in this application includes:
[0042] 201. Obtain input data.
[0043] Taking a solver as an example, the solver can obtain input data, which includes constraint expressions.
[0044] For example, the constraint expression is F = (a + b) > 5 ∧ (c < 5).
[0045] 202. Generate an abstract syntax tree for representing constraint expressions.
[0046] An abstract syntax tree (AST) consists of a root node, leaf nodes, and non-root and non-leaf nodes. Leaf nodes are variable nodes, such as binary array variable nodes or Boolean variable nodes. The root node is a "comparison operator" node or a "Boolean logic operator" node. Non-root and non-leaf nodes are "computation operator" nodes, "comparison operator" nodes, or "Boolean logic operator" nodes.
[0047] For example, please refer to Figure 3 When the constraint expression F = (a + b) > 5∧ (c < 5), the root node is ∧.
[0048] The root node ∧ has child nodes > and child nodes <, node > has child nodes + and child node 5, node + has child nodes a and child nodes b, while nodes a, b, and 5 are leaf nodes with no children, and node < has child nodes c and child node 5, while nodes c and 5 are leaf nodes with no children.
[0049] 203. Determine the distance function of the root node based on the abstract syntax tree.
[0050] Once the abstract syntax tree is obtained, the distance function of the root node can be determined based on the abstract syntax tree. The distance function of the root node is used to represent the distance between the assignment of the constraint expression and the feasible solution of the constraint expression.
[0051] For example, for the constraint expression F=(a+b)>5∧(c<5), the distance function of its root node is the sum of the distance functions of the child nodes > and <.
[0052] 204. Determine the feasible solution of the constraint expression based on the distance function of the root node.
[0053] After obtaining the distance function of the root node, the distance function of the root node is used as the objective function of the optimization method. The optimization method can quickly find possible feasible solutions to the constraint expression. In the process of quickly finding feasible solutions, the basis for judging whether an assignment is a feasible solution to the constraint expression is whether the assignment makes the distance function of the root node zero.
[0054] For example, for the constraint expression F=(a+b)>5∧(c<5), we assign the values a=6, b=2, c=3, so that the objective function (the distance function of the root node) takes the value 0+0=0, indicating that a=6, b=2, c=3 is a feasible solution to the constraint expression.
[0055] 205. Output the feasible solution of the constraint expression.
[0056] Once a feasible solution to a constraint expression is obtained, the feasible solution to that constraint expression can be output, thus confirming that the constraint expression is satisfied.
[0057] In this embodiment, input data is acquired, including constraint expressions. An abstract syntax tree (AST) is generated to represent the constraint expressions. The distance function of the root node is determined based on the AST, where the distance function of the root node represents the distance between the assignment of the constraint expression and the feasible solution of the constraint expression. The feasible solution of the constraint expression is determined based on the distance function of the root node and output. Thus, the constraint expression satisfiability problem in formal verification is transformed into an optimization problem. The solution of the optimization problem is quickly solved using optimization methods. The solution of the optimization problem obtained is the possible feasible solution of the constraint expression. It is not necessary to expand the constraint expression into a Boolean satisfiability problem to solve, which greatly improves the solution efficiency of the constraint solver.
[0058] like Figure 4 As shown, another embodiment of the formal verification constraint solving method provided in this application includes:
[0059] 401. Obtain the program to be verified and its specifications.
[0060] 402. Use intermediate validation language to convert the program to be validated and its specification into input data.
[0061] 403. Transform the constraint expression into a satisfiability problem formula based on the QF_BV background theory.
[0062] Taking formal verification of a program as an example, such as verifying the program's memory safety, functional correctness, termination, and real-time performance, the formal verification of the program can be transformed into verifying the satisfiability of the SMT formula, i.e., whether a feasible solution exists, which is then solved using an SMT solver. Specifically, a BV variable is a binary number of length n, where each bit can be 0 or 1. The value of a BV variable can be represented by this binary number, called the binary value of the BV variable. The unsigned decimal value corresponding to this binary number is called the unsigned decimal value of the BV variable, and the signed decimal value corresponding to this binary number is called the signed decimal value of the BV variable. For example, 1011 is a binary number of length 4, and also a BV variable of length 4. Its binary value is 1011, its unsigned decimal value is 11, and its signed decimal value is -5.
[0063] SMT formulas are a set of constraint expressions using a specific background theory. SMT formulas based on the QF_BV background theory use BV logic without quantifier constraints as the background theory, and are abbreviated as QF_BV-SMT formulas. Please refer to Table 1; in the QF_BV-SMT formulas, ∧, ∨, and... These are basic Boolean logic operators, representing the AND, OR, and NOT operations respectively. ∧ and ∨ are binary Boolean logic operators, whose inputs are two Boolean variables. These are unary Boolean logic operators, each with a Boolean variable as its operand. A Boolean variable can take the value True or False. Referring to Tables 2 and 3, in addition to the three Boolean logic operators mentioned above, QF_BV-SMT formulas also contain specific computation and comparison operators. Computation operators are binary or multi-ary Boolean logic operators, with both operands being Boolean variables, and their output being a Boolean variable. Comparison operators are binary Boolean logic operators, with both operands being Boolean variables, and their output being a Boolean variable. A QF_BV-SMT formula can consist of basic Boolean logic operators, specific computation operators, specific comparison operators, and Boolean variables.
[0064] Table 1
[0065]
[0066] Table 2
[0067] Operators type Semantics bvule Comparison Operators Unsigned less than or equal to bvult Comparison Operators Unsigned less than bvsle Comparison Operators Signed less than or equal to bvslt Comparison Operators Signed less than bvuge Comparison Operators Unsigned greater than or equal to bvugt Comparison Operators Unsigned greater than bvsge Comparison Operators Signed greater than or equal to bvsgt Comparison Operators Signed greater than
[0068] For example, F := bvslt(1011,1001) ∧ bvule(bvshl(1011,0011),1001) is an SMT formula for QF_BV background theory. Here, the operator ∧ is a basic Boolean logic operator, the operators bvslt, bvule, and bvshl are BV background theory-specific operators, and 1011, 1001, and 0011 are all BV variables.
[0069] For a QF_BV-SMT formula, a mapping f:V→Bin is called an assignment of the QF_BV-SMT formula, where V is the set of all BV variables in the QF_BV-SMT formula, and Bin is all possible binary values of the BV variables. Based on an assignment of a QF_BV-SMT formula, the output of all operators in the QF_BV-SMT formula can be determined, and thus the value of the entire QF_BV-SMT formula under the current assignment can be determined. For an assignment of a QF_BV-SMT formula, if the QF_BV-SMT formula is true under the assignment, then the QF_BV-SMT formula is called a satisfiable formula, and the current assignment is called a feasible solution of the QF_BV-SMT formula. A QF_BV-SMT formula may have more than one feasible solution; if a QF_BV-SMT formula has no feasible solution, it is called an unsatisfiable formula.
[0070] For example, for a QF_BV-SMT formula F: = bvslt(a,b)∧bvule(bvshl(c,d),e), a = 1011, b = 1001, c = 1011, d = 0011, e = 1001 is an assignment to QF_BV-SMT formula F. However, since the value of QF_BV-SMT formula F under the current assignment is False∧True, this assignment is not a feasible solution to QF_BV-SMT formula F. But QF_BV-SMT formula F is a satisfyable formula, and the assignment a = 0001, b = 0011, c = 0100, d = 0010, e = 1111 is a feasible solution to it.
[0071] Table 3
[0072] Operators type Semantics bvadd Computation operators addition bvsub Computation operators Subtraction bvmul Computation operators multiplication bvudiv Computation operators Unsigned division bvsdiv Computation operators Signed division bvsmod Computation operators Mold taking bvurem Computation operators Unsigned remainder bvsrem Computation operators Signed remainder bvand Computation operators Bitwise AND bvor Computation operators Bitwise or bvnot Computation operators Invert bitwise bvneg Computation operators Signed opposite number bvxor Computation operators bitwise XOR bvshl Computation operators Shift left bvashr Computation operators Arithmetic right shift bvlshr Computation operators Logical right shift rotate_left Computation operators Circular left shift rotate_right Computation operators Circular right shift concat Computation operators connect extract Computation operators Cut
[0073] 404. Generate an abstract syntax tree for representing constraint expressions.
[0074] 405. The distance function for generating nodes of the abstract syntax tree and / or the expression for nodes of the abstract syntax tree.
[0075] 406. The distance function of the root node is determined based on the distance function of the nodes in the abstract syntax tree and / or the expression of the nodes in the abstract syntax tree.
[0076] The nodes of the abstract syntax tree include first-type nodes and second-type nodes. The output type of the first-type nodes is binary array variables, i.e., BV variables, and the output type of the second-type nodes is Boolean variables. Specifically, the first-type nodes include binary array variable nodes and computation operator nodes, and the second-type nodes include Boolean variable nodes, comparison operator nodes, and logical operator nodes.
[0077] The root node of an abstract syntax tree (AST) must be either a Boolean logic operator node or a comparison operator node; it must be a second-type node. Therefore, for the root node, a distance function is generated. To obtain the distance function of the root node, it can be determined recursively based on the AST. The distance function of the root node depends on the expressions and / or distance functions of all its child nodes. For each child node of the root node, the expression and / or distance function of that child node depends on the expressions and / or distance functions of the next-level child nodes of that child node. This process continues recursively, traversing the entire AST to determine the distance function of the root node.
[0078] Specifically, in the actual calculation process, it is only necessary to determine the distance function or expression for each node in the abstract syntax tree. For any node in the abstract syntax tree, the expression or distance function for that node is generated according to a preset algorithm. Specifically, if a node is a certain calculation operator, the expression for that node is generated according to the preset algorithm; if a node is a certain Boolean logic operator or a certain comparison operator, the distance function for that node is generated according to the preset algorithm.
[0079] If a node is a Boolean logic operator or a comparison operator, a distance function for that node is generated according to a preset algorithm. For example, for the second type of nodes, such as nodes with logical AND operator, logical OR operator, logical NOT operator, less than or equal to, greater than or equal to, less than, greater than, equal to, and not equal to nodes, the characteristics of the distance function generated for the above nodes are as follows:
[0080] If a node is a logical AND operator, that is, a node is a logical AND operator node, the distance function of the node is the sum of the distance functions of all its child nodes. This means that the condition for the distance function of a node to be zero is that the distance function of each child node must be zero, and the distance function is always non-negative.
[0081] If the node is a "logical OR" logical operator, that is, the node is a logical OR operator node, the distance function of this node is the product of the distance functions of all its child nodes. This means that the condition for the distance function of the node to be zero is that the distance function of any one of its child nodes is zero;
[0082] If the node is a "logical NOT" logical operator, that is, the node is a logical NOT operator node, first convert the formula to the Negation Normal Form, that is, ensure that all The child nodes of the logical operator nodes can only be comparison operator nodes. The calculation of the distance function of the "logical NOT" node is carried out in reverse according to the calculation of the distance of the comparison operator node. Exemplarily, for a logical operator node, if the child node of the "logical NOT" node is a > comparison operator node, and if the two child nodes of the > of the "logical NOT" node are a and b respectively, and a ≤ b, then the distance function of the "logical NOT" node is 0, otherwise, the distance function of the "logical NOT" node is |a - b|;
[0083] If the node is a "less than or equal to" comparison operator, that is, the node is a less than or equal to node, if the child nodes a ≤ b, the distance function of this node is 0, otherwise it is |a - b|, which means that the closer the expressions of the two child nodes are, the smaller the distance;
[0084] If the node is a "greater than or equal to" comparison operator, that is, the node is a greater than or equal to node, if the child nodes a ≥ b, the distance function of this node is 0, otherwise it is |a - b|;
[0085] If the node is a "less than" comparison operator, that is, the node is a less than node, if the child nodes a < b, the distance function of this node is 0, otherwise it is |a - b| + 1;
[0086] If the node is a "greater than" comparison operator, that is, the node is a greater than node, if the child nodes a > b, the distance function of this node is 0, otherwise it is |a - b| + 1;
[0087] If the node is an "equal to" comparison operator, that is, the node is an equal to node, if the child nodes a = b, the distance function of this node is 0, otherwise it is |a - b|;
[0088] If the node is a "not equal to" comparison operator, that is, the node is a not equal to node, if the child nodes a ≠ b, the distance function of this node is 0, otherwise it is 1.
[0089] It should be noted that the absolute value operation in this preset algorithm can also be replaced by methods such as square operation, and the embodiments of the present application do not limit this.
[0090] More specifically, the constraint expression is the QF_BV-SMT formula. When the first type node is a binary array variable node in the QF_BV-SMT formula, that is, a BV variable node, its output type is a BV variable. Then, its expression is calculated, and its expression is the BV variable itself. The value of its expression is the current assigned value of the BV variable.
[0091] When the second type of node is a Boolean variable node in the QF_BV-SMT formula, the Boolean variable node can also be regarded as a type of BV variable node, but its output type is a Boolean variable. Then, its distance function is calculated. When its value is true, its distance function is 0; otherwise, it is 1.
[0092] When the first type of node is a calculation operator node in the QF_BV-SMT formula, its output type is a BV variable. Then, its expression is calculated, and the expression consists of the operator on the node and child nodes. When the operator on a node is a binary operator, assuming sub1 and sub2 are the binary values of its two child nodes, if the operator is bvadd, its expression is the binary value of the sum of sub1 and sub2; if the operator is bvsub, its expression is the binary value of the difference between sub1 and sub2; if the operator is bvmul, its expression is the binary value of the product of sub1 and sub2; if the operator is bvsdiv, its expression is the binary value of the signed division of sub1 and sub2; if the operator is bvudiv, its expression is the binary value of the unsigned division of sub1 and sub2; if the operator is bvsmod, its expression is the binary value of the modulo operation of sub1 and sub2; if the operator is bvsrem, its expression is... The binary value of the signed remainder of sub1 and sub2; if the operator is bvsuem, the expression is the binary value of the unsigned remainder of sub1 and sub2; if the operator is bvshl, the expression is the binary value of sub1 shifted left by sub2 bits; if the operator is bvashr, the expression is the binary value of sub1 arithmetically shifted right by sub2 bits; if the operator is bvlshr, the expression is the binary value of sub1 logically shifted right by sub2 bits; if the operator is bvand, the expression is the binary value of the bitwise AND of sub1 and sub2; if the operator is bvor, the expression is the binary value of the bitwise OR of sub1 and sub2; if the operator is bvxor, the expression is the binary value of the bitwise XOR of sub1 and sub2. When the operator on a node is a unary operator, assuming `sub` is the binary value of its child nodes, if the evaluation operator is `bvnot`, its expression is the bitwise NOT of the binary value of `sub`; if the evaluation operator is `bvneg`, its expression is the binary opposite of the decimal value of `sub`. When the evaluation operator is `concat`, its expression is the concatenation of the binary values of all its nodes; when the evaluation operator is `extract`, its expression is the extraction of the binary values between the first and second sub-th elements of the current binary operand `sub3`.
[0093] When the second - type node is a comparison operator node in the QF_BV - SMT formula, its output type is a boolean variable. Then calculate its distance function, which is determined by the comparison operator and its sub - nodes. Assume the binary values of its two sub - nodes are sub1 and sub2, and the distance between sub1 and sub2 is dist(sub1, sub2). When the operator is >, if sub1 > sub2, its distance function is 0; otherwise, its distance function is dist(sub1, sub2)+1. When the operator is ≥, if sub1 ≥ sub2, its distance function is 0; otherwise, its distance function is dist(sub1, sub2). When the operator is <, if sub1 < sub2, its distance function is 0; otherwise, its distance function is dist(sub1, sub2)+1. When the operator is ≤, if sub1 ≤ sub2, its distance function is 0; otherwise, its distance function is dist(sub1, sub2).
[0094] When determining the distance function of the root node, first determine the sub - nodes of the root node, and then determine the distance function of the root node based on the distance functions of the root node's sub - nodes and / or the expressions of the root node's sub - nodes.
[0095] The root node is a boolean logic operator node in the QF_BV - SMT formula, and the logical operator may be ∧, ∨ or . When the operator is ∨, its distance function is the product of the distance functions of all its sub - nodes. When the operator is ∧, its distance function is the sum of the distance functions of all its sub - nodes. When the operator is , the QF_BV - SMT formula can be first converted into the negation normal form, that is, ensure that the sub - nodes of all logical operator nodes can only be comparison operator nodes. For a logical operator node, the binary values of the two sub - nodes of its sub - node are sub1 and sub2 respectively. If its sub - node is a > comparison operator node and sub1 ≤ sub2, the distance function is 0; otherwise, its distance function is dist(sub1, sub2). If its sub - node is a ≥ comparison operator node and sub1 < sub2, the distance function is 0; otherwise, its distance function is dist(sub1, sub2)+1. If its sub - node is a < comparison operator node and sub1 ≥ sub2, the distance function is 0; otherwise, its distance function is dist(sub1, sub2). If its sub - node is a ≤ comparison operator node and sub1 > sub2, the distance function is 0; otherwise, its distance function is dist(sub1, sub2)+1.
[0096] Furthermore, a preset algorithm can be used to specifically calculate the distance function of the node and / or the expression of the node. A preset algorithm can also be used to specifically calculate the distance between two BV variables, thereby calculating the distance function of the node and obtaining the distance between the nodes.
[0097] 407. Determine the feasible solution of the constraint expression based on the distance function of the root node.
[0098] Once the distance function of the root node is obtained, a feasible solution to the constraint expression can be determined. For details, please refer to [link to relevant documentation]. Figure 5 The distance function of the root node is used as the objective function of the optimization method, and the optimization method is used to determine the solution of the optimization problem. The solution of the optimization problem obtained is the possible feasible solution of the constraint expression. Specifically, given a random initial value, the initial value is input into the objective function and the value is recursively optimized until the objective function reaches a minimum value. The value that makes the objective function reach a minimum value is called the solution of the optimization problem. The solution of the optimization problem obtained is the possible feasible solution of the constraint expression. Among them, the solution of the optimization problem that makes the objective function take the value of zero is the feasible solution of the constraint expression. If no feasible solution is found, the initial value can be updated, and the optimization method can be called repeatedly to determine the solution of the optimization problem until a feasible solution of the constraint expression is found or the preset time is exceeded. If a feasible solution of the constraint expression is found, the feasible solution is directly output. If the time exceeds the preset value, it means that it is impossible to determine whether there is a feasible solution within the preset time, and "unknown" is output.
[0099] Optimization methods, or mathematical optimization methods, are methods for solving optimization problems. An optimization method is a way to find the extreme value of a system's objective function under a set of constraints that are equality or inequality conditions. Optimization methods typically use iterative algorithms. Commonly used iterative algorithms include gradient descent, stochastic gradient descent, quasi-Newton optimization methods, and conjugate optimization methods.
[0100] Furthermore, if we only consider the advantages and disadvantages within a local range of the constraint set, the solution is called a locally optimal solution. If we consider the situation across the entire constraint set, the solution is called a globally optimal solution. Optimization methods often combine methods that can escape local optima during the iteration process, such as Markov chain Monte Carlo sampling (MCMC), which can help find a globally optimal solution. Therefore, optimization methods include both local and global optimization methods, enabling the rapid search for feasible solutions to constraint expressions.
[0101] Monte Carlo sampling (MCMC) is a sampling method that guides Monte Carlo sampling based on posterior probabilities. Furthermore, MCMC can be used to escape local optima during the optimization process. For example, ... Figure 6 As shown, Figure 6 An example of an MCMC method is shown to help optimization algorithms avoid getting trapped in local optima. Figure 6 The curve in the middle represents the function f(x) = g(x) + ((x-1)). 2 -4) 2 Given a function curve, p1 is a locally optimal solution, and p3 is a globally optimal solution. Using a gradient-based optimization algorithm, the minimum point p1 can be found quickly starting from p0. However, once the optimization algorithm reaches p1, the gradient-descent-based algorithm becomes stuck at p1. This is because any transformation of the current assignment from p1 in any direction will be opposite to the current gradient direction. To solve this problem, an iterative method combined with the MCMC method can prevent the optimization method from getting stuck in a local optimum. When the optimization algorithm reaches p1, the MCMC method may refuse to continue transforming the formula along the gradient descent direction, instead randomly selecting a non-gradient descent method to transform the formula. Through this probabilistic random transformation, the optimization method is helped to escape the local optimum of p1 and continue the search from p2 until the global optimum p3 is found.
[0102] For example, refer to Figure 3 The abstract syntax tree in the diagram has a root node ∧. The root node ∧ has child nodes > and <. The node > has child nodes + and 5. The node + has child nodes a and b. Nodes a, b, and 5 are leaf nodes with no children. The node < has child nodes c and 5, which are also leaf nodes with no children. Child nodes > and < are comparison operator nodes, both of type II, and their output type is a Boolean variable. Child node + is a computation operator node, of type I, and its output type is a BV variable. Child nodes 5, a, b, and c are BV variable nodes, all of type I, and their output type is a BV variable.
[0103] Furthermore, if the initial values of the input constraint expression are a = 2, b = 1, c = 7, then the child node a = 2, the child node b = 1, and the child node c = 7. Therefore, the expression for the child node + is (a + b), the distance function for the child node > is |5 - (a + b)| + 1 = 3, the distance function for the child node < is |c - 5| + 1 = 3, and the distance function for the root node ∧ is the sum of the distance functions of all its child nodes. Thus, the distance function for the root node ∧ is 3 + 3 = 6. This means the objective function of the constraint expression F takes the value 6, indicating that the initial values a = 2, b = 1, c = 7 are not a feasible solution to this constraint expression.
[0104] When optimizing the assignment based on the optimization method, if we assume that the step size of the change of variables a, b, and c is 1, there are a total of 27 directions of change for variables a, b, and c. That is, a, b, and c can increase, decrease, or remain unchanged. The optimization method will always select an optimal direction to make the value of the objective function decrease the fastest, and then determine a new assignment according to this direction. This new process of finding the optimal direction and updating the assignment will be carried out iteratively until the value of the objective function reaches the minimum rapidly. For example, if the initial random assignments are a = 2, b = 1, and c = 7, and the first optimization direction is to increase a, increase b, and decrease c, then the first optimization assignment is a = 3, b = 2, and c = 6, and the distance function of the root node ∧ is 1 + 2 = 3. Continuing to determine the second optimization assignment, assuming the direction of the second optimization is the same as the previous one, the second optimization assignment is a = 4, b = 3, and c = 5, and the distance function of the root node ∧ is 1. Similarly, assuming the direction of the third optimization is the same as the previous one, continuing to determine the third optimization assignment is a = 5, b = 4, and c = 4, then the distance function of the root node ∧ is 0, that is, the objective function of expression F is 0, indicating that the optimization assignment a = 5, b = 4, and c = 4 is a feasible solution to this constraint expression.
[0105] 408. Output the feasible solution of the constraint expression.
[0106] 409. When a feasible solution to the constraint expression exists, the formal verification of the program to be verified is deemed successful.
[0107] After outputting the feasible solution of the constraint expression, it can be determined whether the SMT formula has a feasible solution. If a feasible solution exists, it can be determined that the formal verification of the program to be verified has passed, and the reliability, correctness and security of the program to be verified have been verified, and there are no program errors (bugs) relative to its specification.
[0108] This application's embodiment transforms the satisfiability judgment of the QF_BV-SMT formula into the problem of calculating the minimum distance between an assignment of the formula and a feasible solution. This avoids expanding the formula into a SAT satisfiability expression and also avoids performing SAT calculations on the expanded formula. It effectively solves the problem in existing methods where the efficiency of the expansion and solution process is affected by the number of nonlinear operators and the length of the BV variables in the formula. By generating an abstract syntax tree of the QF_BV-SMT formula and calculating the distance function or expression of its root node, the satisfiability problem of the formula is transformed into an optimization problem of minimizing the distance function. Using the distance between the BV variables, the value of the distance function under a given assignment is calculated. Using optimization methods (including global optimization and local optimization methods), the value of the distance function can be quickly narrowed down until its minimum value is found. When the minimum value is zero, the current assignment of the distance function is a feasible solution of the formula.
[0109] This application also provides an algorithm, which can be used as a preset algorithm to calculate the distance function of a node and / or the expression of the node.
[0110] For example, if a node is a first-type node, its output type is a binary array variable. First-type nodes include binary array variable nodes and calculation operator nodes. The expression or calculation expression of the node is generated according to the preset algorithm one. If a node is a second-type node, its output type is a Boolean variable. Second-type nodes include Boolean variable nodes, comparison operator nodes, and Boolean logic operator nodes. The distance function of the node is generated according to the preset algorithm one.
[0111] The algorithm includes two preset algorithms: Algorithm 1 and Algorithm 2, specifically including:
[0112]
[0113]
[0114]
[0115]
[0116]
[0117] This application also provides an algorithm, a preset algorithm two, for calculating the distance between two BV variables. The algorithm specifically includes:
[0118]
[0119] like Figure 7 As shown, one embodiment of the solver 700 provided in this application includes:
[0120] The acquisition unit 701 is used to acquire input data, which includes constraint expressions; the acquisition unit 701 can execute step 201 in the above method embodiment.
[0121] The generation unit 702 is used to generate an abstract syntax tree for representing constraint expressions. The abstract syntax tree includes multiple nodes, including a root node and non-root nodes. The generation unit 702 can execute step 202 in the above method embodiment.
[0122] The first determining unit 703 is used to determine the distance function of the root node based on the abstract syntax tree. The distance function of the root node is used to represent the distance between the assignment of the constraint expression and the feasible solution of the constraint expression. The first determining unit 703 can execute step 203 in the above method embodiment.
[0123] The second determining unit 704 is used to determine a feasible solution to the constraint expression based on the distance function of the root node; the second determining unit 704 can execute step 204 in the above method embodiment.
[0124] Output unit 705 is used to output a feasible solution to the constraint expression. This output unit 705 can execute step 205 in the above method embodiment.
[0125] In this embodiment, the acquisition unit 701 acquires input data, including constraint expressions; the generation unit 702 generates an abstract syntax tree representing the constraint expressions, wherein the abstract syntax tree includes root nodes and non-root nodes; the first determination unit 703 determines the distance function of the root nodes based on the abstract syntax tree, wherein the distance function of the root nodes is used to represent the distance between the assignment of the constraint expression and the feasible solution of the constraint expression; the second determination unit 704 determines the feasible solution of the constraint expression based on the distance function of the root nodes; and the output unit 705 outputs the feasible solution of the constraint expression. Therefore, it is not necessary to expand the constraint expressions into a Boolean satisfiability problem, greatly improving the efficiency of solving constraint expressions.
[0126] Optionally, the first determining unit 703 is specifically used to generate the distance function of the nodes of the abstract syntax tree and / or the expression of the nodes of the abstract syntax tree; and to determine the distance function of the root node based on the distance function of the nodes of the abstract syntax tree and / or the expression of the nodes of the abstract syntax tree.
[0127] Optionally, the nodes of the abstract syntax tree include first - type nodes and second - type nodes. The first - type nodes include binary - array variable nodes and calculation operator nodes. The second - type nodes include boolean variable nodes, comparison operator nodes, and boolean logic operator nodes. The first determination unit 703 is specifically further configured to determine the expression of the first - type nodes based on a preset algorithm, and the expression of the nodes of the abstract syntax tree is the expression of the first - type nodes; and / or determine the distance function of the second - type nodes based on a preset algorithm, and the distance function of the nodes of the abstract syntax tree is the distance function of the second - type nodes, where the preset algorithm is used to calculate the node expression and the distance function.
[0128] Optionally, the second - type nodes include logical AND operator nodes, logical OR operator nodes, less - than - or - equal nodes, greater - than - or - equal nodes, less - than nodes, greater - than nodes, equal nodes, and not - equal nodes. The operation logic of the preset algorithm includes: the distance function of the logical AND operator node is the sum of the distance functions of all child nodes; the distance function of the logical OR operator node is the product of the distance functions of all child nodes; if a ≤ b, the distance function of the less - than - or - equal node is 0, otherwise it is |a - b|; if a ≥ b, the distance function of the greater - than - or - equal node is 0, otherwise it is |a - b|; if a < b, the distance function of the less - than node is 0, otherwise it is |a - b| + 1; if a > b, the distance function of the greater - than node is 0, otherwise it is |a - b| + 1; if a == b, the distance function of the equal node is 0, otherwise it is |a - b|; if a ≠ b, the distance function of the not - equal node is 0, otherwise it is 1.
[0129] Optionally, the first determination unit 703 is specifically further configured to determine the child nodes of the root node from the abstract syntax tree; determine the distance function of the root node based on the distance function and / or the expression of the child nodes of the root node, where the distance function and / or the expression of the child nodes of the root node is determined by the distance function and / or the expression of the child nodes at the next level of the child nodes of the root node, and the distance function of the root node is determined by traversing the entire abstract syntax tree recursively.
[0130] Optionally, the second determination unit 704 is specifically configured to use the distance function of the root node as the objective function of the optimization method, and use the optimization method to determine the solution of the optimization problem, where the solution of the optimization problem that makes the value of the objective function zero is the feasible solution of the constraint expression; if no feasible solution is found, loop and call the optimization method to determine the solution of the optimization problem until a feasible solution of the constraint expression is found or after exceeding the preset time and then end.
[0131] Optionally, the optimization method includes at least one of a local optimization method and a global optimization method.
[0132] Optionally, the constraint expression is a satisfiability problem formula based on a specific background theory.
[0133] Optionally, the solver 700 further includes a transformation unit 706 for converting constraint expressions into satisfiability problem formulas based on the QF_BV background theory.
[0134] Optionally, the acquisition unit 701 is specifically used to acquire the program to be verified and its specification, wherein the program to be verified is represented by a mathematical model and the specification is a mathematical description; the program to be verified and its specification are converted into input data using an intermediate verification language; the solver 700 further includes: a third determination unit 707, used to determine that the formal verification of the program to be verified has passed when a feasible solution to the constraint expression exists.
[0135] like Figure 8 The diagram shown illustrates a possible logical structure of a computer device 800 provided in an embodiment of this application. The computer device 800 includes a processor 801, a communication interface 802, a storage system 803, and a bus 804. The processor 801, communication interface 802, and storage system 803 are interconnected via the bus 804. In the embodiments of this application, the processor 801 is used to control and manage the operations of the computer device 800; for example, the processor 801 is used to execute the formal verification constraint solving method described in the above embodiments. The communication interface 802 is used to support communication by the computer device 800. The storage system 803 is used to store the program code and data of the computer device 800.
[0136] The processor 801 can be a central processing unit, a general-purpose processor, a digital signal processor, an application-specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or other programmable logic devices, transistor logic devices, hardware components, or any combination thereof. It can implement or execute various exemplary logic blocks, modules, and circuits described in conjunction with the disclosure of this application. The processor 801 can also be a combination that implements computing functions, such as a combination of one or more microprocessors, a combination of a digital signal processor and a microprocessor, etc. The bus 804 can be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus, etc. The bus can be divided into address bus, data bus, control bus, etc. For ease of representation, Figure 8 The bus is represented by a single thick line, but this does not mean that there is only one bus or one type of bus.
[0137] In another embodiment of this application, a computer-readable storage medium is also provided, which stores computer-executable instructions. When at least one processor of the device executes the computer-executable instructions, the device executes the formal verification constraint solving method described in the above embodiments.
[0138] In another embodiment of this application, a computer program product is also provided, the computer program product including computer-executable instructions stored in a computer-readable storage medium; at least one processor of the device can read the computer-executable instructions from the computer-readable storage medium, and the at least one processor executes the computer-executable instructions to cause the device to perform the formal verification constraint solving method described in the above embodiments.
[0139] In another embodiment of this application, a chip system is also provided, comprising at least one processor and an interface for receiving data and / or signals, wherein the at least one processor is used to support the formal verification constraint solving method described in the above embodiments. In one possible design, the chip system may further include a memory for storing program instructions and data necessary for the computer device. The chip system may be composed of chips or may include chips and other discrete devices.
[0140] Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the specific working processes of the systems, devices, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here.
[0141] In the several embodiments provided in this application, it should be understood that the disclosed systems, apparatuses, and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection between apparatuses or units through some interfaces, and may be electrical, mechanical, or other forms.
[0142] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.
[0143] Furthermore, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or as a software functional unit.
[0144] If the integrated unit is implemented as a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or all or part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.
Claims
1. A method of formalizing verification of constraint solving, characterized in that, including: obtaining input data, where the input data includes a constraint expression; generating an abstract syntax tree for representing the constraint expression, the abstract syntax tree including a root node and non-root nodes; determining a distance function of the root node based on the abstract syntax tree, the distance function of the root node being used to represent the distance between the assignment of the constraint expression and the feasible solution of the constraint expression; determining a feasible solution of the constraint expression based on the distance function of the root node; outputting the feasible solution of the constraint expression.
2. The method of claim 1, wherein, The determining the distance function of the root node based on the abstract syntax tree includes: generating a distance function of a node of the abstract syntax tree and / or an expression of a node of the abstract syntax tree; determining the distance function of the root node based on the distance function of a node of the abstract syntax tree and / or the expression of a node of the abstract syntax tree.
3. The method of claim 2, wherein, The nodes of the abstract syntax tree include first-type nodes and second-type nodes. The first-type nodes include binary array variable nodes and calculation operator nodes. The second-type nodes include boolean variable nodes, comparison operator nodes, and boolean logic operator nodes. The root node is the second-type node. The generating the distance function of a node of the abstract syntax tree and / or the expression of a node of the abstract syntax tree includes: determining an expression of the first-type nodes based on a preset algorithm, the expression of the node of the abstract syntax tree being the expression of the first-type nodes; and / or, determining a distance function of the second-type nodes based on the preset algorithm, the distance function of the node of the abstract syntax tree being the distance function of the second-type nodes, where the preset algorithm is used to calculate a node expression and a distance function.
4. The method of claim 3, wherein, The second-type nodes include a logical AND operator node, a logical OR operator node, a less-than-or-equal-to node, a greater-than-or-equal-to node, a less-than node, a greater-than node, an equal-to node, and a not-equal-to node. The operation logic of the preset algorithm includes: the distance function of the logical AND operator node is the sum of the distance functions of all child nodes; the distance function of the logical OR operator node is the product of the distance functions of all child nodes; if a ≤ b, the distance function of the less-than-or-equal-to node is 0, otherwise it is |a - b|; if a ≥ b, the distance function of the greater-than-or-equal-to node is 0, otherwise it is |a - b|; if a < b, the distance function of the less-than node is 0, otherwise it is |a - b| + 1; if a > b, the distance function of the greater-than node is 0, otherwise it is |a - b| + 1; if a == b, the distance function of the equal-to node is 0, otherwise it is |a - b|; if a ≠ b, the distance function of the not-equal-to node is 0, otherwise it is 1, where a and b are child nodes of the less-than-or-equal-to node, the greater-than-or-equal-to node, the less-than node, the greater-than node, the equal-to node, and the not-equal-to node.
5. The method according to any one of claims 2-4, characterized in that, The determining the distance function of the root node based on the distance function of a node of the abstract syntax tree and / or the expression of a node of the abstract syntax tree includes: determining child nodes of the root node from the abstract syntax tree; The distance function of the root node is determined based on the distance function of the child nodes of the root node and / or the expression of the child nodes of the root node, wherein the distance function and / or expression of the child nodes of the root node are determined by the distance function and / or expression of the child nodes of the next level of the child nodes of the root node, and the distance function of the root node is determined by recursively traversing the entire abstract syntax tree.
6. The method according to any one of claims 1-4, characterized in that, The determination of a feasible solution to the constraint expression based on the distance function of the root node includes: The distance function of the root node is used as the objective function of the optimization method, and the optimization method is used to determine the solution of the optimization problem. The solution of the optimization problem that makes the objective function take the value of zero is the feasible solution of the constraint expression. If no feasible solution is found, the optimization method is called repeatedly to determine the solution to the optimization problem until a feasible solution to the constraint expression is found or the preset time is exceeded.
7. The method of claim 6, wherein, The optimization method includes at least one of local optimization method and global optimization method.
8. The method of any one of claims 1-3, wherein, The constraint expression is a formula for the satisfiability problem based on a specific background theory.
9. The method according to claim 8, characterized in that, After obtaining the input data, the following is included: The constraint expression is transformed into a satisfiability problem formula based on the QF_BV background theory.
10. The method of any one of claims 1-3, wherein, The acquisition of input data includes: Obtain the program to be verified and its specification, wherein the program to be verified is represented by a mathematical model and the specification is a mathematical description; The program to be verified and its specification are converted into the input data using an intermediate verification language. After determining the feasible solution of the constraint expression based on the distance function of the root node, the process includes: When a feasible solution to the constraint expression exists, the formal verification of the program to be verified is deemed successful.
11. A solver characterized in that, include: An acquisition unit is used to acquire input data, the input data including constraint expressions; A generation unit is used to generate an abstract syntax tree for representing the constraint expression, the abstract syntax tree including a root node and non-root nodes; The first determining unit is used to determine the distance function of the root node based on the abstract syntax tree, wherein the distance function of the root node is used to represent the distance between the assignment of the constraint expression and the feasible solution of the constraint expression; The second determining unit is used to determine a feasible solution to the constraint expression based on the distance function of the root node; The output unit is used to output a feasible solution to the constraint expression.
12. The solver of claim 11, wherein, The first determining unit is specifically used to generate the distance function of the nodes of the abstract syntax tree and / or the expression of the nodes of the abstract syntax tree; The distance function of the root node is determined based on the distance function of the nodes of the abstract syntax tree and / or the expression of the nodes of the abstract syntax tree.
13. The solver according to claim 12, characterized in that, The nodes of the abstract syntax tree include the first type of nodes and the second type of nodes. The first type of nodes includes binary array variable nodes and calculation operator nodes. The second type of nodes includes boolean variable nodes, comparison operator nodes, and boolean logic operator nodes. The root node is the second type of node. The first determination unit is further specifically configured to determine the expression of the first type of nodes based on a preset algorithm, and the expression of the nodes of the abstract syntax tree is the expression of the first type of nodes; and / or, determine the distance function of the second type of nodes based on the preset algorithm, and the distance function of the nodes of the abstract syntax tree is the distance function of the second type of nodes, where the preset algorithm is used to calculate the node expression and the distance function.
14. The solver according to claim 13, characterized in that, The second type of nodes includes logical AND operator nodes, logical OR operator nodes, less than or equal to nodes, greater than or equal to nodes, less than nodes, greater than nodes, equal to nodes, and not equal to nodes. The operation logic of the preset algorithm includes: The distance function of the logical AND operator node is the sum of the distance functions of all child nodes; The distance function of the logical OR operator node is the product of the distance functions of all child nodes; If a ≤ b, the distance function of the less than or equal to node is 0, otherwise it is |a - b|; If a ≥ b, the distance function of the greater than or equal to node is 0, otherwise it is |a - b|; If a < b, the distance function of the less than node is 0, otherwise it is |a - b| + 1; If a > b, the distance function of the greater than node is 0, otherwise it is |a - b| + 1; If a == b, the distance function of the equal to node is 0, otherwise it is |a - b|; If a ≠ b, the distance function of the not equal to node is 0, otherwise it is 1.
15. The solver according to any one of claims 12-14, characterized in that, The first determination unit is further specifically configured to determine the child nodes of the root node from the abstract syntax tree; determine the distance function of the root node based on the distance function and / or the expression of the child nodes of the root node, where the distance function and / or the expression of the child nodes of the root node are determined by the distance function and / or the expression of the child nodes at the next level of the child nodes of the root node, and the distance function of the root node is determined by traversing the entire abstract syntax tree recursively.
16. The solver according to any one of claims 11-14, characterized in that, The second determination unit is specifically configured to use the distance function of the root node as the objective function of the optimization method, and use the optimization method to determine the solution of the optimization problem, where the solution of the optimization problem that makes the value of the objective function zero is the feasible solution of the constraint expression; If no feasible solution is found, loop and call the optimization method to determine the solution of the optimization problem until a feasible solution of the constraint expression is found or after a preset time has elapsed and then end.
17. The solver of claim 16, wherein, The optimization method includes at least one of a local optimization method and a global optimization method.
18. The solver according to any one of claims 11-13, characterized in that, The constraint expression is a satisfiability problem formula based on a specific background theory.
19. The solver of claim 18, wherein, The solver further includes: A conversion unit, configured to convert the constraint expression into a satisfiability problem formula based on the QF_BV background theory.
20. The solver of any one of claims 11-13, wherein, The acquisition unit is specifically used to acquire the program to be verified and its specification, wherein the program to be verified is represented by a mathematical model and the specification is a mathematical description; and to convert the program to be verified and its specification into the input data using an intermediate verification language. The solver also includes: The third determining unit is used to determine that the formal verification of the program to be verified has passed when a feasible solution to the constraint expression exists.
21. A computer device comprising: A processor, a communication interface, and a memory, wherein the memory is used to store program code, and the processor is used to invoke the program code in the memory to cause the processor to perform the method as described in any one of claims 1-10.
22. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the method as described in any one of claims 1-10.
23. A chip system, characterized by It includes at least one processor and an interface for receiving data and / or signals, wherein the at least one processor is configured to perform the method as described in any one of claims 1-10.
24. A computer program product having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the method as described in any one of claims 1-10.