In [1]:
import sys
sys.path.append("../base")

import boilerplate
from pyrtl import *

import z3
z3.set_param(proof=True)

In [2]:
reset_working_block()

pc = Register(name='pc', bitwidth=4)
sp = Register(name='sp', bitwidth=4)
mem = MemBlock(name='mem', bitwidth=4, addrwidth=4)
rom = RomBlock(name='rom', bitwidth=5, addrwidth=4, romdata=[0x15, 0x18, 0, 0xf])

out = Output(name='out', bitwidth=4)

In [3]:
instr = rom[pc]
out <<= mem[sp]

with conditional_assignment:
    with instr[4] == 1:   # PUSH
        mem[sp] |= instr[0:4]
        sp.next |= sp + 1
        pc.next |= pc + 1
    with instr == 0:      # POP
        sp.next |= sp - 1
        pc.next |= pc + 1

In [4]:
sim = Simulation()
for i in range(10):
    sim.step({})

In [5]:
sim.tracer.render_trace()

<IPython.core.display.Javascript object>

In [6]:
sim.tracer.print_trace()

--- Values in base 10 ---
out 0 0 0 8 8 8 8 8 8 8
pc  0 1 2 3 3 3 3 3 3 3
sp  0 1 2 1 1 1 1 1 1 1


In [7]:
from circuit import net_to_smt

wires, ops, tr = net_to_smt(working_block(), mems=[mem])

In [8]:
from presentation_forms import vertically
vertically(tr)

0
"tmp9 = Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0))"
"tmp16 = Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0))"
tmp1 = rom[pc]
tmp0 = mem[sp]
"tmp13 = Concat(Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0)),  Extract(0, 0, 0))"
"tmp22 = Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0))"
"tmp5 = Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0))"
"tmp10 = Concat(tmp9, 1)"
"tmp17 = Concat(tmp16, 1)"
out = tmp0


In [9]:
# you can find this implementation in `verification_utils` as well
def mk_bv_array(bitwidth, addrwidth, data):
    a = z3.K(z3.BitVecSort(addrwidth), z3.BitVecVal(0, bitwidth))
    for i, d in enumerate(data):
        a = z3.Store(a, i, d)
    return a

In [31]:

from verification_utils import CHCs, mk_bv_array

state_vars = [wires.lookup(v) for v in ['pc', 'sp', 'mem']]
Inv = z3.Function("Inv", *(v.sort() for v in state_vars), z3.BoolSort())

vrom = wires.lookup_mem('rom')
crom = mk_bv_array(5, 4, [0x15, 0x18, 0x0, 0xf])

def pre_post():
    pc, sp, mem = state_vars
    out = mem[sp]

    pre = z3.And(pc == 0, sp == 2, mem == mk_bv_array(4, 4, [a, b]))
    post = z3.Implies(crom[pc] == 0xf, out == 8)

    return pre, post

def create_rules():
    from z3 import Implies, And, Or, Not
    
    pre, post = pre_post()
        
    rom_eq = (vrom == crom)
    
    sigma = state_vars
    sigma_p = [ops.primed(v) for v in state_vars]
    
    start = Implies(pre, Inv(sigma))
    step = Implies(And(Inv(sigma), rom_eq, *tr), Inv(sigma_p))
    end = Implies(And(Inv(sigma), Not(post)), False)
        
    return CHCs([start, step, end])

rules = create_rules()
rules

0
"pc = 0 ∧ sp = 2 ∧ mem = Store(Store(K(BitVec(4), 0), 0, a), 1, b) ⇒ Inv(pc, sp, mem)"
"Inv(pc, sp, mem) ∧ rom = Store(Store(Store(Store(K(BitVec(4), 0), 0, 21), 1, 24),  2,  0),  3,  15) ∧ tmp9 = Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0)) ∧ tmp16 = Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0)) ∧ tmp1 = rom[pc] ∧ tmp0 = mem[sp] ∧ tmp13 = Concat(Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0)),  Extract(0, 0, 0)) ∧ tmp22 = Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0)) ∧ tmp5 = Concat(Concat(Extract(0, 0, 0), Extract(0, 0, 0)),  Extract(0, 0, 0)) ∧ tmp10 = Concat(tmp9, 1) ∧ tmp17 = Concat(tmp16, 1) ∧ out = tmp0 ∧ tmp2 = Extract(4, 4, tmp1) ∧ tmp4 = Extract(3, 0, tmp1) ∧ tmp11 = Concat(0, pc) + Concat(0, tmp10) ∧ tmp23 = Concat(tmp22, 1) ∧ tmp14 = Concat(tmp13, 0) ∧ tmp6 = Concat(tmp5, 1) ∧ tmp15 = If(tmp1 = tmp14, 1, 0) ∧ tmp18 = Concat(0, sp) - Concat(0, tmp17) ∧ tmp19 = Extract(3, 0, tmp18) ∧ tmp3 = If(1 = tmp2, 1, 0) ∧ tmp12 = Extract(3, 0, tmp11) ∧ tmp24 = Concat(0, pc) + Concat(0, tmp23) ∧ tmp7 = Concat(0, sp) + Concat(0, tmp6) ∧ tmp25 = Extract(3, 0, tmp24) ∧ tmp26 = ~tmp3 ∧ tmp20 = ~tmp3 ∧ tmp28 = If(0 = tmp3, 0, 1) ∧ tmp27 = tmp26 & tmp15 ∧ tmp31 = If(0 = tmp3, pc, tmp12) ∧ tmp8 = Extract(3, 0, tmp7) ∧ tmp21 = tmp20 & tmp15 ∧ mem:wport:sp = memwr(sp, tmp4, tmp28 = 1) ∧ tmp32 = If(0 = tmp27, tmp31, tmp25) ∧ tmp29 = If(0 = tmp3, sp, tmp8) ∧ tmp30 = If(0 = tmp21, tmp29, tmp19) ∧ pc:next = tmp32 ∧ sp:next = tmp30 ∧ mem:next = If(wr_en(mem:wport:sp),  Store(mem, addr(mem:wport:sp), data(mem:wport:sp)),  mem) ⇒ Inv(pc:next, sp:next, mem:next)"
"Inv(pc, sp, mem) ∧ ¬(Store(Store(Store(Store(K(BitVec(4), 0), 0, 21), 1, 24),  2,  0),  3,  15)[pc] =  15 ⇒  mem[sp] = 8) ⇒ False"


In [32]:
s = rules.create_solver()
%time res = s.check()
res

CPU times: user 20 ms, sys: 1.48 ms, total: 21.4 ms
Wall time: 21.8 ms


_If the result is_ `sat`, _this will display the inferred loop invariant_

In [33]:
s.model()      if res == z3.sat else None

_If the result is_ `unsat`, _a counterexample trace can be extracted from the proof of unsatisfiability._

In [34]:
from verification_utils import HyperResolutionProof
HyperResolutionProof(s.proof()).to_roadmap()         if res == z3.unsat else None