diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000..9a02febe14 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,4 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# SPDX-License-Identifier: Apache-2.0 +dv/formal/strategies/* linguist-generated diff --git a/.github/workflows/ci-formal.yml b/.github/workflows/ci-formal.yml new file mode 100644 index 0000000000..d2d051b0f2 --- /dev/null +++ b/.github/workflows/ci-formal.yml @@ -0,0 +1,48 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# SPDX-License-Identifier: Apache-2.0 + +# GitHub Actions CI build configuration + +name: Ibex OSS Formal CI + +on: + pull_request: + branches: + - '*' + +jobs: + fv: + name: Run the Open-Source FV flow + runs-on: nixos + concurrency: + group: oss-fv + cancel-in-progress: false # Only do one oss-fv job at a time, since we will use a huge amount of memory + steps: + - name: Setup env + run: | + echo "MAX_MEM_GB=100" >> $GITHUB_ENV # Maximum memory available to conductor.py, which is inversely proportional to time. 200GB -> 40 mins + echo "NIX_CONFIG=accept-flake-config = true" >> $GITHUB_ENV + + - name: Notify about queued execution + run: | + echo "Warning: This job will block other oss-fv jobs until it finishes, since it uses a lot of memory." + + - uses: actions/checkout@v4 + + - name: Install Nix + uses: cachix/install-nix-action@v27 + with: + extra_nix_config: | + substituters = https://nix-cache.lowrisc.org/public/ https://cache.nixos.org/ + trusted-public-keys = nix-cache.lowrisc.org-public-1:O6JLD0yXzaJDPiQW1meVu32JIDViuaPtGDfjlOopU7o= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= + + - name: Run OSS Env + run: | + source <(nix print-dev-env .#oss-dev) + + cd dv/formal + make build/aig-manip + make build/all.aig SHELL=bash + python3 conductor.py prove --check-complete --max-mem $MAX_MEM_GB + diff --git a/Makefile b/Makefile index 024ea0b85c..47825254a4 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,7 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# SPDX-License-Identifier: Apache-2.0 + IBEX_CONFIG ?= small FUSESOC_CONFIG_OPTS = $(shell ./util/ibex_config.py $(IBEX_CONFIG) fusesoc_opts) diff --git a/dv/formal/.gitignore b/dv/formal/.gitignore index db3d8e8ca2..70124305bc 100644 --- a/dv/formal/.gitignore +++ b/dv/formal/.gitignore @@ -1,3 +1,4 @@ build jgproject jgproofs +aig-manip/target diff --git a/dv/formal/Makefile b/dv/formal/Makefile index 929adaf391..1834a80e9d 100644 --- a/dv/formal/Makefile +++ b/dv/formal/Makefile @@ -1,29 +1,42 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# Original author: Louis-Emile Ploix +# SPDX-License-Identifier: Apache-2.0 + IBEX_ROOT=../.. -SAIL=sail +SAIL=$(shell which sail) +PSGEN=$(shell which psgen) SAIL_RISCV_MODEL_DIR=${LOWRISC_SAIL_RISCV_SRC}/model -include Sources.mk +include sail-sources.mk PSGEN_SRCS=thm/btype.proof thm/ibex.proof thm/mem.proof thm/riscv.proof PSGEN_FLAGS=-root riscv -task -SAIL_EXTRA_SRCS=../spec/main.sail +SAIL_EXTRA_SRCS=spec/main.sail -SAIL_SV_FLAGS=-sv -sv-comb -sv-inregs -sv-outregs -sv-nostrings -sv-nopacked -sv-nomem -Oconstant_fold -memo-z3 \ - -sv-unreachable translate -sv-unreachable lookup_TLB -sv-unreachable translate_tlb_miss -sv-unreachable translate_tlb_hit -sv-unreachable pt_walk \ - -sv-fun2wires 2:read_ram \ - -sv-fun2wires 2:write_ram \ - -sv-fun2wires wX \ - -sv-fun2wires 2:rX \ +# -sv, use the SystemVerilog backend +# --sv-comb, generate a always_comb instead of an initial block +# --sv-inregs --sv-outregs, produce inputs and outputs for every Sail register +# --sv-nostrings, --sv-nopacked, --sv-nomem, avoid generating some things Jasper doesn't like (FIXME: --sv-nopacked might be better removed?) +# -Oconstrant_fold, do basic optimisation +# -memo-z3, resolving types requires a sat solver, this helps speed up those queries +# --sv-unreachable, remove the implementations of functions to either make the design smaller or avoid recursion loops (FIXME: Still necessary?) +# --sv-fun2wires (n:)?f, transform a function into ports, with n (or 1) slots +SAIL_SV_FLAGS=-sv --sv-comb --sv-inregs --sv-outregs --sv-nostrings --sv-nopacked --sv-nomem -Oconstant_fold -memo-z3 \ + --sv-unreachable translate --sv-unreachable lookup_TLB --sv-unreachable translate_tlb_miss --sv-unreachable translate_tlb_hit --sv-unreachable pt_walk \ + --sv-fun2wires 2:read_ram \ + --sv-fun2wires 2:write_ram \ + --sv-fun2wires wX # Use fusesoc to resolve the tree of components, copy all resolved source files into the build/ directory, # and then generate a filelist for jasper to ingest. # - Note. we use the 'vcs' fusesoc backend flow to generate the filelist. This is because fusesoc does not currently implement a -# JasperGold backend, but this is not an issue as the file-format generated by the vcs flow is compatible with jasper. -.PHONY: fusesoc -fusesoc: +# JasperGold backend, but this is not an issue as the file-format generated by the vcs flow is compatible with both jasper and +# yosys-slang. +build/fusesoc: $(IBEX_ROOT)/rtl $(IBEX_ROOT)/vendor mkdir -p build/fusesoc fusesoc \ --cores-root $(IBEX_ROOT) \ @@ -32,33 +45,52 @@ fusesoc: --tool vcs \ --setup \ lowrisc:ibex:ibex_formal:0.1 + touch build/fusesoc # Fix timestamps for Makefile + +# The sail spec module, constructed from LOWRISC_SAIL_RISCV_SRC, compiled by our fork of the sail compiler +build/ibexspec.sv: $(SAIL) $(SAIL_SRCS) $(SAIL_EXTRA_SRCS) sail-sources.mk Makefile spec/fix_bugs.py + mkdir -p build + cd build && $(SAIL) $(SAIL_SRCS) $(addprefix ../,$(SAIL_EXTRA_SRCS)) $(SAIL_SV_FLAGS) $(addprefix -sv_unreachable execute_,$(COMPRESSED_INSTRS)) -o ibexspec + python3 spec/fix_bugs.py + +# The compiled property structure, and the associated TCL +build/psgen-jg.sv: $(PSGEN) $(PSGEN_SRCS) Makefile + mkdir -p build + $(PSGEN) $(addprefix -path ,$(PSGEN_SRCS)) $(PSGEN_FLAGS) -sv-out build/psgen-jg.sv -tcl-out build/psgen.tcl -.PHONY: sv -sv: +# Same as above, but generate our own covers, and tweak for consumption by our tools +build/psgen-yosys.sv: $(PSGEN) $(PSGEN_SRCS) Makefile mkdir -p build - python3 buildspec.py header > build/ibexspec_instrs.sv - cd build && $(SAIL) $(SAIL_SRCS) $(SAIL_EXTRA_SRCS) $(SAIL_SV_FLAGS) `cd .. && python3 buildspec.py unreachables` -o ibexspec - python3 spec/fix_pmp_bug.py - python3 buildspec.py unreachable_loc_hack + $(PSGEN) $(addprefix -path ,$(PSGEN_SRCS)) $(PSGEN_FLAGS) -sv-out build/psgen-yosys.sv -clocking -covers -cover-assert -step-prefix + +# The aiger file for the OSS flow, using the yosys_formal/* plugins. The main yosys script is in build_all.ys +build/all.aig: build/psgen-yosys.sv build/fusesoc build/ibexspec.sv check build_all.ys $(LOWRISC_YOSYS_SLANG) build/yosys_formal.so + yosys -m $(LOWRISC_YOSYS_SLANG) -m build/yosys_formal.so -v 1 -s <(cat ./build_all.ys | sed "s|LOWRISC_SAIL_SRC|$(LOWRISC_SAIL_SRC)|g") -.PHONY: psgen -psgen: +# Build the custom yosys plugins +build/yosys_formal.so: yosys_formal/global_clock.cc yosys_formal/write_aiger.cc yosys_formal/opt_muxtree.cc + yosys-config --build build/yosys_formal.so yosys_formal/global_clock.cc yosys_formal/write_aiger.cc yosys_formal/opt_muxtree.cc + +# Build the aig-manip Rust tool +build/aig-manip: aig-manip/src/main.rs mkdir -p build - psgen $(addprefix -path ,$(PSGEN_SRCS)) $(PSGEN_FLAGS) -sv-out build/psgen.sv -tcl-out build/psgen.tcl + cd aig-manip && cargo build --release + cp aig-manip/target/release/aig-manip build/ +# Run the jasper environment in interactive mode .PHONY: jg -jg: fusesoc psgen sv +jg: build/fusesoc build/psgen-jg.sv build/ibexspec.sv jg verify.tcl -allow_unsupported_OS -acquire_proj -# The following default target is intended for regressions / unattended runs. +# Jasper environment for regression and unattended runs .PHONY: all -all: fusesoc psgen sv +all: build/fusesoc build/psgen-jg.sv build/ibexspec.sv jg verify.tcl -allow_unsupported_OS -acquire_proj -no_gui --- "prove_no_liveness" ################################################################################ .PHONY: clean clean: - rm -rf build/ - rm -rf jgproject/ - rm -rf jgproofs/ + rm -rf build/ aig-manip/target + rm -rf jgproject/ jgproofs/ + diff --git a/dv/formal/README.md b/dv/formal/README.md index c0a17b9914..bd52938d86 100644 --- a/dv/formal/README.md +++ b/dv/formal/README.md @@ -12,7 +12,7 @@ Getting started: - `cd dv/formal` ### Reproducible Build - +#### With Jasper: This flow is intended for users who wish to run the formal flow as-is using the pinned external dependencies (psgen, sail, riscv-sail etc.) Build instructions: @@ -28,13 +28,22 @@ Some steps require a lot of RAM and CPU so we recommend closing any other resour A machine with 128 GiB of RAM and 32 cores was used to complete the proof. To avoid manually running each step you can also use the `prove_lemmas` command inside the TCL command interface located below your session window. +#### With Yosys and rIC3: +This is equivalent to the above, but uses only open source tools. + +Build instructions: +- `nix develop .#oss-dev` +- `make build/aig-manip` builds the Rust aig-manip tool used by conductor.py +- `make build/all.aig` builds the core Aiger file +- `python3 conductor.py prove` runs the proof, maximising memory usage. See `python3 conductor.py -h` for more options. + ### Development Builds Users who wish to do development on this flow should use the below steps. This will allow changes to both the local files and the external dependencies (psgen, sail, riscv-sail), and to run the intermediate build steps manually. -Build instructions: -- Identical to the Reproducible Build steps, but use `nix develop .#formal-dev`. +- For Jasper: Identical to the Reproducible Build steps, but use `nix develop .#formal-dev`. +- For OSS: Identical to Reproducible Build steps. Invoking `make jg` using the provided makefile would run the following steps, which can also be executed manually: - `make fusesoc` fetches the necessary RTL using the FuseSoC tool and makes a local copy inside `build/`. @@ -44,9 +53,15 @@ Invoking `make jg` using the provided makefile would run the following steps, wh - `make sv` to build the SV translation of the Sail compiler. Will invoke `buildspec.py`, which can be configured to adjust which instructions are defined. By default all of them are, this is correct but slow. -- `jg verify.tcl` invokes Jasper interactively, sourcing the configuration & run script. +- `jg verify.tcl` (jasper only) invokes Jasper interactively, sourcing the configuration & run script. Requires the above two steps to be executed first. +Invoking `make build/all.aig` similarly does the following: +- `make fusesoc` +- `make psgen` +- `make sv` +- Invokes yosys (and a collection of plugins which may be found under `yosys_formal`, as well as our fork of yosys-slang) to build an Aiger file. + Local versions of the external dependencies can be modified and linked into the build via Environment Variables as follows: - psgen: (`https://github.com/mndstrmr/psgen`) - Clone the repository to a local directory \ : `git clone https://github.com/mndstrmr/psgen` @@ -66,6 +81,11 @@ Local versions of the external dependencies can be modified and linked into the - Make local changes... - In the formal-dev shell: - Update `LOWRISC_SAIL_RISCV_SRC` to point to the source root with `export LOWRISC_SAIL_RISCV_SRC=`. +- yosys-slang: (`https://github.com/mndstrmr/yosys-slang/tree/formal`) + - Clone the repository to a local directory \ (`git clone https://github.com/mndstrmr/yosys-slang --branch formal`). + - Make local changes... + - In the formal-dev shell: + - Update `LOWRISC_YOSYS_SLANG` to point to the source root with `export LOWRISC_YOSYS_SLANG=`. ## Conclusivity All properties are currently known to be conclusive, with the exception of M-Types. @@ -77,9 +97,6 @@ This means: - We do not prove that the instruction executed with a given PC was loaded with that PC. - We haven't proven that Ibex resets correctly, if it doesn't there is no trace equivalence. -## RTL Changes -- `ResetAll = 1` is required for now (instead of `ResetAll = Lockstep`) - ## Code Tour ### Top Level Goals The top level objective is to get proofs for `Wrap`, `Live`, `Load`, `Store` and `NoMem`. diff --git a/dv/formal/aig-manip/Cargo.lock b/dv/formal/aig-manip/Cargo.lock new file mode 100644 index 0000000000..e16e2e4fe6 --- /dev/null +++ b/dv/formal/aig-manip/Cargo.lock @@ -0,0 +1,942 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 4 + +[[package]] +name = "ahash" +version = "0.8.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a15f179cd60c4584b8a8c596927aadc462e27f2ca70c04e0071964a73ba7a75" +dependencies = [ + "cfg-if", + "getrandom", + "once_cell", + "version_check", + "zerocopy", +] + +[[package]] +name = "aho-corasick" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916" +dependencies = [ + "memchr", +] + +[[package]] +name = "aig" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc532c079407affd5aa52aa8a983e2824616fdd3b3d4c020ee78b2f77ff4feec" +dependencies = [ + "cc", + "giputils", + "libc", + "logicrs", + "serde", +] + +[[package]] +name = "aig-manip" +version = "0.1.0" +dependencies = [ + "aig", + "clap", + "rIC3", + "serde", + "serde_json", + "vcd", +] + +[[package]] +name = "anstream" +version = "0.6.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "301af1932e46185686725e0fad2f8f2aa7da69dd70bf6ecc44d6b703844a3933" +dependencies = [ + "anstyle", + "anstyle-parse", + "anstyle-query", + "anstyle-wincon", + "colorchoice", + "is_terminal_polyfill", + "utf8parse", +] + +[[package]] +name = "anstyle" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "862ed96ca487e809f1c8e5a8447f6ee2cf102f846893800b20cebdf541fc6bbd" + +[[package]] +name = "anstyle-parse" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2" +dependencies = [ + "utf8parse", +] + +[[package]] +name = "anstyle-query" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c8bdeb6047d8983be085bab0ba1472e6dc604e7041dbf6fcd5e71523014fae9" +dependencies = [ + "windows-sys 0.59.0", +] + +[[package]] +name = "anstyle-wincon" +version = "3.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "403f75924867bb1033c59fbf0797484329750cfbe3c4325cd33127941fabc882" +dependencies = [ + "anstyle", + "once_cell_polyfill", + "windows-sys 0.59.0", +] + +[[package]] +name = "attr_alias" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bae8b324516337682f0c5775228eb9f7de5ef508f8b3fbe0e832c68270c2e6f0" + +[[package]] +name = "autocfg" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" + +[[package]] +name = "bitfield-struct" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3ca019570363e800b05ad4fd890734f28ac7b72f563ad8a35079efb793616f8" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "bitflags" +version = "2.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967" + +[[package]] +name = "btor" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9654ae26f8b8638d38c2774639c074dc6c3048dc1b495965068f1c713306c9bb" +dependencies = [ + "giputils", + "logicrs", + "num-bigint", + "num-traits", + "strum", +] + +[[package]] +name = "cc" +version = "1.2.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "deec109607ca693028562ed836a5f1c4b8bd77755c4e132fc5ce11b0b6211ae7" +dependencies = [ + "shlex", +] + +[[package]] +name = "cfg-if" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9555578bc9e57714c812a1f84e4fc5b4d21fcb063490c624de019f7464c91268" + +[[package]] +name = "cfg_aliases" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" + +[[package]] +name = "clap" +version = "4.5.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be92d32e80243a54711e5d7ce823c35c41c9d929dc4ab58e1276f625841aadf9" +dependencies = [ + "clap_builder", + "clap_derive", +] + +[[package]] +name = "clap_builder" +version = "4.5.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "707eab41e9622f9139419d573eca0900137718000c517d47da73045f54331c3d" +dependencies = [ + "anstream", + "anstyle", + "clap_lex", + "strsim", +] + +[[package]] +name = "clap_derive" +version = "4.5.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ef4f52386a59ca4c860f7393bcf8abd8dfd91ecccc0f774635ff68e92eeef491" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "clap_lex" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b94f61472cee1439c0b966b47e3aca9ae07e45d070759512cd390ea2bebc6675" + +[[package]] +name = "cmake" +version = "0.1.54" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7caa3f9de89ddbe2c607f4101924c5abec803763ae9534e4f4d7d8f84aa81f0" +dependencies = [ + "cc", +] + +[[package]] +name = "colorchoice" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75" + +[[package]] +name = "ctrlc" +version = "3.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46f93780a459b7d656ef7f071fe699c4d3d2cb201c4b24d085b6ddc505276e73" +dependencies = [ + "nix", + "windows-sys 0.59.0", +] + +[[package]] +name = "env_filter" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "186e05a59d4c50738528153b83b0b0194d3a29507dfec16eccd4b342903397d0" +dependencies = [ + "log", + "regex", +] + +[[package]] +name = "env_logger" +version = "0.11.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13c863f0904021b108aa8b2f55046443e6b1ebde8fd4a15c399893aae4fa069f" +dependencies = [ + "anstream", + "anstyle", + "env_filter", + "jiff", + "log", +] + +[[package]] +name = "errno" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "778e2ac28f6c47af28e4907f13ffd1e1ddbd400980a9abd7c8df189bf578a5ad" +dependencies = [ + "libc", + "windows-sys 0.60.2", +] + +[[package]] +name = "fastrand" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" + +[[package]] +name = "getrandom" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4" +dependencies = [ + "cfg-if", + "libc", + "r-efi", + "wasi", +] + +[[package]] +name = "giputils" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6cfa706c21f0f5bb139fc390fbfa218bde75445e2d06d2480841c5f74a87b53c" +dependencies = [ + "ahash", + "log", + "rand", + "tempfile", +] + +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + +[[package]] +name = "inventory" +version = "0.3.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ab08d7cd2c5897f2c949e5383ea7c7db03fb19130ffcfbf7eda795137ae3cb83" +dependencies = [ + "rustversion", +] + +[[package]] +name = "is_terminal_polyfill" +version = "1.70.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" + +[[package]] +name = "itoa" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" + +[[package]] +name = "jiff" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be1f93b8b1eb69c77f24bbb0afdf66f54b632ee39af40ca21c4365a1d7347e49" +dependencies = [ + "jiff-static", + "log", + "portable-atomic", + "portable-atomic-util", + "serde", +] + +[[package]] +name = "jiff-static" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "03343451ff899767262ec32146f6d559dd759fdadf42ff0e227c7c48f72594b4" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "lazy_static" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" + +[[package]] +name = "libc" +version = "0.2.174" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1171693293099992e19cddea4e8b849964e9846f4acee11b3948bcc337be8776" + +[[package]] +name = "linux-raw-sys" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" + +[[package]] +name = "log" +version = "0.4.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" + +[[package]] +name = "logicrs" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27a3c70a24256a551ff100329fc24debe35b4ca8b30af3221141c7a2c0384a2e" +dependencies = [ + "ahash", + "giputils", + "inventory", + "lazy_static", + "log", + "rand", +] + +[[package]] +name = "memchr" +version = "2.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a282da65faaf38286cf3be983213fcf1d2e2a58700e808f83f4ea9a4804bc0" + +[[package]] +name = "nix" +version = "0.30.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "74523f3a35e05aba87a1d978330aef40f67b0304ac79c1c00b294c9830543db6" +dependencies = [ + "bitflags", + "cfg-if", + "cfg_aliases", + "libc", +] + +[[package]] +name = "num-bigint" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9" +dependencies = [ + "num-integer", + "num-traits", +] + +[[package]] +name = "num-integer" +version = "0.1.46" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" +dependencies = [ + "autocfg", +] + +[[package]] +name = "once_cell" +version = "1.21.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" + +[[package]] +name = "once_cell_polyfill" +version = "1.70.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4895175b425cb1f87721b59f0f286c2092bd4af812243672510e1ac53e2e0ad" + +[[package]] +name = "portable-atomic" +version = "1.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f84267b20a16ea918e43c6a88433c2d54fa145c92a811b5b047ccbe153674483" + +[[package]] +name = "portable-atomic-util" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8a2f0d8d040d7848a709caf78912debcc3f33ee4b3cac47d73d1e1069e83507" +dependencies = [ + "portable-atomic", +] + +[[package]] +name = "ppv-lite86" +version = "0.2.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9" +dependencies = [ + "zerocopy", +] + +[[package]] +name = "proc-macro2" +version = "1.0.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02b3e5e68a3a1a02aad3ec490a98007cbc13c37cbe84a3cd7b8e406d76e7f778" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "process_control" +version = "5.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3932bfcf9bb84265b1ec43eca9e32f2ba73fef819e365c99779f6268540a1bcd" +dependencies = [ + "attr_alias", + "libc", + "signal-hook", + "windows-sys 0.60.2", +] + +[[package]] +name = "quote" +version = "1.0.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "r-efi" +version = "5.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" + +[[package]] +name = "rIC3" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ef1f9923e2c7993a5c45d37fb5900aa6b67a7696957699e84f8d2ef38a0b8d1" +dependencies = [ + "aig", + "bitfield-struct", + "btor", + "clap", + "ctrlc", + "env_logger", + "giputils", + "log", + "logicrs", + "nix", + "process_control", + "rand", + "satif-cadical", + "satif-kissat", + "tempfile", +] + +[[package]] +name = "rand" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fbfd9d094a40bf3ae768db9361049ace4c0e04a4fd6b359518bd7b73a73dd97" +dependencies = [ + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "99d9a13982dcf210057a8a78572b2217b667c3beacbf3a0d8b454f6f82837d38" +dependencies = [ + "getrandom", +] + +[[package]] +name = "regex" +version = "1.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "809e8dc61f6de73b46c85f4c96486310fe304c434cfa43669d7b40f711150908" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c" + +[[package]] +name = "rustix" +version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11181fbabf243db407ef8df94a6ce0b2f9a733bd8be4ad02b4eda9602296cac8" +dependencies = [ + "bitflags", + "errno", + "libc", + "linux-raw-sys", + "windows-sys 0.60.2", +] + +[[package]] +name = "rustversion" +version = "1.0.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a0d197bd2c9dc6e53b84da9556a69ba4cdfab8619eb41a8bd1cc2027a0f6b1d" + +[[package]] +name = "ryu" +version = "1.0.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f" + +[[package]] +name = "satif-cadical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f8f48ae371c99ea59d45852340fbd7482a7cf702c011775e34a6ec004c6e0d0" +dependencies = [ + "aig", + "cmake", + "giputils", + "logicrs", +] + +[[package]] +name = "satif-kissat" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b3a1c1aafc94463acb101b8d8a3e51ac35c863eabdae825006ae52554a3f3b14" +dependencies = [ + "giputils", + "logicrs", +] + +[[package]] +name = "serde" +version = "1.0.219" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.219" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.141" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30b9eff21ebe718216c6ec64e1d9ac57087aad11efc64e32002bce4a0d4c03d3" +dependencies = [ + "itoa", + "memchr", + "ryu", + "serde", +] + +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + +[[package]] +name = "signal-hook" +version = "0.3.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d881a16cf4426aa584979d30bd82cb33429027e42122b169753d6ef1085ed6e2" +dependencies = [ + "libc", + "signal-hook-registry", +] + +[[package]] +name = "signal-hook-registry" +version = "1.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9203b8055f63a2a00e2f593bb0510367fe707d7ff1e5c872de2f537b339e5410" +dependencies = [ + "libc", +] + +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + +[[package]] +name = "strum" +version = "0.27.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af23d6f6c1a224baef9d3f61e287d2761385a5b88fdab4eb4c6f11aeb54c4bcf" +dependencies = [ + "strum_macros", +] + +[[package]] +name = "strum_macros" +version = "0.27.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7695ce3845ea4b33927c055a39dc438a45b059f7c1b3d91d38d10355fb8cbca7" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "syn" +version = "2.0.104" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17b6f705963418cdb9927482fa304bc562ece2fdd4f616084c50b7023b435a40" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "tempfile" +version = "3.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8a64e3985349f2441a1a9ef0b853f869006c3855f2cda6862a94d26ebb9d6a1" +dependencies = [ + "fastrand", + "getrandom", + "once_cell", + "rustix", + "windows-sys 0.59.0", +] + +[[package]] +name = "unicode-ident" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512" + +[[package]] +name = "utf8parse" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" + +[[package]] +name = "vcd" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4505774fc84de82eb04caa74d859342b0daa376f4c6df45149593245dd62c004" + +[[package]] +name = "version_check" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" + +[[package]] +name = "wasi" +version = "0.14.2+wasi-0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9683f9a5a998d873c0d21fcbe3c083009670149a8fab228644b8bd36b2c48cb3" +dependencies = [ + "wit-bindgen-rt", +] + +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-sys" +version = "0.60.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" +dependencies = [ + "windows-targets 0.53.2", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", + "windows_i686_gnullvm 0.52.6", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.53.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c66f69fcc9ce11da9966ddb31a40968cad001c5bedeb5c2b82ede4253ab48aef" +dependencies = [ + "windows_aarch64_gnullvm 0.53.0", + "windows_aarch64_msvc 0.53.0", + "windows_i686_gnu 0.53.0", + "windows_i686_gnullvm 0.53.0", + "windows_i686_msvc 0.53.0", + "windows_x86_64_gnu 0.53.0", + "windows_x86_64_gnullvm 0.53.0", + "windows_x86_64_msvc 0.53.0", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86b8d5f90ddd19cb4a147a5fa63ca848db3df085e25fee3cc10b39b6eebae764" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7651a1f62a11b8cbd5e0d42526e55f2c99886c77e007179efff86c2b137e66c" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1dc67659d35f387f5f6c479dc4e28f1d4bb90ddd1a5d3da2e5d97b42d6272c3" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ce6ccbdedbf6d6354471319e781c0dfef054c81fbc7cf83f338a4296c0cae11" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_i686_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "581fee95406bb13382d2f65cd4a908ca7b1e4c2f1917f143ba16efe98a589b5d" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e55b5ac9ea33f2fc1716d1742db15574fd6fc8dadc51caab1c16a3d3b4190ba" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a6e035dd0599267ce1ee132e51c27dd29437f63325753051e71dd9e42406c57" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" + +[[package]] +name = "wit-bindgen-rt" +version = "0.39.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1" +dependencies = [ + "bitflags", +] + +[[package]] +name = "zerocopy" +version = "0.8.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1039dd0d3c310cf05de012d8a39ff557cb0d23087fd44cad61df08fc31907a2f" +dependencies = [ + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.8.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ecf5b4cc5364572d7f4c329661bcc82724222973f2cab6f050a4e5c22f75181" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] diff --git a/dv/formal/aig-manip/Cargo.toml b/dv/formal/aig-manip/Cargo.toml new file mode 100644 index 0000000000..df6bd9fa31 --- /dev/null +++ b/dv/formal/aig-manip/Cargo.toml @@ -0,0 +1,17 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# Original author: Louis-Emile Ploix +# SPDX-License-Identifier: Apache-2.0 + +[package] +name = "aig-manip" +version = "0.1.0" +edition = "2024" + +[dependencies] +aig = "0.4.5" +clap = { version = "4.5.41", features = ["derive"] } +rIC3 = "1.4.1" +serde = { version = "1.0.219", features = ["derive"] } +serde_json = "1.0.141" +vcd = "0.7.0" diff --git a/dv/formal/aig-manip/src/aiw.rs b/dv/formal/aig-manip/src/aiw.rs new file mode 100644 index 0000000000..07c2d6102f --- /dev/null +++ b/dv/formal/aig-manip/src/aiw.rs @@ -0,0 +1,73 @@ +// Copyright lowRISC contributors. +// Licensed under the Apache License, Version 2.0, see LICENSE for details. +// Original author: Louis-Emile Ploix +// SPDX-License-Identifier: Apache-2.0 + +use aig::TernarySimulate; + +use crate::bitvec::BitVec; + +/// Represents a parse AIW file. +/// AIW files have the following structure: +/// 1 +/// [0-9]+b +/// initial state of FFs as a list of 0s and 1s +/// one line of inputs for each cycle, also a list of 0s and 1s +pub struct AigerWitness { + pub initial_state: BitVec, + pub inputs: Vec, +} + +impl AigerWitness { + pub fn parse(reader: impl std::io::BufRead) -> std::io::Result { + let mut witness = AigerWitness { + initial_state: BitVec::new(), + inputs: Vec::new(), + }; + + let mut lines = reader.lines(); + assert_eq!(lines.next().expect("malformed witness file")?.as_str(), "1"); + lines.next().expect("malformed witness file")?; + + witness.initial_state = lines + .next() + .expect("malformed witness file")? + .chars() + .map(|c| match c { + '0' => false, + '1' => true, + _ => panic!(), + }) + .collect(); + + while let line = lines.next().expect("malformed witness file")? + && line != "." + { + witness.inputs.push( + line.chars() + .map(|c| match c { + '0' => false, + '1' => true, + _ => panic!(), + }) + .collect(), + ); + } + + Ok(witness) + } + + /// Construct a simulation of just the initial state + pub fn init_simulation<'a>(&self, aig: &'a aig::Aig) -> TernarySimulate<'a> { + TernarySimulate::new(&aig, self.initial_state.iter().map(|x| x.into()).collect()) + } + + /// Run a simulation for step steps + pub fn simulate_to_step<'a>(&self, aig: &'a aig::Aig, step: usize) -> TernarySimulate<'a> { + let mut sim = self.init_simulation(aig); + for step in self.inputs.iter().take(step) { + sim.simulate(step.iter().map(|x| x.into()).collect()); + } + sim + } +} diff --git a/dv/formal/aig-manip/src/bitvec.rs b/dv/formal/aig-manip/src/bitvec.rs new file mode 100644 index 0000000000..d771cc7f43 --- /dev/null +++ b/dv/formal/aig-manip/src/bitvec.rs @@ -0,0 +1,67 @@ +// Copyright lowRISC contributors. +// Licensed under the Apache License, Version 2.0, see LICENSE for details. +// Original author: Louis-Emile Ploix +// SPDX-License-Identifier: Apache-2.0 + +/// A memory efficient bit vector, where the bits are packed. +#[derive(Clone, Debug)] +pub struct BitVec { + len: usize, + inner: Vec, +} + +impl BitVec { + pub fn new() -> BitVec { + BitVec { + len: 0, + inner: Vec::new(), + } + } + + pub fn fill_zero(len: usize) -> BitVec { + BitVec { + len, + inner: vec![0; len.div_ceil(64)], + } + } + + pub fn set(&mut self, idx: usize, value: bool) { + assert!(idx < self.len); + if value { + self.inner[idx / 64] |= 1 << (idx % 64); + } else { + self.inner[idx / 64] &= !(1 << (idx % 64)); + } + } + + pub fn push(&mut self, value: bool) { + if self.len % 64 == 0 { + self.inner.push(value as u64); + } else { + *self.inner.last_mut().unwrap() |= (value as u64) << (self.len % 64); + } + self.len += 1; + } + + pub fn get(&self, index: usize) -> Option { + if index >= self.len { + None + } else { + Some((self.inner[index / 64] >> (index % 64)) & 1 != 0) + } + } + + pub fn iter(&self) -> impl Iterator { + (0..self.len).map(|x| self.get(x).unwrap()) + } +} + +impl FromIterator for BitVec { + fn from_iter>(iter: T) -> Self { + let mut vec = BitVec::new(); + for item in iter { + vec.push(item); + } + vec + } +} diff --git a/dv/formal/aig-manip/src/main.rs b/dv/formal/aig-manip/src/main.rs new file mode 100644 index 0000000000..bbb02c8c69 --- /dev/null +++ b/dv/formal/aig-manip/src/main.rs @@ -0,0 +1,463 @@ +// Copyright lowRISC contributors. +// Licensed under the Apache License, Version 2.0, see LICENSE for details. +// Original author: Louis-Emile Ploix +// SPDX-License-Identifier: Apache-2.0 + +// aig-manip is a utility program for manipulating aiger files for our usecase. +// It supports 2 main functions, with a couple of extra utilities too: +// 1. selection, where we take an aiger file and delete asserts or transform them into assumes. +// 2. simulation, where take an AIW (an aiger witness file) and produce a VCD. +// Additionally we can: +// 1. Do COI analysis (i.e. what are all the named signals this wire depends on) +// 2. Do why queries, (i.e. whare are all the named signals that made this wire have the value it has) +// Some background on aiger (.aig) files: +// - They are essentially arrays of AND gates, which are represented by two integers. +// The lowest bit of the number is 1 if the input should be considered negated, and 0 otherwise. +// The remaining bits are the index either into the table of inputs, FFs or AND gates. +// - The AND gates are topologically sorted, so simulation is really easy. +// - There is no representation of assertions/assumptions etc, but through comments +// - Yosys provides us with the indices of wires through vmap and ywmap files. +// vmap files list the indices of every wire. +// ywmap files (are JSON) and list the indices of every assertion. + +use std::collections::HashSet; +use std::{ + collections::HashMap, + io::{BufReader, BufWriter}, +}; + +use clap::Parser; + +use crate::aiw::AigerWitness; +use crate::bitvec::BitVec; +use crate::vmap::VMap; +use crate::ywmap::YWMap; + +mod aiw; +mod bitvec; +mod vmap; +mod ywmap; + +#[derive(clap::Parser, Debug)] +struct Args { + #[arg(help = "Path to .aig file to read.")] + aig: String, + + #[clap(subcommand)] + sub: Subcommand, +} + +#[derive(clap::Subcommand, Debug)] +enum Subcommand { + #[command( + about = "Produce a specialised version of a given .aig file, suitable to run a modelchecker against directly." + )] + Select { + #[arg(long, help = "Instead of converting asserts to assumes, delete them.")] + no_assumes: bool, + #[arg(help = "Path of .aig file to write output to")] + out: String, + #[arg(help = "Path to .ywmap file generated by yosys for this .aig")] + yw: String, + #[arg(help = "The step number we are constructing for.")] + step: usize, + #[arg( + help = "The properties (in the given step) to keep, the rest will be deleted, unless there are no properties then they are all kept." + )] + prop: Vec, + }, + #[command( + about = "Transform an aiger witness (.aiw) into a VCD file. Note that if child.aig was passed to the modelchecker, but parent.aig is it's parent, then use parent.aig." + )] + Simulate { + #[arg(help = "Path to .ywmap file generated by yosys for this .aig")] + yw: String, + #[arg(help = "Path to .vmap file generated by yosys for this .aig")] + vmap: String, + #[arg(help = "Path to .aiw file")] + trace: String, + #[arg(help = "Path to write .vcd")] + vcd: String, + }, + #[command(about = "Produce a list of signals that influence a given wire")] + Coi { + #[arg(help = "Path to .vmap file generated by yosys for this .aig")] + vmap: String, + #[arg(help = "Full name of query signal")] + name: String, + #[arg( + long, + help = "Path to .ywmap file generated by yosys for this .aig (necessary if signal in question is an assertion)" + )] + ywmap: Option, + }, + #[command(about = "Produce a list of signals that influenced a given wire in a trace")] + Why { + #[arg(help = "Path to .vmap file generated by yosys for this .aig")] + vmap: String, + #[arg(help = "Path to .aiw file")] + trace: String, + #[arg(help = "Time step (starting from reset at 0) to query at")] + step: usize, + #[arg(help = "Full name of query signal")] + signal: String, + #[arg( + long, + short, + help = "Bit of query signal of interest, otherwise all of them" + )] + bit: Option, + }, +} + +/// Select properties of interest in the aig file +fn select( + mut aig: aig::Aig, + out: String, + yw: String, + step: usize, + prop: Vec, + no_assumes: bool, +) { + let ywmap = YWMap::parse(BufReader::new( + std::fs::File::open(&yw).expect("Could not open YW file"), + )); + + assert_eq!(aig.justice.len(), 0); + assert_eq!(aig.fairness.len(), 0); + + assert_eq!(aig.bads.len(), ywmap.asserts.len()); + + let mut bn = 0; // Index in list of names + let mut b = 0; // Index in what remains of the list of bads in the AIG + while b < aig.bads.len() { + let name = &ywmap.asserts[bn][0][6..] + .split_once('$') + .expect("Expected \\top.*$n") + .0; + let (stepn, name) = name.split_once('_').expect("badly formed property"); + assert!(stepn.starts_with("Step")); + let pstep: usize = stepn[4..].parse().expect("badly formed property name"); + let is_cover = name.ends_with("_Cover"); + bn += 1; + + if pstep == step && (prop.is_empty() || prop.iter().any(|x| x == name)) { + if is_cover { + // We encode covers as asserts since otherwise they are lost before going into the AIG file, + // this means we need to negate them if we want to do BMC for them. + println!("Keeping {name} (cover statement, negating)"); + aig.bads[b] = !aig.bads[b]; + } else { + println!("Keeping {name}"); + } + b += 1; + } else if no_assumes || is_cover || pstep >= step { + println!("Deleting {}", name); + aig.bads.remove(b); + } else if pstep < step { + println!("Assert2Assume {}", name); + aig.constraints.push(!aig.bads[b]); + aig.bads.remove(b); + } else { + unreachable!() + } + } + + aig.to_file(&out, false); +} + +/// Simulate a trace and produce a VCD file +fn simulate(aig: aig::Aig, yw: String, vmap: String, trace: String, out: String) { + let ywmap = YWMap::parse(BufReader::new( + std::fs::File::open(&yw).expect("Could not open YW file"), + )); + let mut vmap = VMap::parse(BufReader::new( + std::fs::File::open(vmap).expect("Could not open vmap"), + )); + vmap.wires.extend(ywmap.vmap_wires(&aig)); + + let mut vcd = vcd::Writer::new(BufWriter::new( + std::fs::OpenOptions::new() + .write(true) + .create(true) + .truncate(true) + .open(out) + .expect("Could not open VCD out"), + )); + vcd.timescale(1, vcd::TimescaleUnit::US).unwrap(); // This is arbitrary + + let hier = vmap.to_hierarchy(); + let mut extract = Vec::new(); + vcd.add_module("top").unwrap(); + hier.append_to_vcd(&mut vcd, &mut extract) + .expect("Could not write wire hierarchy to VCD"); + vcd.upscope().unwrap(); + vcd.enddefinitions().unwrap(); + + let witness = AigerWitness::parse(BufReader::new( + std::fs::File::open(&trace).expect("could not open witness file"), + )) + .expect("error reading witness file"); + + let mut sim = witness.init_simulation(&aig); + for (s, step) in witness.inputs.iter().enumerate() { + sim.simulate(step.iter().map(|x| x.into()).collect()); + println!("Step {}", s); + + for (a, [assert]) in ywmap.asserts.iter().enumerate() { + if assert.contains("_Cover") { + continue; + } + if sim.value(aig.bads[a]).is_true() { + println!("Violated assertion {assert}"); + } + } + for (a, [assume]) in ywmap.assumes.iter().enumerate() { + if sim.value(aig.constraints[a]).is_false() { + println!("Violated assumption {assume}"); + } + } + + vcd.timestamp(s as u64).unwrap(); + for instr in &extract { + let bits: Vec<_> = instr + .edges + .iter() + .map(|edge| { + let v = sim.value(*edge); + if v.is_true() { + vcd::Value::V1 + } else if v.is_false() { + vcd::Value::V0 + } else { + vcd::Value::X + } + }) + .collect(); + // FIXME: We don't actually need to do this if the values haven't changed. + if let [bit] = &bits[..] { + vcd.change_scalar(instr.idcode, *bit).unwrap(); + } else { + vcd.change_vector(instr.idcode, bits).unwrap(); + } + } + } + vcd.timestamp(witness.inputs.len() as u64).unwrap(); +} + +/// Determine the COI for a wire +fn coi(aig: aig::Aig, vmap: String, signal: String, ywmap: Option) { + let mut vmap = VMap::parse(BufReader::new( + std::fs::File::open(vmap).expect("Could not open vmap"), + )); + if let Some(ywmap) = ywmap { + let ywmap = YWMap::parse(BufReader::new( + std::fs::File::open(&ywmap).expect("Could not open YW file"), + )); + vmap.wires.extend(ywmap.vmap_wires(&aig)); + } + let hier = vmap.to_hierarchy(); + let group = hier.find(&signal.split(".").collect::>()); + let Some(group) = group else { + println!("Name not found"); + return; + }; + + let named_wires = hier.named_aiger_vars(); + let mut found = HashSet::new(); + let mut visited = HashSet::new(); + + // Straightforward DFS on each bit to find the wires we care about, + // stopping as soon as a wire is named + for bit in &group.bits { + let node = &aig.nodes[bit.index >> 1]; + if !node.is_and() { + continue; + } + let mut to_visit = vec![node.fanin0().node_id(), node.fanin1().node_id()]; + while let Some(nodeid) = to_visit.pop() { + if let Some(wire) = named_wires.get(&nodeid) { + found.insert((wire.path, node.is_and())); + continue; + } + let node = &aig.nodes[nodeid]; + if !node.is_and() { + continue; + } + if visited.insert(node.fanin0()) { + to_visit.push(node.fanin0().node_id()); + } + if visited.insert(node.fanin1()) { + to_visit.push(node.fanin1().node_id()); + } + } + } + + for (found, and) in found { + if and { + println!("{} (and node)", found); + } else { + println!("{}", found); + } + } +} + +/// Determine the why signals for a wire in a trace at a given point in time +fn why( + aig: aig::Aig, + vmap: String, + trace: String, + step: usize, + signal: String, + bit: Option, +) { + let vmap = VMap::parse(BufReader::new( + std::fs::File::open(vmap).expect("Could not open vmap"), + )); + + let hier = vmap.to_hierarchy(); + let group = hier.find(&signal.split(".").collect::>()); + let Some(group) = group else { + println!("Name not found"); + return; + }; + + let witness = AigerWitness::parse(BufReader::new( + std::fs::File::open(&trace).expect("could not open witness file"), + )) + .expect("error reading witness file"); + let sim = witness.simulate_to_step(&aig, step); + + let named_wires = hier.named_aiger_vars(); + let mut found = HashMap::new(); + let mut visited = HashSet::new(); + + let bits = match bit { + None => &group.bits[..], + Some(i) => &[group.bits[i]], + }; + // Similar DFS as above, but now implementing tri-state logic to + // decide where to explore into. + for bit in bits { + let node = &aig.nodes[bit.index >> 1]; + if !node.is_and() { + continue; + } + let mut to_visit = vec![ + (node.fanin0().node_id(), vec![bit.index >> 1]), + (node.fanin1().node_id(), vec![bit.index >> 1]), + ]; + while let Some((nodeid, path)) = to_visit.pop() { + if let Some(wire) = named_wires.get(&nodeid) { + found.insert(nodeid, (wire.path, wire)); + continue; + } + let node = &aig.nodes[nodeid]; + if !node.is_and() { + continue; + } + let left = sim.value(node.fanin0()); + let right = sim.value(node.fanin1()); + assert!(!left.is_none() && !right.is_none()); + + let mut new_path = path.clone(); + new_path.push(nodeid); + match (left.is_true(), right.is_true()) { + // If a = b, then both are response for the value of a & b. Arguably neither are but that's not helpful. + (true, true) | (false, false) => { + if visited.insert(node.fanin0().node_id()) { + to_visit.push((node.fanin0().node_id(), new_path.clone())); + } + if visited.insert(node.fanin1().node_id()) { + to_visit.push((node.fanin1().node_id(), new_path)); + } + } + // true & false = false, and the false is responsible + (true, false) => { + if visited.insert(node.fanin1().node_id()) { + to_visit.push((node.fanin1().node_id(), new_path)); + } + } + // false & true = false, and the false is responsible + (false, true) => { + if visited.insert(node.fanin0().node_id()) { + to_visit.push((node.fanin0().node_id(), new_path)); + } + } + } + } + } + + let mut lines = Vec::new(); + for (wirei, (_path, group)) in found.iter() { + let wire = group.bits.iter().find(|x| x.index >> 1 == *wirei).unwrap(); + let v = sim.value(wire.aig_edge()); + let c = if v.is_true() { + '1' + } else if v.is_false() { + '0' + } else { + 'x' + }; + lines.push(format!( + "{} [{}] = {c} ({})", + wire.path, wire.offset, wire.index, + )); + } + lines.sort(); + for line in lines { + println!("{}", line); + } +} + +/// Check the AIG file is topologically sorted. +pub fn check_aig(aig: &aig::Aig) { + let mut ok = BitVec::fill_zero(aig.nodes.len()); + ok.set(0, true); + for i in 0..aig.inputs.len() { + ok.set(aig.inputs[i], true); + } + for i in 0..aig.latchs.len() { + ok.set(aig.latchs[i].input, true); + } + for i in aig.nodes_range() { + if aig.nodes[i].is_and() { + assert!(ok.get(aig.nodes[i].fanin0().node_id()).unwrap()); + assert!(ok.get(aig.nodes[i].fanin1().node_id()).unwrap()); + ok.set(i, true); + } + } + for i in 0..aig.latchs.len() { + assert!(ok.get(aig.latchs[i].next.node_id()).unwrap()); + } +} + +fn main() { + let args = Args::parse(); + let aig = aig::Aig::from_file(&args.aig); + check_aig(&aig); // Never actually failed! Yosys maintains this invariant + + match args.sub { + Subcommand::Select { + out, + yw, + step, + prop, + no_assumes, + } => select(aig, out, yw, step, prop, no_assumes), + Subcommand::Simulate { + yw, + vmap, + trace, + vcd: out, + } => simulate(aig, yw, vmap, trace, out), + Subcommand::Coi { vmap, name, ywmap } => coi(aig, vmap, name, ywmap), + Subcommand::Why { + vmap, + trace, + step, + signal, + bit, + } => why(aig, vmap, trace, step, signal, bit), + } +} diff --git a/dv/formal/aig-manip/src/vmap.rs b/dv/formal/aig-manip/src/vmap.rs new file mode 100644 index 0000000000..f7bd2ceebf --- /dev/null +++ b/dv/formal/aig-manip/src/vmap.rs @@ -0,0 +1,189 @@ +// Copyright lowRISC contributors. +// Licensed under the Apache License, Version 2.0, see LICENSE for details. +// Original author: Louis-Emile Ploix +// SPDX-License-Identifier: Apache-2.0 + +use std::collections::HashMap; + +use aig::AigEdge; + +#[derive(Debug)] +pub struct VMapWire { + pub index: usize, + pub offset: usize, + pub path: String, +} + +impl VMapWire { + pub fn aig_edge(&self) -> AigEdge { + AigEdge::new(self.index >> 1, self.index & 1 != 0) + } +} + +/// Represents a parsed vmap file, which have the following format: +/// input [index] [offset] [name] +/// ... +/// invlatch [index] [offset] [name] +/// ... +/// wire [index] [offset] [name] +/// ... +/// We only care about wires for now. +pub struct VMap { + pub wires: Vec, +} + +impl VMap { + pub fn parse(reader: impl std::io::BufRead) -> VMap { + let mut vmap = VMap { wires: Vec::new() }; + for line in reader.lines() { + let line = line.expect("read failed"); + if line.starts_with("wire ") { + let [index, offset, name] = line[5..] + .splitn(3, " ") + .collect::>() + .try_into() + .expect("malformed vmap"); + if !name.starts_with("$") { + vmap.wires.push(VMapWire { + index: index.parse::().expect("expected number"), + offset: offset.parse().expect("expected number"), + path: name.to_string(), + }) + } + } + } + vmap + } +} + +#[derive(Debug)] +pub struct VMapWireGroup<'a> { + pub path: &'a str, + pub own_name: &'a str, + /// Bits are ordered MSB to LSB + pub bits: Vec<&'a VMapWire>, +} + +impl<'a> VMapWireGroup<'a> { + pub fn aig_edges(&self) -> impl Iterator { + self.bits.iter().map(|x| x.aig_edge()) + } +} + +#[derive(Debug)] +/// A vmap file with hierarchy, i.e. module paths are parsed out +pub struct WireHierarchy<'a> { + pub wires: Vec>, + pub modules: HashMap<&'a str, WireHierarchy<'a>>, +} + +impl VMap { + pub fn to_hierarchy(&'_ self) -> WireHierarchy<'_> { + /// Recursively group by prefix + fn to_hierarchy_from<'a>(wires: &[&'a VMapWire], depth: usize) -> WireHierarchy<'a> { + let mut new_wires = HashMap::<_, Vec<_>>::new(); + let mut modules = HashMap::<_, Vec<_>>::new(); + + for wire in wires { + if wire.path.starts_with("$") { + continue; + } + let mut split = wire.path.splitn(depth + 2, ".").skip(depth); + let fst = split.next().expect("name too short?"); + let snd = split.next(); + if let Some(_) = snd { + modules.entry(fst).or_default().push(*wire); + } else { + new_wires.entry(wire.path.as_str()).or_default().push(*wire); + } + } + + WireHierarchy { + wires: new_wires + .into_iter() + .map(|(path, mut bits)| { + bits.sort_by(|a, b| b.offset.cmp(&a.offset)); + let own_name = match path.rsplit_once('.') { + None => path, + Some((_, name)) => name, + }; + VMapWireGroup { + path, + own_name, + bits, + } + }) + .collect(), + modules: modules + .into_iter() + .map(|(name, wires)| (name, to_hierarchy_from(&wires, depth + 1))) + .collect(), + } + } + + to_hierarchy_from(&self.wires.iter().collect::>(), 0) + } +} + +#[derive(Debug)] +pub struct WireExtractionInstruction<'a> { + #[allow(dead_code)] + pub group: &'a VMapWireGroup<'a>, + pub edges: Vec, + pub idcode: vcd::IdCode, +} + +impl<'a> WireHierarchy<'a> { + pub fn walk)>(&'a self, f: &mut F) { + for group in &self.wires { + f(group); + } + for (_, module) in self.modules.iter() { + module.walk(f); + } + } + + pub fn find(&self, path: &[&str]) -> Option<&VMapWireGroup<'a>> { + if path.len() == 1 { + return self.wires.iter().find(|x| x.own_name == path[0]); + } + self.modules.get(path[0])?.find(&path[1..]) + } + + /// Construct a VCD header from these instructions, and construct a map of how to update them + /// at each simulation step. + pub fn append_to_vcd( + &'a self, + vcd: &mut vcd::Writer, + extraction: &mut Vec>, + ) -> std::io::Result<()> { + for wire in &self.wires { + let idcode = vcd.add_wire(wire.bits.len() as u32, wire.own_name)?; + extraction.push(WireExtractionInstruction { + group: wire, + edges: wire.aig_edges().collect(), + idcode, + }); + } + + for (name, module) in &self.modules { + if module.wires.len() != 0 || module.modules.len() != 0 { + vcd.add_module(name)?; + module.append_to_vcd(vcd, extraction)?; + vcd.upscope()?; + } + } + Ok(()) + } + + /// The set of AIG indices with names + pub fn named_aiger_vars(&self) -> HashMap> { + let mut named_wires = HashMap::new(); + self.walk(&mut |group| { + for bit in &group.bits { + named_wires.insert(bit.index >> 1, group); + } + }); + named_wires + } +} diff --git a/dv/formal/aig-manip/src/ywmap.rs b/dv/formal/aig-manip/src/ywmap.rs new file mode 100644 index 0000000000..d346f7690c --- /dev/null +++ b/dv/formal/aig-manip/src/ywmap.rs @@ -0,0 +1,68 @@ +// Copyright lowRISC contributors. +// Licensed under the Apache License, Version 2.0, see LICENSE for details. +// Original author: Louis-Emile Ploix +// SPDX-License-Identifier: Apache-2.0 + +use serde::Deserialize; + +use crate::vmap::VMapWire; + +#[derive(Deserialize, Debug)] +#[allow(dead_code)] +pub struct YWWire { + pub input: usize, + pub offset: usize, + pub path: [String; 1], +} + +#[derive(Deserialize)] +#[allow(dead_code)] +/// Represents a parsed .ywmap file, which is just JSON in the below format. +/// For some reason names are always singleton arrays, I don't know why. +pub struct YWMap { + pub asserts: Vec<[String; 1]>, + pub assumes: Vec<[String; 1]>, + pub inputs: Vec, + pub seqs: Vec, + pub inits: Vec, +} + +impl YWMap { + pub fn parse(reader: impl std::io::BufRead) -> YWMap { + serde_json::from_reader(reader).expect("Could not parse YW json") + } + + /// Assertions in .ywmap files have a lot of junk around them. + /// This transforms "$\\top.prop$18" into just "prop". + fn decode_name(s: &str) -> &str { + let (_, chunk) = s.rsplit_once('.').unwrap_or(("", s)); + let (chunk, _) = chunk.split_once('$').unwrap_or((chunk, "")); + chunk + } + + /// Construct wires suitable for appending to a vmap for this ywmap + pub fn vmap_wires(&self, aig: &aig::Aig) -> impl Iterator { + self.asserts + .iter() + .enumerate() + .map(|(i, x)| (aig.bads[i], x)) + .map(|(i, x)| VMapWire { + // Note that asserts are really "bads" in the AIG file, + // so they should be inverted. + index: (i.node_id() << 1) | (!i.compl() as usize), + offset: 0, + path: YWMap::decode_name(&x[0]).to_string(), + }) + .chain( + self.assumes + .iter() + .enumerate() + .map(|(i, x)| (aig.constraints[i], x)) + .map(|(i, x)| VMapWire { + index: (i.node_id() << 1) | (i.compl() as usize), + offset: 0, + path: YWMap::decode_name(&x[0]).to_string(), + }), + ) + } +} diff --git a/dv/formal/build_all.ys b/dv/formal/build_all.ys new file mode 100644 index 0000000000..2476fa9792 --- /dev/null +++ b/dv/formal/build_all.ys @@ -0,0 +1,34 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# Original author: Louis-Emile Ploix +# SPDX-License-Identifier: Apache-2.0 + +# Parse and lower the Ibex and specification RTL. LOWRISC_SAIL_SRC is replaced in Makefile. +read_slang --top top -DSYNTHESIS -DYOSYS \ + -F build/fusesoc/default-vcs/lowrisc_ibex_ibex_formal_0.1.scr \ + build/ibexspec.sv spec/stub.sv spec/spec_api.sv check/peek/alt_lsu.sv check/top.sv \ + -I LOWRISC_SAIL_SRC/lib/sv/ --single-unit --no-proc +setattr -set keep 1 n:\\* # Keep all named wires. FIXME: Is this still necessary? +proc +global_clk \clk_i # custom pass (./yosys_formal/global_clock.cc) which blindly enforces a formal-suitable global clock +opt_muxtree_2 # custom fork of opt_muxtree (./yosys_formal/opt_muxtree.cc) +opt_clean + +memory_nordff +delete */t:$print +setundef -undriven -anyseq +memory_map -formal +delete -output +expose n:\\* # Expose all public signals as outputs so they don't get optimised out + +opt_muxtree_2 +opt_expr +opt_dff +opt_clean +techmap +simplemap +dffunmap +opt_clean +write_smt2 build/all.smt2 # Helpful for yosys-smtbmc +aigmap # Way faster than abc -g AND -fast +write_aiger_2 -I -B -zinit -no-startoffset -ywmap build/all.ywmap -vmap build/all.vmap build/all.aig diff --git a/dv/formal/buildspec.py b/dv/formal/buildspec.py deleted file mode 100644 index b567b7f624..0000000000 --- a/dv/formal/buildspec.py +++ /dev/null @@ -1,107 +0,0 @@ -# Copyright lowRISC contributors. -# Copyright 2024 University of Oxford, see also CREDITS.md. -# Licensed under the Apache License, Version 2.0, see LICENSE for details. -# Original author: Louis-Emile Ploix -# SPDX-License-Identifier: Apache-2.0 - -# This script is called from the Makefile. -# Essentially it is a way to enable and disable instructions from the Sail specification to make proofs easier. - -import json -import re -import sys - -with open("instrs.json", "r") as f: - INSTRS = set(json.load(f)) - -class SpecConfig: - def __init__(self): - self.instrs = set() - - def add(self, *instrs): - for instr in instrs: - assert instr in INSTRS - self.instrs.add(instr) - - def add_all(self): - self.instrs = INSTRS - - def add_noncompressed(self): - self.instrs = {x for x in INSTRS if not x.startswith("C_")} - - def remove(self, instr): - assert instr in INSTRS - self.instrs.discard(instr) - - def make_sail_unreachables(self): - return " ".join(f"-sv_unreachable execute_{instr}" for instr in INSTRS.difference(self.instrs)) - - def make_sv_header(self): - return "\n".join([ - "`ifndef SPEC_INSTRS", - "`define SPEC_INSTRS", - "", - *[f"`define SPEC_{instr.upper()} {int(instr in self.instrs)}" for instr in INSTRS], - "", - "`endif" - ]) - - def add_jmps(self): - self.add("RISCV_JAL", "RISCV_JALR") - - def add_itype(self): - self.add("ITYPE") - self.add("SHIFTIOP") - - def add_rtype(self): - self.add("RTYPE") - - def add_fences(self): - self.add("FENCE", "FENCEI") - - def add_loads(self): - self.add("LOAD") - - def add_stores(self): - self.add("STORE") - - def add_mtypes(self): - self.add("MUL", "DIV", "REM") - - def add_illegal(self, extra=True): - self.add("ILLEGAL", "C_ILLEGAL") - if extra: - self.add("CSR") - self.add("MRET", "WFI") - - def add_system(self): - self.add("ECALL", "EBREAK", "MRET", "WFI") - - def add_csr(self): - self.add("CSR") - - def add_utypes(self): - self.add("UTYPE") - - def add_btypes(self): - self.add("BTYPE") - -conf = SpecConfig() -conf.add_noncompressed() - -if len(sys.argv) > 1: - if sys.argv[1] == "unreachables": - print(conf.make_sail_unreachables()) - elif sys.argv[1] == "header": - print(conf.make_sv_header()) - elif sys.argv[1] == "unreachable_loc_hack": - with open("build/ibexspec.sv", "r") as f: - c = f.read() - c = c.replace( - "sail_reached_unreachable = 0;", - "begin sail_reached_unreachable = 0; sail_reached_unreachable_loc = -1; end" - ) - with open("build/ibexspec.sv", "w") as f: - f.write(c) -else: - print("Intended usage is to run make sv") diff --git a/dv/formal/check/encodings.sv b/dv/formal/check/encodings.sv index 1ac37bee34..250b62d8ab 100644 --- a/dv/formal/check/encodings.sv +++ b/dv/formal/check/encodings.sv @@ -4,8 +4,6 @@ // Original author: Louis-Emile Ploix // SPDX-License-Identifier: Apache-2.0 -`include "../build/ibexspec_instrs.sv" - `ifndef CMP_INSNS `define CMP_INSNS @@ -21,25 +19,12 @@ `IS_ORI | `IS_ANDI \ ) -`define ISS_ADDI (`IS_ADDI & `SPEC_ITYPE) -`define ISS_SLTI (`IS_SLTI & `SPEC_ITYPE) -`define ISS_SLTIU (`IS_SLTIU & `SPEC_ITYPE) -`define ISS_XORI (`IS_XORI & `SPEC_ITYPE) -`define ISS_ORI (`IS_ORI & `SPEC_ITYPE) -`define ISS_ANDI (`IS_ANDI & `SPEC_ITYPE) - `define IS_SLLI (`IS_ITYPE(3'b001) && `INSTR[31:25] == 7'b0000000) `define IS_SRLI (`IS_ITYPE(3'b101) && `INSTR[31:25] == 7'b0000000) `define IS_SRAI (`IS_ITYPE(3'b101) && `INSTR[31:25] == 7'b0100000) `define IS_SHIFTIOP (`IS_SLLI | `IS_SRLI | `IS_SRAI) -`define ISS_SLLI (`IS_SLLI & `SPEC_SHIFTIOP) -`define ISS_SRLI (`IS_SRLI & `SPEC_SHIFTIOP) -`define ISS_SRAI (`IS_SRAI & `SPEC_SHIFTIOP) - -`define ISS_SHIFTIOP (`ISS_SLLI | `ISS_SRLI | `ISS_SRAI) - `define IS_RTYPE_0(idx) \ (`INSTR[6:0] == 7'b0110011 && `INSTR[31:25] == 7'b0000000 && `INSTR[14:12] == idx) `define IS_RTYPE_1(idx) \ @@ -55,26 +40,12 @@ `define IS_OR `IS_RTYPE_0(3'b110) `define IS_AND `IS_RTYPE_0(3'b111) -`define ISS_ADD (`IS_ADD & `SPEC_RTYPE) -`define ISS_SUB (`IS_SUB & `SPEC_RTYPE) -`define ISS_SLL (`IS_SLL & `SPEC_RTYPE) -`define ISS_SLT (`IS_SLT & `SPEC_RTYPE) -`define ISS_SLTU (`IS_SLTU & `SPEC_RTYPE) -`define ISS_XOR (`IS_XOR & `SPEC_RTYPE) -`define ISS_SRL (`IS_SRL & `SPEC_RTYPE) -`define ISS_SRA (`IS_SRA & `SPEC_RTYPE) -`define ISS_OR (`IS_OR & `SPEC_RTYPE) -`define ISS_AND (`IS_AND & `SPEC_RTYPE) - `define IS_FENCETYPE(idx) ( \ `INSTR[31:25] == 4'b0000 && `INSTR[19:15] == 5'b00000 && \ `INSTR[11:0] == 12'b000000001111 && `INSTR[14:12] == idx) `define IS_FENCE (`INSTR[31:28] == 4'b0 && `INSTR[19:0] == 20'b0001111) `define IS_FENCEI (`INSTR == 32'h100f) -`define ISS_FENCE (`IS_FENCE & `SPEC_FENCE) -`define ISS_FENCEI (`IS_FENCEI & `SPEC_FENCEI) - `define IS_LOAD(idx) (`INSTR[6:0] == 7'b0000011 && `INSTR[14:12] == idx) `define IS_LB `IS_LOAD(3'b000) `define IS_LH `IS_LOAD(3'b001) @@ -82,27 +53,14 @@ `define IS_LBU `IS_LOAD(3'b100) `define IS_LHU `IS_LOAD(3'b101) -`define ISS_LB (`IS_LB & `SPEC_LOAD) -`define ISS_LH (`IS_LH & `SPEC_LOAD) -`define ISS_LW (`IS_LW & `SPEC_LOAD) -`define ISS_LBU (`IS_LBU & `SPEC_LOAD) -`define ISS_LHU (`IS_LHU & `SPEC_LOAD) - `define IS_STORE(idx) (`INSTR[6:0] == 7'b0100011 && `INSTR[14:12] == idx) `define IS_SB `IS_STORE(3'b000) `define IS_SH `IS_STORE(3'b001) `define IS_SW `IS_STORE(3'b010) -`define ISS_SB (`IS_SB & `SPEC_STORE) -`define ISS_SH (`IS_SH & `SPEC_STORE) -`define ISS_SW (`IS_SW & `SPEC_STORE) - `define IS_JAL (`INSTR[6:0] == 7'h6f) `define IS_JALR (`INSTR[6:0] == 7'h67 && `INSTR[14:12] == 3'b0) -`define ISS_JAL (`IS_JAL & `SPEC_RISCV_JAL) -`define ISS_JALR (`IS_JALR & `SPEC_RISCV_JALR) - `define IS_MTYPE(idx) \ (`INSTR[6:0] == 7'b0110011 && `INSTR[31:25] == 7'b0000001 && `INSTR[14:12] == idx) `define IS_MUL `IS_MTYPE(3'b000) @@ -114,38 +72,14 @@ `define IS_REM `IS_MTYPE(3'b110) `define IS_REMU `IS_MTYPE(3'b111) -`define ISS_MUL (`IS_MUL & `SPEC_MUL) -`define ISS_MULH (`IS_MULH & `SPEC_MUL) -`define ISS_MULHSH (`IS_MULHSH & `SPEC_MUL) -`define ISS_MULHU (`IS_MULHU & `SPEC_MUL) -`define ISS_DIV (`IS_DIV & `SPEC_DIV) -`define ISS_DIVU (`IS_DIVU & `SPEC_DIV) -`define ISS_REM (`IS_REM & `SPEC_REM) -`define ISS_REMU (`IS_REMU & `SPEC_REM) - `define IS_CSR (`INSTR[6:0] == 7'b1110011 && (|`INSTR[13:12])) `define CSR_ADDR (`INSTR[31:20]) -`define ISS_CSR (`IS_CSR & `SPEC_CSR) - `define IS_ECALL (`INSTR == 32'b00000000000000000000000001110011) -`define ISS_ECALL (`IS_ECALL & `SPEC_ECALL) - `define IS_EBREAK (`INSTR == 32'b00000000000100000000000001110011) -`define ISS_EBREAK (`IS_EBREAK & `SPEC_EBREAK) - `define IS_LUI (`INSTR[6:0] == 7'b0110111) -`define ISS_LUI (`IS_LUI & `SPEC_UTYPE) - `define IS_AUIPC (`INSTR[6:0] == 7'b0010111) -`define ISS_AUIPC (`IS_AUIPC & `SPEC_UTYPE) - `define IS_BTYPE (`INSTR[6:0] == 7'b1100011 && (`INSTR[13] -> `INSTR[14])) -`define ISS_BTYPE (`IS_BTYPE & `SPEC_BTYPE) - `define IS_MRET (`INSTR == 32'b00110000001000000000000001110011) -`define ISS_MRET (`IS_MRET & `SPEC_MRET) - `define IS_WFI (`INSTR == 32'b00010000010100000000000001110011) -`define ISS_WFI (`IS_WFI & `SPEC_WFI) `endif diff --git a/dv/formal/check/peek/compare_helper.sv b/dv/formal/check/peek/compare_helper.sv index 9b359e6f0d..52d20a36d9 100644 --- a/dv/formal/check/peek/compare_helper.sv +++ b/dv/formal/check/peek/compare_helper.sv @@ -11,10 +11,6 @@ some of it is checking spec conformance. `define INSTR wbexc_decompressed_instr -assign wbexc_is_pres_load_instr = `ISS_LB | `ISS_LBU | `ISS_LH | `ISS_LHU | `ISS_LW; -assign wbexc_is_pres_store_instr = `ISS_SB | `ISS_SH | `ISS_SW; -assign wbexc_is_pres_mem_instr = wbexc_is_pres_load_instr | wbexc_is_pres_store_instr; - assign wbexc_is_load_instr = `IS_LB | `IS_LBU | `IS_LH | `IS_LHU | `IS_LW; assign wbexc_is_store_instr = `IS_SB | `IS_SH | `IS_SW; @@ -29,15 +25,12 @@ assign ex_is_load_instr = `IS_LB | `IS_LBU | `IS_LH | `IS_LHU | `IS_LW; assign ex_is_store_instr = `IS_SB | `IS_SH | `IS_SW; assign ex_is_mem_instr = ex_is_load_instr | ex_is_store_instr; -assign ex_is_pres_load_instr = `ISS_LB | `ISS_LBU | `ISS_LH | `ISS_LHU | `ISS_LW; -assign ex_is_pres_store_instr = `ISS_SB | `ISS_SH | `ISS_SW; -assign ex_is_pres_mem_instr = ex_is_pres_load_instr | ex_is_pres_store_instr; - -assign ex_is_pres_btype = `ISS_BTYPE; -assign ex_is_pres_jump = `ISS_JAL | `ISS_JALR; +assign ex_is_btype = `IS_BTYPE; +assign ex_is_jump = `IS_JAL | `IS_JALR; assign ex_is_wfi = `IS_WFI; assign ex_is_rtype = `IS_ADD | `IS_SUB | `IS_SLL | `IS_SLT | `IS_SLTU | `IS_XOR | `IS_SRL | `IS_SRA | `IS_OR | `IS_AND; assign ex_is_div = `IS_DIV | `IS_DIVU | `IS_REM | `IS_REMU; +assign ex_is_mtype = ex_is_div | `IS_MUL | `IS_MULH | `IS_MULHSH | `IS_MULHU; `undef INSTR // real_write checks that there is a write and the dest reg is not x0 @@ -59,8 +52,6 @@ Select CSRs based on the current state of the follower, in particular: - In the case of an IRQ we compare the the CSRs about to be written now with the CSRs from the spec now */ -`define INSTR `CR.instr_rdata_id - logic use_curr_dut, use_curr_spec; assign use_curr_dut = wbexc_err | wbexc_handling_irq; assign use_curr_spec = wbexc_handling_irq; diff --git a/dv/formal/check/peek/follower.sv b/dv/formal/check/peek/follower.sv index 85ad311bec..1d33111a30 100644 --- a/dv/formal/check/peek/follower.sv +++ b/dv/formal/check/peek/follower.sv @@ -25,16 +25,16 @@ assign ex_err = `IDC.exc_req_d; assign ex_kill = `ID.wb_exception | ~`ID.controller_run; // Note that this only kills instructions because e.g. of a jump ahead of it or an exception -assign exc_finishing = `IDC.ctrl_fsm_cs == `ID.controller_i.FLUSH; -assign wbexc_handling_irq = `IDC.ctrl_fsm_cs == `ID.controller_i.IRQ_TAKEN; +assign exc_finishing = `IDC.ctrl_fsm_cs == FLUSH; +assign wbexc_handling_irq = `IDC.ctrl_fsm_cs == IRQ_TAKEN; assign wb_finishing = wbexc_is_wfi? wfi_will_finish:`CR.instr_done_wb; -assign wfi_will_finish = `IDC.ctrl_fsm_cs == `ID.controller_i.FLUSH; +assign wfi_will_finish = `IDC.ctrl_fsm_cs == FLUSH; assign wbexc_err = wbexc_ex_err | `IDC.wb_exception_o | - ((`IDC.ctrl_fsm_cs == `ID.controller_i.FLUSH) & ~wbexc_csr_pipe_flush); + ((`IDC.ctrl_fsm_cs == FLUSH) & ~wbexc_csr_pipe_flush); // CSR pipe flushes don't count as exceptions assign wbexc_finishing = @@ -51,7 +51,7 @@ always_comb begin ex_has_branched_d = (ex_has_branched_d | `IF.branch_req) && ~ex_kill && - (`IDC.ctrl_fsm_cs == `IDC.DECODE); + (`IDC.ctrl_fsm_cs == DECODE); end always @(posedge clk_i or negedge rst_ni) begin @@ -60,6 +60,58 @@ always @(posedge clk_i or negedge rst_ni) begin ex_has_compressed_instr <= 1'b0; ex_has_branched_q <= 1'b0; wbexc_csr_pipe_flush <= 1'b0; + + // Zero initialise everything to avoid warnings + wbexc_post_wX <= 32'b0; + wbexc_post_wX_addr <= 5'b0; + wbexc_post_wX_en <= 1'b0; + wbexc_instr <= 32'b0; + wbexc_decompressed_instr <= 32'b0; + wbexc_compressed_illegal <= 1'b0; + wbexc_ex_err <= 1'b0; + wbexc_fetch_err <= 1'b0; + wbexc_post_int_err <= 1'b0; + wbexc_illegal <= 1'b0; + wbexc_pc <= 32'b0; + wbexc_is_checkable_csr <= 1'b0; + wbexc_spec_mem_read_fst_rdata <= 32'b0; + wbexc_spec_mem_read_snd_rdata <= 32'b0; + wbexc_mem_had_snd_req <= 1'b0; + ex_compressed_instr <= 32'b0; + wbexc_post_pc <= 32'h0; + wbexc_post_priv <= Machine; + wbexc_post_mstatus <= 32'h0; + wbexc_post_mie <= 32'h0; + wbexc_post_mcause <= 32'h0; + wbexc_post_mtval <= 32'h0; + wbexc_post_mtvec <= 32'h0; + wbexc_post_mscratch <= 32'h0; + wbexc_post_mepc <= 32'h0; + wbexc_post_mcycle <= 32'h0; + wbexc_post_mshwmb <= 32'h0; + wbexc_post_mshwm <= 32'h0; + wbexc_post_mcounteren <= 32'h0; + wbexc_post_mseccfg <= 32'h0; + wbexc_dut_post_pc <= 32'h0; + wbexc_dut_post_priv <= Machine; + wbexc_dut_post_mstatus <= 32'h0; + wbexc_dut_post_mie <= 32'h0; + wbexc_dut_post_mcause <= 32'h0; + wbexc_dut_post_mtval <= 32'h0; + wbexc_dut_post_mtvec <= 32'h0; + wbexc_dut_post_mscratch <= 32'h0; + wbexc_dut_post_mepc <= 32'h0; + wbexc_dut_post_mcycle <= 32'h0; + wbexc_dut_post_mshwmb <= 32'h0; + wbexc_dut_post_mshwm <= 32'h0; + wbexc_dut_post_mcounteren <= 32'h0; + wbexc_dut_post_mseccfg <= 32'h0; + for (integer i = 0; i < PMPNumRegions; i++) begin + wbexc_post_pmp_cfg[i] <= 32'h0; + wbexc_post_pmp_addr[i] <= 32'h0; + wbexc_dut_post_pmp_cfg[i] <= 32'h0; + wbexc_dut_post_pmp_addr[i] <= 32'h0; + end end else begin if (wbexc_finishing) begin wbexc_exists <= 1'b0; diff --git a/dv/formal/check/peek/mem.sv b/dv/formal/check/peek/mem.sv index dd95b34de6..c2372b9ee7 100644 --- a/dv/formal/check/peek/mem.sv +++ b/dv/formal/check/peek/mem.sv @@ -60,7 +60,10 @@ assign mem_req_fst_d = data_req_o & ~mem_gnt_fst_q; assign mem_req_snd_d = data_req_o & mem_gnt_fst_q; always @(posedge clk_i or negedge rst_ni) begin - if (~rst_ni | instr_will_progress) begin + if (~rst_ni) begin + mem_gnt_fst_q <= 1'b0; + mem_gnt_snd_q <= 1'b0; + end else if (instr_will_progress) begin mem_gnt_fst_q <= 1'b0; mem_gnt_snd_q <= 1'b0; end else begin diff --git a/dv/formal/check/protocol/mem.sv b/dv/formal/check/protocol/mem.sv index 1b8c8d31b6..708e2c66e5 100644 --- a/dv/formal/check/protocol/mem.sv +++ b/dv/formal/check/protocol/mem.sv @@ -42,14 +42,21 @@ interface mem_assume_t( // 2. Grants can only be sent when they are requested MemGntOnRequest: assume property (@(posedge clk_i) ~req_o |-> ~gnt_i); + `ifdef YOSYS + // Give yosys stronger bounds for now. + // FIXME: Would be nice to relax this, but I'm not sure how long proofs would take. + // It might not be too long based on the alt lsus and whatnot, hard to say. + StrictGnt: assume property (@(posedge clk_i) req_o |-> gnt_i); + StrictRValid: assume property (@(posedge clk_i) outstanding_reqs_q != 8'b0 |-> rvalid_i); + `else // Grants must respond within TIME_LIMIT cycles GntBound: assume property (@(posedge clk_i) req_o |-> ##[0:`TIME_LIMIT] gnt_i); - // RValid takes no more than TIME_LIMIT cycles MemValidTimer: assume property ( @(posedge clk_i) outstanding_reqs != 0 |-> ##[0:`TIME_LIMIT] rvalid_i ); + `endif // Responses have to come eventually, implied by the above bounds so removed // MemGntEventually: assume property (@(posedge clk_i) req_o |-> s_eventually gnt_i); diff --git a/dv/formal/check/spec_instance.sv b/dv/formal/check/spec_instance.sv index 33f52c65de..d5c4f0091a 100644 --- a/dv/formal/check/spec_instance.sv +++ b/dv/formal/check/spec_instance.sv @@ -19,6 +19,26 @@ always_comb begin else main_mode = MAIN_IDEX; end +// Some registers are not driven. Only those that have reg_driven[i] high are +// given real values, the rest are left free (i.e. the spec cannot depend on +// them). For wraparound purposes it does not matter what reg_driven[i] is: +// - If too many registers are driven they all must pass checks anyway (since +// they are checked as inputs) +// - If too few registers are driven instructions will fail to be spec +// conformant +// Note that while it again does not matter how they are defined, but only +// registers matching one of `CR.rf_raddr_{a, b} can be driven. + +logic [31:0] reg_driven; +assign reg_driven[0] = 1'b0; + +for (genvar i = 1; i < 32; i++) begin: g_regs_cut + logic [31:0] free; // Undriven + assign reg_driven[i] = + (`CR.rf_raddr_a == i && `CR.rf_ren_a) || (`CR.rf_raddr_b == i && `CR.rf_ren_b); + assign pre_regs_cut[i] = reg_driven[i] ? pre_regs[i] : free; +end + spec_api #( .NREGS(32) ) spec_api_i ( @@ -26,13 +46,7 @@ spec_api #( .main_mode(main_mode), .insn_bits(ex_compressed_instr), - - .rx_a_en_o(spec_rx_a_en), - .rx_a_addr_o(spec_rx_a_addr), - .rx_a_i(spec_rx_a), - .rx_b_en_o(spec_rx_b_en), - .rx_b_addr_o(spec_rx_b_addr), - .rx_b_i(spec_rx_b), + .regs_i(pre_regs_cut), .wx_o(spec_post_wX), .wx_addr_o(spec_post_wX_addr), diff --git a/dv/formal/check/top.sv b/dv/formal/check/top.sv index 1b96550517..1a9796326b 100644 --- a/dv/formal/check/top.sv +++ b/dv/formal/check/top.sv @@ -44,7 +44,10 @@ module top import ibex_pkg::*; #( ) ( // Clock and Reset input logic clk_i, + + `ifndef YOSYS input logic rst_ni, + `endif input logic test_en_i, // enable all clock gates for testing input prim_ram_1p_pkg::ram_1p_cfg_t ram_cfg_i, @@ -105,6 +108,14 @@ module top import ibex_pkg::*; #( input logic scan_rst_ni ); +// Yosys based tools have no inherent understanding of a reset signal (unlike jasper, which has the +// `reset` TCL command). We must therefore introduce one ourselves using an initial block. +`ifdef YOSYS +logic rst_ni; +initial rst_ni = 1'b0; +always @(posedge clk_i) rst_ni = 1'b1; +`endif + localparam logic [31:0] CSR_MVENDORID_VALUE = 32'b0; localparam logic [31:0] CSR_MIMPID_VALUE = 32'b0; @@ -179,6 +190,7 @@ WFIStart: assume property (`IDC.ctrl_fsm_cs == SLEEP |-> ( // Pre state is the architectural state of Ibex at the start of the cycle logic [31:0] pre_regs[32]; +logic [31:0] pre_regs_cut[1:31]; logic [31:0] pre_nextpc; logic [31:0] pre_mip; @@ -196,10 +208,9 @@ logic [31:0] pre_mip; // - ex_P is 1 if P is true for the instruction in the ID/EX stage. // - wbexc_P is 1 if P is true for the instruction in the WB/EXC (exception) stage. -logic ex_is_wfi, ex_is_rtype, ex_is_div; -logic ex_is_pres_btype, ex_is_pres_jump; +logic ex_is_wfi, ex_is_rtype, ex_is_div, ex_is_mtype; +logic ex_is_btype, ex_is_jump; logic ex_is_mem_instr, ex_is_load_instr, ex_is_store_instr; -logic ex_is_pres_mem_instr, ex_is_pres_load_instr, ex_is_pres_store_instr; // Have we branched, or are we branching in this cycle? logic ex_has_branched_d, ex_has_branched_q; @@ -221,9 +232,7 @@ logic has_two_resp_waiting_q, has_two_resp_waiting_d; assign has_two_resp_waiting_q = data_mem_assume.outstanding_reqs_q == 8'h2; assign has_two_resp_waiting_d = data_mem_assume.outstanding_reqs == 8'h2; -logic wbexc_is_pres_load_instr, wbexc_is_pres_store_instr; -logic wbexc_is_load_instr, wbexc_is_store_instr; -logic wbexc_is_pres_mem_instr, wbexc_is_mem_instr; +logic wbexc_is_load_instr, wbexc_is_store_instr, wbexc_is_mem_instr; logic wbexc_is_wfi; logic [31:0] ex_compressed_instr; @@ -233,7 +242,7 @@ logic ex_has_compressed_instr; logic wbexc_post_int_err; // Spec had an internal error logic [31:0] wbexc_post_wX; -logic [5:0] wbexc_post_wX_addr; +logic [4:0] wbexc_post_wX_addr; logic wbexc_post_wX_en; `define X(n) wbexc_post_``n @@ -316,17 +325,6 @@ logic wbexc_handling_irq; // Check the results of handling an IRQ ////////////////////// Spec Post ////////////////////// -// These cause combinational cycles, but not severe ones. The problem is fixed in CherIoT-Ibex -logic spec_rx_a_en; -logic [4:0] spec_rx_a_addr; -logic [31:0] spec_rx_a; -assign spec_rx_a = pre_regs[spec_rx_a_addr]; - -logic spec_rx_b_en; -logic [4:0] spec_rx_b_addr; -logic [31:0] spec_rx_b; -assign spec_rx_b = pre_regs[spec_rx_b_addr]; - logic [31:0] spec_post_wX; logic [4:0] spec_post_wX_addr; logic spec_post_wX_en; @@ -432,13 +430,6 @@ assign ex_is_checkable_csr = ~( (`CSR_ADDR == CSR_MCOUNTINHIBIT) ); -`undef INSTR -`define INSTR wbexc_decompressed_instr - -// Illegal instructions aren't checkable unless the relevant specifications are present. -logic can_check_illegal; -assign can_check_illegal = `SPEC_ILLEGAL & `SPEC_CSR & `SPEC_MRET & `SPEC_WFI; - `undef INSTR ////////////////////// Decompression Invariant Defs ////////////////////// @@ -499,7 +490,11 @@ mem_assume_t data_mem_assume( ////////////////////// Proof ////////////////////// `define INSTR wbexc_decompressed_instr -`include "../build/psgen.sv" +`ifdef YOSYS +`include "../build/psgen-yosys.sv" +`else +`include "../build/psgen-jg.sv" +`endif `undef INSTR // Assign spec fetch error after instantiating the specification. diff --git a/dv/formal/conductor.py b/dv/formal/conductor.py new file mode 100644 index 0000000000..956b8ab422 --- /dev/null +++ b/dv/formal/conductor.py @@ -0,0 +1,790 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# Original author: Louis-Emile Ploix +# SPDX-License-Identifier: Apache-2.0 + +# This program handles the running of proof processes. It can discover efficient proofs, schedule them, find +# counterexamples, and analyse the results. + +import asyncio +import argparse +import re +import subprocess +import time +import json +import os +from math import floor +from datetime import datetime +import hashlib +from typing import Iterable +import typing +import psutil +from pathlib import Path + +# Skipped properties are excluded from every step +SKIPPED_PROPS = [ + 'MType_Div_Data', + 'MType_Rem_Data', + 'MType_Mul_Data', + 'MType_RemU_Data', + 'MType_MulH_Data', + 'MType_DivU_Data', + 'MType_MulHU_Data', + 'MType_MulHSH_Data', +] + +# --------------------- Utilities ---------------------- + +PROOFLOG = os.environ.get("PROOFLOG", "prooflog.txt") +LOGFILE = os.environ.get("LOGFILE", "logfile.txt") + +# ANSI coloring, supported everywhere but windows, but since this script exists within a nix +# setup, which won't support windows anyway, there seems little point in handling it. +def green(s): return f"\033[32;1m{s}\033[0m" +def red(s): return f"\033[31;1m{s}\033[0m" +def white(s): return f"\033[1m{s}\033[0m" +def orange(s): return f"\033[33;1m{s}\033[0m" +def gray(s): return f"\033[90m{s}\033[0m" + +def write_logfile(s): + if not "NO_LOG" in os.environ: + with open(LOGFILE, "a") as f: + f.write(s + "\n") + +'''Send all printed text to a log file, and prepend the date and time.''' +def log(*args, c=lambda x: x): + timestr = datetime.now().strftime('[%d/%m/%y %H:%M:%S.%f]') + s = " ".join(map(str, args)) + print(gray(timestr), c(s)) + write_logfile(f"{timestr} {s}") + +write_logfile("") # Blank line to mark new run + +''' +Races allow async processes to cleanly run in parrallel, until one declares victory, +at which point all the other futures are cancelled. Tasks should be sequence of +awaitables. In order to declare victory of a race, simply return something not-None. +''' +async def race[A](tasks: Iterable[typing.Awaitable[A | None]]) -> A | None: + class RaceWonException(Exception): + def __init__(self, result): + super().__init__() + self.result = result + winner = None + try: + async with asyncio.TaskGroup() as tg: + for task in tasks: + async def wrapper(): + res = await task + if res is not None: + raise RaceWonException(res) + tg.create_task(wrapper()) + except* RaceWonException as e: + for result in e.exceptions: + assert isinstance(result, RaceWonException) + winner = result.result + return winner + +# --------------------- Process Management ---------------------- + +GB = 1024**3 + +''' +Returns the global free memory according to psutil, which is just MemAvailable in /proc/meminfo. +''' +def global_memory_free(): + return psutil.virtual_memory().available / GB + +''' +Finishes when a process exits, and cancelling kills that process. +Produces a ProcessResult. +''' +class ProcessFuture(asyncio.Future): + def __init__(self, loop, proc): + super().__init__(loop=loop) + self.proc = proc + + def cancel(self, msg = None): + self.proc.kill() + return super().cancel(msg=msg) + +''' +Information regarding the completion of a process, including memory/time and stdio. +''' +class ProcessResult: + def __init__(self, code, reason, max_mem, dt, stdout, stderr): + self.code: int | None = code + ''' + OK = the process finished + TIMEOUT = the process was killed by us due to a timeout + UNINTERESTED = the process was killed by us, probably because another process in the race won + ''' + self.reason: str = reason + self.max_mem: float = max_mem + self.dt: float = dt + self.stdout: str | None = stdout + self.stderr: str | None = stderr + + @staticmethod + def from_proc(proc, code, reason, max_mem, dt): + return ProcessResult(code, reason, max_mem, dt, proc.stdout.read().decode(), proc.stderr.read().decode()) + +''' +A process, which me killed, restarted and awaited (via the .future property). +Handles the tracking of time and timeouts, and of memory consumption. +debug_slow allows for periodic logging. +''' +class Process: + def __init__(self, cmd, expected_memory = 0.0, expected_time = 0.0, timeout = None, debug_slow = None): + self.cmd: str = cmd + self.expected_memory: float = expected_memory + self.expected_time: float = expected_time + self.timeout: float | None = timeout + self.kill_: str | None = None # Either kill, restart or None + + self.debug_slow = debug_slow # A message to write when the process is taking a long time + self.debug_slow_count = 0 + + self.proc = None # Will be set on start() + self.psproc = None + + self.future: asyncio.Future[ProcessResult] = ProcessFuture(asyncio.get_running_loop(), self) + + self.max_memory = 0 + self.start_time = 0 + + def start(self): + log("$", self.cmd) + self.proc = subprocess.Popen(self.cmd, shell=True, stdin=subprocess.DEVNULL, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + self.psproc = psutil.Process(pid=self.proc.pid) + self.start_time = time.time() + self.max_memory = 0 + self.debug_slow_count = 0 + + # Give up on the process, may be called by anyone + def kill(self): + self.kill_ = "kill" + + # Kill the process with the expectation that it will be restarted again. + # Only to be called by ProcessRunner + def kill_restart(self): + self.kill_ = "restart" + + def poll(self): + assert self.proc is not None + assert self.psproc is not None + + self.max_memory = max(self.psproc.memory_info().rss / GB, self.max_memory) + + dt = time.time() - self.start_time + code = self.proc.poll() + if code is not None and self.kill_ == None: + log(f"Finished `{self.cmd}` ({dt:.3f}s) ({self.max_memory:.3f}GB)") + if not self.future.cancelled(): + self.future.set_result(ProcessResult.from_proc(self.proc, code, "OK", self.max_memory, dt)) + # self.future.set_result((code, self.max_memory, dt, "OK", self.proc.stdout.read().decode(), self.proc.stderr.read().decode())) + return True + elif self.kill_ == "restart": + log(f"Kill (will restart) `{self.cmd}` ({dt:.3f}s) ({self.max_memory:.3f}GB)", c=gray) + self.proc.kill() + self.kill_ = None + self.expected_memory = max(self.expected_memory, self.max_memory) + self.expected_time = max(self.expected_time, dt) + return True + elif self.timeout is not None and dt > self.timeout: + log(f"Kill `{self.cmd}` ({dt:.3f}s) ({self.max_memory:.3f}GB)") + self.proc.kill() + if not self.future.cancelled(): + self.future.set_result(ProcessResult.from_proc(self.proc, None, "TIMEOUT", self.max_memory, dt)) + # self.future.set_result((None, self.max_memory, dt, "TIMEOUT", None, self.proc.stderr.read().decode())) + return True + elif self.kill_ == "kill": + log(f"Kill (uninterested) `{self.cmd}` ({dt:.3f}s) ({self.max_memory:.3f}GB)", c=gray) + self.proc.kill() + if not self.future.cancelled(): + self.future.set_result(ProcessResult.from_proc(self.proc, None, "UNINTERESTED", self.max_memory, dt)) + # self.future.set_result((None, self.max_memory, dt, "UNINTERESTED", None, self.proc.stderr.read().decode())) + return True + + # Every 60 seconds call the debug_slow handler + n = floor(dt / 60.0) + if n > self.debug_slow_count: + if self.debug_slow is not None: + self.debug_slow(dt) + self.debug_slow_count = n + + return False + +''' +Schedules (and reschedules) Processes according to the memory and CPU +constraints of the system. +''' +class ProcessRunner: + GLOBAL_MEMORY_BUFFER = 5 # Never allocate more than (total ram - buffer)GB memory + POLL_DELAY = 0.1 # Time between poll cycles + MAX_RUNNING = (psutil.cpu_count() or 8) - 2 # Number of CPUs, with a couple spares + + def __init__(self): + self.pending = [] + self.running = [] + self.first_start = time.time() + self.debug_count = 0 + + log(f"Process runner will have a maximum of {ProcessRunner.MAX_RUNNING} processes, and currently sees {self.mem_avail():.3f}GB free.") + + def append(self, proc): + self.pending.insert(0, proc) + + def start_loop(self): + asyncio.get_running_loop().call_soon(lambda: self.poll()) + + def children_used_mem(self): + return sum(proc.max_memory for proc in self.running) + + def mem_avail(self): + if args.max_mem == 0: + return global_memory_free() + return min(global_memory_free(), max(args.max_mem - self.children_used_mem(), 0)) + + def poll(self): + # Kill recently started processes until memory is OK, unless there is just one, then there's no point(?) + free = self.mem_avail() + while not args.no_kill and free < ProcessRunner.GLOBAL_MEMORY_BUFFER and len(self.running) > 1: + last = self.running.pop() + last.kill_restart() + free += max(last.max_memory, 3) + last.poll() + self.pending.append(last) + + while len(self.running) < ProcessRunner.MAX_RUNNING and len(self.pending) > 0 and free > self.pending[-1].expected_memory + ProcessRunner.GLOBAL_MEMORY_BUFFER: + if self.first_start == 0: + self.first_start = time.time() + last = self.pending.pop() + last.start() + free -= max(last.expected_memory, 3) # otherwise lots of zeros won't help + self.running.append(last) + + # Drop processes that finished + p = 0 + while p < len(self.running): + if self.running[p].poll(): + self.running.pop(p) + else: + p += 1 + + n = floor((time.time() - self.first_start) / 30.0) + if n > self.debug_count: + log(f"Running {len(self.running)} processes, with {len(self.pending)} pending. Memory used right now: {self.children_used_mem():.3f}GB", c=gray) + self.debug_count = n + + asyncio.get_running_loop().call_later(ProcessRunner.POLL_DELAY, lambda: self.poll()) + +process_runner: ProcessRunner | None = None +'''Run a shell command in the global process runner''' +async def shell(cmd, expected_memory = 0.0, timeout = None, debug_slow = None): + assert process_runner is not None + proc = Process(cmd, expected_memory=expected_memory, timeout=timeout, debug_slow=debug_slow) + process_runner.append(proc) + return await proc.future + +# ------------------------ Proof Primitives ------------------ + +''' +Prepares an aiger file configured for the properties at the given step specifically, return a run unique path to it +''' +aiger_idx = 0 +async def prepare_aiger(step: int, props: list[str]) -> str: + global aiger_idx + + name = f"build/aiger-{aiger_idx}.aig" + aiger_idx += 1 + assert (await shell( + f"build/aig-manip build/all.aig select {name} build/all.ywmap {step} {' '.join(props)}", + expected_memory=0.5 + )).code == 0 + + return name + +'''Log a nice message on proof completion, and store in the proof log''' +def proof_done(engine_config: str, path: str, step: int, props: list[str], procres: ProcessResult): + if not "NO_LOG" in os.environ: + with open(PROOFLOG, "a") as f: + json.dump([time.time(), [props, step, ROOT_HASH, engine_config], vars(procres)], f) + f.write("\n") + match procres.code: + case 20: + log(f"UNSAT: {len(props)} properties in step {step} proven in {procres.dt:.3f}s with {procres.max_mem:.3f}GB", c=green) + case 10: + log(f"==========================================================================================================================", c=red) + log(f"==========================================================================================================================", c=red) + log(f"==========================================================================================================================", c=red) + log(f" ==================== SAT: CEX in step {step}, discovered in {procres.dt:.3f}s with {procres.max_mem:.3f}GB ==================", c=red) + log(f"==========================================================================================================================", c=red) + log(f"==========================================================================================================================", c=red) + log(f"==========================================================================================================================", c=red) + log(f"One of these properties in step {step} is not valid: {' '.join(props)}", c=red) + log(f"To recover a witness run the following:") + log(f" {engine_config} {path} --witness | tail -n +2 > witness.aiw") + log(f"Or the following:") + log(f" rIC3 -e bmc --no-preproc {path} --witness | tail -n +2 > witness.aiw") + log(f"Or, to compare against another engine:") + log(f" python3 smt2manip.py build/all.smt2 sel.smt2 {step} {' '.join(props)}") + log(f" yosys-smtbmc -s yices sel.smt2") + log(f"Then to view the trace:") + log(f" build/aig-manip build/all.aig simulate build/all.ywmap build/all.vmap witness.aiw trace.vcd") + log(f" gtkwave trace.vcd") + case 30: + log(f"UNDETERMINED: Failed to find a CEX or proof for {len(props)} properties in step {step} ({procres.dt:.3f}s with {procres.max_mem:.3f}GB)", c=orange) + case -9: + log(f"KILLED by OS: Failed to prove {len(props)} properties in step {step} ({procres.dt:.3f}s with {procres.max_mem:.3f}GB)", c=red) + case None: + log(f"TIMEOUT: Failed to prove {len(props)} properties in step {step} ({procres.dt:.3f}s with {procres.max_mem:.3f}GB)", c=red) + case n: + log(f"Unknown Exit Code {n}: Failed to prove {len(props)} properties in step {step} ({procres.dt:.3f}s with {procres.max_mem:.3f}GB)", c=red) + +'''Prove some properties with the given config''' +async def prove(engine_config: str, step: int, props: list[str], timeout=None, expected_memory=10.0) -> ProcessResult: + specialised = await prepare_aiger(step, props) + res = await shell(f"{engine_config} {specialised}", timeout=timeout, expected_memory=expected_memory) + proof_done(engine_config, specialised, step, props, res) + return res + +cex_id = 0 +'''Run Bounded Model Checking on some properties''' +async def bmc(step: int, props: list[str], timeout=None, start=None, end=None) -> ProcessResult: + global cex_id + res = await prove("rIC3 -e bmc --no-preproc --witness" + ("" if start is None else f" --start {start}") + ("" if end is None else f" --end {end}"), step, props, timeout=timeout) + if res.code == 10: + assert res.stdout is not None + own_id = cex_id + cex_id += 1 + witness = res.stdout.split("\n", maxsplit=1)[1] + Path(f"witness-{own_id}.aiw").write_text(witness) + log(f"Written trace to witness-{own_id}.aiw", c=white) + await shell(f"./aig-manip/target/release/aig-manip build/all.aig simulate build/all.ywmap build/all.vmap witness-{own_id}.aiw trace-{own_id}.vcd") + log(f"Produced VCD file at trace-{own_id}.vcd", c=white) + return res + +# -------------------------- Proof Exploration ----------------------- + +'''Try several configurations for some properties and see which is best, if any''' +async def explore(step: int, props: list[str], configs: list[tuple[str, float]], timeout=0.0, debug_slow=None) -> None | tuple[str, ProcessResult]: + specialised = await prepare_aiger(step, props) + + async def explore_one(engine_config, expected_memory): + result = await shell(f"{engine_config} {specialised}", timeout=timeout, expected_memory=expected_memory, debug_slow=debug_slow) + proof_done(engine_config, specialised, step, props, result) + if result.code in {10, 20}: + return engine_config, result + + return await race([explore_one(config, mem) for config, mem in configs]) + +''' +Represents a complete proof step for some properties +''' +class Strategy: + def __init__(self, step, props, config, procres): + self.step: int = step + self.props: list[str] = props + self.config: str = config + self.procres: ProcessResult = procres + +'''Build a strategy for the given tree, where in each case we either split into subtrees, or prove as a block. A strategy is a flat list of proof instructions.''' +async def build_strategy_rec(step: int, prop_tree: list, failures: list[tuple[int, str]], eager=False, difficult=False) -> list[Strategy]: + def find_all(prop_tree, all_props): + for prop in prop_tree: + if type(prop) == str: + all_props.append(prop) + else: + find_all(prop, all_props) + all_props = [] + find_all(prop_tree, all_props) + + # These may be helpful to change depending on the nature of the task + if difficult: + ENGINES = [ + # ("rIC3", 10), + # ("rIC3 --no-preproc", 20), + ("rIC3 -e kind --no-preproc", 10.0), + # ("rIC3 -e kind", 10) + ] + else: + ENGINES = [ + ("rIC3", 10), + # ("rIC3 --no-preproc", 20), + ("rIC3 -e kind --no-preproc", 10.0), + # ("rIC3 -e kind", 10) + ] + + if len(all_props) == 0: + return [] + + if len(all_props) == 1: + while True: + res = await explore( + step, all_props, + timeout=1800.0 if difficult else 600.0, + configs=ENGINES, + debug_slow=lambda dt: log(f"Still exploring step {step} property {all_props[0]} ({dt:.3f}s)", c=gray) + ) + if res is not None: + if res[1].code == 20: + log(f"Constructed proof for 1 property in step {step}: {all_props[0]}", c=green) + return [Strategy(step, all_props, res[0], res[1])] + else: + log(f"Failed to construct proof for 1 property in step {step}: {all_props[0]}", c=red) + return [] + log(f"Failed to find proof for property in step {step}: {all_props[0]} - ignoring", c=red) + failures.append((step, all_props[0])) + return [] + + if len(prop_tree) == 1: + return await build_strategy_rec(step, prop_tree[0], failures, difficult=difficult) + + async def without_split(): + res = await explore(step, all_props, timeout=120.0, configs=ENGINES) + if res is not None: + if res[1].code == 20: + log(f"Constructed proof for {len(all_props)} properties in step {step}: {' '.join(all_props)}", c=green) + return [Strategy(step, all_props, res[0], res[1])] + else: + log(f"Failed to construct proof for {len(all_props)} properties in step {step}: {' '.join(all_props)}", c=red) + + async def with_split(): + children = [] + rest = [] + for prop in prop_tree: + if type(prop) == str: + rest.append(prop) + else: + children.append(prop) + + if not eager: + await asyncio.sleep(120.0) # Give the rest a head start + else: + await asyncio.sleep(20.0) # Give the rest a tiny head start anyway + + if len(children) == 0: + solutions = await asyncio.gather(*[build_strategy_rec(step, [child], failures, difficult=difficult) for child in rest]) + else: + children.append(rest) + solutions = await asyncio.gather(*[build_strategy_rec(step, tree, failures, difficult=difficult) for tree in children]) + flattened = [] + for solution in solutions: + flattened.extend(solution) + return flattened + + winner = await race([without_split(), with_split()]) + assert winner is not None # someone has to win! + return winner + +'''Execute a given strategy, return all the (result, strategy)''' +async def run_strategy(strategy: list[Strategy]) -> list[tuple[ProcessResult, Strategy]]: + proofs = [] + strategy.sort(key=lambda x: x.procres.dt, reverse=True) + for step in strategy: + conf = step.config + if step.procres.stderr is not None: + if " -e kind " in step.config: + s = step.procres.stderr.split("[INFO ] k-induction proofed in depth ") + if len(s) == 2: + conf += f" --start {int(s[1].strip())}" + proofs.append(prove(conf, step.step, step.props, expected_memory=step.procres.max_mem * 1.1)) + return list(zip(await asyncio.gather(*proofs), strategy)) + +'''Construct a proof tree by recursively splitting on the prefix of a name, for example a_x, a_y, b will produce [[a_x, a_y], b]''' +def split_by_prefixes(names: list[str]) -> list: + def chunk_name(name): + nts = lambda x: "" if x is None else x + split = re.split(r"_([A-Z])|_|([A-Z])", name) + return ([split[0]] if split[0] != "" else []) + [nts(split[i + 1]) + nts(split[i + 2]) + split[i + 3] for i in range(0, len(split) - 1, 3)] + + def group(props): + buckets = {} + done = [] + for chunks, name in props: + if len(chunks) == 1: + done.append(name) + elif chunks[0] not in buckets: + buckets[chunks[0]] = [(chunks[1:], name)] + else: + buckets[chunks[0]].append((chunks[1:], name)) + for pre in buckets: + bucket = group(buckets[pre]) + # while len(bucket) == 1: + # bucket = bucket[0] + done.append(bucket) + return done + + chunked_names = [(chunk_name(name), name) for name in names] + return group(chunked_names) + +# ---------------------------------- Main ------------------------------ + +parser = argparse.ArgumentParser(prog="conductor.py", description="Constructs and executes proofs.", epilog="Additionally, the PROOFLOG env var sets the prooflog file (i.e. one proof result per line, JSON), and the LOGFILE env var sets the logging file.") +parser.add_argument("mode", choices=["prove", "explore", "bmc", "info"], + help="Proof mode. " + "prove will run existing proofs where they exist, " + "explore will attempt to discover new proofs, " + "bmc will do bounded model checking on each property individually, " + "info dumps stats about cached proofs.") +parser.add_argument("--fresh", action="store_true", help="In explore mode, do not use already constructed proofs, always construct new proofs.") +parser.add_argument("--no-store", action="store_true", help="In explore mode, do not store constructed proof strategies.") +parser.add_argument("--by-step", action="store_true", help="In prove mode, do proofs one step at a time") +parser.add_argument("-p", "--properties", nargs="*", default=[], help="Restrict to only the properties with the given names, otherwise all properties. Especially helpful for BMC.") +parser.add_argument("--missing", action="store_true", help="Equivalent to -p ") +parser.add_argument("-s", "--start", type=int, default=0, help="First step to start at. (default: 0)") +parser.add_argument("--bmc-step", type=int, default=1, help="Step size for BMC. (default: 1)") +parser.add_argument("--bmc-start", type=int, default=4, help="Start length for BMC. (default: 4)") +parser.add_argument("--hard", action="store_true", help="In explore mode, try harder to prove properties (1hr timeout, more engines).") +parser.add_argument("--no-run", action="store_true", help="In explore mode don't run proofs again to check steps.") +parser.add_argument("--no-kill", action="store_true", help="Don't kill proof processes due to running out of memory.") +parser.add_argument("--check-complete", action="store_true", help="In prove mode, fail if there are unskipped properties without proofs.") +parser.add_argument("--max-mem", type=float, default=0, help="Max memory in GB, otherwise use all available memory") +args = parser.parse_args() + +if len(SKIPPED_PROPS) > 0: + log(f"WARNING: Skipped properties are {' '.join(SKIPPED_PROPS)}", c=orange) + +ROOT_HASH = hashlib.new("sha256", Path("build/all.aig").read_bytes()).hexdigest() +log(f"build/all.aig has sha256 {ROOT_HASH}") + +def decode_strategy(encoded: list) -> Strategy: + return Strategy(encoded[0], encoded[1], encoded[2], ProcessResult(encoded[3][0], encoded[3][3], encoded[3][1], encoded[3][2], encoded[3][4] if len(encoded[3]) > 4 else None, encoded[3][5] if len(encoded[3]) > 5 else None)) + +def load_strategy(step: int) -> list[Strategy] | None: + if args.fresh: + return None + try: + with open(f"strategies/step{step}.json", "r") as f: + log(f"Loading strategy for step {step} from cache", c=white) + encoded = json.load(f) + return [decode_strategy(d) for d in encoded] + except FileNotFoundError: + pass + except json.JSONDecodeError as e: + log(f"Error decoding step{step}.json (ignoring): {e}", c=red) + return None + +def store_strategy(step: int, strategy: list[Strategy]): + encoded = [[s.step, s.props, s.config, [s.procres.code, s.procres.max_mem, s.procres.dt, s.procres.reason, s.procres.stdout, s.procres.stderr]] for s in strategy] + log(encoded, c=gray) + if args.no_store: + return [decode_strategy(d) for d in encoded] + try: + os.makedirs("strategies", exist_ok=True) + with open(f"strategies/step{step}.json", "w") as f: + json.dump(encoded, f) + except Exception as e: + log(f"ERROR: Could not save strategy: {e}", c=red) + return [decode_strategy(d) for d in encoded] + +def missing_from(strategy: list[Strategy], props: list[str]) -> list[str]: + done_props: list[str] = [] + for strategy_step in strategy: + done_props.extend(strategy_step.props) + return list(set(props).difference(done_props)) + +async def bmc_mode(props: list[tuple[int, str]]): + if len(props) == 1: + step, prop = props[0] + log(f"Doing unbounded BMC for step on {prop} from step {step}", c=white) + await bmc(step, [prop], start=args.bmc_start) + return + + if len(props) == 0: + log("No properties to do BMC on!", c=red) + return + i = args.bmc_start + while True: + for step, prop in props: + log(f"Doing BMC at depth {i} on {prop} from step {step}", c=white) + await bmc(step, [prop], start=i, end=i) + i += args.bmc_step + +async def info_mode(by_step: list[list[str]], by_step_skipped: list[list[str]]): + total_steps = 0 + for step, _ in enumerate(by_step): + strategy = load_strategy(step) + if strategy is None: + log(f"No proof strategy entry for step {step}", c=orange) + strategy = [] + total_steps += len(strategy) + accounted_for: list[str] = [] + for stepi in strategy: + log(f"Step {stepi.step} :: {stepi.procres.reason} :: {stepi.procres.max_mem:.3f}GB/{stepi.procres.dt:.3f}s :: {stepi.config} :: {' '.join(stepi.props)}") + accounted_for.extend(stepi.props) + if len(by_step_skipped[step]) > 0: + log(f"Step {step} :: SKIPPED :: :: :: {' '.join(by_step_skipped[step])}", c=orange) + unaccounted: list[str] = [] + for prop in by_step[step]: + if prop not in accounted_for: + unaccounted.append(prop) + if len(unaccounted) > 0: + log(f"Step {step} :: UNACCOUNTED :: :: :: {' '.join(unaccounted)}", c=red) + log(f"{total_steps} proof steps in total") + +async def prove_mode(all_props: list[tuple[int, str]], by_step: list[list[str]]): + all_strategies: list[Strategy] = [] + for step, props in enumerate(by_step): + if step < args.start: + log(f"Skipping step {step}", c=orange) + continue + strategy = load_strategy(step) + if strategy is None or len(strategy) == 0: + log(f"No strategy for step {step}, skipping", c=orange) + continue + + if args.by_step: + log(f"Running strategy for step {step} ({len(props)} properties)", c=white) + run_start = time.time() + await run_strategy(strategy) + run_dt = time.time() - run_start + log(f"Ran strategy for step {step} in {run_dt:.3f}s", c=white) + all_strategies.extend(strategy) + + if args.check_complete: + covered: set[str] = set() + for step in all_strategies: + covered.update(step.props) + uncovered = set(prop[1] for prop in all_props).difference(covered) + if len(uncovered) > 0: + log(f"Missing proof steps for {len(uncovered)} properties: {' '.join(uncovered)}", c=red) + exit(1) + else: + log(f"All {len(all_props)} properties are covered.", c=green) + + if not args.by_step: + log(f"Running strategy for everything", c=white) + run_start = time.time() + results = await run_strategy(all_strategies) + run_dt = time.time() - run_start + log(f"Ran strategy in {run_dt:.3f}s", c=white) + + unsats = 0 + has_errors = False + for res, step in results: + if res.code == 20: + unsats += 1 + else: + has_errors = True + log(f"Failed to prove step {step.step} proof step with code {res.code} (see above, or logfile.txt, for more details): {' '.join(step.props)}", c=red) + log(f"{unsats}/{len(all_strategies)} proof steps were UNSAT", c=white) + if has_errors: + exit(1) # Failed + +async def construct_strategy(step: int, props: list[str]) -> tuple[bool, list[Strategy], list[str]]: + strategy = load_strategy(step) or [] + not_done = missing_from(strategy, props) + if len(not_done) == 0: + return False, strategy, [] + + log(f"Building strategy for step {step} ({len(not_done)}/{len(props)} properties)", c=white) + build_start = time.time() + + failures: list[tuple[int, str]] = [] + if args.hard: + log("strategy: each property", c=white) + for x in await asyncio.gather(*[build_strategy_rec(step, [prop], failures, difficult=True) for prop in not_done]): + strategy.extend(x) + else: + log("strategy: name based recursive splitting, linear fallback", c=white) + blocks = split_by_prefixes(not_done) + strategy += await build_strategy_rec(step, blocks, failures, difficult=args.hard) + + build_dt = time.time() - build_start + log(f"Constructed strategy for step {step} of {len(strategy)} proof steps in {build_dt:.3f}s", c=white) + strategy = store_strategy(step, strategy) + return True, strategy, [f[1] for f in failures] + +async def explore_mode(by_step: list[list[str]]): + all_failures: list[str] = [] + for step, props in enumerate(by_step): + if step < args.start: + log(f"Skipping step {step}", c=orange) + continue + + new, strategy, failures = await construct_strategy(step, props) + all_failures.extend(failures) + if new: + log(f"All failures to date: {all_failures}", c=gray) + + if args.no_run: + pass + elif not new or len(strategy) != 1: + log(f"Running strategy for step {step} ({len(props)} properties)", c=white) + run_start = time.time() + await run_strategy(strategy) + run_dt = time.time() - run_start + log(f"Ran strategy for step {step} in {run_dt:.3f}s", c=white) + else: + log(f"Skipping proof run for step {step}, since it has just one step", c=white) + +async def main(): + global process_runner + + def preproc_name(name: str) -> tuple[int, str]: + first = name.split("$")[1][5:] + assert first.startswith("Step") + step, rest = first.split("_", maxsplit=1) + step = int(step[4:]) + return step, rest + + def group_by_step(names: list[tuple[int, str]], max=None) -> list[list[str]]: + by_step = [] + for step, name in names: + while step >= len(by_step): + by_step.append([]) + by_step[step].append(name) + if max is not None: + while max >= len(by_step): + by_step.append([]) + return by_step + + process_runner = ProcessRunner() + process_runner.start_loop() + + log("Reading property list", c=white) + with open("build/all.ywmap") as f: + names = [preproc_name(x[0]) for x in json.load(f)["asserts"]] + max_step = max(step for step, _ in names) + names = [(step, name) for step, name in names if not name.endswith("_Cover")] + + by_step = group_by_step(names) + props: list[tuple[int, str]] = [] + for prop in args.properties: + for step, name in names: + if prop == name: + props.append((step, prop)) + break + else: + log(f"ERROR: Property not found {prop}", c=red) + exit(1) + if args.missing: + for step, sprops in enumerate(by_step): + strategy = load_strategy(step) + if strategy is None: + continue + props.extend([(step, p) for p in missing_from(strategy, sprops)]) + elif len(props) == 0: + props = names + props_skipped = [(step, p) for step, p in props if p in SKIPPED_PROPS] + props = [(step, p) for step, p in props if p not in SKIPPED_PROPS] + + if len(props) == 0 and len(props_skipped) == 0: + log("Warning: Empty property selection", c=orange) + + skipped_by_step = group_by_step(props_skipped, max_step) + by_step = group_by_step(props, max_step) + + match args.mode: + case "bmc": + await bmc_mode(props) + case "info": + await info_mode(by_step, skipped_by_step) + case "prove": + await prove_mode(props, by_step) + case "explore": + await explore_mode(by_step) + +asyncio.run(main()) diff --git a/dv/formal/instrs.json b/dv/formal/instrs.json deleted file mode 100644 index e91bb23c3d..0000000000 --- a/dv/formal/instrs.json +++ /dev/null @@ -1,58 +0,0 @@ -[ - "UTYPE", - "ITYPE", - "RTYPE", - "FENCE", - "FENCEI", - "LOAD", - "STORE", - "SHIFTIOP", - "ILLEGAL", - "BTYPE", - "CSR", - "DIV", - "EBREAK", - "ECALL", - "MRET", - "MUL", - "REM", - "RISCV_JAL", - "RISCV_JALR", - "WFI", - - "C_ADD", - "C_ADDI", - "C_ADDI16SP", - "C_ADDI4SPN", - "C_ADDIW", - "C_ADDW", - "C_AND", - "C_ANDI", - "C_BEQZ", - "C_BNEZ", - "C_EBREAK", - "C_ILLEGAL", - "C_J", - "C_JAL", - "C_JALR", - "C_JR", - "C_LD", - "C_LDSP", - "C_LI", - "C_LUI", - "C_LW", - "C_LWSP", - "C_MV", - "C_NOP", - "C_OR", - "C_SD", - "C_SDSP", - "C_SLLI", - "C_SRAI", - "C_SRLI", - "C_SUB", - "C_SUBW", - "C_SW", - "C_SWSP", - "C_XOR" -] diff --git a/dv/formal/pyproject.toml b/dv/formal/pyproject.toml index 2a7e257564..b0ce02a306 100644 --- a/dv/formal/pyproject.toml +++ b/dv/formal/pyproject.toml @@ -13,12 +13,12 @@ dependencies = [ "anytree == 2.8.0", "hjson == 3.1.0", "mako == 1.1.6", - "pyyaml == 6.0", + "pyyaml == 6.0.2", "edalize @ git+https://github.com/lowRISC/edalize.git@v0.4.0", "fusesoc @ git+https://github.com/lowRISC/fusesoc.git@ot-0.4", + "psutil>=7.0.0", ] [tool.setuptools] # This is actually not a python project, we just use pyproject.toml to manage dependencies. py-modules = [] - diff --git a/dv/formal/Sources.mk b/dv/formal/sail-sources.mk similarity index 58% rename from dv/formal/Sources.mk rename to dv/formal/sail-sources.mk index 37e89a6d90..bcbc165d70 100644 --- a/dv/formal/Sources.mk +++ b/dv/formal/sail-sources.mk @@ -1,3 +1,10 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# Original author: Louis-Emile Ploix +# SPDX-License-Identifier: Apache-2.0 + +# This is the exact configuration used in Makefile to build the Sail specification module + SAIL_XLEN := riscv_xlen32.sail SAIL_CHECK_SRCS = riscv_addr_checks_common.sail riscv_addr_checks.sail riscv_misa_ext.sail @@ -13,15 +20,22 @@ SAIL_SYS_SRCS += riscv_sync_exception.sail SAIL_SYS_SRCS += riscv_csr_ext.sail SAIL_SYS_SRCS += riscv_sys_control.sail -PRELUDE = prelude.sail $(SAIL_XLEN) prelude_mem_metadata.sail prelude_mem.sail +SAIL_PRELUDE = prelude.sail $(SAIL_XLEN) prelude_mem_metadata.sail prelude_mem.sail SAIL_REGS_SRCS = riscv_reg_type.sail riscv_regs.sail riscv_pc_access.sail riscv_sys_regs.sail SAIL_REGS_SRCS += riscv_pmp_regs.sail riscv_pmp_control.sail SAIL_REGS_SRCS += riscv_ext_regs.sail $(SAIL_CHECK_SRCS) -SAIL_ARCH_SRCS = $(PRELUDE) +SAIL_ARCH_SRCS = $(SAIL_PRELUDE) SAIL_ARCH_SRCS += riscv_types_common.sail riscv_types_ext.sail riscv_types.sail SAIL_ARCH_SRCS += riscv_vmem_types.sail $(SAIL_REGS_SRCS) $(SAIL_SYS_SRCS) riscv_platform.sail SAIL_ARCH_SRCS += riscv_mem.sail -SAIL_SRCS = $(addprefix $(SAIL_RISCV_MODEL_DIR)/,$(SAIL_ARCH_SRCS) $(SAIL_SEQ_INST_SRCS)) \ No newline at end of file +SAIL_SRCS = $(addprefix $(SAIL_RISCV_MODEL_DIR)/,$(SAIL_ARCH_SRCS) $(SAIL_SEQ_INST_SRCS)) + +# execute_C_* will be removed to help avoid blowup +COMPRESSED_INSTRS=C_J C_JALR C_LW C_ADDIW C_LI C_ANDI C_BEQZ C_LD C_ILLEGAL C_AND C_JAL C_MV C_XOR \ + C_ADD C_EBREAK C_SDSP C_ADDI4SPN C_SW C_SUB \ + C_SWSP C_SRLI C_LDSP C_SD C_SRAI C_LUI C_OR C_SUBW C_JR C_ADDI \ + C_ADDW C_BNEZ C_ADDI16SP C_NOP C_SLLI + diff --git a/dv/formal/smt2manip.py b/dv/formal/smt2manip.py new file mode 100644 index 0000000000..0d736f6090 --- /dev/null +++ b/dv/formal/smt2manip.py @@ -0,0 +1,63 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# Original author: Louis-Emile Ploix +# SPDX-License-Identifier: Apache-2.0 + +from pathlib import Path +import re +import argparse + +# Yosys smt2 files encode assertions and assumptions fairly clearly, +# so it's not too difficult to move them around just by regexp. + +parser = argparse.ArgumentParser(prog="smt2manip", description="Does aig-manip select for smt2 files.") +parser.add_argument("yosys_smt2", help="Input smt2 file") +parser.add_argument("smt2out", help="Output smt2 file") +parser.add_argument("step", type=int, help="Step number") +parser.add_argument("props", nargs="*", help="Property list, or if empty all of them for the given step.") +args = parser.parse_args() + +smt2 = Path(args.yosys_smt2).read_text() + +lines = smt2.split("\n") +mapped = [] + +to_assume = [] +delete = [] + +for line in lines: + m = re.match(r"; yosys-smt2-assert ([0-9]+) ([^ ]+)", line) + if m is not None: + id = m[1] + name = m[2][6:].split("$")[0] + assert name.startswith("Step") + [step, name] = name.split("_", maxsplit=1) + step = int(step[4:]) + + if name.endswith("_Cover") or step > args.step or (step == args.step and len(args.props) > 0 and name not in args.props): + print(f"Delete {name} ({id})") + delete.append(id) + elif step < args.step: + print(f"Assert2Assume {name} ({id})") + to_assume.append(id) + else: + print(f"Keep {name} ({id})") + mapped.append(line) + continue + + m = re.match(r" \(\|top_a ([0-9]+)\| state\)", line) + if m is not None: + if m[1] in to_assume or m[1] in delete: + continue + mapped.append(line) + continue + + if line == "(define-fun |top_u| ((state |top_s|)) Bool (and": + mapped.append(line) + for id in to_assume: + mapped.append(f" (|top_a {id}| state)") + continue + + mapped.append(line) + +Path(args.smt2out).write_text("\n".join(mapped)) diff --git a/dv/formal/spec/fix_bugs.py b/dv/formal/spec/fix_bugs.py new file mode 100644 index 0000000000..16c6fce46e --- /dev/null +++ b/dv/formal/spec/fix_bugs.py @@ -0,0 +1,50 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# Original author: Louis-Emile Ploix +# SPDX-License-Identifier: Apache-2.0 + +''' +Fixes an issue where the Sail -> SV compiler references t_Pmpcfg_ent (in sail_genlib_ibexspec.sv) before it defines it (in ibexspec.sv) +by just moving that definition, as well as various other nit picks we can change in the specification. + +Ideally the sail compiler would do all of this. +''' + +from pathlib import Path + +S = """ +typedef struct { + logic [7:0] bits; +} t_Pmpcfg_ent; +""" + +T = """ +typedef logic [127:0] sail_int; +""" + +c = Path("build/ibexspec.sv").read_text() + +c = c.replace(S, "") +c = c.replace("struct {", "struct packed {") +c = c.replace("sail_return = sail_internal_pick(zz498);", "/* removed */") +c = c.replace("sail_return = sail_internal_pick(zz495);", "/* removed */") +c = c.replace(" main_result = main(insn_bits, mode);", """\ + wX_sail_invoke_arg_0[0] = 0; wX_sail_invoke_arg_1[0] = 0; + write_ram_sail_invoke_arg_0[0] = Write_plain; write_ram_sail_invoke_arg_0[1] = Write_plain; + write_ram_sail_invoke_arg_1[0] = 0; write_ram_sail_invoke_arg_1[1] = 0; + write_ram_sail_invoke_arg_2[0] = 0; write_ram_sail_invoke_arg_2[1] = 0; + write_ram_sail_invoke_arg_3[0] = 0; write_ram_sail_invoke_arg_3[1] = 0; + read_ram_sail_invoke_arg_0[0] = Read_plain; read_ram_sail_invoke_arg_0[1] = Read_plain; + read_ram_sail_invoke_arg_1[0] = 0; read_ram_sail_invoke_arg_1[1] = 0; + sail_reached_unreachable_loc = 0; + main_result = main(insn_bits, mode); \ +""") +c = c.replace("sail_reached_unreachable = 1;", "if (!sail_reached_unreachable) begin sail_reached_unreachable = 1; sail_reached_unreachable_loc = `__LINE__; end") +c = c.replace("module sail_ibexspec(", "module sail_ibexspec(\n output logic sail_reached_unreachable,\n output logic [31:0] sail_reached_unreachable_loc,") +c = c.replace("logic sail_reached_unreachable;", "") +c = c.replace("logic [31:0] sail_reached_unreachable_loc;", "") + +Path("build/ibexspec.sv").write_text(c) + +c = Path("build/sail_genlib_ibexspec.sv").read_text() +Path("build/sail_genlib_ibexspec.sv").write_text(S.replace("struct", "struct packed") + "\n" + c) diff --git a/dv/formal/spec/fix_pmp_bug.py b/dv/formal/spec/fix_pmp_bug.py deleted file mode 100644 index 90ed7a806b..0000000000 --- a/dv/formal/spec/fix_pmp_bug.py +++ /dev/null @@ -1,28 +0,0 @@ -''' -Fixes an issue where the Sail -> SV compiler references t_Pmpcfg_ent (in sail_genlib_ibexspec.sv) before it defines it (in ibexspec.sv) -by just moving that definition. -''' - -S = """ -typedef struct { - logic [7:0] bits; -} t_Pmpcfg_ent; -""" - -T = """ -typedef logic [127:0] sail_int; -""" - -with open("build/ibexspec.sv", "r") as f: - c = f.read() - -c = c.replace(S, "") - -with open("build/ibexspec.sv", "w") as f: - f.write(c) - -with open("build/sail_genlib_ibexspec.sv", "r") as f: - c = f.read() - -with open("build/sail_genlib_ibexspec.sv", "w") as f: - f.write(S + "\n" + c) diff --git a/dv/formal/spec/spec_api.sv b/dv/formal/spec/spec_api.sv index 12555aa30f..9c5189ddc8 100644 --- a/dv/formal/spec/spec_api.sv +++ b/dv/formal/spec/spec_api.sv @@ -23,12 +23,7 @@ module spec_api #( ) ( input t_MainMode main_mode, - output logic rx_a_en_o, - output logic [4:0] rx_a_addr_o, - input logic [31:0] rx_a_i, - output logic rx_b_en_o, - output logic [4:0] rx_b_addr_o, - input logic [31:0] rx_b_i, + input [31:0] regs_i [1:31], output logic wx_en_o, output logic [31:0] wx_o, @@ -62,8 +57,6 @@ module spec_api #( output mstatus_t mstatus_o, input logic [31:0] mcause_i, output logic [31:0] mcause_o, - input logic [63:0] mcycle_i, - output logic [63:0] mcycle_o, input logic [31:0] mtval_i, output logic [31:0] mtval_o, input logic [31:0] mtvec_i, @@ -72,10 +65,6 @@ module spec_api #( output logic [31:0] mscratch_o, input logic [31:0] mepc_i, output logic [31:0] mepc_o, - input logic [31:0] mshwmb_i, - output logic [31:0] mshwmb_o, - input logic [31:0] mshwm_i, - output logic [31:0] mshwm_o, input logic [31:0] mcounteren_i, output logic [31:0] mcounteren_o, @@ -99,16 +88,6 @@ module spec_api #( output logic [3:0] mem_write_snd_be_o ); -bit rX_sail_invoke[2]; -logic [31:0] rX_sail_invoke_ret[2]; -logic [63:0] rX_sail_invoke_arg_0[2]; -assign rx_a_en_o = rX_sail_invoke[0]; -assign rx_a_addr_o = rX_sail_invoke_arg_0[0][4:0]; -assign rX_sail_invoke_ret[0] = rx_a_i; -assign rx_b_en_o = rX_sail_invoke[1]; -assign rx_b_addr_o = rX_sail_invoke_arg_0[1][4:0]; -assign rX_sail_invoke_ret[1] = rx_b_i; - logic wX_sail_invoke[1]; logic [63:0] wX_sail_invoke_arg_0[1]; logic [31:0] wX_sail_invoke_arg_1[1]; @@ -181,7 +160,12 @@ end t_Mseccfg_ent mseccfg_out; assign mseccfg_o = mseccfg_out.bits; +logic sail_reached_unreachable; +logic [31:0] sail_reached_unreachable_loc; + sail_ibexspec spec_i( + .sail_reached_unreachable, + .sail_reached_unreachable_loc, .cur_inst_in(insn_bits), .cur_inst_out(), .cur_privilege_in(priv_i), @@ -198,8 +182,8 @@ sail_ibexspec spec_i( .mcounteren_out, .mcountinhibit_in(), .mcountinhibit_out(), - .mcycle_in(mcycle_i), - .mcycle_out(mcycle_o), + .mcycle_in(), + .mcycle_out(), .medeleg_in('{bits: 32'h0}), .medeleg_out(), .menvcfg_in('{bits: 32'h0}), @@ -272,67 +256,70 @@ sail_ibexspec spec_i( .stvec_out(), .tselect_in(), .tselect_out(), - .x1_in(), + .mtime_in(), + .mtime_out(), + + .x1_in(regs_i[1]), .x1_out(), - .x2_in(), + .x2_in(regs_i[2]), .x2_out(), - .x3_in(), + .x3_in(regs_i[3]), .x3_out(), - .x4_in(), + .x4_in(regs_i[4]), .x4_out(), - .x5_in(), + .x5_in(regs_i[5]), .x5_out(), - .x6_in(), + .x6_in(regs_i[6]), .x6_out(), - .x7_in(), + .x7_in(regs_i[7]), .x7_out(), - .x8_in(), + .x8_in(regs_i[8]), .x8_out(), - .x9_in(), + .x9_in(regs_i[9]), .x9_out(), - .x10_in(), + .x10_in(regs_i[10]), .x10_out(), - .x11_in(), + .x11_in(regs_i[11]), .x11_out(), - .x12_in(), + .x12_in(regs_i[12]), .x12_out(), - .x13_in(), + .x13_in(regs_i[13]), .x13_out(), - .x14_in(), + .x14_in(regs_i[14]), .x14_out(), - .x15_in(), + .x15_in(regs_i[15]), .x15_out(), - .x16_in(), + .x16_in(regs_i[16]), .x16_out(), - .x17_in(), + .x17_in(regs_i[17]), .x17_out(), - .x18_in(), + .x18_in(regs_i[18]), .x18_out(), - .x19_in(), + .x19_in(regs_i[19]), .x19_out(), - .x20_in(), + .x20_in(regs_i[20]), .x20_out(), - .x21_in(), + .x21_in(regs_i[21]), .x21_out(), - .x22_in(), + .x22_in(regs_i[22]), .x22_out(), - .x23_in(), + .x23_in(regs_i[23]), .x23_out(), - .x24_in(), + .x24_in(regs_i[24]), .x24_out(), - .x25_in(), + .x25_in(regs_i[25]), .x25_out(), - .x26_in(), + .x26_in(regs_i[26]), .x26_out(), - .x27_in(), + .x27_in(regs_i[27]), .x27_out(), - .x28_in(), + .x28_in(regs_i[28]), .x28_out(), - .x29_in(), + .x29_in(regs_i[29]), .x29_out(), - .x30_in(), + .x30_in(regs_i[30]), .x30_out(), - .x31_in(), + .x31_in(regs_i[31]), .x31_out(), .wX_sail_invoke, @@ -340,10 +327,6 @@ sail_ibexspec spec_i( .wX_sail_invoke_arg_0, .wX_sail_invoke_arg_1, - .rX_sail_invoke, - .rX_sail_invoke_ret, - .rX_sail_invoke_arg_0, - .write_ram_sail_invoke, .write_ram_sail_invoke_ret(), .write_ram_sail_invoke_arg_0(), @@ -361,7 +344,7 @@ sail_ibexspec spec_i( .mode(main_mode) ); -assign int_err_o = spec_i.sail_reached_unreachable | +assign int_err_o = sail_reached_unreachable | spec_i.sail_have_exception | (main_result != MAINRES_OK); diff --git a/dv/formal/spec/stub.sv b/dv/formal/spec/stub.sv index 7fe3631e40..4519374c3f 100644 --- a/dv/formal/spec/stub.sv +++ b/dv/formal/spec/stub.sv @@ -4,6 +4,8 @@ // Original author: Louis-Emile Ploix // SPDX-License-Identifier: Apache-2.0 +`include "sail.sv" + /* Provides stubs (mostly) for the native functions the Sail expects to see, mostly handling config stuff. diff --git a/dv/formal/strategies/step0.json b/dv/formal/strategies/step0.json new file mode 100644 index 0000000000..c9413571d2 --- /dev/null +++ b/dv/formal/strategies/step0.json @@ -0,0 +1 @@ +[[0, ["Ibex_AluInstrMatch", "Ibex_BranchedProg", "Ibex_ClockEn", "Ibex_CompressedMatch", "Ibex_CtrlWbexc", "Ibex_DecompressionIllegalIdEx", "Ibex_DecompressionIllegalWbexc", "Ibex_DecompressionMatchIdEx", "Ibex_DecompressionMatchWbexc", "Ibex_DoneFin", "Ibex_EBreakIntoDebug", "Ibex_EnWbProgress", "Ibex_ErrKill", "Ibex_ExecNoSpecialReq", "Ibex_HasCompressed", "Ibex_IDCFsmAny", "Ibex_IDCFsmNotBoot", "Ibex_IdExNotMemMuteIncr", "Ibex_IdExNotReq", "Ibex_IfBusErr", "Ibex_LSUEmpty", "Ibex_LSUFinishFast", "Ibex_LSUFinishWaitGnt", "Ibex_LSUFinishWaitRvalidMis", "Ibex_LSUFinishWaitRvalidMisGntsDone", "Ibex_LSUInstrStable", "Ibex_LsuWeq_Ex", "Ibex_MEPCBit0", "Ibex_MemClockEn", "Ibex_MemInstrEx", "Ibex_MemInstrWbLoad", "Ibex_MemInstrWbStore", "Ibex_MemInstrWbWrite", "Ibex_MtvecLow", "Ibex_NmiMode", "Ibex_NoEnterDebugMode", "Ibex_NoFinishingIRQ", "Ibex_NoStoreWb", "Ibex_NonCompressedMatch", "Ibex_NoneIdleIsDecode", "Ibex_NotDataIndTiming", "Ibex_NotIdleNoExErr", "Ibex_NotIdleReqDec", "Ibex_PCBit0", "Ibex_PostFlushNoInstr", "Ibex_PrivMorUCur", "Ibex_PrivMorUMpp", "Ibex_ProgressDecode", "Ibex_ProgressNoWbStall", "Ibex_ReqRequiresInstr", "Ibex_ReqRequiresNotIllegal", "Ibex_RfWriteWb", "Ibex_SndGntReqFstGnt", "Ibex_StallIdFSM1", "Ibex_UnCheckableNoPresent", "Ibex_ValidExists", "Ibex_ValidToBranch", "Ibex_WBOutstandingNoReq", "Ibex_WbInstrDefined", "Ibex_WbexcErrMonotonic", "Ibex_WfiKill"], "rIC3", [20, 6.843315124511719, 70.58977460861206, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-205.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9162265 vars, 1371823 inputs, 6882 latches, 12632751 clauses, 21 constraints\n[INFO ] dagcnf simplified from 275472 to 96558 clauses in 5.62s\n[INFO ] frts eliminates 2023 out of 23572 vars in 1.18s.\n[INFO ] dagcnf simplified from 88074 to 80364 clauses in 0.20s\n[INFO ] simplified ts has 21179 vars, 5877 inputs, 2614 latches, 80364 clauses, 21 constraints\n[INFO ] frames [7]: 2614 3 4 7 39 336 72 \n[INFO ] frames [9]: 2614 3 4 6 33 94 209 159 257 \n[INFO ] obligations: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 88, 23]\n[INFO ] frames [12]: 2614 3 4 6 33 93 193 42 7 0 46 338 \n[INFO ] SolverStatistic {\n num_solve: 9979,\n avg_solve_time: 934.806\u00b5s,\n avg_decide_var: 0.415984,\n num_simplify_subsume: 0,\n num_simplify_self_subsume: 0,\n }\n[INFO ] Statistic {\n time: 49.87s,\n num_mic: 823,\n avg_mic_cube_len: 6.490887,\n avg_po_cube_len: 254.403923,\n mic_drop: success: 1056, fail: 4098, success rate: 20.49%,\n num_down: 5154,\n num_down_sat: 5827,\n ctp: success: 0, fail: 739, success rate: 0.00%,\n block: Block {\n overall_time: 33.278881225s,\n get_bad_time: 515 times in 15.672441s,\n blocked_time: 704 times in 680.841589ms,\n get_pred_time: 3.759327302s,\n mic_time: 12.660165453s,\n push_time: 100.992658ms,\n },\n overall_propagate_time: 460.113001ms,\n xor_gen: success: 0, fail: 0, success rate: NaN%,\n num_auxiliary_var: 0,\n test: success: 0, fail: 0, success rate: NaN%,\n }\n"]], [0, ["Ibex_InstrValidDuringLSU", "Ibex_NoEarlyLSUErrq"], "rIC3", [20, 6.828975677490234, 20.50779700279236, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-296.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9147186 vars, 1370457 inputs, 6882 latches, 12604882 clauses, 21 constraints\n[INFO ] dagcnf simplified from 243359 to 87249 clauses in 2.79s\n[INFO ] frts eliminates 1771 out of 20870 vars in 0.48s.\n[INFO ] dagcnf simplified from 79618 to 74551 clauses in 0.06s\n[INFO ] simplified ts has 18817 vars, 4518 inputs, 2415 latches, 74551 clauses, 21 constraints\n[INFO ] obligations: [0, 0, 0, 0, 0, 0, 0, 0, 8, 16]\n[INFO ] frames [10]: 2415 1 1 6 15 17 1 0 34 29 \n[INFO ] SolverStatistic {\n num_solve: 960,\n avg_solve_time: 320.126\u00b5s,\n avg_decide_var: 0.393221,\n num_simplify_subsume: 0,\n num_simplify_self_subsume: 0,\n }\n[INFO ] Statistic {\n time: 8.59s,\n num_mic: 118,\n avg_mic_cube_len: 3.966102,\n avg_po_cube_len: 161.042169,\n mic_drop: success: 109, fail: 297, success rate: 26.85%,\n num_down: 406,\n num_down_sat: 452,\n ctp: success: 0, fail: 123, success rate: 0.00%,\n block: Block {\n overall_time: 1.02696894s,\n get_bad_time: 47 times in 462.830659ms,\n blocked_time: 52 times in 11.516056ms,\n get_pred_time: 106.717268ms,\n mic_time: 404.985681ms,\n push_time: 2.70798ms,\n },\n overall_propagate_time: 61.833618ms,\n xor_gen: success: 0, fail: 0, success rate: NaN%,\n num_auxiliary_var: 0,\n test: success: 0, fail: 0, success rate: NaN%,\n }\n"]], [0, ["Ibex_NoInstrInNonDecode"], "rIC3", [20, 6.827434539794922, 23.578890562057495, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-297.aig\n[INFO ] origin ts has 9147188 vars, 1370457 inputs, 6882 latches, 12604838 clauses, 21 constraints\n[INFO ] dagcnf simplified from 243315 to 87255 clauses in 4.30s\n[INFO ] frts eliminates 1774 out of 20852 vars in 0.47s.\n[INFO ] dagcnf simplified from 79649 to 74639 clauses in 0.04s\n[INFO ] simplified ts has 18803 vars, 4508 inputs, 2415 latches, 74639 clauses, 21 constraints\n[INFO ] obligations: [0, 0, 0, 0, 0, 0, 0, 0, 2]\n[INFO ] frames [9]: 2415 1 2 7 6 3 0 6 11 \n[INFO ] SolverStatistic {\n num_solve: 371,\n avg_solve_time: 260.576\u00b5s,\n avg_decide_var: 0.413672,\n num_simplify_subsume: 0,\n num_simplify_self_subsume: 0,\n }\n[INFO ] Statistic {\n time: 9.39s,\n num_mic: 43,\n avg_mic_cube_len: 5.023256,\n avg_po_cube_len: 75.551724,\n mic_drop: success: 60, fail: 154, success rate: 28.04%,\n num_down: 214,\n num_down_sat: 223,\n ctp: success: 0, fail: 22, success rate: 0.00%,\n block: Block {\n overall_time: 179.121872ms,\n get_bad_time: 11 times in 71.584264ms,\n blocked_time: 12 times in 735.950000\u00b5s,\n get_pred_time: 20.247237ms,\n mic_time: 125.062879ms,\n push_time: 2.531252ms,\n },\n overall_propagate_time: 33.357595ms,\n xor_gen: success: 0, fail: 0, success rate: NaN%,\n num_auxiliary_var: 0,\n test: success: 0, fail: 0, success rate: NaN%,\n }\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step1.json b/dv/formal/strategies/step1.json new file mode 100644 index 0000000000..88b533d24a --- /dev/null +++ b/dv/formal/strategies/step1.json @@ -0,0 +1 @@ +[[1, ["Ibex_LSUEnd", "Ibex_LsuWeq_Wb"], "rIC3", [20, 6.842647552490234, 24.184988975524902, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-291.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9162472 vars, 1371823 inputs, 6882 latches, 12633257 clauses, 85 constraints\n[INFO ] dagcnf simplified from 275978 to 96425 clauses in 3.81s\n[INFO ] frts eliminates 1995 out of 23564 vars in 0.67s.\n[INFO ] dagcnf simplified from 87968 to 80293 clauses in 0.04s\n[INFO ] simplified ts has 21194 vars, 5893 inputs, 2614 latches, 80293 clauses, 85 constraints\n[INFO ] obligations: [0, 0, 0, 0, 0, 0, 5]\n[INFO ] frames [7]: 2614 5 11 17 0 9 14 \n[INFO ] SolverStatistic {\n num_solve: 490,\n avg_solve_time: 280.651\u00b5s,\n avg_decide_var: 0.408344,\n num_simplify_subsume: 0,\n num_simplify_self_subsume: 0,\n }\n[INFO ] Statistic {\n time: 9.51s,\n num_mic: 60,\n avg_mic_cube_len: 4.166667,\n avg_po_cube_len: 244.500000,\n mic_drop: success: 48, fail: 201, success rate: 19.28%,\n num_down: 249,\n num_down_sat: 287,\n ctp: success: 0, fail: 25, success rate: 0.00%,\n block: Block {\n overall_time: 263.514226ms,\n get_bad_time: 15 times in 52.658229ms,\n blocked_time: 13 times in 3.616006ms,\n get_pred_time: 41.301672ms,\n mic_time: 191.129034ms,\n push_time: 656.96\u00b5s,\n },\n overall_propagate_time: 35.696124ms,\n xor_gen: success: 0, fail: 0, success rate: NaN%,\n num_auxiliary_var: 0,\n test: success: 0, fail: 0, success rate: NaN%,\n }\n"]], [1, ["Ibex_SpecPastWbexc_Mstatus"], "rIC3 -e kind --no-preproc", [20, 12.90362548828125, 41.612451791763306, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-283.aig\n[INFO ] origin ts has 9162456 vars, 1371823 inputs, 6882 latches, 12633184 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Mseccfg"], "rIC3 -e kind --no-preproc", [20, 12.932071685791016, 58.754812479019165, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-246.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Mtvec"], "rIC3 -e kind --no-preproc", [20, 13.087722778320312, 53.77845048904419, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-188.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Pc"], "rIC3 -e kind --no-preproc", [20, 12.904491424560547, 55.594889640808105, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-201.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Mie"], "rIC3 -e kind --no-preproc", [20, 13.068729400634766, 47.101776361465454, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-181.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Mtval"], "rIC3 -e kind --no-preproc", [20, 12.902355194091797, 54.088356018066406, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-189.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Priv"], "rIC3 -e kind --no-preproc", [20, 12.903732299804688, 57.354350328445435, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-196.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Mcounteren"], "rIC3", [20, 6.843891143798828, 41.113420248031616, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-243.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[INFO ] dagcnf simplified from 276855 to 97139 clauses in 4.40s\n[INFO ] frts eliminates 2003 out of 23847 vars in 0.88s.\n[INFO ] dagcnf simplified from 88672 to 81049 clauses in 0.10s\n[INFO ] simplified ts has 21489 vars, 5956 inputs, 2678 latches, 81049 clauses, 85 constraints\n[INFO ] obligations: []\n[INFO ] frames [4]: 2678 0 0 0 \n[INFO ] SolverStatistic {\n num_solve: 1,\n avg_solve_time: 8.376\u00b5s,\n avg_decide_var: 0.547520,\n num_simplify_subsume: 0,\n num_simplify_self_subsume: 0,\n }\n[INFO ] Statistic {\n time: 12.80s,\n num_mic: 0,\n avg_mic_cube_len: NaN,\n avg_po_cube_len: NaN,\n mic_drop: success: 0, fail: 0, success rate: NaN%,\n num_down: 0,\n num_down_sat: 0,\n ctp: success: 0, fail: 0, success rate: NaN%,\n block: Block {\n overall_time: 10.375222ms,\n get_bad_time: 2 times in 10.374121ms,\n blocked_time: 0 times in 0.000000ns,\n get_pred_time: 0ns,\n mic_time: 0ns,\n push_time: 0ns,\n },\n overall_propagate_time: 8.416\u00b5s,\n xor_gen: success: 0, fail: 0, success rate: NaN%,\n num_auxiliary_var: 0,\n test: success: 0, fail: 0, success rate: NaN%,\n }\n"]], [1, ["Ibex_SpecPastWbexc_Mepc"], "rIC3 -e kind --no-preproc", [20, 12.903045654296875, 36.584834575653076, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-169.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Pmp_cfg"], "rIC3 -e kind --no-preproc", [20, 12.956031799316406, 51.46216440200806, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-254.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Mscratch"], "rIC3 -e kind --no-preproc", [20, 12.903621673583984, 47.82920432090759, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-186.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Mcause"], "rIC3 -e kind --no-preproc", [20, 12.90334701538086, 50.713085412979126, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-199.aig\n[INFO ] origin ts has 9162560 vars, 1371823 inputs, 6882 latches, 12633366 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastWbexc_Pmp_addr"], "rIC3 -e kind --no-preproc", [20, 13.066020965576172, 62.502004861831665, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-221.aig\n[INFO ] origin ts has 9162944 vars, 1371823 inputs, 6882 latches, 12634038 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_SpecPastReg"], "rIC3 -e kind --no-preproc", [20, 16.016590118408203, 126.89426493644714, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-105.aig\n[INFO ] origin ts has 9165867 vars, 1371887 inputs, 6882 latches, 12637770 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [1, ["Ibex_MultDivStates"], "rIC3 -e kind --no-preproc", [20, 13.096878051757812, 83.93198204040527, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-206.aig\n[INFO ] origin ts has 9162438 vars, 1371823 inputs, 6882 latches, 12633160 clauses, 85 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step10.json b/dv/formal/strategies/step10.json new file mode 100644 index 0000000000..00740122c0 --- /dev/null +++ b/dv/formal/strategies/step10.json @@ -0,0 +1 @@ +[[10, ["Arith_Shift_CSR"], "rIC3 -e kind --no-preproc", [20, 13.02313232421875, 55.62367129325867, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-178.aig\n[INFO ] origin ts has 9200120 vars, 1372380 inputs, 6882 latches, 12710015 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["Arith_Shift_PC"], "rIC3 -e kind --no-preproc", [20, 16.78994369506836, 274.94223642349243, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-51.aig\n[INFO ] origin ts has 9200120 vars, 1372380 inputs, 6882 latches, 12710015 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] k-induction proofed in depth 3\n"]], [10, ["Arith_Shift_Addr"], "rIC3 -e kind --no-preproc", [20, 13.184993743896484, 193.75949931144714, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-208.aig\n[INFO ] origin ts has 9200120 vars, 1372380 inputs, 6882 latches, 12710015 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["Arith_Shift_Data"], "rIC3 -e kind --no-preproc", [20, 18.74392318725586, 712.7275965213776, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-10.aig\n[INFO ] origin ts has 9200120 vars, 1372380 inputs, 6882 latches, 12710015 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] k-induction proofed in depth 3\n"]], [10, ["Arith_I_PC"], "rIC3 -e kind --no-preproc", [20, 18.90715789794922, 403.77044224739075, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-53.aig\n[INFO ] origin ts has 9200189 vars, 1372380 inputs, 6882 latches, 12710122 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] k-induction proofed in depth 3\n"]], [10, ["Arith_I_CSR"], "rIC3 -e kind --no-preproc", [20, 13.075241088867188, 66.59597277641296, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-175.aig\n[INFO ] origin ts has 9200189 vars, 1372380 inputs, 6882 latches, 12710122 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["Arith_I_Addr"], "rIC3 -e kind --no-preproc", [20, 13.186294555664062, 71.21461915969849, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-150.aig\n[INFO ] origin ts has 9200189 vars, 1372380 inputs, 6882 latches, 12710122 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["Arith_I_Data"], "rIC3 -e kind --no-preproc", [20, 16.24321746826172, 251.62495589256287, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-66.aig\n[INFO ] origin ts has 9200189 vars, 1372380 inputs, 6882 latches, 12710122 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["Arith_R_CSR"], "rIC3 -e kind --no-preproc", [20, 13.064559936523438, 49.941436529159546, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-170.aig\n[INFO ] origin ts has 9200452 vars, 1372380 inputs, 6882 latches, 12710656 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["Arith_R_PC"], "rIC3 -e kind --no-preproc", [20, 16.32196807861328, 247.6131100654602, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-25.aig\n[INFO ] origin ts has 9200452 vars, 1372380 inputs, 6882 latches, 12710656 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] k-induction proofed in depth 3\n"]], [10, ["Arith_R_Data"], "rIC3 -e kind --no-preproc", [20, 16.036808013916016, 420.309720993042, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-23.aig\n[INFO ] origin ts has 9200452 vars, 1372380 inputs, 6882 latches, 12710656 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["Arith_R_Addr"], "rIC3 -e kind --no-preproc", [20, 13.075756072998047, 61.22577428817749, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-234.aig\n[INFO ] origin ts has 9200452 vars, 1372380 inputs, 6882 latches, 12710656 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["Mem_MemSpec_IdleActive", "Mem_MemSpec_Step", "Mem_MemSpec_WaitGnt", "Mem_MemSpec_WaitGntMis", "Mem_MemSpec_WaitGntSplit", "Mem_MemSpec_WaitRvalidMis", "Mem_MemSpec_WaitRvalidMisGntsDone"], "rIC3 -e kind --no-preproc", [20, 12.780132293701172, 49.70797300338745, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-275.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9200169 vars, 1372380 inputs, 6882 latches, 12710347 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["BType_BInd_Oma_Rev_0", "BType_BInd_Oma_Rev_1", "BType_BInd_Progress_Rev", "BType_BInd_Stall_Rev"], "rIC3 -e kind --no-preproc", [20, 12.928741455078125, 32.65020942687988, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-164.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9200256 vars, 1372389 inputs, 6882 latches, 12710536 clauses, 382 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [10, ["JType_JInd_Oma_Rev", "JType_JInd_Stall_Rev", "JType_JInd_Progress_Rev"], "rIC3 -e kind --no-preproc", [20, 13.149864196777344, 41.40554714202881, "OK", "RESULT: UNSAT\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step11.json b/dv/formal/strategies/step11.json new file mode 100644 index 0000000000..70f6aa1165 --- /dev/null +++ b/dv/formal/strategies/step11.json @@ -0,0 +1 @@ +[[11, ["JType_JInd_Oma", "JType_JInd_Progress", "JType_JInd_Stall"], "rIC3 -e kind --no-preproc", [20, 12.79208755493164, 44.57916307449341, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-277.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9204841 vars, 1372396 inputs, 6882 latches, 12720195 clauses, 408 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [11, ["Mem_ExcCSRMaintainEx"], "rIC3 -e kind --no-preproc", [20, 13.926959991455078, 174.55626964569092, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-87.aig\n[INFO ] origin ts has 9205952 vars, 1372396 inputs, 6882 latches, 12722078 clauses, 408 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [11, ["Mem_PCMaintainEx1", "Mem_PCMaintainEx2", "Mem_PMPErrMatch"], "rIC3 -e kind --no-preproc", [20, 16.043071746826172, 146.65763664245605, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-104.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9205097 vars, 1372396 inputs, 6882 latches, 12720638 clauses, 408 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [11, ["Mem_LSU2ndReqStep", "Mem_LSUEarlyRequestSplit", "Mem_LSUHold", "Mem_LSUHoldWrite", "Mem_LSUInternalHold", "Mem_LSULateRespFinishing", "Mem_LSUMaxTwoReqs"], "rIC3 -e kind --no-preproc", [20, 12.99798583984375, 52.52440404891968, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-257.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9206480 vars, 1372526 inputs, 6882 latches, 12723102 clauses, 408 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [11, ["Mem_AltLSUVeryEarly"], "rIC3 -e kind --no-preproc", [20, 13.10592269897461, 43.578543186187744, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-133.aig\n[INFO ] origin ts has 9208291 vars, 1372780 inputs, 6882 latches, 12726133 clauses, 408 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [11, ["Mem_CSRMaintainEx"], "rIC3 -e kind --no-preproc", [20, 13.90517807006836, 179.08196568489075, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-77.aig\n[INFO ] origin ts has 9206480 vars, 1372396 inputs, 6882 latches, 12723002 clauses, 408 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [11, ["BType_BInd_Oma", "BType_BInd_Progress", "BType_BInd_Stall"], "rIC3 -e kind --no-preproc", [20, 12.791057586669922, 40.396634578704834, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-278.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9204841 vars, 1372396 inputs, 6882 latches, 12720195 clauses, 408 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [11, ["Mem_NoMem"], "rIC3 -e kind --no-preproc", [20, 12.660163879394531, 31.4222092628479, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-295.aig\n[INFO ] origin ts has 9204758 vars, 1372396 inputs, 6882 latches, 12719946 clauses, 408 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step12.json b/dv/formal/strategies/step12.json new file mode 100644 index 0000000000..c01dc65a07 --- /dev/null +++ b/dv/formal/strategies/step12.json @@ -0,0 +1 @@ +[[12, ["Mem_AltLSUEarly", "Mem_PCNoChangeNoBranch"], "rIC3 -e kind --no-preproc", [20, 13.119216918945312, 69.39226651191711, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-265.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9217382 vars, 1373294 inputs, 6882 latches, 12742979 clauses, 428 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [12, ["JType_Branch"], "rIC3 -e kind --no-preproc", [20, 16.043514251708984, 240.1651349067688, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-83.aig\n[INFO ] origin ts has 9213834 vars, 1372910 inputs, 6882 latches, 12736712 clauses, 428 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [12, ["BType_NoBranch"], "rIC3 -e kind --no-preproc", [20, 16.038925170898438, 463.7887578010559, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-41.aig\n[INFO ] origin ts has 9213839 vars, 1372910 inputs, 6882 latches, 12736722 clauses, 428 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [12, ["BType_Branch"], "rIC3 -e kind --no-preproc", [20, 16.076858520507812, 466.69943165779114, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-46.aig\n[INFO ] origin ts has 9213839 vars, 1372910 inputs, 6882 latches, 12736722 clauses, 428 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step13.json b/dv/formal/strategies/step13.json new file mode 100644 index 0000000000..6d1b744818 --- /dev/null +++ b/dv/formal/strategies/step13.json @@ -0,0 +1 @@ +[[13, ["Mem_StoreAddrMaintain"], "rIC3 -e kind --no-preproc", [20, 12.842063903808594, 53.25486469268799, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-266.aig\n[INFO ] origin ts has 9217909 vars, 1373294 inputs, 6882 latches, 12744085 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_ExcAddrMaintain"], "rIC3 -e kind --no-preproc", [20, 13.040443420410156, 67.06311249732971, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-239.aig\n[INFO ] origin ts has 9217908 vars, 1373294 inputs, 6882 latches, 12744082 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_ExcCSRMaintainMTVal"], "rIC3 -e kind --no-preproc", [20, 13.019668579101562, 59.911834955215454, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-262.aig\n[INFO ] origin ts has 9218037 vars, 1373294 inputs, 6882 latches, 12744309 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_ExcCSRMaintainMStatus"], "rIC3 -e kind --no-preproc", [20, 13.058467864990234, 58.31077218055725, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-91.aig\n[INFO ] origin ts has 9218055 vars, 1373294 inputs, 6882 latches, 12744338 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_ExcCSRMaintainMCause"], "rIC3 -e kind --no-preproc", [20, 13.975189208984375, 232.30856275558472, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-93.aig\n[INFO ] origin ts has 9218133 vars, 1373294 inputs, 6882 latches, 12744592 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_ExcCSRMaintainPriv"], "rIC3 -e kind --no-preproc", [20, 13.126823425292969, 55.70304346084595, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-86.aig\n[INFO ] origin ts has 9218037 vars, 1373294 inputs, 6882 latches, 12744309 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_ExcCSRMaintainMepc"], "rIC3 -e kind --no-preproc", [20, 13.956352233886719, 180.1339237689972, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-156.aig\n[INFO ] origin ts has 9218037 vars, 1373294 inputs, 6882 latches, 12744309 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_ExcCSRMaintainRest"], "rIC3 -e kind --no-preproc", [20, 16.07036590576172, 197.62311172485352, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-135.aig\n[INFO ] origin ts has 9219133 vars, 1373294 inputs, 6882 latches, 12746307 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_PCMaintainWb"], "rIC3 -e kind --no-preproc", [20, 12.880035400390625, 55.29046058654785, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-274.aig\n[INFO ] origin ts has 9218036 vars, 1373294 inputs, 6882 latches, 12744306 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_PCNoChangeBranch"], "rIC3 -e kind --no-preproc", [20, 12.879081726074219, 53.36577320098877, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-273.aig\n[INFO ] origin ts has 9218036 vars, 1373294 inputs, 6882 latches, 12744306 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_PCExc"], "rIC3 -e kind --no-preproc", [20, 16.079490661621094, 158.53639483451843, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-107.aig\n[INFO ] origin ts has 9218035 vars, 1373294 inputs, 6882 latches, 12744303 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_CSRMaintain", "Mem_CSRNoChange"], "rIC3 -e kind --no-preproc", [20, 14.713321685791016, 95.5521149635315, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-142.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9219698 vars, 1373294 inputs, 6882 latches, 12747342 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_AltLSU"], "rIC3 -e kind --no-preproc", [20, 16.033649444580078, 169.69502353668213, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-102.aig\n[INFO ] origin ts has 9221412 vars, 1373678 inputs, 6882 latches, 12750222 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["Mem_LoadAddrMaintain"], "rIC3 -e kind --no-preproc", [20, 12.932868957519531, 56.18423533439636, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-251.aig\n[INFO ] origin ts has 9217930 vars, 1373294 inputs, 6882 latches, 12744123 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["BType_Addr", "BType_CSR", "BType_Data", "BType_PC"], "rIC3 -e kind --no-preproc", [20, 13.077159881591797, 46.12290024757385, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-147.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9218138 vars, 1373294 inputs, 6882 latches, 12744632 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [13, ["JType_Jal_Fast", "JType_Jalr_Fast"], "rIC3 -e kind --no-preproc", [20, 12.877490997314453, 43.36563968658447, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-276.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9218011 vars, 1373296 inputs, 6882 latches, 12744305 clauses, 433 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step14.json b/dv/formal/strategies/step14.json new file mode 100644 index 0000000000..0858481e22 --- /dev/null +++ b/dv/formal/strategies/step14.json @@ -0,0 +1 @@ +[[14, ["JType_Jal_Addr", "JType_Jal_CSR", "JType_Jal_Data", "JType_Jal_PC"], "rIC3 -e kind --no-preproc", [20, 13.930557250976562, 124.74911975860596, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-152.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9226734 vars, 1373680 inputs, 6882 latches, 12760927 clauses, 454 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [14, ["JType_Jalr_Addr", "JType_Jalr_CSR", "JType_Jalr_Data", "JType_Jalr_PC"], "rIC3 -e kind --no-preproc", [20, 16.389507293701172, 222.60614895820618, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-106.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9226746 vars, 1373680 inputs, 6882 latches, 12760963 clauses, 454 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [14, ["Mem_Load_En", "Mem_Load_NoWe", "Mem_Store_We", "Mem_Store_En"], "rIC3 -e kind --no-preproc", [20, 12.87420654296875, 20.385092973709106, "OK", "RESULT: UNSAT\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step15.json b/dv/formal/strategies/step15.json new file mode 100644 index 0000000000..2661af36e8 --- /dev/null +++ b/dv/formal/strategies/step15.json @@ -0,0 +1 @@ +[[15, ["Mem_Store_SndEn", "Mem_Load_SndEn"], "rIC3 -e kind --no-preproc", [20, 12.87820816040039, 18.970335483551025, "OK", "RESULT: UNSAT\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step16.json b/dv/formal/strategies/step16.json new file mode 100644 index 0000000000..bacbf58be2 --- /dev/null +++ b/dv/formal/strategies/step16.json @@ -0,0 +1 @@ +[[16, ["Mem_Store_SndAddr", "Mem_Store_SndWData", "Mem_Store_FstAddr", "Mem_Store_FstWData", "Mem_Load_FstAddr", "Mem_Load_SndAddr"], "rIC3 -e kind --no-preproc", [20, 13.040031433105469, 20.674562454223633, "OK", "RESULT: UNSAT\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step17.json b/dv/formal/strategies/step17.json new file mode 100644 index 0000000000..69f34defce --- /dev/null +++ b/dv/formal/strategies/step17.json @@ -0,0 +1 @@ +[[17, ["Mem_Store_End_Fst", "Mem_Store_End_Snd", "Mem_Load_End_Fst", "Mem_Load_End_Snd"], "rIC3 -e kind --no-preproc", [20, 16.112525939941406, 95.3504912853241, "OK", "RESULT: UNSAT\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step18.json b/dv/formal/strategies/step18.json new file mode 100644 index 0000000000..a24a9b46b1 --- /dev/null +++ b/dv/formal/strategies/step18.json @@ -0,0 +1 @@ +[[18, ["Mem_L_Addr_Err", "Mem_L_Addr_NotErr", "Mem_L_CSR_Err", "Mem_L_CSR_NotErr", "Mem_L_Data_Err", "Mem_L_Data_NotErr", "Mem_L_PC_Err", "Mem_L_PC_NotErr"], "rIC3 -e kind --no-preproc", [20, 16.13936996459961, 154.18841457366943, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-95.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9228782 vars, 1373680 inputs, 6882 latches, 12765971 clauses, 478 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [18, ["Mem_S_Data_Err", "Mem_S_Data_NotErr", "Mem_S_CSR_Err", "Mem_S_CSR_NotErr", "Mem_S_PC_Err", "Mem_S_PC_NotErr", "Mem_S_Addr_Err", "Mem_S_Addr_NotErr"], "rIC3 -e kind --no-preproc", [20, 13.949718475341797, 46.59492611885071, "OK", "RESULT: UNSAT\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step19.json b/dv/formal/strategies/step19.json new file mode 100644 index 0000000000..0c7d6f524d --- /dev/null +++ b/dv/formal/strategies/step19.json @@ -0,0 +1 @@ +[[19, ["Top_CSR"], "rIC3 -e kind --no-preproc", [20, 14.704177856445312, 77.50707292556763, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-118.aig\n[INFO ] origin ts has 9229145 vars, 1373680 inputs, 6882 latches, 12767025 clauses, 494 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [19, ["Top_PC"], "rIC3 -e kind --no-preproc", [20, 15.789482116699219, 105.00511384010315, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-85.aig\n[INFO ] origin ts has 9229145 vars, 1373680 inputs, 6882 latches, 12767025 clauses, 494 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [19, ["Top_Addr", "Top_Data"], "rIC3 -e kind --no-preproc", [20, 13.109149932861328, 83.78421783447266, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-209.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9229212 vars, 1373680 inputs, 6882 latches, 12767191 clauses, 494 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step2.json b/dv/formal/strategies/step2.json new file mode 100644 index 0000000000..789a33a4a5 --- /dev/null +++ b/dv/formal/strategies/step2.json @@ -0,0 +1 @@ +[[2, ["Ibex_Memory_WaitGntMis_Step", "Ibex_Memory_WaitGntMis_WaitGntMis_Inv", "Ibex_Memory_WaitGntMis_WaitRvalidMis_Inv", "Ibex_Memory_WaitGnt_Step", "Ibex_Memory_WaitGnt_StepFail_Inv", "Ibex_Memory_WaitGnt_Step_Inv", "Ibex_Memory_WaitGnt_WaitGnt_Inv", "Ibex_Memory_WaitRvalidMisGntsDone_Step", "Ibex_Memory_WaitRvalidMisGntsDone_StepFail_Inv", "Ibex_Memory_WaitRvalidMis_Step", "Ibex_Memory_WaitRvalidMis_StepFail_Inv", "Ibex_Memory_WaitRvalidMis_Step_Inv", "Ibex_Memory_WaitRvalidMis_WaitRvalidMisGntsDone_Inv", "Ibex_Memory_WaitRvalidMis_WaitRvalidMis_Inv", "Ibex_Memory_Wait_End_Inv", "Ibex_Memory_Wait_Step", "Ibex_Memory_Wait_Wait_Inv"], "rIC3 -e kind --no-preproc", [20, 12.748859405517578, 48.73140263557434, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-256.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9169133 vars, 1371901 inputs, 6882 latches, 12645021 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_End_Idle_Inv", "Ibex_Memory_End_Step"], "rIC3 -e kind --no-preproc", [20, 15.833744049072266, 119.21793460845947, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-108.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9168440 vars, 1371887 inputs, 6882 latches, 12643054 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [2, ["Ibex_Memory_IdleActive_WaitGntMis_Inv"], "rIC3 -e kind --no-preproc", [20, 16.045764923095703, 212.2694640159607, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-80.aig\n[INFO ] origin ts has 9168411 vars, 1371889 inputs, 6882 latches, 12642951 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_IdleActive_WaitGnt_Inv"], "rIC3 -e kind --no-preproc", [20, 16.024478912353516, 233.87951064109802, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-81.aig\n[INFO ] origin ts has 9168411 vars, 1371889 inputs, 6882 latches, 12642951 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_IdleActive_WaitRvalidMis_Inv"], "rIC3 -e kind --no-preproc", [20, 12.74972152709961, 51.20900797843933, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-272.aig\n[INFO ] origin ts has 9168411 vars, 1371889 inputs, 6882 latches, 12642951 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_IdleActive_StepFail_Inv", "Ibex_Memory_IdleActive_Step_Inv"], "rIC3 -e kind --no-preproc", [20, 12.743267059326172, 53.042816162109375, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-267.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9168441 vars, 1371887 inputs, 6882 latches, 12643057 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_Idle_IdleActive_Inv", "Ibex_Memory_Idle_Idle_Inv"], "rIC3 -e kind --no-preproc", [20, 12.753536224365234, 45.45587396621704, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-216.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9168449 vars, 1371889 inputs, 6882 latches, 12643065 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_Idle_Step"], "rIC3 -e kind --no-preproc", [20, 12.738800048828125, 42.13136291503906, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-214.aig\n[INFO ] origin ts has 9168403 vars, 1371887 inputs, 6882 latches, 12642943 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_Fail_Idle_Inv", "Ibex_Memory_Fail_Step"], "rIC3 -e kind --no-preproc", [20, 15.818733215332031, 111.84271287918091, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-100.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9168440 vars, 1371887 inputs, 6882 latches, 12643054 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [2, ["Ibex_Memory_StepFail_Fail_Inv", "Ibex_Memory_Step_End_Inv", "Ibex_Memory_Step_Wait_Inv"], "rIC3 -e kind --no-preproc", [20, 12.7454833984375, 47.689942598342896, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-223.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9168503 vars, 1371893 inputs, 6882 latches, 12643195 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_Initial_Idle"], "rIC3 -e kind --no-preproc", [20, 12.678115844726562, 48.45287251472473, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-227.aig\n[INFO ] origin ts has 9168407 vars, 1371888 inputs, 6882 latches, 12642947 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_Initial"], "rIC3 -e kind --no-preproc", [20, 12.657413482666016, 49.69207549095154, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-261.aig\n[INFO ] origin ts has 9168406 vars, 1371888 inputs, 6882 latches, 12642944 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_IdleActive_Step"], "rIC3 -e kind --no-preproc", [20, 12.746086120605469, 52.667428970336914, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-268.aig\n[INFO ] origin ts has 9168405 vars, 1371887 inputs, 6882 latches, 12642949 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_StepFail_Step"], "rIC3 -e kind --no-preproc", [20, 12.617366790771484, 50.07735466957092, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-271.aig\n[INFO ] origin ts has 9168434 vars, 1371887 inputs, 6882 latches, 12643036 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_WaitRvalidMis_WaitGnt_Inv"], "rIC3 -e kind --no-preproc", [20, 16.060157775878906, 184.49690794944763, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-13.aig\n[INFO ] origin ts has 9168411 vars, 1371889 inputs, 6882 latches, 12642951 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_Step_Step"], "rIC3 -e kind --no-preproc", [20, 12.644493103027344, 52.026052713394165, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-270.aig\n[INFO ] origin ts has 9168435 vars, 1371887 inputs, 6882 latches, 12643039 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_WaitRvalidMisGntsDone_Step_Inv"], "rIC3 -e kind --no-preproc", [20, 12.869792938232422, 43.72930860519409, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-289.aig\n[INFO ] origin ts has 9168403 vars, 1371887 inputs, 6882 latches, 12642943 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [2, ["Ibex_Memory_WaitRvalidMisGntsDone_WaitRvalidMisGntsDone_Inv"], "rIC3 -e kind --no-preproc", [20, 13.88094711303711, 223.58351016044617, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-110.aig\n[INFO ] origin ts has 9168411 vars, 1371889 inputs, 6882 latches, 12642951 clauses, 102 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step20.json b/dv/formal/strategies/step20.json new file mode 100644 index 0000000000..c8f14b827d --- /dev/null +++ b/dv/formal/strategies/step20.json @@ -0,0 +1 @@ +[[20, ["RegMatch_2"], "rIC3 -e kind --no-preproc", [20, 15.921512603759766, 215.76978659629822, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-63.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_29"], "rIC3 -e kind --no-preproc", [20, 15.882442474365234, 234.84964275360107, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-52.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_24"], "rIC3 -e kind --no-preproc", [20, 15.919178009033203, 200.1558883190155, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-47.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_3"], "rIC3 -e kind --no-preproc", [20, 15.881828308105469, 214.42114925384521, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-27.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_13"], "rIC3 -e kind --no-preproc", [20, 15.88153076171875, 217.87279152870178, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-45.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_1"], "rIC3 -e kind --no-preproc", [20, 15.910358428955078, 221.37213325500488, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-29.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_23"], "rIC3 -e kind --no-preproc", [20, 15.882274627685547, 212.9316246509552, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-32.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_7"], "rIC3 -e kind --no-preproc", [20, 15.882293701171875, 217.79344987869263, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-35.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_17"], "rIC3 -e kind --no-preproc", [20, 15.881145477294922, 209.30033612251282, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-36.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_18"], "rIC3 -e kind --no-preproc", [20, 15.919506072998047, 212.38727450370789, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-56.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_31"], "rIC3 -e kind --no-preproc", [20, 15.88248062133789, 227.9048719406128, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-55.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_30"], "rIC3 -e kind --no-preproc", [20, 15.92074966430664, 186.22963547706604, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-50.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_12"], "rIC3 -e kind --no-preproc", [20, 15.920181274414062, 202.97343111038208, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-65.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_14"], "rIC3 -e kind --no-preproc", [20, 15.920578002929688, 216.28882694244385, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-70.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_16"], "rIC3 -e kind --no-preproc", [20, 15.920024871826172, 203.95552492141724, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-57.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_26"], "rIC3 -e kind --no-preproc", [20, 15.921211242675781, 191.49100351333618, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-49.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_19"], "rIC3 -e kind --no-preproc", [20, 15.881526947021484, 217.54108214378357, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-31.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_25"], "rIC3 -e kind --no-preproc", [20, 15.88140869140625, 235.25278568267822, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-48.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_9"], "rIC3 -e kind --no-preproc", [20, 15.88283920288086, 207.6666030883789, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-42.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_22"], "rIC3 -e kind --no-preproc", [20, 15.920753479003906, 210.66600036621094, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-54.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_21"], "rIC3 -e kind --no-preproc", [20, 15.881210327148438, 216.3192265033722, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-37.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_28"], "rIC3 -e kind --no-preproc", [20, 15.920059204101562, 202.0261309146881, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-58.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_8"], "rIC3 -e kind --no-preproc", [20, 15.921520233154297, 206.7600963115692, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-69.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_4"], "rIC3 -e kind --no-preproc", [20, 15.920310974121094, 200.45061707496643, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-68.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_6"], "rIC3 -e kind --no-preproc", [20, 15.920623779296875, 202.50346302986145, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-67.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_5"], "rIC3 -e kind --no-preproc", [20, 15.864505767822266, 95.92190861701965, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-61.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_10"], "rIC3 -e kind --no-preproc", [20, 15.921188354492188, 205.4750497341156, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-62.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_20"], "rIC3 -e kind --no-preproc", [20, 15.921550750732422, 204.10442876815796, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-59.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_27"], "rIC3 -e kind --no-preproc", [20, 15.881065368652344, 217.13656187057495, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-44.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_11"], "rIC3 -e kind --no-preproc", [20, 15.88052749633789, 215.793630361557, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-38.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["RegMatch_15"], "rIC3 -e kind --no-preproc", [20, 15.882820129394531, 216.7827386856079, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-39.aig\n[INFO ] origin ts has 9229526 vars, 1373680 inputs, 6882 latches, 12767878 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Pmp_cfg"], "rIC3 -e kind --no-preproc", [20, 14.508308410644531, 76.66181421279907, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-76.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Pmp_addr"], "rIC3 -e kind --no-preproc", [20, 16.908843994140625, 199.08048486709595, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-74.aig\n[INFO ] origin ts has 9229890 vars, 1373680 inputs, 6882 latches, 12768515 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mstatus"], "rIC3 -e kind --no-preproc", [20, 15.772541046142578, 253.99281072616577, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-75.aig\n[INFO ] origin ts has 9229402 vars, 1373680 inputs, 6882 latches, 12767661 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mie"], "rIC3 -e kind --no-preproc", [20, 14.459789276123047, 88.0158941745758, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-137.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mcounteren"], "rIC3 -e kind --no-preproc", [20, 14.475959777832031, 75.63488721847534, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-130.aig\n[INFO ] origin ts has 9229410 vars, 1373680 inputs, 6882 latches, 12767715 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mepc"], "rIC3 -e kind --no-preproc", [20, 15.824481964111328, 134.61175799369812, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-155.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Priv"], "rIC3 -e kind --no-preproc", [20, 14.40230941772461, 74.35519814491272, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-140.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mtvec"], "rIC3 -e kind --no-preproc", [20, 14.514034271240234, 60.92226004600525, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-141.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mtval"], "rIC3 -e kind --no-preproc", [20, 15.864669799804688, 244.35107374191284, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-146.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mseccfg"], "rIC3 -e kind --no-preproc", [20, 14.51705551147461, 79.04084372520447, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-151.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mcause"], "rIC3 -e kind --no-preproc", [20, 14.462066650390625, 88.2327630519867, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-167.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SpecPastNoWbexc_Mscratch"], "rIC3 -e kind --no-preproc", [20, 14.5400390625, 53.27137494087219, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-158.aig\n[INFO ] origin ts has 9229506 vars, 1373680 inputs, 6882 latches, 12767843 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [20, ["SleepSpecPastPC"], "rIC3 -e kind --no-preproc", [20, 14.518939971923828, 73.90656304359436, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-180.aig\n[INFO ] origin ts has 9229537 vars, 1373680 inputs, 6882 latches, 12767896 clauses, 498 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step21.json b/dv/formal/strategies/step21.json new file mode 100644 index 0000000000..ba2daab1b8 --- /dev/null +++ b/dv/formal/strategies/step21.json @@ -0,0 +1 @@ +[[21, ["SpecPastNoWbexcPC"], "rIC3 -e kind --no-preproc", [20, 16.95656967163086, 209.27860856056213, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-82.aig\n[INFO ] origin ts has 9237609 vars, 1373680 inputs, 6882 latches, 12783947 clauses, 542 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step22.json b/dv/formal/strategies/step22.json new file mode 100644 index 0000000000..78e4a2728c --- /dev/null +++ b/dv/formal/strategies/step22.json @@ -0,0 +1 @@ +[[22, ["Mem_En", "Mem_FstAddr", "Mem_FstEnd", "Mem_FstWData", "Mem_SndAddr", "Mem_SndEn", "Mem_SndEnd", "Mem_SndWData", "Mem_We", "Wrap_Mcause", "Wrap_Mcounteren", "Wrap_Mepc", "Wrap_Mie", "Wrap_Mscratch", "Wrap_Mseccfg", "Wrap_Mstatus", "Wrap_Mtval", "Wrap_Mtvec", "Wrap_Pc", "Wrap_Pmp_addr", "Wrap_Pmp_cfg", "Wrap_Priv"], "rIC3 -e kind --no-preproc", [20, 16.136425018310547, 176.9884214401245, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-101.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9240895 vars, 1373680 inputs, 6882 latches, 12790885 clauses, 543 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [22, ["Wrap_RegA"], "rIC3 -e kind --no-preproc", [20, 0.6713027954101562, 2.4891669750213623, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-139.aig\n[WARN ] no property to be checked\n"]], [22, ["Wrap_RegB"], "rIC3 -e kind --no-preproc", [20, 0.7132034301757812, 2.497861385345459, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-112.aig\n[WARN ] no property to be checked\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step3.json b/dv/formal/strategies/step3.json new file mode 100644 index 0000000000..b225b89433 --- /dev/null +++ b/dv/formal/strategies/step3.json @@ -0,0 +1 @@ +[[3, ["Ibex_Memory_Wait", "Ibex_Memory_Idle", "Ibex_Memory_Step", "Ibex_Memory_End", "Ibex_Memory_Fail", "Ibex_Memory_StepFail", "Ibex_Memory_WaitGnt", "Ibex_Memory_WaitRvalidMis", "Ibex_Memory_WaitRvalidMisGntsDone", "Ibex_Memory_WaitGntMis", "Ibex_Memory_IdleActive"], "rIC3 -e kind --no-preproc", [20, 12.778778076171875, 20.989760637283325, "OK", "RESULT: UNSAT\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step4.json b/dv/formal/strategies/step4.json new file mode 100644 index 0000000000..3249bc9ea9 --- /dev/null +++ b/dv/formal/strategies/step4.json @@ -0,0 +1 @@ +[[4, ["Ibex_MemOpRequiresValid"], "rIC3 -e kind --no-preproc", [20, 12.663398742675781, 44.31779742240906, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-218.aig\n[INFO ] origin ts has 9170528 vars, 1371920 inputs, 6882 latches, 12649054 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_FirstFetchNoInstr"], "rIC3 -e kind --no-preproc", [20, 14.363449096679688, 61.61330580711365, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-119.aig\n[INFO ] origin ts has 9170540 vars, 1371920 inputs, 6882 latches, 12649070 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [4, ["Ibex_InstrInWbStage"], "rIC3 -e kind --no-preproc", [20, 13.009525299072266, 56.14291453361511, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-145.aig\n[INFO ] origin ts has 9170526 vars, 1371920 inputs, 6882 latches, 12649048 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_NoMemAccessNoRValid"], "rIC3 -e kind --no-preproc", [20, 12.665637969970703, 54.51408076286316, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-260.aig\n[INFO ] origin ts has 9170525 vars, 1371920 inputs, 6882 latches, 12649045 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_StallNoChangeB"], "rIC3 -e kind --no-preproc", [20, 15.9827880859375, 140.32222652435303, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-125.aig\n[INFO ] origin ts has 9170803 vars, 1371956 inputs, 6882 latches, 12649431 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_StallNoChangeA"], "rIC3 -e kind --no-preproc", [20, 16.035564422607422, 126.92550444602966, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-115.aig\n[INFO ] origin ts has 9170802 vars, 1371956 inputs, 6882 latches, 12649428 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_FetchErrIsErr"], "rIC3 -e kind --no-preproc", [20, 12.765434265136719, 50.6821768283844, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-253.aig\n[INFO ] origin ts has 9170527 vars, 1371920 inputs, 6882 latches, 12649051 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_BecameDecodeIsEmptyWbexc", "Ibex_BecameDecodeIsInstrStart"], "rIC3 -e kind --no-preproc", [20, 12.743095397949219, 31.624370336532593, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-294.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9170656 vars, 1371928 inputs, 6882 latches, 12649294 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_MultEndState"], "rIC3 -e kind --no-preproc", [20, 13.101634979248047, 75.42107677459717, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-160.aig\n[INFO ] origin ts has 9170527 vars, 1371920 inputs, 6882 latches, 12649051 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_NoInstrNoGnt"], "rIC3 -e kind --no-preproc", [20, 15.80130386352539, 143.08783531188965, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-60.aig\n[INFO ] origin ts has 9170525 vars, 1371920 inputs, 6882 latches, 12649045 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] k-induction proofed in depth 3\n"]], [4, ["Ibex_DivInstrNotMult"], "rIC3 -e kind --no-preproc", [20, 12.748329162597656, 44.07162022590637, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-280.aig\n[INFO ] origin ts has 9170526 vars, 1371920 inputs, 6882 latches, 12649048 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [4, ["Ibex_NoInstrFirstCycle"], "rIC3 -e kind --no-preproc", [20, 21.269371032714844, 412.8511278629303, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-64.aig\n[INFO ] origin ts has 9170525 vars, 1371920 inputs, 6882 latches, 12649045 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] kind depth: 4\n[INFO ] k-induction proofed in depth 4\n"]], [4, ["Ibex_PcMatch"], "rIC3 -e kind --no-preproc", [20, 15.63330078125, 281.49666380882263, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-84.aig\n[INFO ] origin ts has 9170655 vars, 1371920 inputs, 6882 latches, 12649275 clauses, 153 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step5.json b/dv/formal/strategies/step5.json new file mode 100644 index 0000000000..3fb8231945 --- /dev/null +++ b/dv/formal/strategies/step5.json @@ -0,0 +1 @@ +[[5, ["Ibex_WbexcMemErrKindLoad"], "rIC3 -e kind --no-preproc", [20, 14.338214874267578, 79.87689590454102, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-111.aig\n[INFO ] origin ts has 9171820 vars, 1372000 inputs, 6882 latches, 12651710 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [5, ["Ibex_StallIdFSM2"], "rIC3 -e kind --no-preproc", [20, 12.931682586669922, 54.100518226623535, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-220.aig\n[INFO ] origin ts has 9171820 vars, 1372000 inputs, 6882 latches, 12651710 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_MemNoErrStructure"], "rIC3 -e kind --no-preproc", [20, 12.758983612060547, 39.62480187416077, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-187.aig\n[INFO ] origin ts has 9172124 vars, 1372000 inputs, 6882 latches, 12652252 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_StoreNotSpecRead"], "rIC3 -e kind --no-preproc", [20, 13.002765655517578, 45.250062704086304, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-207.aig\n[INFO ] origin ts has 9171820 vars, 1372000 inputs, 6882 latches, 12651710 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_MemErrKind"], "rIC3 -e kind --no-preproc", [20, 14.364006042480469, 87.6034460067749, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-123.aig\n[INFO ] origin ts has 9172125 vars, 1372000 inputs, 6882 latches, 12652255 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [5, ["Ibex_SpecStableStoreSnd"], "rIC3 -e kind --no-preproc", [20, 13.915645599365234, 673.027506351471, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-9.aig\n[INFO ] origin ts has 9171849 vars, 1372005 inputs, 6882 latches, 12651752 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_LoadNotSpecWrite"], "rIC3 -e kind --no-preproc", [20, 13.01064682006836, 57.55524468421936, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-259.aig\n[INFO ] origin ts has 9171820 vars, 1372000 inputs, 6882 latches, 12651710 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_SpecStableStoreData"], "rIC3 -e kind --no-preproc", [20, 14.6346435546875, 720.1010141372681, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-6.aig\n[INFO ] origin ts has 9172097 vars, 1372036 inputs, 6882 latches, 12652093 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_InstrReqCount"], "rIC3 -e kind --no-preproc", [20, 15.832778930664062, 146.5674605369568, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-129.aig\n[INFO ] origin ts has 9171901 vars, 1372000 inputs, 6882 latches, 12651858 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [5, ["Ibex_SpecStableStoreSndAddr"], "rIC3 -e kind --no-preproc", [20, 13.914993286132812, 587.9204497337341, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-12.aig\n[INFO ] origin ts has 9172097 vars, 1372036 inputs, 6882 latches, 12652093 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_FetchErrRoot"], "rIC3 -e kind --no-preproc", [20, 13.980537414550781, 440.0048589706421, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-18.aig\n[INFO ] origin ts has 9172258 vars, 1372001 inputs, 6882 latches, 12652511 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_WbexcNotMemMuteMemErr"], "rIC3 -e kind --no-preproc", [20, 12.75210189819336, 49.44857120513916, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-258.aig\n[INFO ] origin ts has 9172121 vars, 1372000 inputs, 6882 latches, 12652243 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_MemErrStructure"], "rIC3 -e kind --no-preproc", [20, 14.312332153320312, 91.57076930999756, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-124.aig\n[INFO ] origin ts has 9172133 vars, 1372002 inputs, 6882 latches, 12652263 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [5, ["Ibex_WbexcMemErrKindStore"], "rIC3 -e kind --no-preproc", [20, 14.341636657714844, 96.21974635124207, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-121.aig\n[INFO ] origin ts has 9171820 vars, 1372000 inputs, 6882 latches, 12651710 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [5, ["Ibex_SpecStableStoreAddr"], "rIC3 -e kind --no-preproc", [20, 16.06407928466797, 537.7757668495178, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-20.aig\n[INFO ] origin ts has 9172097 vars, 1372036 inputs, 6882 latches, 12652093 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_WbexcNotMemMuteLSU"], "rIC3 -e kind --no-preproc", [20, 12.75030517578125, 37.09243988990784, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-210.aig\n[INFO ] origin ts has 9172123 vars, 1372000 inputs, 6882 latches, 12652249 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_SpecStableStoreSndData"], "rIC3 -e kind --no-preproc", [20, 16.22116470336914, 630.7910661697388, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-8.aig\n[INFO ] origin ts has 9172097 vars, 1372036 inputs, 6882 latches, 12652093 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_DivInstrStable"], "rIC3 -e kind --no-preproc", [20, 13.147769927978516, 87.10646533966064, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-161.aig\n[INFO ] origin ts has 9172095 vars, 1372032 inputs, 6882 latches, 12652104 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_StallNoChangeLsuWData"], "rIC3 -e kind --no-preproc", [20, 12.687496185302734, 44.62292146682739, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-249.aig\n[INFO ] origin ts has 9172097 vars, 1372036 inputs, 6882 latches, 12652093 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_SpecStableStore"], "rIC3 -e kind --no-preproc", [20, 16.18206787109375, 619.3524484634399, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-7.aig\n[INFO ] origin ts has 9171849 vars, 1372005 inputs, 6882 latches, 12651752 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_SpecStableLoadAddr"], "rIC3 -e kind --no-preproc", [20, 14.610549926757812, 776.9772260189056, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-3.aig\n[INFO ] origin ts has 9172097 vars, 1372036 inputs, 6882 latches, 12652093 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_SpecStableLoadSnd"], "rIC3 -e kind --no-preproc", [20, 13.92691421508789, 775.1460671424866, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-5.aig\n[INFO ] origin ts has 9171849 vars, 1372005 inputs, 6882 latches, 12651752 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_SpecStableLoad"], "rIC3 -e kind --no-preproc", [20, 13.893325805664062, 1043.5247905254364, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-0.aig\n[INFO ] origin ts has 9171849 vars, 1372005 inputs, 6882 latches, 12651752 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_SpecStableLoadSndAddr"], "rIC3 -e kind --no-preproc", [20, 13.893577575683594, 756.0912337303162, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-4.aig\n[INFO ] origin ts has 9172097 vars, 1372036 inputs, 6882 latches, 12652093 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_MemStartFirstCycle"], "rIC3 -e kind --no-preproc", [20, 14.407222747802734, 88.05351495742798, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-195.aig\n[INFO ] origin ts has 9171822 vars, 1372000 inputs, 6882 latches, 12651716 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [5, ["Ibex_NewIdFSM"], "rIC3 -e kind --no-preproc", [20, 14.356449127197266, 91.62559056282043, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-166.aig\n[INFO ] origin ts has 9171819 vars, 1372000 inputs, 6882 latches, 12651707 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [5, ["Ibex_PreNextPcMatch"], "rIC3 -e kind --no-preproc", [20, 12.8818359375, 40.90539789199829, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-282.aig\n[INFO ] origin ts has 9171948 vars, 1372000 inputs, 6882 latches, 12651934 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_FirstCycleNoGnt"], "rIC3 -e kind --no-preproc", [20, 12.737991333007812, 24.025749444961548, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-290.aig\n[INFO ] origin ts has 9171819 vars, 1372000 inputs, 6882 latches, 12651707 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_NoMemThroughout"], "rIC3 -e kind --no-preproc", [20, 12.750934600830078, 24.025193214416504, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-292.aig\n[INFO ] origin ts has 9171820 vars, 1372000 inputs, 6882 latches, 12651710 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [5, ["Ibex_MTypePCThroughout"], "rIC3 -e kind --no-preproc", [20, 16.03607940673828, 187.43171286582947, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-127.aig\n[INFO ] origin ts has 9172483 vars, 1372000 inputs, 6882 latches, 12652874 clauses, 167 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step6.json b/dv/formal/strategies/step6.json new file mode 100644 index 0000000000..4b1901a805 --- /dev/null +++ b/dv/formal/strategies/step6.json @@ -0,0 +1 @@ +[[6, ["Ibex_InstrMemRvalidMaxDelay"], "rIC3 -e kind --no-preproc", [20, 26.173011779785156, 509.2886710166931, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-17.aig\n[INFO ] origin ts has 9176870 vars, 1372307 inputs, 6882 latches, 12661134 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] kind depth: 4\n[INFO ] kind depth: 5\n[INFO ] kind depth: 6\n[INFO ] k-induction proofed in depth 6\n"]], [6, ["Ibex_InstrMemGntMaxDelay"], "rIC3 -e kind --no-preproc", [20, 21.278114318847656, 377.86985325813293, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-40.aig\n[INFO ] origin ts has 9176869 vars, 1372307 inputs, 6882 latches, 12661131 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] kind depth: 4\n[INFO ] kind depth: 5\n[INFO ] k-induction proofed in depth 5\n"]], [6, ["Ibex_RTypeFirstCycle"], "rIC3 -e kind --no-preproc", [20, 12.832408905029297, 52.24212145805359, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-237.aig\n[INFO ] origin ts has 9177353 vars, 1372307 inputs, 6882 latches, 12662043 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [6, ["Ibex_DivNoKill"], "rIC3 -e kind --no-preproc", [20, 12.644294738769531, 45.037848711013794, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-252.aig\n[INFO ] origin ts has 9176861 vars, 1372307 inputs, 6882 latches, 12661107 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [6, ["Ibex_DataMemRvalidMaxDelay"], "rIC3 -e kind --no-preproc", [20, 26.041797637939453, 561.4809238910675, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-21.aig\n[INFO ] origin ts has 9176870 vars, 1372307 inputs, 6882 latches, 12661134 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] kind depth: 4\n[INFO ] kind depth: 5\n[INFO ] kind depth: 6\n[INFO ] k-induction proofed in depth 6\n"]], [6, ["Ibex_DataMemGntMaxDelay"], "rIC3 -e kind --no-preproc", [20, 24.147979736328125, 449.56821966171265, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-43.aig\n[INFO ] origin ts has 9176869 vars, 1372307 inputs, 6882 latches, 12661131 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] kind depth: 4\n[INFO ] kind depth: 5\n[INFO ] k-induction proofed in depth 5\n"]], [6, ["Ibex_MepcEn"], "rIC3 -e kind --no-preproc", [20, 12.831295013427734, 46.458608627319336, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-229.aig\n[INFO ] origin ts has 9176861 vars, 1372307 inputs, 6882 latches, 12661107 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [6, ["Ibex_NormalMainResMatch"], "rIC3 -e kind --no-preproc", [20, 12.965373992919922, 50.5547411441803, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-217.aig\n[INFO ] origin ts has 9176923 vars, 1372307 inputs, 6882 latches, 12661293 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [6, ["Ibex_FetchErrMainResMatch"], "rIC3 -e kind --no-preproc", [20, 12.938934326171875, 51.11417317390442, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-247.aig\n[INFO ] origin ts has 9177019 vars, 1372307 inputs, 6882 latches, 12661421 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [6, ["Ibex_IRQMainResMatch"], "rIC3 -e kind --no-preproc", [20, 12.834716796875, 53.22853231430054, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-248.aig\n[INFO ] origin ts has 9177018 vars, 1372307 inputs, 6882 latches, 12661418 clauses, 197 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step7.json b/dv/formal/strategies/step7.json new file mode 100644 index 0000000000..f96606aa55 --- /dev/null +++ b/dv/formal/strategies/step7.json @@ -0,0 +1 @@ +[[7, ["Ibex_SpecEnUnreach"], "rIC3 -e kind --no-preproc", [20, 16.023452758789062, 178.1286814212799, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-90.aig\n[INFO ] origin ts has 9178132 vars, 1372307 inputs, 6882 latches, 12664060 clauses, 207 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step8.json b/dv/formal/strategies/step8.json new file mode 100644 index 0000000000..6fead27fe6 --- /dev/null +++ b/dv/formal/strategies/step8.json @@ -0,0 +1 @@ +[[8, ["BType_FinishFirstCycle"], "rIC3 -e kind --no-preproc", [20, 14.361309051513672, 116.75230431556702, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-197.aig\n[INFO ] origin ts has 9178169 vars, 1372307 inputs, 6882 latches, 12664171 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [8, ["BType_Fast"], "rIC3 -e kind --no-preproc", [20, 12.82870864868164, 51.14355516433716, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-230.aig\n[INFO ] origin ts has 9178202 vars, 1372308 inputs, 6882 latches, 12664227 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemNotWFI"], "rIC3 -e kind --no-preproc", [20, 12.740272521972656, 50.10797166824341, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-236.aig\n[INFO ] origin ts has 9178168 vars, 1372307 inputs, 6882 latches, 12664168 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitGntMis_WaitGntMis_Inv"], "rIC3 -e kind --no-preproc", [20, 12.692028045654297, 48.99658799171448, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-269.aig\n[INFO ] origin ts has 9178182 vars, 1372309 inputs, 6882 latches, 12664194 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitGntMis_WaitRvalidMis_Inv"], "rIC3 -e kind --no-preproc", [20, 16.23925018310547, 561.1970884799957, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-15.aig\n[INFO ] origin ts has 9178182 vars, 1372309 inputs, 6882 latches, 12664194 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitGntMis_Step"], "rIC3 -e kind --no-preproc", [20, 12.756458282470703, 50.50982117652893, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-244.aig\n[INFO ] origin ts has 9178202 vars, 1372307 inputs, 6882 latches, 12664270 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitGnt_WaitGnt_Inv"], "rIC3 -e kind --no-preproc", [20, 12.562793731689453, 48.763192892074585, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-198.aig\n[INFO ] origin ts has 9178182 vars, 1372309 inputs, 6882 latches, 12664194 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitGntSplit_Step", "Mem_MemSpec_WaitGntSplit_Step_Inv", "Mem_MemSpec_WaitGntSplit_WaitGntSplit_Inv"], "rIC3 -e kind --no-preproc", [20, 12.734146118164062, 50.00330638885498, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-235.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9178223 vars, 1372309 inputs, 6882 latches, 12664317 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitGnt_Step_Inv"], "rIC3 -e kind --no-preproc", [20, 12.643680572509766, 48.441250801086426, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-250.aig\n[INFO ] origin ts has 9178133 vars, 1372307 inputs, 6882 latches, 12664063 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitGnt_Step"], "rIC3 -e kind --no-preproc", [20, 12.751541137695312, 46.14586043357849, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-240.aig\n[INFO ] origin ts has 9178170 vars, 1372307 inputs, 6882 latches, 12664174 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitRvalidMisGntsDone_Step", "Mem_MemSpec_WaitRvalidMisGntsDone_Step_Inv", "Mem_MemSpec_WaitRvalidMisGntsDone_WaitRvalidMisGntsDone_Inv"], "rIC3 -e kind --no-preproc", [20, 12.752971649169922, 49.07954263687134, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-228.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9178223 vars, 1372309 inputs, 6882 latches, 12664317 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitRvalidMis_WaitRvalidMisGntsDone_Inv", "Mem_MemSpec_WaitRvalidMis_WaitRvalidMis_Inv"], "rIC3 -e kind --no-preproc", [20, 12.760921478271484, 56.961495876312256, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-255.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9178233 vars, 1372311 inputs, 6882 latches, 12664331 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitRvalidMis_Step_Inv"], "rIC3 -e kind --no-preproc", [20, 12.513355255126953, 43.71389865875244, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-212.aig\n[INFO ] origin ts has 9178133 vars, 1372307 inputs, 6882 latches, 12664063 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitRvalidMis_Step"], "rIC3 -e kind --no-preproc", [20, 12.76187515258789, 51.94404745101929, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-232.aig\n[INFO ] origin ts has 9178172 vars, 1372307 inputs, 6882 latches, 12664180 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_IdleActive_WaitGntMis_Inv"], "rIC3 -e kind --no-preproc", [20, 13.863086700439453, 475.7226197719574, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-34.aig\n[INFO ] origin ts has 9178182 vars, 1372309 inputs, 6882 latches, 12664194 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_IdleActive_WaitGnt_Inv"], "rIC3 -e kind --no-preproc", [20, 16.128219604492188, 254.9656310081482, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-79.aig\n[INFO ] origin ts has 9178182 vars, 1372309 inputs, 6882 latches, 12664194 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_IdleActive_WaitRvalidMis_Inv"], "rIC3 -e kind --no-preproc", [20, 13.912395477294922, 375.5619287490845, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-72.aig\n[INFO ] origin ts has 9178182 vars, 1372309 inputs, 6882 latches, 12664194 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_IdleActive_Step_Inv"], "rIC3 -e kind --no-preproc", [20, 12.506778717041016, 48.12021613121033, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-264.aig\n[INFO ] origin ts has 9178133 vars, 1372307 inputs, 6882 latches, 12664063 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_IdleActive_Step"], "rIC3 -e kind --no-preproc", [20, 12.794315338134766, 49.724485874176025, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-222.aig\n[INFO ] origin ts has 9178172 vars, 1372307 inputs, 6882 latches, 12664180 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_Initial_IdleActive"], "rIC3 -e kind --no-preproc", [20, 16.059715270996094, 491.5461845397949, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-26.aig\n[INFO ] origin ts has 9178176 vars, 1372307 inputs, 6882 latches, 12664192 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_Initial"], "rIC3 -e kind --no-preproc", [20, 12.57680892944336, 49.09865760803223, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-226.aig\n[INFO ] origin ts has 9178175 vars, 1372307 inputs, 6882 latches, 12664189 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemFin"], "rIC3 -e kind --no-preproc", [20, 12.831497192382812, 50.0678596496582, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-242.aig\n[INFO ] origin ts has 9178169 vars, 1372307 inputs, 6882 latches, 12664171 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MisStates"], "rIC3 -e kind --no-preproc", [20, 12.763042449951172, 46.56766605377197, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-204.aig\n[INFO ] origin ts has 9178202 vars, 1372307 inputs, 6882 latches, 12664225 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_LoadPMPErrorWx"], "rIC3 -e kind --no-preproc", [20, 13.970649719238281, 173.7967689037323, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-89.aig\n[INFO ] origin ts has 9178171 vars, 1372307 inputs, 6882 latches, 12664172 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_EarlyLSUCtrlMatch"], "rIC3 -e kind --no-preproc", [20, 13.937664031982422, 163.4394392967224, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-88.aig\n[INFO ] origin ts has 9178194 vars, 1372307 inputs, 6882 latches, 12664216 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_RespWait"], "rIC3 -e kind --no-preproc", [20, 12.834434509277344, 43.83372735977173, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-241.aig\n[INFO ] origin ts has 9178173 vars, 1372307 inputs, 6882 latches, 12664183 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["FetchErr_Fast"], "rIC3 -e kind --no-preproc", [20, 14.325809478759766, 105.89928126335144, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-131.aig\n[INFO ] origin ts has 9178172 vars, 1372308 inputs, 6882 latches, 12664172 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [8, ["Special_EBreak_Fast", "Special_ECall_Fast", "Special_MRet_Fast"], "rIC3 -e kind --no-preproc", [20, 12.83450698852539, 51.353724002838135, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-200.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9178638 vars, 1372310 inputs, 6882 latches, 12665074 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["MType_DivU_NoErr", "MType_Div_NoErr", "MType_MulHSH_NoErr", "MType_MulHU_NoErr", "MType_MulH_NoErr", "MType_Mul_NoErr", "MType_RemU_NoErr", "MType_Rem_NoErr"], "rIC3 -e kind --no-preproc", [20, 12.83395004272461, 54.92581582069397, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-263.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9178962 vars, 1372307 inputs, 6882 latches, 12665885 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Arith_I_Fast", "Arith_R_Fast", "Arith_Shift_Fast"], "rIC3 -e kind --no-preproc", [20, 12.838714599609375, 51.5593466758728, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-202.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9179141 vars, 1372310 inputs, 6882 latches, 12666053 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["UType_Auipc_Fast", "UType_Lui_Fast"], "rIC3 -e kind --no-preproc", [20, 12.833255767822266, 50.54821491241455, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-213.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9178269 vars, 1372309 inputs, 6882 latches, 12664385 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Fence_FenceI_Fast", "Fence_Fence_Fast"], "rIC3 -e kind --no-preproc", [20, 12.833736419677734, 42.52782440185547, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-215.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9178425 vars, 1372309 inputs, 6882 latches, 12664663 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["JType_FinishFirstCycle"], "rIC3 -e kind --no-preproc", [20, 14.401100158691406, 83.80899834632874, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-136.aig\n[INFO ] origin ts has 9178169 vars, 1372307 inputs, 6882 latches, 12664171 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [8, ["CSR_Fast"], "rIC3 -e kind --no-preproc", [20, 12.832649230957031, 42.6938693523407, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-219.aig\n[INFO ] origin ts has 9178203 vars, 1372308 inputs, 6882 latches, 12664230 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["IRQ_CSR", "IRQ_PC"], "rIC3 -e kind --no-preproc", [20, 12.988487243652344, 53.899935722351074, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-225.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9183094 vars, 1372307 inputs, 6882 latches, 12671656 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Illegal_Fast"], "rIC3 -e kind --no-preproc", [20, 14.436283111572266, 57.58011436462402, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-157.aig\n[INFO ] origin ts has 9178204 vars, 1372308 inputs, 6882 latches, 12664233 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [8, ["WFI_Fast"], "rIC3 -e kind --no-preproc", [20, 12.832656860351562, 46.76685070991516, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-224.aig\n[INFO ] origin ts has 9178302 vars, 1372308 inputs, 6882 latches, 12664402 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [8, ["Mem_MemSpec_WaitRvalidMis_WaitGntSplit_Inv"], "rIC3 -e kind --no-preproc", [20, 16.01418685913086, 275.90579748153687, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-78.aig\n[INFO ] origin ts has 9178182 vars, 1372309 inputs, 6882 latches, 12664194 clauses, 208 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/strategies/step9.json b/dv/formal/strategies/step9.json new file mode 100644 index 0000000000..50b040e96d --- /dev/null +++ b/dv/formal/strategies/step9.json @@ -0,0 +1 @@ +[[9, ["UType_Auipc_CSR"], "rIC3 -e kind --no-preproc", [20, 13.02398681640625, 47.55392932891846, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-163.aig\n[INFO ] origin ts has 9187604 vars, 1372344 inputs, 6882 latches, 12682025 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["UType_Auipc_PC"], "rIC3 -e kind --no-preproc", [20, 15.792205810546875, 167.83165526390076, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-73.aig\n[INFO ] origin ts has 9187604 vars, 1372344 inputs, 6882 latches, 12682025 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["UType_Auipc_Data"], "rIC3 -e kind --no-preproc", [20, 13.048870086669922, 41.22164869308472, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-174.aig\n[INFO ] origin ts has 9187743 vars, 1372344 inputs, 6882 latches, 12682282 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["UType_Auipc_Addr"], "rIC3 -e kind --no-preproc", [20, 13.201061248779297, 91.97604990005493, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-92.aig\n[INFO ] origin ts has 9187638 vars, 1372344 inputs, 6882 latches, 12682097 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["UType_Lui_PC"], "rIC3 -e kind --no-preproc", [20, 15.797271728515625, 139.05834412574768, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-22.aig\n[INFO ] origin ts has 9187604 vars, 1372344 inputs, 6882 latches, 12682025 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["UType_Lui_CSR"], "rIC3 -e kind --no-preproc", [20, 13.06939697265625, 59.58269453048706, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-122.aig\n[INFO ] origin ts has 9187604 vars, 1372344 inputs, 6882 latches, 12682025 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["UType_Lui_Addr", "UType_Lui_Data"], "rIC3 -e kind --no-preproc", [20, 13.205978393554688, 131.5022132396698, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-98.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187832 vars, 1372344 inputs, 6882 latches, 12682484 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Fence_Fence_CSR"], "rIC3 -e kind --no-preproc", [20, 13.039649963378906, 89.54341411590576, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-144.aig\n[INFO ] origin ts has 9187660 vars, 1372344 inputs, 6882 latches, 12682128 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Fence_FenceI_PC"], "rIC3 -e kind --no-preproc", [20, 15.790130615234375, 156.8360676765442, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-97.aig\n[INFO ] origin ts has 9187704 vars, 1372344 inputs, 6882 latches, 12682200 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["Fence_FenceI_CSR"], "rIC3 -e kind --no-preproc", [20, 13.040565490722656, 49.1085102558136, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-172.aig\n[INFO ] origin ts has 9187704 vars, 1372344 inputs, 6882 latches, 12682200 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Fence_FenceI_Addr", "Fence_FenceI_Data"], "rIC3 -e kind --no-preproc", [20, 12.913707733154297, 53.97790598869324, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-184.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9188032 vars, 1372344 inputs, 6882 latches, 12682834 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Fence_Fence_PC"], "rIC3 -e kind --no-preproc", [20, 15.779518127441406, 300.05977034568787, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-71.aig\n[INFO ] origin ts has 9187660 vars, 1372344 inputs, 6882 latches, 12682128 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["Fence_Fence_Addr", "Fence_Fence_Data"], "rIC3 -e kind --no-preproc", [20, 12.947883605957031, 31.55668544769287, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-154.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187944 vars, 1372344 inputs, 6882 latches, 12682690 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_DivU_CSR"], "rIC3 -e kind --no-preproc", [20, 13.105522155761719, 39.514355182647705, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-134.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_DivU_Addr"], "rIC3 -e kind --no-preproc", [20, 13.165340423583984, 98.64444231987, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-120.aig\n[INFO ] origin ts has 9187678 vars, 1372344 inputs, 6882 latches, 12682167 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Div_CSR"], "rIC3 -e kind --no-preproc", [20, 13.071651458740234, 79.51910972595215, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-165.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Div_Addr"], "rIC3 -e kind --no-preproc", [20, 13.144100189208984, 78.48854351043701, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-103.aig\n[INFO ] origin ts has 9187678 vars, 1372344 inputs, 6882 latches, 12682167 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Rem_CSR"], "rIC3 -e kind --no-preproc", [20, 13.065059661865234, 61.843220710754395, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-192.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_RemU_CSR"], "rIC3 -e kind --no-preproc", [20, 13.10400390625, 38.03939723968506, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-159.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_RemU_Addr"], "rIC3 -e kind --no-preproc", [20, 13.16864013671875, 79.97948050498962, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-109.aig\n[INFO ] origin ts has 9187678 vars, 1372344 inputs, 6882 latches, 12682167 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Rem_Addr"], "rIC3 -e kind --no-preproc", [20, 13.151847839355469, 82.88991022109985, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-94.aig\n[INFO ] origin ts has 9187678 vars, 1372344 inputs, 6882 latches, 12682167 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_MulHU_CSR"], "rIC3 -e kind --no-preproc", [20, 13.055217742919922, 40.148415327072144, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-148.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_MulHU_Addr"], "rIC3 -e kind --no-preproc", [20, 13.176494598388672, 77.98314070701599, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-128.aig\n[INFO ] origin ts has 9187678 vars, 1372344 inputs, 6882 latches, 12682167 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_MulHSH_CSR"], "rIC3 -e kind --no-preproc", [20, 13.088886260986328, 59.09387922286987, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-191.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_MulHSH_Addr"], "rIC3 -e kind --no-preproc", [20, 13.079803466796875, 71.63679361343384, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-132.aig\n[INFO ] origin ts has 9187678 vars, 1372344 inputs, 6882 latches, 12682167 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_MulH_CSR"], "rIC3 -e kind --no-preproc", [20, 13.086833953857422, 64.98582792282104, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-193.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_MulH_Addr"], "rIC3 -e kind --no-preproc", [20, 13.116840362548828, 87.88848423957825, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-143.aig\n[INFO ] origin ts has 9187678 vars, 1372344 inputs, 6882 latches, 12682167 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Mul_CSR"], "rIC3 -e kind --no-preproc", [20, 13.065418243408203, 53.351821184158325, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-171.aig\n[INFO ] origin ts has 9187635 vars, 1372344 inputs, 6882 latches, 12682083 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Mul_Addr"], "rIC3 -e kind --no-preproc", [20, 13.113895416259766, 72.63740086555481, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-114.aig\n[INFO ] origin ts has 9187669 vars, 1372344 inputs, 6882 latches, 12682155 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Mem_MemSpec_IdleActive_Rev", "Mem_MemSpec_Step_Rev", "Mem_MemSpec_WaitGntMis_Rev", "Mem_MemSpec_WaitGntSplit_Rev", "Mem_MemSpec_WaitGnt_Rev", "Mem_MemSpec_WaitRvalidMisGntsDone_Rev", "Mem_MemSpec_WaitRvalidMis_Rev"], "rIC3 -e kind --no-preproc", [20, 12.77602767944336, 52.1456835269928, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-233.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9188161 vars, 1372360 inputs, 6882 latches, 12683603 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Illegal_PC"], "rIC3 -e kind --no-preproc", [20, 15.829486846923828, 285.99364137649536, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-19.aig\n[INFO ] origin ts has 9187608 vars, 1372344 inputs, 6882 latches, 12682037 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["Illegal_CSR"], "rIC3 -e kind --no-preproc", [20, 15.800621032714844, 260.93936109542847, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-16.aig\n[INFO ] origin ts has 9187608 vars, 1372344 inputs, 6882 latches, 12682037 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["Illegal_Data"], "rIC3 -e kind --no-preproc", [20, 12.766380310058594, 45.851027727127075, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-203.aig\n[INFO ] origin ts has 9187747 vars, 1372344 inputs, 6882 latches, 12682294 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Illegal_Addr"], "rIC3 -e kind --no-preproc", [20, 15.846969604492188, 131.01443314552307, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-30.aig\n[INFO ] origin ts has 9187642 vars, 1372344 inputs, 6882 latches, 12682109 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["JType_JInd_Initial_Oma", "JType_JInd_Initial_Progress", "JType_JInd_Initial_Stall"], "rIC3 -e kind --no-preproc", [20, 12.843635559082031, 44.26964235305786, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-211.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187786 vars, 1372344 inputs, 6882 latches, 12682451 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["JType_JInd_Stall_Progress_Inv", "JType_JInd_Stall_Stall_Inv", "JType_JInd_Stall_Step"], "rIC3 -e kind --no-preproc", [20, 14.374725341796875, 80.95521330833435, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-117.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187834 vars, 1372348 inputs, 6882 latches, 12682563 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["JType_JInd_Oma_Oma_Inv", "JType_JInd_Oma_Progress_Inv", "JType_JInd_Oma_Step"], "rIC3 -e kind --no-preproc", [20, 12.767765045166016, 38.32381200790405, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-183.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187834 vars, 1372348 inputs, 6882 latches, 12682563 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["JType_JInd_Initial"], "rIC3 -e kind --no-preproc", [20, 12.776615142822266, 39.29883646965027, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-173.aig\n[INFO ] origin ts has 9187581 vars, 1372344 inputs, 6882 latches, 12681991 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["FetchErr_PC"], "rIC3 -e kind --no-preproc", [20, 12.783302307128906, 52.647491216659546, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-238.aig\n[INFO ] origin ts has 9187576 vars, 1372344 inputs, 6882 latches, 12681976 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["FetchErr_Addr", "FetchErr_Data"], "rIC3 -e kind --no-preproc", [20, 12.776321411132812, 31.427523612976074, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-162.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187776 vars, 1372344 inputs, 6882 latches, 12682386 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["WFI_Data_Err", "WFI_Data_NotErr"], "rIC3 -e kind --no-preproc", [20, 12.767803192138672, 49.4704327583313, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-182.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9188010 vars, 1372344 inputs, 6882 latches, 12682798 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["WFI_Addr_Err", "WFI_Addr_NotErr"], "rIC3 -e kind --no-preproc", [20, 12.915454864501953, 39.76264238357544, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-153.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187905 vars, 1372344 inputs, 6882 latches, 12682613 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["WFI_CSR_Err", "WFI_CSR_NotErr"], "rIC3 -e kind --no-preproc", [20, 13.08742904663086, 51.81147527694702, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-126.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187871 vars, 1372344 inputs, 6882 latches, 12682541 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["WFI_PC_Err", "WFI_PC_NotErr"], "rIC3 -e kind --no-preproc", [20, 14.423210144042969, 61.38973140716553, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-96.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9187871 vars, 1372344 inputs, 6882 latches, 12682541 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["Special_EBreak_Addr", "Special_EBreak_CSR", "Special_EBreak_Data", "Special_EBreak_PC"], "rIC3 -e kind --no-preproc", [20, 13.05490493774414, 67.85273241996765, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-168.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9188362 vars, 1372344 inputs, 6882 latches, 12683504 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Special_ECall_Addr", "Special_ECall_CSR", "Special_ECall_Data", "Special_ECall_PC"], "rIC3 -e kind --no-preproc", [20, 13.087154388427734, 37.84869408607483, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-138.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9188362 vars, 1372344 inputs, 6882 latches, 12683504 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Special_MRet_Addr", "Special_MRet_CSR", "Special_MRet_Data", "Special_MRet_PC"], "rIC3 -e kind --no-preproc", [20, 13.04971694946289, 43.49949526786804, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-179.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9188362 vars, 1372344 inputs, 6882 latches, 12683504 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["BType_BInd_Initial", "BType_BInd_Initial_Oma", "BType_BInd_Initial_Progress", "BType_BInd_Initial_Stall", "BType_BInd_Oma_Oma_Inv_0", "BType_BInd_Oma_Oma_Inv_1", "BType_BInd_Oma_Progress_Inv_0", "BType_BInd_Oma_Progress_Inv_1", "BType_BInd_Oma_Step_0", "BType_BInd_Oma_Step_1", "BType_BInd_Stall_Progress_Inv", "BType_BInd_Stall_Stall_Inv", "BType_BInd_Stall_Step"], "rIC3 -e kind --no-preproc", [20, 15.649192810058594, 144.2628870010376, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-113.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9188352 vars, 1372356 inputs, 6882 latches, 12684043 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["CSR_Data_NotErr"], "rIC3 -e kind --no-preproc", [20, 13.121757507324219, 53.660489559173584, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-185.aig\n[INFO ] origin ts has 9187747 vars, 1372344 inputs, 6882 latches, 12682294 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["CSR_Data_Err"], "rIC3 -e kind --no-preproc", [20, 12.770500183105469, 43.93339252471924, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-245.aig\n[INFO ] origin ts has 9187747 vars, 1372344 inputs, 6882 latches, 12682294 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["CSR_PC_NotErr"], "rIC3 -e kind --no-preproc", [20, 18.844066619873047, 414.02654910087585, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-24.aig\n[INFO ] origin ts has 9187608 vars, 1372344 inputs, 6882 latches, 12682037 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] kind depth: 3\n[INFO ] k-induction proofed in depth 3\n"]], [9, ["CSR_PC_Err"], "rIC3 -e kind --no-preproc", [20, 12.731208801269531, 49.58492875099182, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-190.aig\n[INFO ] origin ts has 9187608 vars, 1372344 inputs, 6882 latches, 12682037 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["CSR_Addr_NotErr"], "rIC3 -e kind --no-preproc", [20, 13.187606811523438, 166.85576343536377, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-99.aig\n[INFO ] origin ts has 9187642 vars, 1372344 inputs, 6882 latches, 12682109 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["CSR_Addr_Err"], "rIC3 -e kind --no-preproc", [20, 12.766006469726562, 31.389367818832397, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-177.aig\n[INFO ] origin ts has 9187642 vars, 1372344 inputs, 6882 latches, 12682109 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["CSR_CSR_NotErr"], "rIC3 -e kind --no-preproc", [20, 16.311538696289062, 246.19149351119995, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-28.aig\n[INFO ] origin ts has 9187608 vars, 1372344 inputs, 6882 latches, 12682037 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["CSR_CSR_Err"], "rIC3 -e kind --no-preproc", [20, 12.766555786132812, 51.35063910484314, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-231.aig\n[INFO ] origin ts has 9187608 vars, 1372344 inputs, 6882 latches, 12682037 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["Arith_I_NoErr", "Arith_R_NoErr", "Arith_Shift_NoErr"], "rIC3 -e kind --no-preproc", [20, 12.76800537109375, 32.40471601486206, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-149.aig\n[WARN ] multiple properties detected. rIC3 has compressed them into a single property\n[INFO ] origin ts has 9188537 vars, 1372344 inputs, 6882 latches, 12683849 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_MulHSH_PC"], "rIC3 -e kind --no-preproc", [20, 12.892940521240234, 48.139206886291504, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-1.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Mul_PC"], "rIC3 -e kind --no-preproc", [20, 12.897361755371094, 51.29045867919922, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-11.aig\n[INFO ] origin ts has 9187635 vars, 1372344 inputs, 6882 latches, 12682083 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["FetchErr_CSR"], "rIC3 -e kind --no-preproc", [20, 15.776580810546875, 449.97806763648987, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-33.aig\n[INFO ] origin ts has 9187576 vars, 1372344 inputs, 6882 latches, 12681976 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] kind depth: 2\n[INFO ] k-induction proofed in depth 2\n"]], [9, ["MType_MulHU_PC"], "rIC3 -e kind --no-preproc", [20, 12.893234252929688, 27.579633235931396, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-14.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_MulH_PC"], "rIC3 -e kind --no-preproc", [20, 12.897735595703125, 28.852582454681396, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-2.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_RemU_PC"], "rIC3 -e kind --no-preproc", [20, 12.905391693115234, 42.9248263835907, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-281.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Rem_PC"], "rIC3 -e kind --no-preproc", [20, 12.91061782836914, 45.58787941932678, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-285.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_DivU_PC"], "rIC3 -e kind --no-preproc", [20, 12.910625457763672, 42.01600170135498, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-286.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]], [9, ["MType_Div_PC"], "rIC3 -e kind --no-preproc", [20, 12.908889770507812, 25.03040862083435, "OK", "RESULT: UNSAT\n", "[INFO ] the model to be checked: /home/louis-emile/OS-formal-ibex/dv/formal/build/aiger-293.aig\n[INFO ] origin ts has 9187644 vars, 1372344 inputs, 6882 latches, 12682095 clauses, 265 constraints\n[WARN ] Kind does not currently detect counter-example. Please run BMC separately or use the portfolio mode if needed.\n[INFO ] kind depth: 1\n[INFO ] k-induction proofed in depth 1\n"]]] \ No newline at end of file diff --git a/dv/formal/thm/btype.proof b/dv/formal/thm/btype.proof index fed98f9237..b7c1cd8fdb 100644 --- a/dv/formal/thm/btype.proof +++ b/dv/formal/thm/btype.proof @@ -8,12 +8,12 @@ # deal with the fact that the PC changes at inconvenient times. lemma btype - in (instr_will_progress & ex_is_pres_btype & ~ex_err) + in (instr_will_progress & ex_is_btype & ~ex_err) FinishFirstCycle: have (`ID.instr_first_cycle) / BInd: graph_induction +rev - cond (`CR.instr_valid_id & ex_is_pres_btype & ~ex_err & ~ex_kill) + cond (`CR.instr_valid_id & ex_is_btype & ~ex_err & ~ex_kill) inv nobranch (~ex_has_branched_d) inv eq (ex_has_branched_d == `CR.branch_decision && post_pc == ex_branch_dst) @@ -24,17 +24,17 @@ lemma btype split_bool (`CR.branch_decision) node progress eq (instr_will_progress) / - in (instr_will_progress & ex_is_pres_btype & ~ex_err) + in (instr_will_progress & ex_is_btype & ~ex_err) NoBranch: have (~`CR.branch_decision |-> spec_post_pc == pre_nextpc) Branch: have (`CR.branch_decision |-> spec_post_pc == `CR.branch_target_ex) lemma jump - in (instr_will_progress & ex_is_pres_jump & ~ex_err) + in (instr_will_progress & ex_is_jump & ~ex_err) FinishFirstCycle: have (`ID.instr_first_cycle) / JInd: graph_induction +rev - cond (`CR.instr_valid_id & ex_is_pres_jump & ~ex_err & ~ex_kill) + cond (`CR.instr_valid_id & ex_is_jump & ~ex_err & ~ex_kill) inv nobranch (~ex_has_branched_d) inv eq (ex_has_branched_d && post_pc[31:1] == `CR.branch_target_ex[31:1]) @@ -44,5 +44,5 @@ lemma jump node oma eq (`IDG.outstanding_memory_access & ~`ID.stall_ld_hz) => oma progress node progress eq (instr_will_progress) / - in (instr_will_progress & ex_is_pres_jump & ~ex_err) + in (instr_will_progress & ex_is_jump & ~ex_err) Branch: have (spec_post_pc[31:1] == `CR.branch_target_ex[31:1]) diff --git a/dv/formal/thm/ibex.proof b/dv/formal/thm/ibex.proof index b0995d572c..2e5034cb81 100644 --- a/dv/formal/thm/ibex.proof +++ b/dv/formal/thm/ibex.proof @@ -39,7 +39,7 @@ lemma ibex NonCompressedMatch: have (wbexc_finishing && wbexc_instr[1:0] == 2'b11 |-> wbexc_instr == wbexc_decompressed_instr) CompressedMatch: have (ex_has_compressed_instr |-> ex_compressed_instr[15:0] == `CR.instr_rdata_c_id) - PostFlushNoInstr: have (`IDC.ctrl_fsm_cs == `IDC.FLUSH |=> ~`CR.instr_valid_id) + PostFlushNoInstr: have (`IDC.ctrl_fsm_cs == FLUSH |=> ~`CR.instr_valid_id) DecompressionIllegalIdEx: have (ex_has_compressed_instr |-> decompressed_instr_illegal == `CR.illegal_c_insn_id) DecompressionMatchIdEx: have (ex_has_compressed_instr & ~`CR.illegal_insn_id & ~`CR.illegal_c_insn_id |-> decompressed_instr == `CR.instr_rdata_id) @@ -69,13 +69,13 @@ lemma ibex RfWriteWb: have (`CR.rf_write_wb & wbexc_finishing |-> `WB.rf_we_wb_o) - CtrlWbexc: have (wbexc_exists |-> `IDC.ctrl_fsm_cs == `IDC.DECODE || `IDC.ctrl_fsm_cs == `IDC.FLUSH) - ProgressDecode: have (instr_will_progress |-> `IDC.ctrl_fsm_cs == `IDC.DECODE) + CtrlWbexc: have (wbexc_exists |-> `IDC.ctrl_fsm_cs == DECODE || `IDC.ctrl_fsm_cs == FLUSH) + ProgressDecode: have (instr_will_progress |-> `IDC.ctrl_fsm_cs == DECODE) BranchedProg: have (ex_has_branched_d & ~instr_will_progress |=> ex_has_branched_d | `IDC.wb_exception_o) - IDCFsmAny: have (`IDC.ctrl_fsm_cs inside {`IDC.RESET, `IDC.BOOT_SET, `IDC.WAIT_SLEEP, `IDC.SLEEP, `IDC.FIRST_FETCH, `IDC.DECODE, `IDC.IRQ_TAKEN, `IDC.FLUSH}) - IDCFsmNotBoot: have (##3 ~(`IDC.ctrl_fsm_cs inside {`IDC.RESET, `IDC.BOOT_SET})) + IDCFsmAny: have (`IDC.ctrl_fsm_cs inside {RESET, BOOT_SET, WAIT_SLEEP, SLEEP, FIRST_FETCH, DECODE, IRQ_TAKEN, FLUSH}) + IDCFsmNotBoot: have (##3 ~(`IDC.ctrl_fsm_cs inside {RESET, BOOT_SET})) MemInstrEx: have (`LSU.ls_fsm_cs != `LSU.IDLE |-> ex_is_mem_instr) MemInstrWbLoad: have (`WB.outstanding_load_wb_o |-> wbexc_is_load_instr) @@ -85,9 +85,9 @@ lemma ibex ClockEn: have (instr_will_progress |-> ibex_top_i.clock_en) EnWbProgress: have (`WB.en_wb_i |-> instr_will_progress) DoneFin: have (`WBG.wb_done & `WBG.wb_valid_q & ~wbexc_err |-> wbexc_finishing) - ValidExists: have (`WBG.wb_valid_q |-> wbexc_exists) + ValidExists: have ((~wbexc_exists && ~`WBG.wb_valid_q) || (wbexc_exists && (`WBG.wb_valid_q || wbexc_err))) - UnCheckableNoPresent: have (wbexc_exists & `ISS_CSR & ~wbexc_is_checkable_csr |-> ~has_spec_past) + UnCheckableNoPresent: have (wbexc_exists & `IS_CSR & ~wbexc_is_checkable_csr |-> ~has_spec_past) MemInstrWbWrite: have ( wbexc_exists & wbexc_is_store_instr & ~wbexc_err |-> @@ -95,26 +95,27 @@ lemma ibex ) ValidToBranch: have (ex_has_branched_d |-> `CR.instr_valid_id) - LsuWeq: block - Ex: have (`LSU.ls_fsm_cs != `LSU.IDLE && mem_gnt_fst_q |-> ex_is_store_instr == `LSU.data_we_q) - / - Wb: have (outstanding_mem |-> wbexc_is_store_instr == `LSU.data_we_q) - - block - LSUEmpty: have (`LSU.ls_fsm_cs != `LSU.IDLE |-> ~wbexc_exists & ~ex_kill) - / - LSUEnd: have (`LSU.lsu_req_done_o |-> instr_will_progress) - - block - NoFinishingIRQ: have (wbexc_exists |-> ~wbexc_handling_irq) - / - SpecPastReg: have (wbexc_exists & wbexc_post_wX_en |-> spec_past_regs[wbexc_post_wX_addr] == wbexc_post_wX) - SpecPastWbexc: - each X Priv:(priv) Mstatus:(mstatus) Mie:(mie) Mcause:(mcause) Mtval:(mtval) Mtvec:(mtvec) \ - Mscratch:(mscratch) Mepc:(mepc) Mcounteren:(mcounteren) \ - Pmp_cfg:(pmp_cfg) Pmp_addr:(pmp_addr) Mseccfg:(mseccfg) \ - Pc:(pc) - have (wbexc_exists |-> spec_past_``X == wbexc_post_``X) + NoEarlyLSUErrq: have (`LSU.ls_fsm_cs == `LSU.WAIT_GNT_MIS || `LSU.ls_fsm_cs == `LSU.WAIT_RVALID_MIS |-> !`LSU.lsu_err_q) + InstrValidDuringLSU: have (`LSU.ls_fsm_cs != `LSU.IDLE |-> `IF.instr_valid_id_q) + NoInstrInNonDecode: have (`IDC.ctrl_fsm_cs inside {IRQ_TAKEN, FIRST_FETCH, SLEEP, WAIT_SLEEP} |-> ~`ID.instr_valid_i) + + LsuWeq_Ex: have (`LSU.ls_fsm_cs != `LSU.IDLE && mem_gnt_fst_q |-> ex_is_store_instr == `LSU.data_we_q) + LSUEmpty: have (`LSU.ls_fsm_cs != `LSU.IDLE |-> ~wbexc_exists & ~ex_kill) + NoFinishingIRQ: have (wbexc_exists |-> ~wbexc_handling_irq) + + / + + LsuWeq_Wb: have (outstanding_mem |-> wbexc_is_store_instr == `LSU.data_we_q) + MultDivStates: have ((~`MULT.mult_en_i -> `MULTG.mult_state_q == `MULTG.ALBL) && (~`MULT.div_en_i -> `MULT.md_state_q == `MULT.MD_IDLE)) + LSUEnd: have (`LSU.lsu_req_done_o |-> instr_will_progress) + + SpecPastReg: have (wbexc_exists & wbexc_post_wX_en |-> spec_past_regs[wbexc_post_wX_addr] == wbexc_post_wX) + SpecPastWbexc: + each X Priv:(priv) Mstatus:(mstatus) Mie:(mie) Mcause:(mcause) Mtval:(mtval) Mtvec:(mtvec) \ + Mscratch:(mscratch) Mepc:(mepc) Mcounteren:(mcounteren) \ + Pmp_cfg:(pmp_cfg) Pmp_addr:(pmp_addr) Mseccfg:(mseccfg) \ + Pc:(pc) + have (wbexc_exists |-> spec_past_``X == wbexc_post_``X) / @@ -123,7 +124,7 @@ lemma ibex # of waiting responses to the outstanding_mem signal. # It includes all LSU states and a couple of extra states for # once the instruction moves/has moved to writeback. - Memory: graph_induction +rev + Memory: graph_induction inv idle ( ~`LSU.handle_misaligned_q && `CR.lsu_resp_valid == outstanding_mem && @@ -135,16 +136,17 @@ lemma ibex `CR.lsu_resp_valid == outstanding_mem ) inv wait_gnt_mis ( - $stable(data_addr_o) && ~has_resp_waiting_q && ~`LSU.lsu_err_q && + $stable(data_addr_o) && + ~has_resp_waiting_q && (data_req_o == ~`LSU.pmp_err_q) && (`LSU.pmp_err_q == `CR.pmp_req_err[2]) ) inv wait_gnt ( - $stable(data_addr_o) && ~has_resp_waiting_q && + $stable(data_addr_o) && + ~has_resp_waiting_q && (data_req_o == ~`LSU.pmp_err_q) && (`LSU.pmp_err_q == `CR.pmp_req_err[2]) ) inv wait_rvalid_mis ( ($stable(`LSU.ls_fsm_cs) -> $stable(data_addr_o)) && - ~`LSU.lsu_err_q && ((~`LSU.pmp_err_q && has_one_resp_waiting_q) || (`LSU.pmp_err_q && ~has_resp_waiting_q)) ) inv wait_rvalid_mis_gnts_done ( @@ -207,13 +209,13 @@ lemma ibex StallNoChangeA: have (`LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(`ID.rf_rdata_a_fwd)) StallNoChangeB: have (data_we_o && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(`ID.rf_rdata_b_fwd)) - BecameDecodeIsInstrStart: have (`IDC.ctrl_fsm_cs == `IDC.DECODE && !$stable(`IDC.ctrl_fsm_cs) |-> ~`ID.instr_valid_i | `CR.instr_new_id) - BecameDecodeIsEmptyWbexc: have (`IDC.ctrl_fsm_cs == `IDC.DECODE && !$stable(`IDC.ctrl_fsm_cs) |-> ~wbexc_exists) + BecameDecodeIsInstrStart: have (`IDC.ctrl_fsm_cs == DECODE && !$stable(`IDC.ctrl_fsm_cs) |-> ~`ID.instr_valid_i | `CR.instr_new_id) + BecameDecodeIsEmptyWbexc: have (`IDC.ctrl_fsm_cs == DECODE && !$stable(`IDC.ctrl_fsm_cs) |-> ~wbexc_exists) FetchErrIsErr: have (wbexc_fetch_err & wbexc_exists |-> wbexc_err & `IDC.instr_fetch_err) # If control FSM is in `FIRST_FETCH`, then there shouldn't be an instruction that is already fetched by IF but not consumed by ID. # This helps to prove FetchErrRoot. - FirstFetchNoInstr: have (`IDC.ctrl_fsm_ns == `IDC.FIRST_FETCH |-> ~`IF.instr_valid_id_q) + FirstFetchNoInstr: have (`IDC.ctrl_fsm_ns == FIRST_FETCH |-> ~`IF.instr_valid_id_q) MemOpRequiresValid: have (`LSU.ls_fsm_cs != `LSU.IDLE || `CR.lsu_req |-> `ID.instr_valid_i) @@ -224,6 +226,11 @@ lemma ibex # When there is an instruction is finished in EX but is blocked from moving to WB then there must be a valid instruction in the WB stage. This is a helper property for DivInstrStable InstrInWbStage: have (wbexc_exists & ~wbexc_finishing -> `WBG.wb_valid_q) + NoInstrFirstCycle: have (~`ID.instr_valid_i |-> `ID.id_fsm_d == `ID.FIRST_CYCLE) + NoInstrNoGnt: have (~`ID.instr_valid_i |-> ~mem_gnt_fst_q) + + PcMatch: have (`ID.instr_valid_i & ~ex_has_branched_d & ~`IDC.instr_fetch_err & ~ex_kill |-> pre_nextpc == `IF.pc_if_o) + / MemErrKind: have (finishing_executed && wbexc_is_mem_instr && ~wbexc_illegal && wbexc_err |-> `IDC.store_err_q | `IDC.load_err_q) @@ -241,22 +248,22 @@ lemma ibex StallNoChangeLsuWData: have ((data_we_o && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(`LSU.lsu_wdata_i))) # These properties take some time to prove, but do prove with low proof effort. Just run them with individual Hp instances. - SpecStableLoad: have (ex_is_pres_load_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_read)) - SpecStableLoadSnd: have (ex_is_pres_load_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_read_snd)) - SpecStableLoadAddr: have (ex_is_pres_load_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_read_fst_addr)) - SpecStableLoadSndAddr: have (ex_is_pres_load_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_read_snd_addr)) + SpecStableLoad: have (ex_is_load_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_read)) + SpecStableLoadSnd: have (ex_is_load_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_read_snd)) + SpecStableLoadAddr: have (ex_is_load_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_read_fst_addr)) + SpecStableLoadSndAddr: have (ex_is_load_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_read_snd_addr)) - SpecStableStore: have (ex_is_pres_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write)) - SpecStableStoreSnd: have (ex_is_pres_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_snd)) - SpecStableStoreAddr: have (ex_is_pres_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_fst_addr)) - SpecStableStoreSndAddr: have (ex_is_pres_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_snd_addr)) - SpecStableStoreData: have (ex_is_pres_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_fst_wdata)) - SpecStableStoreSndData: have (ex_is_pres_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_snd_wdata)) + SpecStableStore: have (ex_is_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write)) + SpecStableStoreSnd: have (ex_is_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_snd)) + SpecStableStoreAddr: have (ex_is_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_fst_addr)) + SpecStableStoreSndAddr: have (ex_is_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_snd_addr)) + SpecStableStoreData: have (ex_is_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_fst_wdata)) + SpecStableStoreSndData: have (ex_is_store_instr && `LSU.ls_fsm_cs != `LSU.IDLE && ($past(`LSU.ls_fsm_cs) != `LSU.IDLE || $past(`LSU.lsu_req_i)) |-> $stable(spec_mem_write_snd_wdata)) - FetchErrRoot: have (`ID.instr_valid_i && (`IDC.ctrl_fsm_cs == `IDC.FLUSH -> ~$past(`IDC.csr_pipe_flush)) |-> spec_fetch_err == `ID.instr_fetch_err_i) + FetchErrRoot: have (`ID.instr_valid_i && (`IDC.ctrl_fsm_cs == FLUSH -> ~$past(`IDC.csr_pipe_flush)) |-> spec_fetch_err == `ID.instr_fetch_err_i) - LoadNotSpecWrite: have (`ID.instr_valid_i & ex_is_pres_load_instr |-> ~spec_mem_write) - StoreNotSpecRead: have (`ID.instr_valid_i & ex_is_pres_store_instr |-> ~spec_mem_read) + LoadNotSpecWrite: have (`ID.instr_valid_i & ex_is_load_instr |-> ~spec_mem_write) + StoreNotSpecRead: have (`ID.instr_valid_i & ex_is_store_instr |-> ~spec_mem_read) FirstCycleNoGnt: have (`ID.instr_first_cycle |-> ~mem_gnt_fst_q) MemStartFirstCycle: have (`LSU.ls_fsm_cs == `LSU.IDLE && `CR.lsu_req |-> `ID.instr_first_cycle) @@ -269,6 +276,9 @@ lemma ibex (instr_mem_assume.outstanding_reqs_q == 0) == (~`IFP.rdata_outstanding_q[1] && ~`IFP.rdata_outstanding_q[0]) ) + NoMemThroughout: have (~ex_is_mem_instr & `ID.instr_valid_i |-> ~mem_gnt_fst_d) + MTypePCThroughout: have (ex_is_mtype & `ID.instr_valid_i & ~`ID.instr_fetch_err_i & ~ex_kill |-> spec_post_pc == post_pc) + / MepcEn: have (`CSR.mepc_en |-> instr_will_progress | wbexc_finishing | wbexc_handling_irq) @@ -301,9 +311,9 @@ lemma live DivMiddle: have (`MULT.div_counter_q == 5'd31 && `MULT.md_state_q == `MULT.MD_COMP |-> ##30 `MULT.div_counter_q == 5'd1 && `MULT.md_state_q == `MULT.MD_COMP) DivEnd: have (`MULT.div_counter_q == 5'd1 && `MULT.md_state_q == `MULT.MD_COMP |-> ##3 instr_will_progress) - WFIStart: have (instr_will_progress & ex_is_wfi & ~ex_err |-> ##[0:5] `IDC.ctrl_fsm_cs == `IDC.SLEEP) - WFIMiddle: have (`IDC.ctrl_fsm_cs == `IDC.SLEEP |-> ##[0:20] `IDC.ctrl_fsm_cs == `IDC.SLEEP && `IDC.ctrl_fsm_ns == `IDC.FIRST_FETCH) - WFIEnd: have (`IDC.ctrl_fsm_cs == `IDC.SLEEP && `IDC.ctrl_fsm_ns == `IDC.FIRST_FETCH |-> ##[0:5] `IF.id_in_ready_i) + WFIStart: have (instr_will_progress & ex_is_wfi & ~ex_err |-> ##[0:5] `IDC.ctrl_fsm_cs == SLEEP) + WFIMiddle: have (`IDC.ctrl_fsm_cs == SLEEP |-> ##[0:20] `IDC.ctrl_fsm_cs == SLEEP && `IDC.ctrl_fsm_ns == FIRST_FETCH) + WFIEnd: have (`IDC.ctrl_fsm_cs == SLEEP && `IDC.ctrl_fsm_ns == FIRST_FETCH |-> ##[0:5] `IF.id_in_ready_i) NewProgNormal: have (`CR.instr_new_id & `CR.instr_valid_id & ~ex_is_div & ~ex_is_mem_instr |-> ##[0:5] (instr_will_progress | (ex_kill & `CR.instr_valid_id))) NewProgMem: have (`CR.instr_new_id & `CR.instr_valid_id & ex_is_mem_instr |-> ##[0:10] (instr_will_progress | (ex_kill & `CR.instr_valid_id))) diff --git a/dv/formal/thm/mem.proof b/dv/formal/thm/mem.proof index b517a8e883..efb5fe8d9e 100644 --- a/dv/formal/thm/mem.proof +++ b/dv/formal/thm/mem.proof @@ -17,12 +17,12 @@ lemma mem MisStates: have (`LSU.ls_fsm_cs == `LSU.WAIT_GNT_MIS || `LSU.ls_fsm_cs == `LSU.WAIT_RVALID_MIS || `LSU.ls_fsm_cs == `LSU.WAIT_RVALID_MIS_GNTS_DONE |-> `LSU.split_misaligned_access) - LoadPMPErrorWx: have (`CR.instr_valid_id & ex_is_pres_load_instr |-> spec_post_wX_en == ~spec_has_pmp_err) + LoadPMPErrorWx: have (`CR.instr_valid_id & ex_is_load_instr |-> spec_post_wX_en == ~spec_has_pmp_err) # Another graph induction for LSU states which specifically bind what is # happening to the specification. MemSpec: graph_induction +rev - cond (ex_is_pres_mem_instr && (`LSU.ls_fsm_cs != `LSU.IDLE || `CR.lsu_req)) + cond (ex_is_mem_instr && (`LSU.ls_fsm_cs != `LSU.IDLE || `CR.lsu_req)) inv fst_req ( (data_req_o -> (mem_req_fst_d && fst_mem_cmp)) && @@ -99,44 +99,44 @@ lemma mem LSU2ndReqStep: have (data_req_o & $past(data_gnt_i) & ~$past(instr_will_progress) |-> data_we_o == $past(data_we_o) && data_addr_o == $past(data_addr_o) + 4) LSUInternalHold: have (`LSU.data_req_o && ~data_gnt_i && ~`LSU.pmp_err_q |=> $stable(data_addr_o)) - NoMem: have (~ex_is_pres_mem_instr & instr_will_progress |-> ~mem_gnt_fst_d) # Top level property! Non memory instructions don't do memory requests! + NoMem: have (~ex_is_mem_instr & instr_will_progress |-> ~mem_gnt_fst_d) # Top level property! Non memory instructions don't do memory requests! - PMPErrMatch: have (ex_is_pres_mem_instr & instr_will_progress & ~`CR.illegal_insn_id & ~`CR.instr_fetch_err |-> spec_has_pmp_err == (`LSU.lsu_err_d | `LSU.pmp_err_d)) + PMPErrMatch: have (ex_is_mem_instr & instr_will_progress & ~`CR.illegal_insn_id & ~`CR.instr_fetch_err |-> spec_has_pmp_err == (`LSU.lsu_err_d | `LSU.pmp_err_d)) - PCMaintainEx1: have (`ID.instr_valid_i & ex_is_pres_mem_instr & ~ex_err & ~ex_kill |-> pre_nextpc == post_pc) - PCMaintainEx2: have (`ID.instr_valid_i & ex_is_pres_mem_instr & ~ex_err & ~ex_kill & ~spec_has_pmp_err |-> pre_nextpc == spec_post_pc) - CSRMaintainEx: have (`ID.instr_valid_i & ex_is_pres_mem_instr & ~ex_err & ~ex_kill & ~spec_has_pmp_err |-> ex_csrs_match) - ExcCSRMaintainEx: have (`ID.instr_valid_i & ex_is_pres_mem_instr & ~ex_err & ~ex_kill & spec_has_pmp_err |-> ex_csrs_match_non_exc) + PCMaintainEx1: have (`ID.instr_valid_i & ex_is_mem_instr & ~ex_err & ~ex_kill |-> pre_nextpc == post_pc) + PCMaintainEx2: have (`ID.instr_valid_i & ex_is_mem_instr & ~ex_err & ~ex_kill & ~spec_has_pmp_err |-> pre_nextpc == spec_post_pc) + CSRMaintainEx: have (`ID.instr_valid_i & ex_is_mem_instr & ~ex_err & ~ex_kill & ~spec_has_pmp_err |-> ex_csrs_match) + ExcCSRMaintainEx: have (`ID.instr_valid_i & ex_is_mem_instr & ~ex_err & ~ex_kill & spec_has_pmp_err |-> ex_csrs_match_non_exc) AltLSUVeryEarly: have (`LSU.ls_fsm_cs != `LSU.IDLE & spec_post_wX_en & ~lsu_had_first_resp |-> spec_post_wX == alt_lsu_very_early_res) / - PCNoChangeNoBranch: have (wbexc_exists & wbexc_is_pres_mem_instr & ~wbexc_err & ~ex_has_branched_d |-> (`ID.instr_valid_i ? pre_pc : `CR.pc_if) == wbexc_dut_post_pc) + PCNoChangeNoBranch: have (wbexc_exists & wbexc_is_mem_instr & ~wbexc_err & ~ex_has_branched_d |-> (`ID.instr_valid_i ? pre_pc : `CR.pc_if) == wbexc_dut_post_pc) AltLSUEarly: have (`LSU.ls_fsm_cs != `LSU.IDLE & spec_post_wX_en & lsu_had_first_resp |-> spec_post_wX == alt_lsu_early_res) / - AltLSU: have (wbexc_exists & wbexc_is_pres_load_instr & ~wbexc_err & wbexc_post_wX_en |-> wbexc_post_wX == alt_lsu_late_res) - PCNoChangeBranch: have (wbexc_exists & wbexc_is_pres_mem_instr & ~wbexc_err & ex_has_branched_d |-> pre_pc == wbexc_dut_post_pc) - PCExc: have (wbexc_exists & wbexc_is_pres_mem_instr & `LSU.data_or_pmp_err |-> wbexc_post_pc == { `IF.csr_mtvec_i[31:8], 8'h00 }) - - CSRMaintain: have (wbexc_exists & wbexc_is_pres_mem_instr & ~wbexc_err & ~`LSU.data_or_pmp_err |-> csrs_match) - CSRNoChange: have (wbexc_exists & wbexc_is_pres_mem_instr & ~wbexc_err |-> csrs_didnt_change) - PCMaintainWb: have (wbexc_exists & wbexc_is_pres_mem_instr & ~wbexc_err & ~`LSU.data_or_pmp_err |-> wbexc_post_pc == wbexc_dut_post_pc) - LoadAddrMaintain: have (wbexc_exists & wbexc_is_pres_load_instr & ~wbexc_err & ~`LSU.data_or_pmp_err |-> wbexc_post_wX_en && `WBG.rf_waddr_wb_q == wbexc_post_wX_addr && ~`WBG.rf_we_wb_q) - StoreAddrMaintain: have (wbexc_exists & wbexc_is_pres_store_instr & ~wbexc_err |-> ~wbexc_post_wX_en && ~`WBG.rf_we_wb_q) - ExcAddrMaintain: have (wbexc_exists & wbexc_is_pres_mem_instr & `LSU.data_or_pmp_err |-> ~wbexc_post_wX_en) - - ExcCSRMaintainMCause: have (wbexc_exists & wbexc_is_pres_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_mcause == (wbexc_is_store_instr ? ExcCauseStoreAccessFault : ExcCauseLoadAccessFault)) - ExcCSRMaintainMTVal: have (wbexc_exists & wbexc_is_pres_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_mtval == `LSU.addr_last_o) - ExcCSRMaintainMStatus: have (wbexc_exists & wbexc_is_pres_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> + AltLSU: have (wbexc_exists & wbexc_is_load_instr & ~wbexc_err & wbexc_post_wX_en |-> wbexc_post_wX == alt_lsu_late_res) + PCNoChangeBranch: have (wbexc_exists & wbexc_is_mem_instr & ~wbexc_err & ex_has_branched_d |-> pre_pc == wbexc_dut_post_pc) + PCExc: have (wbexc_exists & wbexc_is_mem_instr & `LSU.data_or_pmp_err |-> wbexc_post_pc == { `IF.csr_mtvec_i[31:8], 8'h00 }) + + CSRMaintain: have (wbexc_exists & wbexc_is_mem_instr & ~wbexc_err & ~`LSU.data_or_pmp_err |-> csrs_match) + CSRNoChange: have (wbexc_exists & wbexc_is_mem_instr & ~wbexc_err |-> csrs_didnt_change) + PCMaintainWb: have (wbexc_exists & wbexc_is_mem_instr & ~wbexc_err & ~`LSU.data_or_pmp_err |-> wbexc_post_pc == wbexc_dut_post_pc) + LoadAddrMaintain: have (wbexc_exists & wbexc_is_load_instr & ~wbexc_err & ~`LSU.data_or_pmp_err |-> wbexc_post_wX_en && `WBG.rf_waddr_wb_q == wbexc_post_wX_addr && ~`WBG.rf_we_wb_q) + StoreAddrMaintain: have (wbexc_exists & wbexc_is_store_instr & ~wbexc_err |-> ~wbexc_post_wX_en && ~`WBG.rf_we_wb_q) + ExcAddrMaintain: have (wbexc_exists & wbexc_is_mem_instr & `LSU.data_or_pmp_err |-> ~wbexc_post_wX_en) + + ExcCSRMaintainMCause: have (wbexc_exists & wbexc_is_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_mcause == (wbexc_is_store_instr ? ExcCauseStoreAccessFault : ExcCauseLoadAccessFault)) + ExcCSRMaintainMTVal: have (wbexc_exists & wbexc_is_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_mtval == `LSU.addr_last_o) + ExcCSRMaintainMStatus: have (wbexc_exists & wbexc_is_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_mstatus.mie == 1'b0 && wbexc_post_mstatus.mpie == pre_mstatus.mie && wbexc_post_mstatus.mpp == (pre_priv == Machine ? PRIV_LVL_M : PRIV_LVL_U) ) - ExcCSRMaintainMepc: have (wbexc_exists & wbexc_is_pres_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_mepc == `CR.pc_wb) - ExcCSRMaintainPriv: have (wbexc_exists & wbexc_is_pres_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_priv == Machine) - ExcCSRMaintainRest: have (wbexc_exists & wbexc_is_pres_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> csrs_match_non_exc) + ExcCSRMaintainMepc: have (wbexc_exists & wbexc_is_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_mepc == `CR.pc_wb) + ExcCSRMaintainPriv: have (wbexc_exists & wbexc_is_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> wbexc_post_priv == Machine) + ExcCSRMaintainRest: have (wbexc_exists & wbexc_is_mem_instr & `LSU.data_or_pmp_err & ~wbexc_fetch_err & ~wbexc_illegal |-> csrs_match_non_exc) # Top level load properties lemma load - cond (ex_is_pres_load_instr) + cond (ex_is_load_instr) NoWe: have (spec_mem_read & data_req_o |-> ~data_we_o) En: have (data_req_o |-> spec_mem_read) @@ -152,7 +152,7 @@ lemma load # Top level store properties lemma store - cond (ex_is_pres_store_instr) + cond (ex_is_store_instr) We: have (spec_mem_write & data_req_o |-> data_we_o) En: have (data_req_o |-> spec_mem_write) diff --git a/dv/formal/thm/riscv.proof b/dv/formal/thm/riscv.proof index 7c023a8dfc..8e33bdb67b 100644 --- a/dv/formal/thm/riscv.proof +++ b/dv/formal/thm/riscv.proof @@ -47,27 +47,27 @@ lemma riscv / Arith: - in I:(`ISS_ADDI | `ISS_SLTI | `ISS_SLTIU | `ISS_XORI | `ISS_ORI | `ISS_ANDI) \ - R:(`ISS_ADD | `ISS_SUB | `ISS_SLL | `ISS_SLT | `ISS_SLTU | `ISS_XOR | `ISS_SRL | `ISS_SRA | `ISS_OR | `ISS_AND) \ - Shift:(`ISS_SHIFTIOP) + in I:(`IS_ADDI | `IS_SLTI | `IS_SLTIU | `IS_XORI | `IS_ORI | `IS_ANDI) \ + R:(`IS_ADD | `IS_SUB | `IS_SLL | `IS_SLT | `IS_SLTU | `IS_XOR | `IS_SRL | `IS_SRA | `IS_OR | `IS_AND) \ + Shift:(`IS_SHIFTIOP) use structure_fast / use spec_compliant_no_err # Never actually proved, just assumed to be true instead. MType: - in Mul:(`ISS_MUL) MulH:(`ISS_MULH) MulHSH:(`ISS_MULHSH) MulHU:(`ISS_MULHU) Div:(`ISS_DIV) DivU:(`ISS_DIVU) Rem:(`ISS_REM) RemU:(`ISS_REMU) + in Mul:(`IS_MUL) MulH:(`IS_MULH) MulHSH:(`IS_MULHSH) MulHU:(`IS_MULHU) Div:(`IS_DIV) DivU:(`IS_DIVU) Rem:(`IS_REM) RemU:(`IS_REMU) use spec_compliant_no_err CSR: - in (`ISS_CSR & wbexc_is_checkable_csr) + in (`IS_CSR & wbexc_is_checkable_csr) use structure_fast / use spec_compliant split_bool Err:(wbexc_err) BType: - in (`ISS_BTYPE) + in (`IS_BTYPE) lemma btype use structure_fast / @@ -76,31 +76,31 @@ lemma riscv JType: block lemma jump / - in Jal:(`ISS_JAL) Jalr:(`ISS_JALR) + in Jal:(`IS_JAL) Jalr:(`IS_JALR) use structure_fast / use spec_compliant UType: - in Lui:(`ISS_LUI) Auipc:(`ISS_AUIPC) + in Lui:(`IS_LUI) Auipc:(`IS_AUIPC) use structure_fast / use spec_compliant Fence: - in Fence:(`ISS_FENCE) FenceI:(`ISS_FENCEI) + in Fence:(`IS_FENCE) FenceI:(`IS_FENCEI) use structure_fast / use spec_compliant Special: - in ECall:(`ISS_ECALL) EBreak:(`ISS_EBREAK) MRet:(`ISS_MRET) + in ECall:(`IS_ECALL) EBreak:(`IS_EBREAK) MRet:(`IS_MRET) use structure_fast / use spec_compliant WFI: - in (`ISS_WFI && finishing_executed && ~wbexc_illegal) + in (`IS_WFI && finishing_executed && ~wbexc_illegal) use structure_fast / use spec_compliant_raw @@ -112,7 +112,7 @@ lemma riscv Load: lemma load Store: lemma store / - in L:(wbexc_is_pres_load_instr) S:(wbexc_is_pres_store_instr) + in L:(wbexc_is_load_instr) S:(wbexc_is_store_instr) use spec_compliant split_bool Err:(wbexc_err) @@ -120,7 +120,7 @@ lemma riscv PC: have (pc_match) CSR: have (csrs_match) - Illegal: in (wbexc_illegal & can_check_illegal & wbexc_finishing & ~wbexc_fetch_err & (`ISS_CSR -> wbexc_is_checkable_csr)) + Illegal: in (wbexc_illegal & wbexc_finishing & ~wbexc_fetch_err & (`IS_CSR -> wbexc_is_checkable_csr)) Fast: have ($past(instr_will_progress)) / use spec_compliant_raw @@ -135,7 +135,7 @@ lemma riscv # Uncomment this for liveness proofs, see ibex.proof for a description of when this can be done. # Liveness: lemma live - Top: in (wbexc_finishing & (`ISS_CSR -> wbexc_is_checkable_csr)) + Top: in (wbexc_finishing & (`IS_CSR -> wbexc_is_checkable_csr)) use spec_compliant_raw / @@ -153,7 +153,7 @@ lemma riscv Pmp_cfg:(pmp_cfg) Pmp_addr:(pmp_addr) Mseccfg:(mseccfg) have (spec_past_``X == pre_``X) - SleepSpecPastPC: have (has_spec_past & (`IDC.ctrl_fsm_cs == `IDC.WAIT_SLEEP || `IDC.ctrl_fsm_cs == `IDC.SLEEP) |-> spec_past_pc == `CR.pc_if) + SleepSpecPastPC: have (has_spec_past & (`IDC.ctrl_fsm_cs == WAIT_SLEEP || `IDC.ctrl_fsm_cs == SLEEP) |-> spec_past_pc == `CR.pc_if) / @@ -172,8 +172,8 @@ lemma riscv Pc:(pc) have (has_spec_past |-> pre_``X == spec_past_``X) - RegA: have (spec_rx_a_en && (spec_rx_a_addr != 0) && spec_past_has_reg[spec_rx_a_addr] |-> spec_rx_a == spec_past_regs[spec_rx_a_addr]) - RegB: have (spec_rx_b_en && (spec_rx_b_addr != 0) && spec_past_has_reg[spec_rx_b_addr] |-> spec_rx_b == spec_past_regs[spec_rx_b_addr]) + RegA: have (reg_driven[`CR.rf_raddr_a] && spec_past_has_reg[`CR.rf_raddr_a] |-> spec_past_regs[`CR.rf_raddr_a] == pre_regs_cut[`CR.rf_raddr_a]) + RegB: have (reg_driven[`CR.rf_raddr_b] && spec_past_has_reg[`CR.rf_raddr_b] |-> spec_past_regs[`CR.rf_raddr_b] == pre_regs_cut[`CR.rf_raddr_b]) # Live: have (always (##[1:157 + 2*`WFI_BOUND + 17*`TIME_LIMIT] spec_en)) diff --git a/dv/formal/uv.lock b/dv/formal/uv.lock index cf63fcd106..8399344fe9 100644 --- a/dv/formal/uv.lock +++ b/dv/formal/uv.lock @@ -62,6 +62,7 @@ dependencies = [ { name = "hjson" }, { name = "mako" }, { name = "packaging" }, + { name = "psutil" }, { name = "pyyaml" }, ] @@ -73,7 +74,8 @@ requires-dist = [ { name = "hjson", specifier = "==3.1.0" }, { name = "mako", specifier = "==1.1.6" }, { name = "packaging", specifier = "==24.2" }, - { name = "pyyaml", specifier = "==6.0" }, + { name = "psutil", specifier = ">=7.0.0" }, + { name = "pyyaml", specifier = "==6.0.2" }, ] [[package]] @@ -176,6 +178,21 @@ wheels = [ { url = "https://files.pythonhosted.org/packages/88/ef/eb23f262cca3c0c4eb7ab1933c3b1f03d021f2c48f54763065b6f0e321be/packaging-24.2-py3-none-any.whl", hash = "sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759", size = 65451, upload-time = "2024-11-08T09:47:44.722Z" }, ] +[[package]] +name = "psutil" +version = "7.0.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/2a/80/336820c1ad9286a4ded7e845b2eccfcb27851ab8ac6abece774a6ff4d3de/psutil-7.0.0.tar.gz", hash = "sha256:7be9c3eba38beccb6495ea33afd982a44074b78f28c434a1f51cc07fd315c456", size = 497003, upload-time = "2025-02-13T21:54:07.946Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/ed/e6/2d26234410f8b8abdbf891c9da62bee396583f713fb9f3325a4760875d22/psutil-7.0.0-cp36-abi3-macosx_10_9_x86_64.whl", hash = "sha256:101d71dc322e3cffd7cea0650b09b3d08b8e7c4109dd6809fe452dfd00e58b25", size = 238051, upload-time = "2025-02-13T21:54:12.36Z" }, + { url = "https://files.pythonhosted.org/packages/04/8b/30f930733afe425e3cbfc0e1468a30a18942350c1a8816acfade80c005c4/psutil-7.0.0-cp36-abi3-macosx_11_0_arm64.whl", hash = "sha256:39db632f6bb862eeccf56660871433e111b6ea58f2caea825571951d4b6aa3da", size = 239535, upload-time = "2025-02-13T21:54:16.07Z" }, + { url = "https://files.pythonhosted.org/packages/2a/ed/d362e84620dd22876b55389248e522338ed1bf134a5edd3b8231d7207f6d/psutil-7.0.0-cp36-abi3-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1fcee592b4c6f146991ca55919ea3d1f8926497a713ed7faaf8225e174581e91", size = 275004, upload-time = "2025-02-13T21:54:18.662Z" }, + { url = "https://files.pythonhosted.org/packages/bf/b9/b0eb3f3cbcb734d930fdf839431606844a825b23eaf9a6ab371edac8162c/psutil-7.0.0-cp36-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4b1388a4f6875d7e2aff5c4ca1cc16c545ed41dd8bb596cefea80111db353a34", size = 277986, upload-time = "2025-02-13T21:54:21.811Z" }, + { url = "https://files.pythonhosted.org/packages/eb/a2/709e0fe2f093556c17fbafda93ac032257242cabcc7ff3369e2cb76a97aa/psutil-7.0.0-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a5f098451abc2828f7dc6b58d44b532b22f2088f4999a937557b603ce72b1993", size = 279544, upload-time = "2025-02-13T21:54:24.68Z" }, + { url = "https://files.pythonhosted.org/packages/50/e6/eecf58810b9d12e6427369784efe814a1eec0f492084ce8eb8f4d89d6d61/psutil-7.0.0-cp37-abi3-win32.whl", hash = "sha256:ba3fcef7523064a6c9da440fc4d6bd07da93ac726b5733c29027d7dc95b39d99", size = 241053, upload-time = "2025-02-13T21:54:34.31Z" }, + { url = "https://files.pythonhosted.org/packages/50/1b/6921afe68c74868b4c9fa424dad3be35b095e16687989ebbb50ce4fceb7c/psutil-7.0.0-cp37-abi3-win_amd64.whl", hash = "sha256:4cf3d4eb1aa9b348dec30105c55cd9b7d4629285735a102beb4441e38db90553", size = 244885, upload-time = "2025-02-13T21:54:37.486Z" }, +] + [[package]] name = "pyparsing" version = "3.2.3" @@ -187,24 +204,46 @@ wheels = [ [[package]] name = "pyyaml" -version = "6.0" +version = "6.0.2" source = { registry = "https://pypi.org/simple" } -sdist = { url = "https://files.pythonhosted.org/packages/36/2b/61d51a2c4f25ef062ae3f74576b01638bebad5e045f747ff12643df63844/PyYAML-6.0.tar.gz", hash = "sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2", size = 124996, upload-time = "2021-10-13T19:40:57.802Z" } +sdist = { url = "https://files.pythonhosted.org/packages/54/ed/79a089b6be93607fa5cdaedf301d7dfb23af5f25c398d5ead2525b063e17/pyyaml-6.0.2.tar.gz", hash = "sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e", size = 130631, upload-time = "2024-08-06T20:33:50.674Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/44/e5/4fea13230bcebf24b28c0efd774a2dd65a0937a2d39e94a4503438b078ed/PyYAML-6.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:d4db7c7aef085872ef65a8fd7d6d09a14ae91f691dec3e87ee5ee0539d516f53", size = 197589, upload-time = "2021-10-13T19:39:42.916Z" }, - { url = "https://files.pythonhosted.org/packages/91/49/d46d7b15cddfa98533e89f3832f391aedf7e31f37b4d4df3a7a7855a7073/PyYAML-6.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:9df7ed3b3d2e0ecfe09e14741b857df43adb5a3ddadc919a2d94fbdf78fea53c", size = 173975, upload-time = "2021-10-13T19:39:45.895Z" }, - { url = "https://files.pythonhosted.org/packages/5e/f4/7b4bb01873be78fc9fde307f38f62e380b7111862c165372cf094ca2b093/PyYAML-6.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:77f396e6ef4c73fdc33a9157446466f1cff553d979bd00ecb64385760c6babdc", size = 733711, upload-time = "2021-10-13T19:39:47.617Z" }, - { url = "https://files.pythonhosted.org/packages/ef/ad/b443cce94539e57e1a745a845f95c100ad7b97593d7e104051e43f730ecd/PyYAML-6.0-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a80a78046a72361de73f8f395f1f1e49f956c6be882eed58505a15f3e430962b", size = 757857, upload-time = "2021-10-13T19:39:49.944Z" }, - { url = "https://files.pythonhosted.org/packages/02/25/6ba9f6bb50a3d4fbe22c1a02554dc670682a07c8701d1716d19ddea2c940/PyYAML-6.0-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:f84fbc98b019fef2ee9a1cb3ce93e3187a6df0b2538a651bfb890254ba9f90b5", size = 682157, upload-time = "2021-10-13T19:39:51.596Z" }, - { url = "https://files.pythonhosted.org/packages/0f/93/5f81d1925ce3b531f5ff215376445ec220887cd1c9a8bde23759554dbdfd/PyYAML-6.0-cp310-cp310-win32.whl", hash = "sha256:2cd5df3de48857ed0544b34e2d40e9fac445930039f3cfe4bcc592a1f836d513", size = 138123, upload-time = "2021-10-13T19:39:53.54Z" }, - { url = "https://files.pythonhosted.org/packages/b7/09/2f6f4851bbca08642fef087bade095edc3c47f28d1e7bff6b20de5262a77/PyYAML-6.0-cp310-cp310-win_amd64.whl", hash = "sha256:daf496c58a8c52083df09b80c860005194014c3698698d1a57cbcfa182142a3a", size = 151651, upload-time = "2021-10-13T19:39:55.964Z" }, - { url = "https://files.pythonhosted.org/packages/f8/54/799b059314b13e1063473f76e908f44106014d18f54b16c83a16edccd5ec/PyYAML-6.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:d4b0ba9512519522b118090257be113b9468d804b19d63c71dbcf4a48fa32358", size = 188559, upload-time = "2022-09-13T22:11:53.663Z" }, - { url = "https://files.pythonhosted.org/packages/cb/5f/05dd91f5046e2256e35d885f3b8f0f280148568f08e1bf20421887523e9a/PyYAML-6.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:81957921f441d50af23654aa6c5e5eaf9b06aba7f0a19c18a538dc7ef291c5a1", size = 167479, upload-time = "2022-09-13T22:11:55.996Z" }, - { url = "https://files.pythonhosted.org/packages/7f/d9/6a0d14ac8d3b5605dc925d177c1d21ee9f0b7b39287799db1e50d197b2f4/PyYAML-6.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:afa17f5bc4d1b10afd4466fd3a44dc0e245382deca5b3c353d8b757f9e3ecb8d", size = 732352, upload-time = "2022-09-13T22:11:58.503Z" }, - { url = "https://files.pythonhosted.org/packages/68/3f/c027422e49433239267c62323fbc6320d6ac8d7d50cf0cb2a376260dad5f/PyYAML-6.0-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:dbad0e9d368bb989f4515da330b88a057617d16b6a8245084f1b05400f24609f", size = 753020, upload-time = "2022-09-13T22:12:01.224Z" }, - { url = "https://files.pythonhosted.org/packages/56/8f/e8b49ad21d26111493dc2d5cae4d7efbd0e2e065440665f5023515f87f64/PyYAML-6.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:432557aa2c09802be39460360ddffd48156e30721f5e8d917f01d31694216782", size = 757901, upload-time = "2022-09-13T22:12:03.607Z" }, - { url = "https://files.pythonhosted.org/packages/fc/48/531ecd926fe0a374346dd811bf1eda59a95583595bb80eadad511f3269b8/PyYAML-6.0-cp311-cp311-win32.whl", hash = "sha256:bfaef573a63ba8923503d27530362590ff4f576c626d86a9fed95822a8255fd7", size = 129269, upload-time = "2022-09-13T22:12:06.279Z" }, - { url = "https://files.pythonhosted.org/packages/59/00/30e33fcd2a4562cd40c49c7740881009240c5cbbc0e41ca79ca4bba7c24b/PyYAML-6.0-cp311-cp311-win_amd64.whl", hash = "sha256:01b45c0191e6d66c470b6cf1b9531a771a83c1c4208272ead47a3ae4f2f603bf", size = 143181, upload-time = "2022-09-13T22:12:08.72Z" }, + { url = "https://files.pythonhosted.org/packages/9b/95/a3fac87cb7158e231b5a6012e438c647e1a87f09f8e0d123acec8ab8bf71/PyYAML-6.0.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086", size = 184199, upload-time = "2024-08-06T20:31:40.178Z" }, + { url = "https://files.pythonhosted.org/packages/c7/7a/68bd47624dab8fd4afbfd3c48e3b79efe09098ae941de5b58abcbadff5cb/PyYAML-6.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf", size = 171758, upload-time = "2024-08-06T20:31:42.173Z" }, + { url = "https://files.pythonhosted.org/packages/49/ee/14c54df452143b9ee9f0f29074d7ca5516a36edb0b4cc40c3f280131656f/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237", size = 718463, upload-time = "2024-08-06T20:31:44.263Z" }, + { url = "https://files.pythonhosted.org/packages/4d/61/de363a97476e766574650d742205be468921a7b532aa2499fcd886b62530/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b", size = 719280, upload-time = "2024-08-06T20:31:50.199Z" }, + { url = "https://files.pythonhosted.org/packages/6b/4e/1523cb902fd98355e2e9ea5e5eb237cbc5f3ad5f3075fa65087aa0ecb669/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed", size = 751239, upload-time = "2024-08-06T20:31:52.292Z" }, + { url = "https://files.pythonhosted.org/packages/b7/33/5504b3a9a4464893c32f118a9cc045190a91637b119a9c881da1cf6b7a72/PyYAML-6.0.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180", size = 695802, upload-time = "2024-08-06T20:31:53.836Z" }, + { url = "https://files.pythonhosted.org/packages/5c/20/8347dcabd41ef3a3cdc4f7b7a2aff3d06598c8779faa189cdbf878b626a4/PyYAML-6.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68", size = 720527, upload-time = "2024-08-06T20:31:55.565Z" }, + { url = "https://files.pythonhosted.org/packages/be/aa/5afe99233fb360d0ff37377145a949ae258aaab831bde4792b32650a4378/PyYAML-6.0.2-cp310-cp310-win32.whl", hash = "sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99", size = 144052, upload-time = "2024-08-06T20:31:56.914Z" }, + { url = "https://files.pythonhosted.org/packages/b5/84/0fa4b06f6d6c958d207620fc60005e241ecedceee58931bb20138e1e5776/PyYAML-6.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e", size = 161774, upload-time = "2024-08-06T20:31:58.304Z" }, + { url = "https://files.pythonhosted.org/packages/f8/aa/7af4e81f7acba21a4c6be026da38fd2b872ca46226673c89a758ebdc4fd2/PyYAML-6.0.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774", size = 184612, upload-time = "2024-08-06T20:32:03.408Z" }, + { url = "https://files.pythonhosted.org/packages/8b/62/b9faa998fd185f65c1371643678e4d58254add437edb764a08c5a98fb986/PyYAML-6.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee", size = 172040, upload-time = "2024-08-06T20:32:04.926Z" }, + { url = "https://files.pythonhosted.org/packages/ad/0c/c804f5f922a9a6563bab712d8dcc70251e8af811fce4524d57c2c0fd49a4/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c", size = 736829, upload-time = "2024-08-06T20:32:06.459Z" }, + { url = "https://files.pythonhosted.org/packages/51/16/6af8d6a6b210c8e54f1406a6b9481febf9c64a3109c541567e35a49aa2e7/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317", size = 764167, upload-time = "2024-08-06T20:32:08.338Z" }, + { url = "https://files.pythonhosted.org/packages/75/e4/2c27590dfc9992f73aabbeb9241ae20220bd9452df27483b6e56d3975cc5/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85", size = 762952, upload-time = "2024-08-06T20:32:14.124Z" }, + { url = "https://files.pythonhosted.org/packages/9b/97/ecc1abf4a823f5ac61941a9c00fe501b02ac3ab0e373c3857f7d4b83e2b6/PyYAML-6.0.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4", size = 735301, upload-time = "2024-08-06T20:32:16.17Z" }, + { url = "https://files.pythonhosted.org/packages/45/73/0f49dacd6e82c9430e46f4a027baa4ca205e8b0a9dce1397f44edc23559d/PyYAML-6.0.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e", size = 756638, upload-time = "2024-08-06T20:32:18.555Z" }, + { url = "https://files.pythonhosted.org/packages/22/5f/956f0f9fc65223a58fbc14459bf34b4cc48dec52e00535c79b8db361aabd/PyYAML-6.0.2-cp311-cp311-win32.whl", hash = "sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5", size = 143850, upload-time = "2024-08-06T20:32:19.889Z" }, + { url = "https://files.pythonhosted.org/packages/ed/23/8da0bbe2ab9dcdd11f4f4557ccaf95c10b9811b13ecced089d43ce59c3c8/PyYAML-6.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44", size = 161980, upload-time = "2024-08-06T20:32:21.273Z" }, + { url = "https://files.pythonhosted.org/packages/86/0c/c581167fc46d6d6d7ddcfb8c843a4de25bdd27e4466938109ca68492292c/PyYAML-6.0.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab", size = 183873, upload-time = "2024-08-06T20:32:25.131Z" }, + { url = "https://files.pythonhosted.org/packages/a8/0c/38374f5bb272c051e2a69281d71cba6fdb983413e6758b84482905e29a5d/PyYAML-6.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725", size = 173302, upload-time = "2024-08-06T20:32:26.511Z" }, + { url = "https://files.pythonhosted.org/packages/c3/93/9916574aa8c00aa06bbac729972eb1071d002b8e158bd0e83a3b9a20a1f7/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5", size = 739154, upload-time = "2024-08-06T20:32:28.363Z" }, + { url = "https://files.pythonhosted.org/packages/95/0f/b8938f1cbd09739c6da569d172531567dbcc9789e0029aa070856f123984/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425", size = 766223, upload-time = "2024-08-06T20:32:30.058Z" }, + { url = "https://files.pythonhosted.org/packages/b9/2b/614b4752f2e127db5cc206abc23a8c19678e92b23c3db30fc86ab731d3bd/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476", size = 767542, upload-time = "2024-08-06T20:32:31.881Z" }, + { url = "https://files.pythonhosted.org/packages/d4/00/dd137d5bcc7efea1836d6264f049359861cf548469d18da90cd8216cf05f/PyYAML-6.0.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48", size = 731164, upload-time = "2024-08-06T20:32:37.083Z" }, + { url = "https://files.pythonhosted.org/packages/c9/1f/4f998c900485e5c0ef43838363ba4a9723ac0ad73a9dc42068b12aaba4e4/PyYAML-6.0.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b", size = 756611, upload-time = "2024-08-06T20:32:38.898Z" }, + { url = "https://files.pythonhosted.org/packages/df/d1/f5a275fdb252768b7a11ec63585bc38d0e87c9e05668a139fea92b80634c/PyYAML-6.0.2-cp312-cp312-win32.whl", hash = "sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4", size = 140591, upload-time = "2024-08-06T20:32:40.241Z" }, + { url = "https://files.pythonhosted.org/packages/0c/e8/4f648c598b17c3d06e8753d7d13d57542b30d56e6c2dedf9c331ae56312e/PyYAML-6.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8", size = 156338, upload-time = "2024-08-06T20:32:41.93Z" }, + { url = "https://files.pythonhosted.org/packages/ef/e3/3af305b830494fa85d95f6d95ef7fa73f2ee1cc8ef5b495c7c3269fb835f/PyYAML-6.0.2-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba", size = 181309, upload-time = "2024-08-06T20:32:43.4Z" }, + { url = "https://files.pythonhosted.org/packages/45/9f/3b1c20a0b7a3200524eb0076cc027a970d320bd3a6592873c85c92a08731/PyYAML-6.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1", size = 171679, upload-time = "2024-08-06T20:32:44.801Z" }, + { url = "https://files.pythonhosted.org/packages/7c/9a/337322f27005c33bcb656c655fa78325b730324c78620e8328ae28b64d0c/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133", size = 733428, upload-time = "2024-08-06T20:32:46.432Z" }, + { url = "https://files.pythonhosted.org/packages/a3/69/864fbe19e6c18ea3cc196cbe5d392175b4cf3d5d0ac1403ec3f2d237ebb5/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484", size = 763361, upload-time = "2024-08-06T20:32:51.188Z" }, + { url = "https://files.pythonhosted.org/packages/04/24/b7721e4845c2f162d26f50521b825fb061bc0a5afcf9a386840f23ea19fa/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5", size = 759523, upload-time = "2024-08-06T20:32:53.019Z" }, + { url = "https://files.pythonhosted.org/packages/2b/b2/e3234f59ba06559c6ff63c4e10baea10e5e7df868092bf9ab40e5b9c56b6/PyYAML-6.0.2-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc", size = 726660, upload-time = "2024-08-06T20:32:54.708Z" }, + { url = "https://files.pythonhosted.org/packages/fe/0f/25911a9f080464c59fab9027482f822b86bf0608957a5fcc6eaac85aa515/PyYAML-6.0.2-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652", size = 751597, upload-time = "2024-08-06T20:32:56.985Z" }, + { url = "https://files.pythonhosted.org/packages/14/0d/e2c3b43bbce3cf6bd97c840b46088a3031085179e596d4929729d8d68270/PyYAML-6.0.2-cp313-cp313-win32.whl", hash = "sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183", size = 140527, upload-time = "2024-08-06T20:33:03.001Z" }, + { url = "https://files.pythonhosted.org/packages/fa/de/02b54f42487e3d3c6efb3f89428677074ca7bf43aae402517bc7cca949f3/PyYAML-6.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563", size = 156446, upload-time = "2024-08-06T20:33:04.33Z" }, ] [[package]] diff --git a/dv/formal/verify.tcl b/dv/formal/verify.tcl index 7e4cfacf7a..0d8c911e8a 100644 --- a/dv/formal/verify.tcl +++ b/dv/formal/verify.tcl @@ -83,41 +83,40 @@ proc prove_no_liveness {} { prove -wait prove -bg -task Step3 prove -bg -task Step4 - prove -bg -task Step5 prove -wait - prove -bg -property {Step6::*SpecStable*} -engine_mode Hp - prove -bg -property {Step6::top.Ibex_FetchErrRoot} -engine_mode Hp - prove -bg -property {Step6::top.Ibex_PreNextPcMatch} + prove -bg -property {Step5::*SpecStable*} -engine_mode Hp + prove -bg -property {Step5::top.Ibex_FetchErrRoot} -engine_mode Hp + prove -bg -property {Step5::top.Ibex_PreNextPcMatch} prove -wait + prove -bg -task Step5 prove -bg -task Step6 prove -bg -task Step7 - prove -bg -task Step8 prove -wait - prove_hps Step9 *MemSpec* - prove_hps Step9 *CapFsm* + prove_hps Step8 *MemSpec* + prove_hps Step8 *CapFsm* + prove -property {Step8::*.Mem_*} + prove -task Step8 + prove -property {Step9::*.BType_* Step9::*.JType_*} prove -property {Step9::*.Mem_*} - prove -task Step9 - prove -property {Step10::*.BType_* Step10::*.JType_*} - prove -property {Step10::*.Mem_*} - prove -property {Step10::top.MType_Div*_Addr Step10::top.MType_Div*_CSR Step10::top.MType_Div*_PC Step10::top.MType_Rem*_Addr Step10::top.MType_Rem*_CSR Step10::top.MType_Rem*_PC} + prove -property {Step9::top.MType_Div*_Addr Step9::top.MType_Div*_CSR Step9::top.MType_Div*_PC Step9::top.MType_Rem*_Addr Step9::top.MType_Rem*_CSR Step9::top.MType_Rem*_PC} + prove_hps Step9 * + prove -property {Step10::*.BType_* Step10::*.JType_* Step10::*.Mem_*} prove_hps Step10 * - prove -property {Step11::*.BType_* Step11::*.JType_* Step11::*.Mem_*} - prove_hps Step11 * + prove -task Step11 prove -task Step12 + prove_hps Step13 *BType* prove -task Step13 - prove_hps Step14 *BType* + prove_hps Step14 *JType* prove -task Step14 - prove_hps Step15 *JType* - prove -task Step15 + prove -bg -task Step15 prove -bg -task Step16 prove -bg -task Step17 - prove -bg -task Step18 prove -wait - prove_hps Step19 * - prove -task Step20 - prove_hps Step21 * + prove_hps Step18 * + prove -task Step19 + prove_hps Step20 * + prove -bg -task Step21 prove -bg -task Step22 - prove -bg -task Step23 prove -wait } diff --git a/dv/formal/yosys_formal/global_clock.cc b/dv/formal/yosys_formal/global_clock.cc new file mode 100644 index 0000000000..0f6fd3ae5c --- /dev/null +++ b/dv/formal/yosys_formal/global_clock.cc @@ -0,0 +1,271 @@ +// Copyright lowRISC contributors. +// Licensed under the Apache License, Version 2.0, see LICENSE for details. +// Original author: Louis-Emile Ploix +// SPDX-License-Identifier: Apache-2.0 + +// This pass is intended to straightforwardly and blindly transform all $*ff* +// cells into $FF cells and $check cells into $assert etc cells, it does so +// without introducing new FFs, unlike the versions yosys already provides. +// Currently only $dffe, $aldff and $dff cells are supported. + +#include "kernel/ff.h" +#include "kernel/ffinit.h" +#include "kernel/log.h" +#include "kernel/rtlil.h" + +USING_YOSYS_NAMESPACE +PRIVATE_NAMESPACE_BEGIN + +struct GlobalClockPass : public Pass { + GlobalClockPass() + : Pass("global_clk", + "introduce a global clock to the design, lower formal cells, and " + "all flip flops to FFs") {} + + void help() override { + // |---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---| + log("\n"); + log(" global_clk [clock name]\n"); + log("\n"); + log(" Lowers $check cells to $assert, $assume, $cover, $live or " + "$fairness, and in\n"); + log("doing so removes any clocking information. Also replaces all FF types " + "with\n"); + log("equivalent globally clocked FFs, where again clocking information is " + "removed\n"); + log("entirely. This may not be correct for latches, which are flopped only " + "on the global\n"); + log("clock also.\n"); + log(" This pass operates on selected whole modules, of which there may " + "only be one.\n"); + log("\n"); + } + + void execute(std::vector args, RTLIL::Design *design) override { + if (args.size() != 2) { + help(); + return; + } + + if (design->selected_whole_modules().size() != 1) { + log_error("Only one module may be selected"); + return; + } + auto *mod = design->selected_whole_modules()[0]; + + auto *gclk = mod->wire(args[1]); + if (!gclk) { + log_error("Could not find global clock %s", args[1].c_str()); + return; + } + // FIXME: Either use this or don't ask for it! + + log_header(design, "Executing GLOBAL_CLK pass.\n"); + + // Will be helpful for extracting FF information + SigMap sigmap(mod); + FfInitVals initvals(&sigmap, mod); + + // Can't create cells while iterating them, so copy into a new vector. + std::vector cells; + for (auto *cell : mod->cells()) + cells.push_back(cell); + + for (auto *cell : cells) { + // Lower $check into $assert, $assume etc, without checking clocking + // information. + if (cell->type == ID($check)) { + RTLIL::IdString type; + auto flavor = cell->getParam(ID(FLAVOR)).decode_string(); + if (flavor == "assert") + type = ID($assert); + else if (flavor == "assume") + type = ID($assume); + else if (flavor == "cover") + type = ID($cover); + else if (flavor == "live") + type = ID($live); + else if (flavor == "fair") + type = ID($fair); + else { + log_error("Bad assert flavour %s", flavor.c_str()); + log_abort(); + } + + RTLIL::Cell *lowered = mod->addCell(NEW_ID, type); + lowered->attributes = cell->attributes; + lowered->setPort(ID::A, cell->getPort(ID::A)); + lowered->setPort(ID::EN, cell->getPort(ID::EN)); + mod->swap_names(cell, lowered); + mod->remove(cell); + continue; + } + + if (!RTLIL::builtin_ff_cell_types().count(cell->type)) + continue; + FfData ff(&initvals, cell); + + if (ff.has_gclk) + continue; // FF cell, already happy + + if (!ff.has_clk) { + log_assert(cell->type == ID($dlatch)); + + // module \$dlatch (EN, D, Q); + // parameter WIDTH = 0; + // parameter EN_POLARITY = 1'b1; + // input EN; + // input [WIDTH-1:0] D; + // output reg [WIDTH-1:0] Q; + // always @* begin + // if (EN == EN_POLARITY) + // Q = D; + // end + // endmodule + + auto en = cell->getPort(ID(EN)); + if (!en.is_wire() || en.as_wire() != gclk) { + log("Warning: Dlatch with non-gclock en\n"); + } + if (cell->getParam(ID(EN_POLARITY)).as_bool() != 1) { + log("Warning: gclk dlatch with non-posedge en\n"); + } + cell->type = ID($ff); + cell->unsetPort(ID(EN)); + cell->unsetParam(ID(EN_POLARITY)); + continue; + } + if (ff.has_srst) { + log_error("FIXME: has_srst %s\n", cell->type.c_str()); + continue; + } + if (ff.has_arst) { + log_error("FIXME: has_arst %s\n", cell->type.c_str()); + continue; + } + if (ff.has_sr) { + log_error("FIXME: has_sr %s\n", cell->type.c_str()); + continue; + } + if (ff.ce_over_srst) { + log_error("FIXME: ce_over_srst %s\n", cell->type.c_str()); + continue; + } + if (ff.is_fine) { + log_error("FIXME: is_fine %s\n", cell->type.c_str()); + continue; + } + if (ff.has_ce) { + log_assert(cell->type == ID($dffe)); + + // Yosys defines $dffe like so: + // module \$dffe (CLK, EN, D, Q); + // parameter WIDTH = 0; + // parameter CLK_POLARITY = 1'b1; + // parameter EN_POLARITY = 1'b1; + // input CLK, EN; + // input [WIDTH-1:0] D; + // output reg [WIDTH-1:0] Q; + // wire pos_clk = CLK == CLK_POLARITY; + // always (posedge pos_clk) begin + // if (EN == EN_POLARITY) Q <= D; + // end + // endmodule + // Hence produce an FF where Q = (en == aload_polarity) ? D : Q + + bool en_polarity = cell->getParam(ID(EN_POLARITY)).as_bool(); + RTLIL::Const width = cell->getParam(ID(WIDTH)); + RTLIL::SigSpec d = cell->getPort(ID(D)); + RTLIL::SigSpec q = cell->getPort(ID(Q)); + RTLIL::SigSpec en = cell->getPort(ID(EN)); + mod->remove(cell); + + auto *sel = mod->addWire(NEW_ID, width.as_int()); + auto *mux = mod->addCell(NEW_ID, ID($mux)); + mux->setParam(ID(WIDTH), width); + mux->setPort(ID(A), en_polarity ? q : d); + mux->setPort(ID(B), en_polarity ? d : q); + mux->setPort(ID(S), en); + mux->setPort(ID(Y), sel); + + auto *ff = mod->addCell(NEW_ID, ID($ff)); + ff->setParam(ID(WIDTH), width); + ff->setPort(ID(D), sel); + ff->setPort(ID(Q), q); + continue; + } + if (ff.has_aload) { + log_assert(cell->type == ID($aldff)); + + // $aldff is defined like so: + // module \$aldff (CLK, ALOAD, AD, D, Q); + // parameter WIDTH = 0; + // parameter CLK_POLARITY = 1'b1; + // parameter ALOAD_POLARITY = 1'b1; + // input CLK, ALOAD; + // input [WIDTH-1:0] AD; + // input [WIDTH-1:0] D; + // output reg [WIDTH-1:0] Q; + // wire pos_clk = CLK == CLK_POLARITY; + // wire pos_aload = ALOAD == ALOAD_POLARITY; + // always (posedge pos_clk, posedge pos_aload) begin + // if (pos_aload) + // Q <= AD; + // else + // Q <= D; + // end + // endmodule + // Hence produce an FF where sel = (aload == aload_polarity) ? AD : D + // = aload ? (aload_polarity ? AD : D) : + // (aload_polarity ? D : AD) + // This sames a cell since aload_polarity is a constant, so we can skip + // the equality check. + + bool aload_polarity = cell->getParam(ID(ALOAD_POLARITY)).as_bool(); + RTLIL::Const width = cell->getParam(ID(WIDTH)); + + RTLIL::SigBit aload = cell->getPort(ID(ALOAD)); + RTLIL::SigSpec ad = cell->getPort(ID(AD)); + RTLIL::SigSpec d = cell->getPort(ID(D)); + RTLIL::SigSpec q = cell->getPort(ID(Q)); + mod->remove(cell); + + auto *sel = mod->addWire(NEW_ID, width.as_int()); + auto *mux = mod->addCell(NEW_ID, ID($mux)); + mux->setParam(ID(WIDTH), width); + mux->setPort(ID(A), aload_polarity ? d : ad); + mux->setPort(ID(B), aload_polarity ? ad : d); + mux->setPort(ID(S), aload); + mux->setPort(ID(Y), sel); + + auto *ff = mod->addCell(NEW_ID, ID($ff)); + ff->setParam(ID(WIDTH), width); + ff->setPort(ID(D), sel); + ff->setPort(ID(Q), q); + continue; + } + + log_assert(cell->type == ID($dff)); + + // $dff is defined as + // module \$dff (CLK, D, Q); + // parameter WIDTH = 0; + // parameter CLK_POLARITY = 1'b1; + // input CLK; + // input [WIDTH-1:0] D; + // output reg [WIDTH-1:0] Q; + // wire pos_clk = CLK == CLK_POLARITY; + // always (posedge pos_clk) begin + // Q <= D; + // end + // endmodule + // Hence this is very straightforward to map to an $FF + + cell->type = ID($ff); + cell->unsetPort(ID(CLK)); + cell->unsetParam(ID(CLK_POLARITY)); + } + } +} ChformalPass; + +PRIVATE_NAMESPACE_END diff --git a/dv/formal/yosys_formal/opt_muxtree.cc b/dv/formal/yosys_formal/opt_muxtree.cc new file mode 100644 index 0000000000..06234423bc --- /dev/null +++ b/dv/formal/yosys_formal/opt_muxtree.cc @@ -0,0 +1,526 @@ +/* + * yosys -- Yosys Open SYnthesis Suite + * + * Copyright (C) 2012 Claire Xenia Wolf + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + */ + +// clang-format off +// formatting disabled since this is yosys source + +// NOTE: This is just the original opt_muxtree implementation in yosys with 2 changes: +// 1. Relax the glob_abort_cnt restriction (i.e. the "how hard do we try" number). +// This isn't configurable without modifying the source unfortunately. +// 2. Put opt_muxtree into a do {} while (changed); +// +// This pass is necessary since yosys (and yosys-slang) will produce a lot of junk ('xs) +// in processes, which remains after the proc pass, which then ought to be eliminated. +// Since those muxtrees are quite big, a low glob_abort_cnt doesn't help, and since +// this pass isn't complete (i.e. opt_clean; opt_clean is the same as just opt_clean, +// but opt_muxtree; opt_muxtree isn't the same as opt_muxtree) the loop ensures we actually +// eliminate what we can. + +#include "kernel/register.h" +#include "kernel/sigtools.h" +#include "kernel/log.h" +#include "kernel/celltypes.h" +#include +#include +#include + +USING_YOSYS_NAMESPACE +PRIVATE_NAMESPACE_BEGIN + +using RTLIL::id2cstr; + +struct OptMuxtreeWorker +{ + RTLIL::Design *design; + RTLIL::Module *module; + SigMap assign_map; + int removed_count; + int glob_abort_cnt = INT_MAX; + + struct bitinfo_t { + bool seen_non_mux; + pool mux_users; + pool mux_drivers; + }; + + idict bit2num; + vector bit2info; + + struct portinfo_t { + int ctrl_sig; + pool input_sigs; + pool input_muxes; + bool const_activated; + bool const_deactivated; + bool enabled; + }; + + struct muxinfo_t { + RTLIL::Cell *cell; + vector ports; + }; + + vector mux2info; + vector root_muxes; + vector root_enable_muxes; + pool root_mux_rerun; + + OptMuxtreeWorker(RTLIL::Design *design, RTLIL::Module *module) : + design(design), module(module), assign_map(module), removed_count(0) + { + log("Running muxtree optimizer on module %s..\n", module->name.c_str()); + + log(" Creating internal representation of mux trees.\n"); + + // Populate bit2info[]: + // .seen_non_mux + // .mux_users + // .mux_drivers + // Populate mux2info[].ports[]: + // .ctrl_sig + // .input_sigs + // .const_activated + // .const_deactivated + for (auto cell : module->cells()) + { + if (cell->type.in(ID($mux), ID($pmux))) + { + RTLIL::SigSpec sig_a = cell->getPort(ID::A); + RTLIL::SigSpec sig_b = cell->getPort(ID::B); + RTLIL::SigSpec sig_s = cell->getPort(ID::S); + RTLIL::SigSpec sig_y = cell->getPort(ID::Y); + + muxinfo_t muxinfo; + muxinfo.cell = cell; + + for (int i = 0; i < GetSize(sig_s); i++) { + RTLIL::SigSpec sig = sig_b.extract(i*GetSize(sig_a), GetSize(sig_a)); + RTLIL::SigSpec ctrl_sig = assign_map(sig_s.extract(i, 1)); + portinfo_t portinfo; + portinfo.ctrl_sig = sig2bits(ctrl_sig, false).front(); + for (int idx : sig2bits(sig)) { + bit2info[idx].mux_users.insert(GetSize(mux2info)); + portinfo.input_sigs.insert(idx); + } + portinfo.const_activated = ctrl_sig.is_fully_const() && ctrl_sig.as_bool(); + portinfo.const_deactivated = ctrl_sig.is_fully_const() && !ctrl_sig.as_bool(); + portinfo.enabled = false; + muxinfo.ports.push_back(portinfo); + } + + portinfo_t portinfo; + for (int idx : sig2bits(sig_a)) { + bit2info[idx].mux_users.insert(GetSize(mux2info)); + portinfo.input_sigs.insert(idx); + } + portinfo.ctrl_sig = -1; + portinfo.const_activated = false; + portinfo.const_deactivated = false; + portinfo.enabled = false; + muxinfo.ports.push_back(portinfo); + + for (int idx : sig2bits(sig_y)) + bit2info[idx].mux_drivers.insert(GetSize(mux2info)); + + for (int idx : sig2bits(sig_s)) + bit2info[idx].seen_non_mux = true; + + mux2info.push_back(muxinfo); + } + else + { + for (auto &it : cell->connections()) { + for (int idx : sig2bits(it.second)) + bit2info[idx].seen_non_mux = true; + } + } + } + for (auto wire : module->wires()) { + if (wire->port_output || wire->get_bool_attribute(ID::keep)) + for (int idx : sig2bits(RTLIL::SigSpec(wire))) + bit2info[idx].seen_non_mux = true; + } + + if (mux2info.empty()) { + log(" No muxes found in this module.\n"); + return; + } + + // Populate mux2info[].ports[]: + // .input_muxes + for (int i = 0; i < GetSize(bit2info); i++) + for (int j : bit2info[i].mux_users) + for (auto &p : mux2info[j].ports) { + if (p.input_sigs.count(i)) + for (int k : bit2info[i].mux_drivers) + p.input_muxes.insert(k); + } + + log(" Evaluating internal representation of mux trees.\n"); + + dict> mux_to_users; + root_muxes.resize(GetSize(mux2info)); + root_enable_muxes.resize(GetSize(mux2info)); + + for (auto &bi : bit2info) { + for (int i : bi.mux_drivers) + for (int j : bi.mux_users) + mux_to_users[i].insert(j); + if (!bi.seen_non_mux) + continue; + for (int mux_idx : bi.mux_drivers) { + root_muxes.at(mux_idx) = true; + root_enable_muxes.at(mux_idx) = true; + } + } + + for (auto &it : mux_to_users) + if (GetSize(it.second) > 1) + root_muxes.at(it.first) = true; + + for (int mux_idx = 0; mux_idx < GetSize(root_muxes); mux_idx++) + if (root_muxes.at(mux_idx)) { + log_debug(" Root of a mux tree: %s%s\n", log_id(mux2info[mux_idx].cell), root_enable_muxes.at(mux_idx) ? " (pure)" : ""); + root_mux_rerun.erase(mux_idx); + eval_root_mux(mux_idx); + if (glob_abort_cnt == 0) { + log(" Giving up (too many iterations)\n"); + return; + } + } + + while (!root_mux_rerun.empty()) { + int mux_idx = *root_mux_rerun.begin(); + log_debug(" Root of a mux tree: %s (rerun as non-pure)\n", log_id(mux2info[mux_idx].cell)); + log_assert(root_enable_muxes.at(mux_idx)); + root_mux_rerun.erase(mux_idx); + eval_root_mux(mux_idx); + if (glob_abort_cnt == 0) { + log(" Giving up (too many iterations)\n"); + return; + } + } + + log(" Analyzing evaluation results.\n"); + log_assert(glob_abort_cnt > 0); + + for (auto &mi : mux2info) + { + vector live_ports; + for (int port_idx = 0; port_idx < GetSize(mi.ports); port_idx++) { + portinfo_t &pi = mi.ports[port_idx]; + if (pi.enabled) { + live_ports.push_back(port_idx); + } else { + // log(" dead port %d/%d on %s %s.\n", port_idx+1, GetSize(mi.ports), + // mi.cell->type.c_str(), mi.cell->name.c_str()); + removed_count++; + } + } + + if (GetSize(live_ports) == GetSize(mi.ports)) + continue; + + if (live_ports.empty()) { + module->remove(mi.cell); + continue; + } + + RTLIL::SigSpec sig_a = mi.cell->getPort(ID::A); + RTLIL::SigSpec sig_b = mi.cell->getPort(ID::B); + RTLIL::SigSpec sig_s = mi.cell->getPort(ID::S); + RTLIL::SigSpec sig_y = mi.cell->getPort(ID::Y); + + RTLIL::SigSpec sig_ports = sig_b; + sig_ports.append(sig_a); + + if (GetSize(live_ports) == 1) + { + RTLIL::SigSpec sig_in = sig_ports.extract(live_ports[0]*GetSize(sig_a), GetSize(sig_a)); + module->connect(RTLIL::SigSig(sig_y, sig_in)); + module->remove(mi.cell); + } + else + { + RTLIL::SigSpec new_sig_a, new_sig_b, new_sig_s; + + for (int i = 0; i < GetSize(live_ports); i++) { + RTLIL::SigSpec sig_in = sig_ports.extract(live_ports[i]*GetSize(sig_a), GetSize(sig_a)); + if (i == GetSize(live_ports)-1) { + new_sig_a = sig_in; + } else { + new_sig_b.append(sig_in); + new_sig_s.append(sig_s.extract(live_ports[i], 1)); + } + } + + mi.cell->setPort(ID::A, new_sig_a); + mi.cell->setPort(ID::B, new_sig_b); + mi.cell->setPort(ID::S, new_sig_s); + if (GetSize(new_sig_s) == 1) { + mi.cell->type = ID($mux); + mi.cell->parameters.erase(ID::S_WIDTH); + } else { + mi.cell->parameters[ID::S_WIDTH] = RTLIL::Const(GetSize(new_sig_s)); + } + } + } + } + + vector sig2bits(RTLIL::SigSpec sig, bool skip_non_wires = true) + { + vector results; + assign_map.apply(sig); + for (auto &bit : sig) + if (bit.wire != NULL) { + if (bit2num.count(bit) == 0) { + bitinfo_t info; + info.seen_non_mux = false; + bit2num.expect(bit, GetSize(bit2info)); + bit2info.push_back(info); + } + results.push_back(bit2num.at(bit)); + } else if (!skip_non_wires) + results.push_back(-1); + return results; + } + + struct knowledge_t + { + // database of known inactive signals + // the payload is a reference counter used to manage the + // list. when it is non-zero the signal in known to be inactive + vector known_inactive; + + // database of known active signals + vector known_active; + + // this is just used to keep track of visited muxes in order to prohibit + // endless recursion in mux loops + vector visited_muxes; + }; + + void eval_mux_port(knowledge_t &knowledge, int mux_idx, int port_idx, bool do_replace_known, bool do_enable_ports, int abort_count) + { + if (glob_abort_cnt == 0) + return; + + muxinfo_t &muxinfo = mux2info[mux_idx]; + + if (do_enable_ports) + muxinfo.ports[port_idx].enabled = true; + + for (int i = 0; i < GetSize(muxinfo.ports); i++) { + if (i == port_idx) + continue; + if (muxinfo.ports[i].ctrl_sig >= 0) + knowledge.known_inactive.at(muxinfo.ports[i].ctrl_sig)++; + } + + if (port_idx < GetSize(muxinfo.ports)-1 && !muxinfo.ports[port_idx].const_activated) + knowledge.known_active.at(muxinfo.ports[port_idx].ctrl_sig)++; + + vector parent_muxes; + for (int m : muxinfo.ports[port_idx].input_muxes) { + if (knowledge.visited_muxes[m]) + continue; + knowledge.visited_muxes[m] = true; + parent_muxes.push_back(m); + } + for (int m : parent_muxes) { + if (root_enable_muxes.at(m)) + continue; + else if (root_muxes.at(m)) { + if (abort_count == 0) { + root_mux_rerun.insert(m); + root_enable_muxes.at(m) = true; + log_debug(" Removing pure flag from root mux %s.\n", log_id(mux2info[m].cell)); + } else + eval_mux(knowledge, m, false, do_enable_ports, abort_count - 1); + } else + eval_mux(knowledge, m, do_replace_known, do_enable_ports, abort_count); + if (glob_abort_cnt == 0) + return; + } + for (int m : parent_muxes) + knowledge.visited_muxes[m] = false; + + if (port_idx < GetSize(muxinfo.ports)-1 && !muxinfo.ports[port_idx].const_activated) + knowledge.known_active.at(muxinfo.ports[port_idx].ctrl_sig)--; + + for (int i = 0; i < GetSize(muxinfo.ports); i++) { + if (i == port_idx) + continue; + if (muxinfo.ports[i].ctrl_sig >= 0) + knowledge.known_inactive.at(muxinfo.ports[i].ctrl_sig)--; + } + } + + void replace_known(knowledge_t &knowledge, muxinfo_t &muxinfo, IdString portname) + { + SigSpec sig = muxinfo.cell->getPort(portname); + bool did_something = false; + + int width = 0; + idict ctrl_bits; + if (portname == ID::B) + width = GetSize(muxinfo.cell->getPort(ID::A)); + for (int bit : sig2bits(muxinfo.cell->getPort(ID::S), false)) + ctrl_bits(bit); + + int port_idx = 0, port_off = 0; + vector bits = sig2bits(sig, false); + for (int i = 0; i < GetSize(bits); i++) { + if (bits[i] >= 0) { + if (knowledge.known_inactive.at(bits[i])) { + sig[i] = State::S0; + did_something = true; + } else + if (knowledge.known_active.at(bits[i])) { + sig[i] = State::S1; + did_something = true; + } + if (ctrl_bits.count(bits[i])) { + if (width) { + sig[i] = ctrl_bits.at(bits[i]) == port_idx ? State::S1 : State::S0; + } else { + sig[i] = State::S0; + } + did_something = true; + } + } + if (width) { + if (++port_off == width) + port_idx++, port_off=0; + } + } + + if (did_something) { + // log(" Replacing known input bits on port %s of cell %s: %s -> %s\n", log_id(portname), + // log_id(muxinfo.cell), log_signal(muxinfo.cell->getPort(portname)), log_signal(sig)); + muxinfo.cell->setPort(portname, sig); + } + } + + void eval_mux(knowledge_t &knowledge, int mux_idx, bool do_replace_known, bool do_enable_ports, int abort_count) + { + if (glob_abort_cnt == 0) + return; + glob_abort_cnt--; + + muxinfo_t &muxinfo = mux2info[mux_idx]; + + // set input ports to constants if we find known active or inactive signals + if (do_replace_known) { + replace_known(knowledge, muxinfo, ID::A); + replace_known(knowledge, muxinfo, ID::B); + } + + // if there is a constant activated port we just use it + for (int port_idx = 0; port_idx < GetSize(muxinfo.ports); port_idx++) + { + portinfo_t &portinfo = muxinfo.ports[port_idx]; + if (portinfo.const_activated) { + eval_mux_port(knowledge, mux_idx, port_idx, do_replace_known, do_enable_ports, abort_count); + return; + } + } + + // compare ports with known_active signals. if we find a match, only this + // port can be active. do not include the last port (its the default port + // that has no control signals). + for (int port_idx = 0; port_idx < GetSize(muxinfo.ports)-1; port_idx++) + { + portinfo_t &portinfo = muxinfo.ports[port_idx]; + if (portinfo.const_deactivated) + continue; + if (knowledge.known_active.at(portinfo.ctrl_sig)) { + eval_mux_port(knowledge, mux_idx, port_idx, do_replace_known, do_enable_ports, abort_count); + return; + } + } + + // eval all ports that could be activated (control signal is not in + // known_inactive or const_deactivated). + for (int port_idx = 0; port_idx < GetSize(muxinfo.ports); port_idx++) + { + portinfo_t &portinfo = muxinfo.ports[port_idx]; + if (portinfo.const_deactivated) + continue; + if (port_idx < GetSize(muxinfo.ports)-1) + if (knowledge.known_inactive.at(portinfo.ctrl_sig)) + continue; + eval_mux_port(knowledge, mux_idx, port_idx, do_replace_known, do_enable_ports, abort_count); + + if (glob_abort_cnt == 0) + return; + } + } + + void eval_root_mux(int mux_idx) + { + log_assert(glob_abort_cnt > 0); + knowledge_t knowledge; + knowledge.known_inactive.resize(GetSize(bit2info)); + knowledge.known_active.resize(GetSize(bit2info)); + knowledge.visited_muxes.resize(GetSize(mux2info)); + knowledge.visited_muxes[mux_idx] = true; + eval_mux(knowledge, mux_idx, true, root_enable_muxes.at(mux_idx), 3); + } +}; + +struct OptMuxtreePass : public Pass { + OptMuxtreePass() : Pass("opt_muxtree_2", "eliminate dead trees in multiplexer trees") { } + void help() override + { + // |---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---| + log("\n"); + log(" opt_muxtree [selection]\n"); + log("\n"); + log("This pass analyzes the control signals for the multiplexer trees in the design\n"); + log("and identifies inputs that can never be active. It then removes this dead\n"); + log("branches from the multiplexer trees.\n"); + log("\n"); + log("This pass only operates on completely selected modules without processes.\n"); + log("\n"); + } + void execute(vector args, RTLIL::Design *design) override + { + log_header(design, "Executing OPT_MUXTREE pass (detect dead branches in mux trees).\n"); + extra_args(args, 1, design); + + int total_count; + do { + total_count = 0; + for (auto module : design->selected_whole_modules_warn()) { + if (module->has_processes_warn()) + continue; + OptMuxtreeWorker worker(design, module); + total_count += worker.removed_count; + } + if (total_count) + design->scratchpad_set_bool("opt.did_something", true); + log("Removed %d multiplexer ports.\n", total_count); + } while (total_count != 0); + } +} OptMuxtreePass; + +PRIVATE_NAMESPACE_END + +// clang-format on diff --git a/dv/formal/yosys_formal/write_aiger.cc b/dv/formal/yosys_formal/write_aiger.cc new file mode 100644 index 0000000000..1c58e5c065 --- /dev/null +++ b/dv/formal/yosys_formal/write_aiger.cc @@ -0,0 +1,1070 @@ +/* + * yosys -- Yosys Open SYnthesis Suite + * + * Copyright (C) 2012 Claire Xenia Wolf + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + */ + +// clang-format off +// formatting disabled since this is yosys source + +// NOTE: This is just the write_aiger implementation for yosys @ c21cd300a07d3b00cb12eccc0fa3f66c31c89bf0, +// where in that commit a small fix is made for aiger files with outputs. The only difference is that +// this backend is registered as aiger_2 instead of aiger to avoid collisions. +// Eventually this write_aiger implementation will be in nixos, at which point we won't need this. + +#include "kernel/yosys.h" +#include "kernel/sigtools.h" +#include "kernel/json.h" +#include "kernel/yw.h" +#include "libs/json11/json11.hpp" + +USING_YOSYS_NAMESPACE +PRIVATE_NAMESPACE_BEGIN + +void aiger_encode(std::ostream &f, int x) +{ + log_assert(x >= 0); + + while (x & ~0x7f) { + f.put((x & 0x7f) | 0x80); + x = x >> 7; + } + + f.put(x); +} + +struct AigerWriter +{ + Module *module; + bool zinit_mode; + SigMap sigmap; + + dict init_map; + pool input_bits, output_bits; + dict not_map, ff_map, alias_map; + dict> and_map; + vector> asserts, assumes; + vector> liveness, fairness; + pool initstate_bits; + + vector> aig_gates; + vector aig_latchin, aig_latchinit, aig_outputs; + vector bit2aig_stack; + size_t next_loop_check = 1024; + int aig_m = 0, aig_i = 0, aig_l = 0, aig_o = 0, aig_a = 0; + int aig_b = 0, aig_c = 0, aig_j = 0, aig_f = 0; + + dict aig_map; + dict ordered_outputs; + dict ordered_latches; + + dict init_inputs; + int initstate_ff = 0; + + dict ywmap_clocks; + vector ywmap_asserts; + vector ywmap_assumes; + + int mkgate(int a0, int a1) + { + aig_m++, aig_a++; + aig_gates.push_back(a0 > a1 ? make_pair(a0, a1) : make_pair(a1, a0)); + return 2*aig_m; + } + + int bit2aig(SigBit bit) + { + auto it = aig_map.find(bit); + if (it != aig_map.end()) { + log_assert(it->second >= 0); + return it->second; + } + + if (bit2aig_stack.size() == next_loop_check) { + for (size_t i = 0; i < next_loop_check; ++i) + { + SigBit report_bit = bit2aig_stack[i]; + if (report_bit != bit) + continue; + for (size_t j = i; j < next_loop_check; ++j) { + report_bit = bit2aig_stack[j]; + if (report_bit.is_wire() && report_bit.wire->name.isPublic()) + break; + } + log_error("Found combinational logic loop while processing signal %s.\n", log_signal(report_bit)); + } + next_loop_check *= 2; + } + bit2aig_stack.push_back(bit); + + // NB: Cannot use iterator returned from aig_map.insert() + // since this function is called recursively + + int a = -1; + if (not_map.count(bit)) { + a = bit2aig(not_map.at(bit)) ^ 1; + } else + if (and_map.count(bit)) { + auto args = and_map.at(bit); + int a0 = bit2aig(args.first); + int a1 = bit2aig(args.second); + a = mkgate(a0, a1); + } else + if (alias_map.count(bit)) { + a = bit2aig(alias_map.at(bit)); + } else + if (initstate_bits.count(bit)) { + a = initstate_ff; + } + + bit2aig_stack.pop_back(); + + if (bit == State::Sx || bit == State::Sz) + log_error("Design contains 'x' or 'z' bits. Use 'setundef' to replace those constants.\n"); + + log_assert(a >= 0); + aig_map[bit] = a; + return a; + } + + AigerWriter(Module *module, bool no_sort, bool zinit_mode, bool imode, bool omode, bool bmode, bool lmode) : module(module), zinit_mode(zinit_mode), sigmap(module) + { + pool undriven_bits; + pool unused_bits; + + // promote public wires + for (auto wire : module->wires()) + if (wire->name.isPublic()) + sigmap.add(wire); + + // promote output wires + for (auto wire : module->wires()) + if (wire->port_output) + sigmap.add(wire); + + // promote input wires + for (auto wire : module->wires()) + if (wire->port_input) + sigmap.add(wire); + + // handle ports + // provided the input_bits and output_bits don't get sorted they + // will be returned in reverse order, so add them in reverse to + // match + for (auto riter = module->ports.rbegin(); riter != module->ports.rend(); ++riter) { + auto *wire = module->wire(*riter); + for (int i = 0; i < GetSize(wire); i++) + { + SigBit wirebit(wire, i); + SigBit bit = sigmap(wirebit); + + if (bit.wire == nullptr) { + if (wire->port_output) { + aig_map[wirebit] = (bit == State::S1) ? 1 : 0; + output_bits.insert(wirebit); + } + continue; + } + + if (wire->port_input) + input_bits.insert(bit); + + if (wire->port_output) { + if (bit != wirebit) + alias_map[wirebit] = bit; + output_bits.insert(wirebit); + } + } + } + + // handle wires + for (auto wire : module->wires()) + { + if (wire->attributes.count(ID::init)) { + SigSpec initsig = sigmap(wire); + Const initval = wire->attributes.at(ID::init); + for (int i = 0; i < GetSize(wire) && i < GetSize(initval); i++) + if (initval[i] == State::S0 || initval[i] == State::S1) + init_map[initsig[i]] = initval[i] == State::S1; + } + + for (int i = 0; i < GetSize(wire); i++) + { + SigBit wirebit(wire, i); + SigBit bit = sigmap(wirebit); + + if (bit.wire == nullptr) + continue; + if (wire->port_input || wire->port_output) + continue; + + undriven_bits.insert(bit); + unused_bits.insert(bit); + } + + if (wire->width == 1) { + auto gclk_attr = wire->attributes.find(ID::replaced_by_gclk); + if (gclk_attr != wire->attributes.end()) { + SigBit bit = sigmap(wire); + if (gclk_attr->second == State::S1) + ywmap_clocks[bit] |= 1; + else if (gclk_attr->second == State::S0) + ywmap_clocks[bit] |= 2; + } + } + } + + for (auto cell : module->cells()) + { + if (cell->type == ID($_NOT_)) + { + SigBit A = sigmap(cell->getPort(ID::A).as_bit()); + SigBit Y = sigmap(cell->getPort(ID::Y).as_bit()); + unused_bits.erase(A); + undriven_bits.erase(Y); + not_map[Y] = A; + continue; + } + + if (cell->type.in(ID($_FF_), ID($_DFF_N_), ID($_DFF_P_))) + { + SigBit D = sigmap(cell->getPort(ID::D).as_bit()); + SigBit Q = sigmap(cell->getPort(ID::Q).as_bit()); + unused_bits.erase(D); + undriven_bits.erase(Q); + ff_map[Q] = D; + + if (cell->type != ID($_FF_)) { + auto sig_clk = sigmap(cell->getPort(ID::C).as_bit()); + ywmap_clocks[sig_clk] |= cell->type == ID($_DFF_N_) ? 2 : 1; + } + continue; + } + + if (cell->type == ID($anyinit)) + { + auto sig_d = sigmap(cell->getPort(ID::D)); + auto sig_q = sigmap(cell->getPort(ID::Q)); + for (int i = 0; i < sig_d.size(); i++) { + undriven_bits.erase(sig_q[i]); + ff_map[sig_q[i]] = sig_d[i]; + } + continue; + } + + if (cell->type == ID($_AND_)) + { + SigBit A = sigmap(cell->getPort(ID::A).as_bit()); + SigBit B = sigmap(cell->getPort(ID::B).as_bit()); + SigBit Y = sigmap(cell->getPort(ID::Y).as_bit()); + unused_bits.erase(A); + unused_bits.erase(B); + undriven_bits.erase(Y); + and_map[Y] = make_pair(A, B); + continue; + } + + if (cell->type == ID($initstate)) + { + SigBit Y = sigmap(cell->getPort(ID::Y).as_bit()); + undriven_bits.erase(Y); + initstate_bits.insert(Y); + continue; + } + + if (cell->type == ID($assert)) + { + SigBit A = sigmap(cell->getPort(ID::A).as_bit()); + SigBit EN = sigmap(cell->getPort(ID::EN).as_bit()); + unused_bits.erase(A); + unused_bits.erase(EN); + asserts.push_back(make_pair(A, EN)); + ywmap_asserts.push_back(cell); + continue; + } + + if (cell->type == ID($assume)) + { + SigBit A = sigmap(cell->getPort(ID::A).as_bit()); + SigBit EN = sigmap(cell->getPort(ID::EN).as_bit()); + unused_bits.erase(A); + unused_bits.erase(EN); + assumes.push_back(make_pair(A, EN)); + ywmap_assumes.push_back(cell); + continue; + } + + if (cell->type == ID($live)) + { + SigBit A = sigmap(cell->getPort(ID::A).as_bit()); + SigBit EN = sigmap(cell->getPort(ID::EN).as_bit()); + unused_bits.erase(A); + unused_bits.erase(EN); + liveness.push_back(make_pair(A, EN)); + continue; + } + + if (cell->type == ID($fair)) + { + SigBit A = sigmap(cell->getPort(ID::A).as_bit()); + SigBit EN = sigmap(cell->getPort(ID::EN).as_bit()); + unused_bits.erase(A); + unused_bits.erase(EN); + fairness.push_back(make_pair(A, EN)); + continue; + } + + if (cell->type == ID($anyconst)) + { + for (auto bit : sigmap(cell->getPort(ID::Y))) { + undriven_bits.erase(bit); + ff_map[bit] = bit; + } + continue; + } + + if (cell->type == ID($anyseq)) + { + for (auto bit : sigmap(cell->getPort(ID::Y))) { + undriven_bits.erase(bit); + input_bits.insert(bit); + } + continue; + } + + if (cell->type == ID($scopeinfo)) + continue; + + log_error("Unsupported cell type: %s (%s)\n", log_id(cell->type), log_id(cell)); + } + + for (auto bit : unused_bits) + undriven_bits.erase(bit); + + if (!undriven_bits.empty()) { + undriven_bits.sort(); + for (auto bit : undriven_bits) { + log_warning("Treating undriven bit %s.%s like $anyseq.\n", log_id(module), log_signal(bit)); + input_bits.insert(bit); + } + log_warning("Treating a total of %d undriven bits in %s like $anyseq.\n", GetSize(undriven_bits), log_id(module)); + } + + init_map.sort(); + // we are relying here on unsorted pools iterating last-in-first-out + if (!no_sort) { + input_bits.sort(); + output_bits.sort(); + } + not_map.sort(); + ff_map.sort(); + and_map.sort(); + + aig_map[State::S0] = 0; + aig_map[State::S1] = 1; + + for (auto bit : input_bits) { + aig_m++, aig_i++; + aig_map[bit] = 2*aig_m; + } + + if (imode && input_bits.empty()) { + aig_m++, aig_i++; + } + + if (zinit_mode) + { + for (auto it : ff_map) { + if (init_map.count(it.first)) + continue; + aig_m++, aig_i++; + init_inputs[it.first] = 2*aig_m; + } + } + + int fair_live_inputs_cnt = GetSize(liveness); + int fair_live_inputs_m = aig_m; + + aig_m += fair_live_inputs_cnt; + aig_i += fair_live_inputs_cnt; + + for (auto it : ff_map) { + aig_m++, aig_l++; + aig_map[it.first] = 2*aig_m; + ordered_latches[it.first] = aig_l-1; + if (init_map.count(it.first) == 0) + aig_latchinit.push_back(2); + else + aig_latchinit.push_back(init_map.at(it.first) ? 1 : 0); + } + + if (!initstate_bits.empty() || !init_inputs.empty()) { + aig_m++, aig_l++; + initstate_ff = 2*aig_m+1; + aig_latchinit.push_back(0); + } + + int fair_live_latches_cnt = GetSize(fairness) + 2*GetSize(liveness); + int fair_live_latches_m = aig_m; + int fair_live_latches_l = aig_l; + + aig_m += fair_live_latches_cnt; + aig_l += fair_live_latches_cnt; + + for (int i = 0; i < fair_live_latches_cnt; i++) + aig_latchinit.push_back(0); + + if (zinit_mode) + { + for (auto it : ff_map) + { + int l = ordered_latches[it.first]; + + if (aig_latchinit.at(l) == 1) + aig_map[it.first] ^= 1; + + if (aig_latchinit.at(l) == 2) + { + int gated_ffout = mkgate(aig_map[it.first], initstate_ff^1); + int gated_initin = mkgate(init_inputs[it.first], initstate_ff); + aig_map[it.first] = mkgate(gated_ffout^1, gated_initin^1)^1; + } + } + } + + for (auto it : ff_map) { + int a = bit2aig(it.second); + int l = ordered_latches[it.first]; + if (zinit_mode && aig_latchinit.at(l) == 1) + aig_latchin.push_back(a ^ 1); + else + aig_latchin.push_back(a); + } + + if (lmode && aig_l == 0) { + aig_m++, aig_l++; + aig_latchinit.push_back(0); + aig_latchin.push_back(0); + } + + if (!initstate_bits.empty() || !init_inputs.empty()) + aig_latchin.push_back(1); + + for (auto bit : output_bits) { + aig_o++; + ordered_outputs[bit] = aig_o-1; + aig_outputs.push_back(bit2aig(bit)); + } + + if (omode && output_bits.empty()) { + aig_o++; + aig_outputs.push_back(0); + } + + for (auto it : asserts) { + aig_b++; + int bit_a = bit2aig(it.first); + int bit_en = bit2aig(it.second); + aig_outputs.push_back(mkgate(bit_a^1, bit_en)); + } + + if (bmode && asserts.empty()) { + aig_b++; + aig_outputs.push_back(0); + } + + for (auto it : assumes) { + aig_c++; + int bit_a = bit2aig(it.first); + int bit_en = bit2aig(it.second); + aig_outputs.push_back(mkgate(bit_a^1, bit_en)^1); + } + + for (auto it : liveness) + { + int input_m = ++fair_live_inputs_m; + int latch_m1 = ++fair_live_latches_m; + int latch_m2 = ++fair_live_latches_m; + + log_assert(GetSize(aig_latchin) == fair_live_latches_l); + fair_live_latches_l += 2; + + int bit_a = bit2aig(it.first); + int bit_en = bit2aig(it.second); + int bit_s = 2*input_m; + int bit_q1 = 2*latch_m1; + int bit_q2 = 2*latch_m2; + + int bit_d1 = mkgate(mkgate(bit_s, bit_en)^1, bit_q1^1)^1; + int bit_d2 = mkgate(mkgate(bit_d1, bit_a)^1, bit_q2^1)^1; + + aig_j++; + aig_latchin.push_back(bit_d1); + aig_latchin.push_back(bit_d2); + aig_outputs.push_back(mkgate(bit_q1, bit_q2^1)); + } + + for (auto it : fairness) + { + int latch_m = ++fair_live_latches_m; + + log_assert(GetSize(aig_latchin) == fair_live_latches_l); + fair_live_latches_l += 1; + + int bit_a = bit2aig(it.first); + int bit_en = bit2aig(it.second); + int bit_q = 2*latch_m; + + aig_f++; + aig_latchin.push_back(mkgate(mkgate(bit_q^1, bit_en^1)^1, bit_a^1)); + aig_outputs.push_back(bit_q^1); + } + } + + void write_aiger(std::ostream &f, bool ascii_mode, bool miter_mode, bool symbols_mode) + { + int aig_obc = aig_o + aig_b + aig_c; + int aig_obcj = aig_obc + aig_j; + int aig_obcjf = aig_obcj + aig_f; + + log_assert(aig_m == aig_i + aig_l + aig_a); + log_assert(aig_l == GetSize(aig_latchin)); + log_assert(aig_l == GetSize(aig_latchinit)); + log_assert(aig_obcjf == GetSize(aig_outputs)); + + if (miter_mode) { + if (aig_b || aig_c || aig_j || aig_f) + log_error("Running AIGER back-end in -miter mode, but design contains $assert, $assume, $live and/or $fair cells!\n"); + f << stringf("%s %d %d %d 0 %d %d\n", ascii_mode ? "aag" : "aig", aig_m, aig_i, aig_l, aig_a, aig_o); + } else { + f << stringf("%s %d %d %d %d %d", ascii_mode ? "aag" : "aig", aig_m, aig_i, aig_l, aig_o, aig_a); + if (aig_b || aig_c || aig_j || aig_f) + f << stringf(" %d %d %d %d", aig_b, aig_c, aig_j, aig_f); + f << stringf("\n"); + } + + if (ascii_mode) + { + for (int i = 0; i < aig_i; i++) + f << stringf("%d\n", 2*i+2); + + for (int i = 0; i < aig_l; i++) { + if (zinit_mode || aig_latchinit.at(i) == 0) + f << stringf("%d %d\n", 2*(aig_i+i)+2, aig_latchin.at(i)); + else if (aig_latchinit.at(i) == 1) + f << stringf("%d %d 1\n", 2*(aig_i+i)+2, aig_latchin.at(i)); + else if (aig_latchinit.at(i) == 2) + f << stringf("%d %d %d\n", 2*(aig_i+i)+2, aig_latchin.at(i), 2*(aig_i+i)+2); + } + + for (int i = 0; i < aig_obc; i++) + f << stringf("%d\n", aig_outputs.at(i)); + + for (int i = aig_obc; i < aig_obcj; i++) + f << stringf("1\n"); + + for (int i = aig_obc; i < aig_obcj; i++) + f << stringf("%d\n", aig_outputs.at(i)); + + for (int i = aig_obcj; i < aig_obcjf; i++) + f << stringf("%d\n", aig_outputs.at(i)); + + for (int i = 0; i < aig_a; i++) + f << stringf("%d %d %d\n", 2*(aig_i+aig_l+i)+2, aig_gates.at(i).first, aig_gates.at(i).second); + } + else + { + for (int i = 0; i < aig_l; i++) { + if (zinit_mode || aig_latchinit.at(i) == 0) + f << stringf("%d\n", aig_latchin.at(i)); + else if (aig_latchinit.at(i) == 1) + f << stringf("%d 1\n", aig_latchin.at(i)); + else if (aig_latchinit.at(i) == 2) + f << stringf("%d %d\n", aig_latchin.at(i), 2*(aig_i+i)+2); + } + + for (int i = 0; i < aig_obc; i++) + f << stringf("%d\n", aig_outputs.at(i)); + + for (int i = aig_obc; i < aig_obcj; i++) + f << stringf("1\n"); + + for (int i = aig_obc; i < aig_obcj; i++) + f << stringf("%d\n", aig_outputs.at(i)); + + for (int i = aig_obcj; i < aig_obcjf; i++) + f << stringf("%d\n", aig_outputs.at(i)); + + for (int i = 0; i < aig_a; i++) { + int lhs = 2*(aig_i+aig_l+i)+2; + int rhs0 = aig_gates.at(i).first; + int rhs1 = aig_gates.at(i).second; + int delta0 = lhs - rhs0; + int delta1 = rhs0 - rhs1; + aiger_encode(f, delta0); + aiger_encode(f, delta1); + } + } + + if (symbols_mode) + { + dict> symbols; + + for (auto wire : module->wires()) + { + if (wire->name[0] == '$') + continue; + + SigSpec sig = sigmap(wire); + + for (int i = 0; i < GetSize(wire); i++) + { + if (sig[i].wire == nullptr) { + if (wire->port_output) + sig[i] = SigBit(wire, i); + else + continue; + } + + if (wire->port_input) { + int a = aig_map.at(sig[i]); + log_assert((a & 1) == 0); + if (GetSize(wire) != 1) + symbols[stringf("i%d", (a >> 1)-1)].push_back(stringf("%s[%d]", log_id(wire), i)); + else + symbols[stringf("i%d", (a >> 1)-1)].push_back(stringf("%s", log_id(wire))); + } + + if (wire->port_output) { + int o = ordered_outputs.at(SigSpec(wire, i)); + if (GetSize(wire) != 1) + symbols[stringf("%c%d", miter_mode ? 'b' : 'o', o)].push_back(stringf("%s[%d]", log_id(wire), i)); + else + symbols[stringf("%c%d", miter_mode ? 'b' : 'o', o)].push_back(stringf("%s", log_id(wire))); + } + + if (init_inputs.count(sig[i])) { + int a = init_inputs.at(sig[i]); + log_assert((a & 1) == 0); + if (GetSize(wire) != 1) + symbols[stringf("i%d", (a >> 1)-1)].push_back(stringf("init:%s[%d]", log_id(wire), i)); + else + symbols[stringf("i%d", (a >> 1)-1)].push_back(stringf("init:%s", log_id(wire))); + } + + if (ordered_latches.count(sig[i])) { + int l = ordered_latches.at(sig[i]); + const char *p = (zinit_mode && (aig_latchinit.at(l) == 1)) ? "!" : ""; + if (GetSize(wire) != 1) + symbols[stringf("l%d", l)].push_back(stringf("%s%s[%d]", p, log_id(wire), i)); + else + symbols[stringf("l%d", l)].push_back(stringf("%s%s", p, log_id(wire))); + } + } + } + + symbols.sort(); + + for (auto &sym : symbols) { + f << sym.first; + std::sort(sym.second.begin(), sym.second.end()); + for (auto &s : sym.second) + f << " " << s; + f << std::endl; + } + } + // f << stringf("c\nGenerated by %s\n", yosys_maybe_version()); + } + + void write_map(std::ostream &f, bool verbose_map, bool no_startoffset) + { + dict input_lines; + dict init_lines; + dict output_lines; + dict latch_lines; + dict wire_lines; + + for (auto wire : module->wires()) + { + if (!verbose_map && wire->name[0] == '$') + continue; + + SigSpec sig = sigmap(wire); + + for (int i = 0; i < GetSize(wire); i++) + { + if (aig_map.count(sig[i]) == 0 || sig[i].wire == nullptr) + continue; + + int a = aig_map.at(sig[i]); + int index = no_startoffset ? i : (wire->start_offset+i); + + if (verbose_map) + wire_lines[a] += stringf("wire %d %d %s\n", a, index, log_id(wire)); + + if (wire->port_input) { + log_assert((a & 1) == 0); + input_lines[a] += stringf("input %d %d %s\n", (a >> 1)-1, index, log_id(wire)); + } + + if (wire->port_output) { + int o = ordered_outputs.at(SigSpec(wire, i)); + output_lines[o] += stringf("output %d %d %s\n", o, index, log_id(wire)); + } + + if (init_inputs.count(sig[i])) { + int a = init_inputs.at(sig[i]); + log_assert((a & 1) == 0); + init_lines[a] += stringf("init %d %d %s\n", (a >> 1)-1, index, log_id(wire)); + } + + if (ordered_latches.count(sig[i])) { + int l = ordered_latches.at(sig[i]); + if (zinit_mode && (aig_latchinit.at(l) == 1)) + latch_lines[l] += stringf("invlatch %d %d %s\n", l, index, log_id(wire)); + else + latch_lines[l] += stringf("latch %d %d %s\n", l, index, log_id(wire)); + } + } + } + + input_lines.sort(); + for (auto &it : input_lines) + f << it.second; + + init_lines.sort(); + for (auto &it : init_lines) + f << it.second; + + output_lines.sort(); + for (auto &it : output_lines) + f << it.second; + + latch_lines.sort(); + for (auto &it : latch_lines) + f << it.second; + + if (initstate_ff) + f << stringf("ninitff %d\n", ((initstate_ff >> 1)-1-aig_i)); + + wire_lines.sort(); + for (auto &it : wire_lines) + f << it.second; + } + + void write_ywmap(PrettyJson &json) + { + json.begin_object(); + json.entry("version", "Yosys Witness Aiger map"); + // json.entry("gennerator", yosys_maybe_version()); + + json.entry("latch_count", aig_l); + json.entry("input_count", aig_i); + + dict clock_lines; + dict input_lines; + dict init_lines; + dict seq_lines; + + for (auto cell : module->cells()) + { + if (cell->type.in(ID($_FF_), ID($_DFF_N_), ID($_DFF_P_), ID($anyinit), ID($anyconst), ID($anyseq))) + { + // Use sig_q to get the FF output name, but sig to lookup aiger bits + auto sig_qy = cell->getPort(cell->type.in(ID($anyconst), ID($anyseq)) ? ID::Y : ID::Q); + SigSpec sig = sigmap(sig_qy); + + if (cell->get_bool_attribute(ID(clk2fflogic))) + sig_qy = cell->getPort(ID::D); // For a clk2fflogic $_FF_ the named signal is the D input not the Q output + + for (int i = 0; i < GetSize(sig_qy); i++) { + if (sig_qy[i].wire == nullptr || sig[i].wire == nullptr) + continue; + + auto wire = sig_qy[i].wire; + + if (init_inputs.count(sig[i])) { + int a = init_inputs.at(sig[i]); + log_assert((a & 1) == 0); + init_lines[a] = json11::Json(json11::Json::object { + { "path", witness_path(wire) }, + { "input", (a >> 1) - 1 }, + { "offset", sig_qy[i].offset }, + }); + } + + if (input_bits.count(sig[i])) { + int a = aig_map.at(sig[i]); + log_assert((a & 1) == 0); + seq_lines[a] = json11::Json(json11::Json::object { + { "path", witness_path(wire) }, + { "input", (a >> 1) - 1 }, + { "offset", sig_qy[i].offset }, + }); + } + } + } + } + + for (auto wire : module->wires()) + { + SigSpec sig = sigmap(wire); + if (wire->port_input) + { + auto path = witness_path(wire); + for (int i = 0; i < GetSize(wire); i++) { + if (aig_map.count(sig[i]) == 0 || sig[i].wire == nullptr) + continue; + + int a = aig_map.at(sig[i]); + log_assert((a & 1) == 0); + input_lines[a] = json11::Json(json11::Json::object { + { "path", path }, + { "input", (a >> 1) - 1 }, + { "offset", i }, + }); + + if (ywmap_clocks.count(sig[i])) { + int clock_mode = ywmap_clocks[sig[i]]; + if (clock_mode != 3) { + clock_lines[a] = json11::Json(json11::Json::object { + { "path", path }, + { "input", (a >> 1) - 1 }, + { "offset", i }, + { "edge", clock_mode == 1 ? "posedge" : "negedge" }, + }); + } + } + } + } + } + + json.name("clocks"); + json.begin_array(); + clock_lines.sort(); + for (auto &it : clock_lines) + json.value(it.second); + json.end_array(); + + json.name("inputs"); + json.begin_array(); + input_lines.sort(); + for (auto &it : input_lines) + json.value(it.second); + json.end_array(); + + json.name("seqs"); + json.begin_array(); + input_lines.sort(); + for (auto &it : seq_lines) + json.value(it.second); + json.end_array(); + + json.name("inits"); + json.begin_array(); + input_lines.sort(); + for (auto &it : init_lines) + json.value(it.second); + json.end_array(); + + json.name("asserts"); + json.begin_array(); + for (Cell *cell : ywmap_asserts) + json.value(witness_path(cell)); + json.end_array(); + + json.name("assumes"); + json.begin_array(); + for (Cell *cell : ywmap_assumes) + json.value(witness_path(cell)); + json.end_array(); + + json.end_object(); + } + +}; + +struct AigerBackend : public Backend { + AigerBackend() : Backend("aiger_2", "write design to AIGER file") { } + void help() override + { + // |---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---|---v---| + log("\n"); + log(" write_aiger_2 [options] [filename]\n"); + log("\n"); + log("Write the current design to an AIGER file. The design must be flattened and\n"); + log("must not contain any cell types except $_AND_, $_NOT_, simple FF types,\n"); + log("$assert and $assume cells, and $initstate cells.\n"); + log("\n"); + log("$assert and $assume cells are converted to AIGER bad state properties and\n"); + log("invariant constraints.\n"); + log("\n"); + log(" -ascii\n"); + log(" write ASCII version of AIGER format\n"); + log("\n"); + log(" -zinit\n"); + log(" convert FFs to zero-initialized FFs, adding additional inputs for\n"); + log(" uninitialized FFs.\n"); + log("\n"); + log(" -miter\n"); + log(" design outputs are AIGER bad state properties\n"); + log("\n"); + log(" -symbols\n"); + log(" include a symbol table in the generated AIGER file\n"); + log("\n"); + log(" -no-sort\n"); + log(" don't sort input/output ports\n"); + log("\n"); + log(" -map \n"); + log(" write an extra file with port and latch symbols\n"); + log("\n"); + log(" -vmap \n"); + log(" like -map, but more verbose\n"); + log("\n"); + log(" -no-startoffset\n"); + log(" make indexes zero based, enable using map files with smt solvers.\n"); + log("\n"); + log(" -ywmap \n"); + log(" write a map file for conversion to and from yosys witness traces.\n"); + log("\n"); + log(" -I, -O, -B, -L\n"); + log(" If the design contains no input/output/assert/flip-flop then create one\n"); + log(" dummy input/output/bad_state-pin or latch to make the tools reading the\n"); + log(" AIGER file happy.\n"); + log("\n"); + } + void execute(std::ostream *&f, std::string filename, std::vector args, RTLIL::Design *design) override + { + bool ascii_mode = false; + bool zinit_mode = false; + bool miter_mode = false; + bool symbols_mode = false; + bool no_sort = false; + bool verbose_map = false; + bool imode = false; + bool omode = false; + bool bmode = false; + bool lmode = false; + bool no_startoffset = false; + std::string map_filename; + std::string yw_map_filename; + + log_header(design, "Executing AIGER backend.\n"); + + size_t argidx; + for (argidx = 1; argidx < args.size(); argidx++) + { + if (args[argidx] == "-ascii") { + ascii_mode = true; + continue; + } + if (args[argidx] == "-zinit") { + zinit_mode = true; + continue; + } + if (args[argidx] == "-miter") { + miter_mode = true; + continue; + } + if (args[argidx] == "-symbols") { + symbols_mode = true; + continue; + } + if (args[argidx] == "-no-sort") { + no_sort = true; + continue; + } + if (map_filename.empty() && args[argidx] == "-map" && argidx+1 < args.size()) { + map_filename = args[++argidx]; + continue; + } + if (map_filename.empty() && args[argidx] == "-vmap" && argidx+1 < args.size()) { + map_filename = args[++argidx]; + verbose_map = true; + continue; + } + if (yw_map_filename.empty() && args[argidx] == "-ywmap" && argidx+1 < args.size()) { + yw_map_filename = args[++argidx]; + continue; + } + if (args[argidx] == "-no-startoffset") { + no_startoffset = true; + continue; + } + if (args[argidx] == "-I") { + imode = true; + continue; + } + if (args[argidx] == "-O") { + omode = true; + continue; + } + if (args[argidx] == "-B") { + bmode = true; + continue; + } + if (args[argidx] == "-L") { + lmode = true; + continue; + } + break; + } + extra_args(f, filename, args, argidx, !ascii_mode); + + if (!yw_map_filename.empty() && !zinit_mode) + log_error("Currently -ywmap requires -zinit.\n"); + + Module *top_module = design->top_module(); + + if (top_module == nullptr) + log_error("Can't find top module in current design!\n"); + + if (!design->selected_whole_module(top_module)) + log_cmd_error("Can't handle partially selected module %s!\n", log_id(top_module)); + + if (!top_module->processes.empty()) + log_error("Found unmapped processes in module %s: unmapped processes are not supported in AIGER backend!\n", log_id(top_module)); + if (!top_module->memories.empty()) + log_error("Found unmapped memories in module %s: unmapped memories are not supported in AIGER backend!\n", log_id(top_module)); + + AigerWriter writer(top_module, no_sort, zinit_mode, imode, omode, bmode, lmode); + writer.write_aiger(*f, ascii_mode, miter_mode, symbols_mode); + + if (!map_filename.empty()) { + rewrite_filename(filename); + std::ofstream mapf; + mapf.open(map_filename.c_str(), std::ofstream::trunc); + if (mapf.fail()) + log_error("Can't open file `%s' for writing: %s\n", map_filename.c_str(), strerror(errno)); + writer.write_map(mapf, verbose_map, no_startoffset); + } + + if (!yw_map_filename.empty()) { + std::ofstream mapf; + mapf.open(yw_map_filename.c_str(), std::ofstream::trunc); + + PrettyJson json; + + if (!json.write_to_file(yw_map_filename)) + log_error("Can't open file `%s' for writing: %s\n", yw_map_filename.c_str(), strerror(errno)); + writer.write_ywmap(json); + } + } +} AigerBackend; + +PRIVATE_NAMESPACE_END + +// clang-format on diff --git a/flake.lock b/flake.lock index b6cec2f02c..f231015ce4 100644 --- a/flake.lock +++ b/flake.lock @@ -1,15 +1,36 @@ { "nodes": { + "fenix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1753771482, + "narHash": "sha256-7WnYHGi5xT4PCacjM/UVp+k4ZYIIXwCf6CjVqgUnGTQ=", + "owner": "nix-community", + "repo": "fenix", + "rev": "8b6da138fb7baefa04a4284c63b2abefdfbd2c6d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" }, "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -53,11 +74,11 @@ ] }, "locked": { - "lastModified": 1753123365, - "narHash": "sha256-c/4e4HLK9wx/FPe0UVKgmRWlj6efOYf2eIa7uG0gwQU=", + "lastModified": 1754918967, + "narHash": "sha256-YSDxooemjaHP1LBdF/+dldJMgIHBCXyy5gMb+uwbxLg=", "owner": "lowrisc", "repo": "lowrisc-nix", - "rev": "4ff28ce432438305989511a3b3abd0ccf1fb4b9d", + "rev": "d634ff6474ca3b5370eab2c890e4173c12618850", "type": "github" }, "original": { @@ -69,16 +90,16 @@ "lowrisc_sail": { "flake": false, "locked": { - "lastModified": 1753700698, - "narHash": "sha256-VNUm1BbUVNVASHUkd5gaPli+3xUqPruoycsws4fWrhw=", + "lastModified": 1755506511, + "narHash": "sha256-b/34iN0OSXmKo5C1eUROTrfyQ21/2LGV09Al08WqDig=", "owner": "lowrisc", "repo": "sail", - "rev": "50746d7db3e2a417e21fa1b8ea6d633d11d47195", + "rev": "99513016db9bf5287650f01885d56957ae104c97", "type": "github" }, "original": { "owner": "lowrisc", - "ref": "lowrisc", + "ref": "ast_translate", "repo": "sail", "type": "github" } @@ -100,6 +121,25 @@ "type": "github" } }, + "lowrisc_yosys_slang": { + "flake": false, + "locked": { + "lastModified": 1755705118, + "narHash": "sha256-L7uvn4Bq/u9FQXfaVb3kB2RkNJeC6+7uNpF1n5rNf+o=", + "ref": "formal", + "rev": "32ecbc344ac4cfe898a32afaea0189f88f40cbb9", + "revCount": 500, + "submodules": true, + "type": "git", + "url": "https://github.com/mndstrmr/yosys-slang" + }, + "original": { + "ref": "formal", + "submodules": true, + "type": "git", + "url": "https://github.com/mndstrmr/yosys-slang" + } + }, "mkshell-minimal": { "locked": { "lastModified": 1700988624, @@ -117,11 +157,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1753115646, - "narHash": "sha256-yLuz5cz5Z+sn8DRAfNkrd2Z1cV6DaYO9JMrEz4KZo/c=", + "lastModified": 1757810152, + "narHash": "sha256-Vp9K5ol6h0J90jG7Rm4RWZsCB3x7v5VPx588TQ1dkfs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "92c2e04a475523e723c67ef872d8037379073681", + "rev": "9a094440e02a699be5c57453a092a8baf569bdad", "type": "github" }, "original": { @@ -142,11 +182,11 @@ ] }, "locked": { - "lastModified": 1753116287, - "narHash": "sha256-T/B77R/2Itw9L8lGOUMCJJstWJbEvTBNZ/sjZC+zQSw=", + "lastModified": 1754386443, + "narHash": "sha256-wJmFiXg8aEaSZu1LDV7nIE1JVBzkO5tXL1rz7uYm6DI=", "owner": "mndstrmr", "repo": "psgen", - "rev": "f447733727f3467dcee3632ffd4ba34ca7ee1461", + "rev": "dbf67e445c6978bffbf75f0dea0abf2b264e616a", "type": "github" }, "original": { @@ -168,11 +208,11 @@ ] }, "locked": { - "lastModified": 1753063383, - "narHash": "sha256-H+gLv6424OjJSD+l1OU1ejxkN/v0U+yaoQdh2huCXYI=", + "lastModified": 1754926764, + "narHash": "sha256-9MyIG0Wrt/pDhNuC2jlK8brn0FXA9FftHHWZ30rSK/k=", "owner": "pyproject-nix", "repo": "build-system-pkgs", - "rev": "45888b7fd4bf36c57acc55f07917bdf49ec89ec9", + "rev": "25623931e44b4f4d5e6cde78146d11aae19143fa", "type": "github" }, "original": { @@ -188,11 +228,11 @@ ] }, "locked": { - "lastModified": 1753063596, - "narHash": "sha256-el1vFxDk6DR2hKGYnMfQHR7+K4aMiJDKQRMP3gdh+ZI=", + "lastModified": 1754923840, + "narHash": "sha256-QSKpYg+Ts9HYF155ltlj40iBex39c05cpOF8gjoE2EM=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "cac90713492f23be5f1072bae88406890b9c68f6", + "rev": "023cd4be230eacae52635be09eef100c37ef78da", "type": "github" }, "original": { @@ -203,10 +243,12 @@ }, "root": { "inputs": { + "fenix": "fenix", "flake-utils": "flake-utils", "lowrisc-nix": "lowrisc-nix", "lowrisc_sail": "lowrisc_sail", "lowrisc_sail_riscv": "lowrisc_sail_riscv", + "lowrisc_yosys_slang": "lowrisc_yosys_slang", "mkshell-minimal": "mkshell-minimal", "nixpkgs": "nixpkgs", "psgen": "psgen", @@ -215,6 +257,23 @@ "uv2nix": "uv2nix" } }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1753724566, + "narHash": "sha256-DolKhpXhoehwLX+K/4xRRIeppnJHgKk6xWJdqn/vM6w=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "511c999bea1c3c129b8eba713bb9b809a9003d00", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -240,11 +299,11 @@ ] }, "locked": { - "lastModified": 1753067819, - "narHash": "sha256-vjLTZCgMWvfep8eKZL25T8pBb4MyBjswfyAlHTyJaoY=", + "lastModified": 1754921620, + "narHash": "sha256-Y8iMmx8M4HzA8lR0GreF//2G24Gn9Z0aDNx545cAlbc=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "5b7b7a8808c031fa8e13d8e949a2af3c2c12a1c6", + "rev": "1eded325661aa8950c8ffb5b673096c66afe930c", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 35c187c04b..f34cf8724e 100644 --- a/flake.nix +++ b/flake.nix @@ -38,13 +38,25 @@ inputs.flake-utils.follows = "flake-utils"; }; lowrisc_sail = { - url = "github:lowrisc/sail?ref=lowrisc"; + url = "github:lowrisc/sail?ref=ast_translate"; flake = false; }; lowrisc_sail_riscv = { url = "github:lowrisc/sail-riscv?ref=81a266b6f65365b34180af7b91708265da653878"; flake = false; }; + lowrisc_yosys_slang = { + url = "https://github.com/mndstrmr/yosys-slang"; + ref = "formal"; + flake = false; + type = "git"; + submodules = true; + }; + + fenix = { + url = "github:nix-community/fenix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; # The lowRISC public nix-cache contains builds of nix packages used by lowRISC, primarily coming from github:lowRISC/lowrisc-nix. @@ -59,11 +71,11 @@ # System types to support. supportedSystems = with inputs.flake-utils.lib.system; [ x86_64-linux + aarch64-darwin ]; in inputs.flake-utils.lib.eachSystem supportedSystems (system: let - pkgs = import inputs.nixpkgs { inherit system; }; @@ -77,30 +89,103 @@ src = inputs.lowrisc_sail; }; + # lowRISC fork of the yosys slang frontend. + lowrisc_yosys_slang = import ./nix/lowrisc_yosys_slang.nix { + inherit pkgs; + src = inputs.lowrisc_yosys_slang; + }; + # Create a python package set suitable for the formal flow # - The file dv/formal/pyproject.toml defines the package set for this environment # - Using the fusesoc .core files in this repo requires a lowrisc-fork of fusesoc, so this # file specifies the forked repository. Most other python package dependencies are in # support of fusesoc. formal_python_env = let - workspace = inputs.uv2nix.lib.workspace.loadWorkspace { - workspaceRoot = ./dv/formal; - }; - overlay = workspace.mkPyprojectOverlay { - sourcePreference = "sdist"; - }; - pythonSet = - (pkgs.callPackage inputs.pyproject-nix.build.packages { - python = pkgs.python3; - }).overrideScope ( - lib.composeManyExtensions [ - inputs.pyproject-build-systems.overlays.default - overlay - (inputs.lowrisc-nix.lib.pyprojectOverrides {inherit pkgs;}) - ] - ); + workspace = inputs.uv2nix.lib.workspace.loadWorkspace { + workspaceRoot = ./dv/formal; + }; + overlay = workspace.mkPyprojectOverlay { + sourcePreference = "wheel"; + }; + pythonSet = + (pkgs.callPackage inputs.pyproject-nix.build.packages { + python = pkgs.python3; + }).overrideScope ( + lib.composeManyExtensions [ + inputs.pyproject-build-systems.overlays.default + overlay + (inputs.lowrisc-nix.lib.pyprojectOverrides { + inherit pkgs; + }) + ] + ); in - pythonSet.mkVirtualEnv "ibex-env" workspace.deps.default; + pythonSet.mkVirtualEnv "ibex-env" workspace.deps.default; + + # rIC3 needs a nightly toolchain + toolchain = inputs.fenix.packages.${system}.toolchainOf { + channel = "nightly"; + date = "2025-07-29"; + sha256 = "sha256-6D2b7glWC3jpbIGCq6Ta59lGCKN9sTexhgixH4Y7Nng="; + }; + rustPlatform = pkgs.makeRustPlatform { + inherit (toolchain) rustc cargo; + }; + ric3_src = pkgs.fetchCrate { + pname = "rIC3"; + version = "1.4.1"; + sha256 = "0713ncxbnz7phcnlcb5sgrwcjf3a8iapl027lca4g0aacybsgxsq"; + }; + ric3 = rustPlatform.buildRustPackage { + pname = "ric3"; + version = "1.4.1"; + cargoLock = { + lockFile = "${ric3_src}/Cargo.lock"; + }; + nativeBuildInputs = with pkgs; [ + cmake + clang + ]; + src = ric3_src; + }; + + standard_deps = [ + inputs.psgen.packages.${system}.default + lowrisc_sail + formal_python_env + ] ++ (with pkgs; [ + gnumake + patch + ]); + # The formal environment has an untracked external requirement on Cadence Jasper. + # Add a check here which will prevent launching the devShell if Jasper is not found on the user's path. + # TODO: Is this robust? Do we want to check available features? + check_jg = '' + if ! command -v jg &>/dev/null; then + echo "Jasper not found on path. Not launching devShell." + exit 1 + fi + ''; + exports = '' + # The following environment variables are used by the formal build scripts to pick up the locations + # of the external source-file dependencies. + # The can be re-exported manually for development (see .#formal-dev) + export LOWRISC_SAIL_SRC=${lowrisc_sail.src} + export LOWRISC_SAIL_RISCV_SRC=${inputs.lowrisc_sail_riscv} + ''; + dev_msg = '' + cat << EOF + ======================================================================================== + This is the development shell. By default it is identical to the .#formal shell. + In order to use dev dependencies (e.g. psgen or Sail), prepend the new binaries to PATH: + export PATH=:\$PATH + If developing the Sail sources, also update LOWRISC_SAIL_SRC: + export LOWRISC_SAIL_SRC= + To use a local version of Ibex's sail-riscv model, also update LOWRISC_SAIL_RISCV_SRC: + export LOWRISC_SAIL_RISCV_SRC= + ======================================================================================== + EOF + ''; in { packages = { @@ -110,50 +195,38 @@ }; devShells = rec { formal = mkshell-minimal { - packages = [ - inputs.psgen.packages.${system}.default - lowrisc_sail - formal_python_env + packages = standard_deps; + shellHook = check_jg + exports; + }; + + formal-dev = mkshell-minimal { + packages = standard_deps; + shellHook = check_jg + exports + dev_msg; + }; + + oss-dev = mkshell-minimal { + packages = standard_deps ++ [ + lowrisc_yosys_slang + ((pkgs.yosys.override (attrs: { enablePython = false; })).overrideAttrs (finalAttrs: prev: { doCheck = false; })) ] ++ (with pkgs; [ - gnumake - patch + gtkwave # not stricly necesssary + ric3 + + # aig-manip (maybe just build in nix anyway?) + toolchain.cargo + toolchain.rustc + cmake + clang + + # yosys-config + gcc ]); - shellHook = let - # The formal environment has an untracked external requirement on Cadence Jasper. - # Add a check here which will prevent launching the devShell if Jasper is not found on the user's path. - # TODO: Is this robust? Do we want to check available features? - check_jg = '' - if ! command -v jg &>/dev/null; then - echo "Jasper not found on path. Not launching devShell." - exit 1 - fi - ''; - in '' - ${check_jg} - # The following environment variables are used by the formal build scripts to pick up the locations - # of the external source-file dependencies. - # The can be re-exported manually for development (see .#formal-dev) - export LOWRISC_SAIL_SRC=${lowrisc_sail.src} - export LOWRISC_SAIL_RISCV_SRC=${inputs.lowrisc_sail_riscv} + shellHook = exports + dev_msg + '' + export LOWRISC_YOSYS_SLANG=${lowrisc_yosys_slang.out}/lib/slang.so + export LD_LIBRARY_PATH=${pkgs.stdenv.cc.cc.lib}/lib/ # for rIC3, not sure why this should be necessary though ''; }; - - formal-dev = formal.overrideAttrs (prev: { - shellHook = prev.shellHook + '' - cat << EOF - ======================================================================================== - This is the development shell. By default it is identical to the .#formal shell. - In order to use dev dependencies (e.g. psgen or Sail), prepend the new binaries to PATH: - export PATH=:\$PATH - If developing the Sail sources, also update LOWRISC_SAIL_SRC: - export LOWRISC_SAIL_SRC= - To use a local version of Ibex's sail-riscv model, also update LOWRISC_SAIL_RISCV_SRC: - export LOWRISC_SAIL_RISCV_SRC= - ======================================================================================== - EOF - ''; - }); - }; - } - ); + }; + } + ); } diff --git a/nix/lowrisc_yosys_slang.nix b/nix/lowrisc_yosys_slang.nix new file mode 100644 index 0000000000..73629dc6c5 --- /dev/null +++ b/nix/lowrisc_yosys_slang.nix @@ -0,0 +1,22 @@ +# Copyright lowRISC contributors. +# Licensed under the Apache License, Version 2.0, see LICENSE for details. +# SPDX-License-Identifier: Apache-2.0 + +{ + pkgs, + src +}: +pkgs.stdenv.mkDerivation (finalAttrs: { + inherit src; + pname = "yosys-slang"; + version = "0.0.1"; + buildInputs = with pkgs; [ + yosys + gcc + cmake + ]; + installPhase = '' + mkdir -p $out/lib + cp slang.so $out/lib/slang.so + ''; +})