• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Proof-automation
    • Macro-libraries
    • ACL2
    • Interfacing-tools
    • Hardware-verification
      • Gl
      • Esim
      • Vl2014
      • Sv
        • Svex-stvs
        • Svex-decomposition-methodology
          • Def-svtv-generalized-thm
          • Override-transparent
          • Def-svtv-to-fsm-thm
          • Svtv-decomposition-choosing-a-method
          • Def-svtv-refinement
          • Def-svtv-ideal
            • Svtv-idealize-internals
          • Def-override-transparent
        • Sv-versus-esim
        • Svex-decomp
        • Svex-compose-dfs
        • Svex-compilation
        • Moddb
        • Svmods
        • Svstmt
        • Sv-tutorial
        • Expressions
        • Symbolic-test-vector
        • Vl-to-svex
      • Fgl
      • Vwsim
      • Vl
      • X86isa
      • Svl
      • Rtl
    • Software-verification
    • Math
    • Testing-utilities
  • Svex-decomposition-methodology

Def-svtv-ideal

Define a non-executable, fixpoint-based analogue of a symbolic-test-vector and prove properties that allow it to be used in decomposition proofs.

See also def-svtv-refinement, of which this is a wrapper.

To use this, first define an SVTV using defsvtv$ and (immediately after) save the contents of the resulting svtv-data stobj to an object using def-svtv-data-export. Then invoke def-svtv-ideal as follows:

(def-svtv-ideal ideal-name svtv-name data-name)

For example,

(sv::defsvtv$ my-mod-run ...)

;; must be immediately after the defsvtv$ (or at least ensure that the
;; svtv-data stobj is not modified in between)
(sv::def-svtv-data-export my-mod-data)

;; may occur later, no more reliance on the svtv-data stobj:
(sv::def-svtv-ideal my-mod-ideal my-mod-run my-mod-data)

This produces a 0-ary function (not intended to be executed) named my-mod-ideal, which returns an svtv-spec object encapsulating the same pipeline run as in my-mod-run, but based on a fixpoint composition of the module's assignments rather than the approximate composition that is computed for the SVTV. See svex-decomposition-methodology for further explanation. A few important properties relating my-mod-ideal and my-mod-run are proved:

  • my-mod-ideal-refines-my-mod-run -- this allows us to infer facts about my-mod-ideal from proofs about my-mod-run, where potentially the my-mod-run proof may be done with override signals that may be removed from the theorem about my-mod-ideal.
  • my-mod-ideal-refines-my-mod-run-on-same-envs -- special case of the above theorem where the input environments are the same, i.e. no overrides are removed.
  • my-mod-ideal-refines-my-mod-ideal -- this allows us to remove overrides from theorems about my-mod-ideal.

Additionally, the def-svtv-ideal event produces a function named (in our example) my-mod-ideal-exec, which (logically) produces some subset of the output signals of a svtv-spec-run of my-mod-ideal, but accomplishes this (when successful) executing svtv-run of my-mod-run. If the outputs from the svtv-run contain no Xes, then this is the same as the svtv-spec-run of my-mod-ideal.

Subtopics

Svtv-idealize-internals
Umbrella topic for internal concepts used in the proofs for the svtv-idealize framework.