--- /dev/null
+[options]
+mode prove
+
+[engines]
+smtbmc
+
+[script]
+read_verilog -formal prove.v
+prep -top testbench
+
+[files]
+prove.v
--- /dev/null
+module testbench (
+ input clk,
+ input reset,
+ input [7:0] din,
+ output reg [7:0] dout
+);
+ demo uut (
+ .clk (clk ),
+ .reset(reset),
+ .din (din ),
+ .dout (dout ),
+ );
+
+ initial assume (reset);
+ assert property (reset || !dout[1:0]);
+endmodule
+
+module demo (
+ input clk,
+ input reset,
+ input [7:0] din,
+ output reg [7:0] dout
+);
+ reg [7:0] buffer;
+ reg [2:0] state;
+
+ always @(posedge clk) begin
+ if (reset) begin
+ dout <= 0;
+ state <= 0;
+ end else
+ case (state)
+ 3'b 001: begin
+ buffer <= din;
+ state <= 1;
+ end
+ 3'b 010: begin
+ if (buffer[1:0])
+ buffer <= buffer + 1;
+ else
+ state <= 2;
+ end
+ 3'b 100: begin
+ dout <= dout + buffer;
+ state <= 0;
+ end
+ endcase
+ end
+endmodule
formal tasks:
* Bounded verification of safety properties (assertions)
- * Unbounded verification of safety properties [TBD]
+ * Unbounded verification of safety properties
* Generation of test benches from cover statements [TBD]
* Verification of liveness properties [TBD]
* Formal equivalence checking [TBD]
Beyond bounded model checks
---------------------------
-TBD
+Bounded model checks only prove that the safety properties hold for the first
+*N* cycles (where *N* is the depth of the BMC). Sometimes this is insufficient
+and we need to prove that the safety properties hold forever, not just the first
+*N* cycles. Let us consider the following example:
+
+.. literalinclude:: ../examples/quickstart/prove.v
+ :language: systemverilog
+
+Proving this design in an unbounded manner can be achieved using the following
+SymbiYosys configuration file:
+
+.. literalinclude:: ../examples/quickstart/prove.sby
+ :language: text
+Note that ``mode`` is now set to ``prove`` instead of ``bmc``. The ``smtbmc``
+engine in ``prove`` mode will perform a k-induction proof. Other engines can
+use other methods, e.g. using ``abc pdr`` will prove the design using the IC3
+algorithm.
if mode == "prove_basecase":
taskname += ".basecase"
+ logfile_prefix += "_basecase"
if mode == "prove_induction":
taskname += ".induction"
trace_prefix += "_induct"
- logfile_prefix += "_induct"
+ logfile_prefix += "_induction"
smtbmc_opts.append("-i")
task = SbyTask(job, taskname, job.model(model_name),
projects / SymbiYosys.git / commitdiff