CIRCT 22.0.0git
Loading...
Searching...
No Matches
VerifToSMT.cpp
Go to the documentation of this file.
1//===- VerifToSMT.cpp -----------------------------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "circt/Conversion/VerifToSMT.h"
10#include "circt/Conversion/HWToSMT.h"
11#include "circt/Dialect/Seq/SeqTypes.h"
12#include "circt/Dialect/Verif/VerifOps.h"
13#include "circt/Support/Namespace.h"
14#include "mlir/Conversion/ReconcileUnrealizedCasts/ReconcileUnrealizedCasts.h"
15#include "mlir/Dialect/Arith/IR/Arith.h"
16#include "mlir/Dialect/Func/IR/FuncOps.h"
17#include "mlir/Dialect/SCF/IR/SCF.h"
18#include "mlir/Dialect/SMT/IR/SMTOps.h"
19#include "mlir/Dialect/SMT/IR/SMTTypes.h"
20#include "mlir/IR/ValueRange.h"
21#include "mlir/Pass/Pass.h"
22#include "mlir/Transforms/DialectConversion.h"
23#include "llvm/ADT/SmallVector.h"
24
25namespace circt {
26#define GEN_PASS_DEF_CONVERTVERIFTOSMT
27#include "circt/Conversion/Passes.h.inc"
28} // namespace circt
29
30using namespace mlir;
31using namespace circt;
32using namespace hw;
33
34//===----------------------------------------------------------------------===//
35// Conversion patterns
36//===----------------------------------------------------------------------===//
37
38namespace {
39/// Lower a verif::AssertOp operation with an i1 operand to a smt::AssertOp,
40/// negated to check for unsatisfiability.
41struct VerifAssertOpConversion : OpConversionPattern<verif::AssertOp> {
42 using OpConversionPattern<verif::AssertOp>::OpConversionPattern;
43
44 LogicalResult
45 matchAndRewrite(verif::AssertOp op, OpAdaptor adaptor,
46 ConversionPatternRewriter &rewriter) const override {
47 Value cond = typeConverter->materializeTargetConversion(
48 rewriter, op.getLoc(), smt::BoolType::get(getContext()),
49 adaptor.getProperty());
50 Value notCond = smt::NotOp::create(rewriter, op.getLoc(), cond);
51 rewriter.replaceOpWithNewOp<smt::AssertOp>(op, notCond);
52 return success();
53 }
54};
55
56/// Lower a verif::AssumeOp operation with an i1 operand to a smt::AssertOp
57struct VerifAssumeOpConversion : OpConversionPattern<verif::AssumeOp> {
58 using OpConversionPattern<verif::AssumeOp>::OpConversionPattern;
59
60 LogicalResult
61 matchAndRewrite(verif::AssumeOp op, OpAdaptor adaptor,
62 ConversionPatternRewriter &rewriter) const override {
63 Value cond = typeConverter->materializeTargetConversion(
64 rewriter, op.getLoc(), smt::BoolType::get(getContext()),
65 adaptor.getProperty());
66 rewriter.replaceOpWithNewOp<smt::AssertOp>(op, cond);
67 return success();
68 }
69};
70
71template <typename OpTy>
72struct CircuitRelationCheckOpConversion : public OpConversionPattern<OpTy> {
73 using OpConversionPattern<OpTy>::OpConversionPattern;
74
75protected:
76 using ConversionPattern::typeConverter;
77 void
78 createOutputsDifferentOps(Operation *firstOutputs, Operation *secondOutputs,
79 Location &loc, ConversionPatternRewriter &rewriter,
80 SmallVectorImpl<Value> &outputsDifferent) const {
81 // Convert the yielded values back to the source type system (since
82 // the operations of the inlined blocks will be converted by other patterns
83 // later on and we should make sure the IR is well-typed after each pattern
84 // application), and compare the output values.
85 for (auto [out1, out2] :
86 llvm::zip(firstOutputs->getOperands(), secondOutputs->getOperands())) {
87 Value o1 = typeConverter->materializeTargetConversion(
88 rewriter, loc, typeConverter->convertType(out1.getType()), out1);
89 Value o2 = typeConverter->materializeTargetConversion(
90 rewriter, loc, typeConverter->convertType(out1.getType()), out2);
91 outputsDifferent.emplace_back(
92 smt::DistinctOp::create(rewriter, loc, o1, o2));
93 }
94 }
95
96 void replaceOpWithSatCheck(OpTy &op, Location &loc,
97 ConversionPatternRewriter &rewriter,
98 smt::SolverOp &solver) const {
99 // If no operation uses the result of this solver, we leave our check
100 // operations empty. If the result is used, we create a check operation with
101 // the result type of the operation and yield the result of the check
102 // operation.
103 if (op.getNumResults() == 0) {
104 auto checkOp = smt::CheckOp::create(rewriter, loc, TypeRange{});
105 rewriter.createBlock(&checkOp.getSatRegion());
106 smt::YieldOp::create(rewriter, loc);
107 rewriter.createBlock(&checkOp.getUnknownRegion());
108 smt::YieldOp::create(rewriter, loc);
109 rewriter.createBlock(&checkOp.getUnsatRegion());
110 smt::YieldOp::create(rewriter, loc);
111 rewriter.setInsertionPointAfter(checkOp);
112 smt::YieldOp::create(rewriter, loc);
113
114 // Erase as operation is replaced by an operator without a return value.
115 rewriter.eraseOp(op);
116 } else {
117 Value falseVal =
118 arith::ConstantOp::create(rewriter, loc, rewriter.getBoolAttr(false));
119 Value trueVal =
120 arith::ConstantOp::create(rewriter, loc, rewriter.getBoolAttr(true));
121 auto checkOp = smt::CheckOp::create(rewriter, loc, rewriter.getI1Type());
122 rewriter.createBlock(&checkOp.getSatRegion());
123 smt::YieldOp::create(rewriter, loc, falseVal);
124 rewriter.createBlock(&checkOp.getUnknownRegion());
125 smt::YieldOp::create(rewriter, loc, falseVal);
126 rewriter.createBlock(&checkOp.getUnsatRegion());
127 smt::YieldOp::create(rewriter, loc, trueVal);
128 rewriter.setInsertionPointAfter(checkOp);
129 smt::YieldOp::create(rewriter, loc, checkOp->getResults());
130
131 rewriter.replaceOp(op, solver->getResults());
132 }
133 }
134};
135
136/// Lower a verif::LecOp operation to a miter circuit encoded in SMT.
137/// More information on miter circuits can be found, e.g., in this paper:
138/// Brand, D., 1993, November. Verification of large synthesized designs. In
139/// Proceedings of 1993 International Conference on Computer Aided Design
140/// (ICCAD) (pp. 534-537). IEEE.
141struct LogicEquivalenceCheckingOpConversion
142 : CircuitRelationCheckOpConversion<verif::LogicEquivalenceCheckingOp> {
143 using CircuitRelationCheckOpConversion<
144 verif::LogicEquivalenceCheckingOp>::CircuitRelationCheckOpConversion;
145
146 LogicalResult
147 matchAndRewrite(verif::LogicEquivalenceCheckingOp op, OpAdaptor adaptor,
148 ConversionPatternRewriter &rewriter) const override {
149 Location loc = op.getLoc();
150 auto *firstOutputs = adaptor.getFirstCircuit().front().getTerminator();
151 auto *secondOutputs = adaptor.getSecondCircuit().front().getTerminator();
152
153 auto hasNoResult = op.getNumResults() == 0;
154
155 if (firstOutputs->getNumOperands() == 0) {
156 // Trivially equivalent
157 if (hasNoResult) {
158 rewriter.eraseOp(op);
159 } else {
160 Value trueVal = arith::ConstantOp::create(rewriter, loc,
161 rewriter.getBoolAttr(true));
162 rewriter.replaceOp(op, trueVal);
163 }
164 return success();
165 }
166
167 // Solver will only return a result when it is used to check the returned
168 // value.
169 smt::SolverOp solver;
170 if (hasNoResult)
171 solver = smt::SolverOp::create(rewriter, loc, TypeRange{}, ValueRange{});
172 else
173 solver = smt::SolverOp::create(rewriter, loc, rewriter.getI1Type(),
174 ValueRange{});
175 rewriter.createBlock(&solver.getBodyRegion());
176
177 // First, convert the block arguments of the miter bodies.
178 if (failed(rewriter.convertRegionTypes(&adaptor.getFirstCircuit(),
179 *typeConverter)))
180 return failure();
181 if (failed(rewriter.convertRegionTypes(&adaptor.getSecondCircuit(),
182 *typeConverter)))
183 return failure();
184
185 // Second, create the symbolic values we replace the block arguments with
186 SmallVector<Value> inputs;
187 for (auto arg : adaptor.getFirstCircuit().getArguments())
188 inputs.push_back(smt::DeclareFunOp::create(rewriter, loc, arg.getType()));
189
190 // Third, inline the blocks
191 // Note: the argument value replacement does not happen immediately, but
192 // only after all the operations are already legalized.
193 // Also, it has to be ensured that the original argument type and the type
194 // of the value with which is is to be replaced match. The value is looked
195 // up (transitively) in the replacement map at the time the replacement
196 // pattern is committed.
197 rewriter.mergeBlocks(&adaptor.getFirstCircuit().front(), solver.getBody(),
198 inputs);
199 rewriter.mergeBlocks(&adaptor.getSecondCircuit().front(), solver.getBody(),
200 inputs);
201 rewriter.setInsertionPointToEnd(solver.getBody());
202
203 // Fourth, build the assertion.
204 SmallVector<Value> outputsDifferent;
205 createOutputsDifferentOps(firstOutputs, secondOutputs, loc, rewriter,
206 outputsDifferent);
207
208 rewriter.eraseOp(firstOutputs);
209 rewriter.eraseOp(secondOutputs);
210
211 Value toAssert;
212 if (outputsDifferent.size() == 1)
213 toAssert = outputsDifferent[0];
214 else
215 toAssert = smt::OrOp::create(rewriter, loc, outputsDifferent);
216
217 smt::AssertOp::create(rewriter, loc, toAssert);
218
219 // Fifth, check for satisfiablility and report the result back.
220 replaceOpWithSatCheck(op, loc, rewriter, solver);
221 return success();
222 }
223};
224
225struct RefinementCheckingOpConversion
226 : CircuitRelationCheckOpConversion<verif::RefinementCheckingOp> {
227 using CircuitRelationCheckOpConversion<
228 verif::RefinementCheckingOp>::CircuitRelationCheckOpConversion;
229
230 LogicalResult
231 matchAndRewrite(verif::RefinementCheckingOp op, OpAdaptor adaptor,
232 ConversionPatternRewriter &rewriter) const override {
233
234 // Find non-deterministic values (free variables) in the source circuit.
235 // For now, only support quantification over 'primitive' types.
236 SmallVector<Value> srcNonDetValues;
237 bool canBind = true;
238 for (auto ndOp : op.getFirstCircuit().getOps<smt::DeclareFunOp>()) {
239 if (!isa<smt::IntType, smt::BoolType, smt::BitVectorType>(
240 ndOp.getType())) {
241 ndOp.emitError("Uninterpreted function of non-primitive type cannot be "
242 "converted.");
243 canBind = false;
244 }
245 srcNonDetValues.push_back(ndOp.getResult());
246 }
247 if (!canBind)
248 return failure();
249
250 if (srcNonDetValues.empty()) {
251 // If there is no non-determinism in the source circuit, the
252 // refinement check becomes an equivalence check, which does not
253 // need quantified expressions.
254 auto eqOp = verif::LogicEquivalenceCheckingOp::create(
255 rewriter, op.getLoc(), op.getNumResults() != 0);
256 rewriter.moveBlockBefore(&op.getFirstCircuit().front(),
257 &eqOp.getFirstCircuit(),
258 eqOp.getFirstCircuit().end());
259 rewriter.moveBlockBefore(&op.getSecondCircuit().front(),
260 &eqOp.getSecondCircuit(),
261 eqOp.getSecondCircuit().end());
262 rewriter.replaceOp(op, eqOp);
263 return success();
264 }
265
266 Location loc = op.getLoc();
267 auto *firstOutputs = adaptor.getFirstCircuit().front().getTerminator();
268 auto *secondOutputs = adaptor.getSecondCircuit().front().getTerminator();
269
270 auto hasNoResult = op.getNumResults() == 0;
271
272 if (firstOutputs->getNumOperands() == 0) {
273 // Trivially equivalent
274 if (hasNoResult) {
275 rewriter.eraseOp(op);
276 } else {
277 Value trueVal = arith::ConstantOp::create(rewriter, loc,
278 rewriter.getBoolAttr(true));
279 rewriter.replaceOp(op, trueVal);
280 }
281 return success();
282 }
283
284 // Solver will only return a result when it is used to check the returned
285 // value.
286 smt::SolverOp solver;
287 if (hasNoResult)
288 solver = smt::SolverOp::create(rewriter, loc, TypeRange{}, ValueRange{});
289 else
290 solver = smt::SolverOp::create(rewriter, loc, rewriter.getI1Type(),
291 ValueRange{});
292 rewriter.createBlock(&solver.getBodyRegion());
293
294 // Convert the block arguments of the miter bodies.
295 if (failed(rewriter.convertRegionTypes(&adaptor.getFirstCircuit(),
296 *typeConverter)))
297 return failure();
298 if (failed(rewriter.convertRegionTypes(&adaptor.getSecondCircuit(),
299 *typeConverter)))
300 return failure();
301
302 // Create the symbolic values we replace the block arguments with
303 SmallVector<Value> inputs;
304 for (auto arg : adaptor.getFirstCircuit().getArguments())
305 inputs.push_back(smt::DeclareFunOp::create(rewriter, loc, arg.getType()));
306
307 // Inline the target circuit. Free variables remain free variables.
308 rewriter.mergeBlocks(&adaptor.getSecondCircuit().front(), solver.getBody(),
309 inputs);
310 rewriter.setInsertionPointToEnd(solver.getBody());
311
312 // Create the universally quantified expression containing the source
313 // circuit. Free variables in the circuit's body become bound variables.
314 auto forallOp = smt::ForallOp::create(
315 rewriter, op.getLoc(), TypeRange(srcNonDetValues),
316 [&](OpBuilder &builder, auto, ValueRange args) -> Value {
317 // Inline the source circuit
318 Block *body = builder.getBlock();
319 rewriter.mergeBlocks(&adaptor.getFirstCircuit().front(), body,
320 inputs);
321
322 // Replace non-deterministic values with the quantifier's bound
323 // variables
324 for (auto [freeVar, boundVar] : llvm::zip(srcNonDetValues, args))
325 rewriter.replaceOp(freeVar.getDefiningOp(), boundVar);
326
327 // Compare the output values
328 rewriter.setInsertionPointToEnd(body);
329 SmallVector<Value> outputsDifferent;
330 createOutputsDifferentOps(firstOutputs, secondOutputs, loc, rewriter,
331 outputsDifferent);
332 if (outputsDifferent.size() == 1)
333 return outputsDifferent[0];
334 else
335 return rewriter.createOrFold<smt::OrOp>(loc, outputsDifferent);
336 });
337
338 rewriter.eraseOp(firstOutputs);
339 rewriter.eraseOp(secondOutputs);
340
341 // Assert the quantified expression
342 rewriter.setInsertionPointAfter(forallOp);
343 smt::AssertOp::create(rewriter, op.getLoc(), forallOp.getResult());
344
345 // Check for satisfiability and report the result back.
346 replaceOpWithSatCheck(op, loc, rewriter, solver);
347 return success();
348 }
349};
350
351/// Lower a verif::BMCOp operation to an MLIR program that performs the bounded
352/// model check
353struct VerifBoundedModelCheckingOpConversion
354 : OpConversionPattern<verif::BoundedModelCheckingOp> {
355 using OpConversionPattern<verif::BoundedModelCheckingOp>::OpConversionPattern;
356
357 VerifBoundedModelCheckingOpConversion(
358 TypeConverter &converter, MLIRContext *context, Namespace &names,
359 bool risingClocksOnly, SmallVectorImpl<Operation *> &propertylessBMCOps)
360 : OpConversionPattern(converter, context), names(names),
361 risingClocksOnly(risingClocksOnly),
362 propertylessBMCOps(propertylessBMCOps) {}
363 LogicalResult
364 matchAndRewrite(verif::BoundedModelCheckingOp op, OpAdaptor adaptor,
365 ConversionPatternRewriter &rewriter) const override {
366 Location loc = op.getLoc();
367
368 if (std::find(propertylessBMCOps.begin(), propertylessBMCOps.end(), op) !=
369 propertylessBMCOps.end()) {
370 // No properties to check, so we don't bother solving, we just return true
371 // (without this we would incorrectly find violations, since the solver
372 // will always return SAT)
373 Value trueVal =
374 arith::ConstantOp::create(rewriter, loc, rewriter.getBoolAttr(true));
375 rewriter.replaceOp(op, trueVal);
376 return success();
377 }
378
379 SmallVector<Type> oldLoopInputTy(op.getLoop().getArgumentTypes());
380 SmallVector<Type> oldCircuitInputTy(op.getCircuit().getArgumentTypes());
381 // TODO: the init and loop regions should be able to be concrete instead of
382 // symbolic which is probably preferable - just need to convert back and
383 // forth
384 SmallVector<Type> loopInputTy, circuitInputTy, initOutputTy,
385 circuitOutputTy;
386 if (failed(typeConverter->convertTypes(oldLoopInputTy, loopInputTy)))
387 return failure();
388 if (failed(typeConverter->convertTypes(oldCircuitInputTy, circuitInputTy)))
389 return failure();
390 if (failed(typeConverter->convertTypes(
391 op.getInit().front().back().getOperandTypes(), initOutputTy)))
392 return failure();
393 if (failed(typeConverter->convertTypes(
394 op.getCircuit().front().back().getOperandTypes(), circuitOutputTy)))
395 return failure();
396 if (failed(rewriter.convertRegionTypes(&op.getInit(), *typeConverter)))
397 return failure();
398 if (failed(rewriter.convertRegionTypes(&op.getLoop(), *typeConverter)))
399 return failure();
400 if (failed(rewriter.convertRegionTypes(&op.getCircuit(), *typeConverter)))
401 return failure();
402
403 unsigned numRegs = op.getNumRegs();
404 auto initialValues = op.getInitialValues();
405
406 auto initFuncTy = rewriter.getFunctionType({}, initOutputTy);
407 // Loop and init output types are necessarily the same, so just use init
408 // output types
409 auto loopFuncTy = rewriter.getFunctionType(loopInputTy, initOutputTy);
410 auto circuitFuncTy =
411 rewriter.getFunctionType(circuitInputTy, circuitOutputTy);
412
413 func::FuncOp initFuncOp, loopFuncOp, circuitFuncOp;
414
415 {
416 OpBuilder::InsertionGuard guard(rewriter);
417 rewriter.setInsertionPointToEnd(
418 op->getParentOfType<ModuleOp>().getBody());
419 initFuncOp = func::FuncOp::create(rewriter, loc,
420 names.newName("bmc_init"), initFuncTy);
421 rewriter.inlineRegionBefore(op.getInit(), initFuncOp.getFunctionBody(),
422 initFuncOp.end());
423 loopFuncOp = func::FuncOp::create(rewriter, loc,
424 names.newName("bmc_loop"), loopFuncTy);
425 rewriter.inlineRegionBefore(op.getLoop(), loopFuncOp.getFunctionBody(),
426 loopFuncOp.end());
427 circuitFuncOp = func::FuncOp::create(
428 rewriter, loc, names.newName("bmc_circuit"), circuitFuncTy);
429 rewriter.inlineRegionBefore(op.getCircuit(),
430 circuitFuncOp.getFunctionBody(),
431 circuitFuncOp.end());
432 auto funcOps = {&initFuncOp, &loopFuncOp, &circuitFuncOp};
433 // initOutputTy is the same as loop output types
434 auto outputTys = {initOutputTy, initOutputTy, circuitOutputTy};
435 for (auto [funcOp, outputTy] : llvm::zip(funcOps, outputTys)) {
436 auto operands = funcOp->getBody().front().back().getOperands();
437 rewriter.eraseOp(&funcOp->getFunctionBody().front().back());
438 rewriter.setInsertionPointToEnd(&funcOp->getBody().front());
439 SmallVector<Value> toReturn;
440 for (unsigned i = 0; i < outputTy.size(); ++i)
441 toReturn.push_back(typeConverter->materializeTargetConversion(
442 rewriter, loc, outputTy[i], operands[i]));
443 func::ReturnOp::create(rewriter, loc, toReturn);
444 }
445 }
446
447 auto solver = smt::SolverOp::create(rewriter, loc, rewriter.getI1Type(),
448 ValueRange{});
449 rewriter.createBlock(&solver.getBodyRegion());
450
451 // Call init func to get initial clock values
452 ValueRange initVals =
453 func::CallOp::create(rewriter, loc, initFuncOp)->getResults();
454
455 // Initial push
456 smt::PushOp::create(rewriter, loc, 1);
457
458 // InputDecls order should be <circuit arguments> <state arguments>
459 // <wasViolated>
460 // Get list of clock indexes in circuit args
461 size_t initIndex = 0;
462 SmallVector<Value> inputDecls;
463 SmallVector<int> clockIndexes;
464 for (auto [curIndex, oldTy, newTy] :
465 llvm::enumerate(oldCircuitInputTy, circuitInputTy)) {
466 if (isa<seq::ClockType>(oldTy)) {
467 inputDecls.push_back(initVals[initIndex++]);
468 clockIndexes.push_back(curIndex);
469 continue;
470 }
471 if (curIndex >= oldCircuitInputTy.size() - numRegs) {
472 auto initVal =
473 initialValues[curIndex - oldCircuitInputTy.size() + numRegs];
474 if (auto initIntAttr = dyn_cast<IntegerAttr>(initVal)) {
475 const auto &cstInt = initIntAttr.getValue();
476 assert(cstInt.getBitWidth() ==
477 cast<smt::BitVectorType>(newTy).getWidth() &&
478 "Width mismatch between initial value and target type");
479 inputDecls.push_back(
480 smt::BVConstantOp::create(rewriter, loc, cstInt));
481 continue;
482 }
483 }
484 inputDecls.push_back(smt::DeclareFunOp::create(rewriter, loc, newTy));
485 }
486
487 auto numStateArgs = initVals.size() - initIndex;
488 // Add the rest of the init vals (state args)
489 for (; initIndex < initVals.size(); ++initIndex)
490 inputDecls.push_back(initVals[initIndex]);
491
492 Value lowerBound =
493 arith::ConstantOp::create(rewriter, loc, rewriter.getI32IntegerAttr(0));
494 Value step =
495 arith::ConstantOp::create(rewriter, loc, rewriter.getI32IntegerAttr(1));
496 Value upperBound =
497 arith::ConstantOp::create(rewriter, loc, adaptor.getBoundAttr());
498 Value constFalse =
499 arith::ConstantOp::create(rewriter, loc, rewriter.getBoolAttr(false));
500 Value constTrue =
501 arith::ConstantOp::create(rewriter, loc, rewriter.getBoolAttr(true));
502 inputDecls.push_back(constFalse); // wasViolated?
503
504 // TODO: swapping to a whileOp here would allow early exit once the property
505 // is violated
506 // Perform model check up to the provided bound
507 auto forOp = scf::ForOp::create(
508 rewriter, loc, lowerBound, upperBound, step, inputDecls,
509 [&](OpBuilder &builder, Location loc, Value i, ValueRange iterArgs) {
510 // Drop existing assertions
511 smt::PopOp::create(builder, loc, 1);
512 smt::PushOp::create(builder, loc, 1);
513
514 // Execute the circuit
515 ValueRange circuitCallOuts =
516 func::CallOp::create(
517 builder, loc, circuitFuncOp,
518 iterArgs.take_front(circuitFuncOp.getNumArguments()))
519 ->getResults();
520
521 // If we have a cycle up to which we ignore assertions, we need an
522 // IfOp to track this
523 // First, save the insertion point so we can safely enter the IfOp
524
525 auto insideForPoint = builder.saveInsertionPoint();
526 // We need to still have the yielded result of the op in scope after
527 // we've built the check
528 Value yieldedValue;
529 auto ignoreAssertionsUntil =
530 op->getAttrOfType<IntegerAttr>("ignore_asserts_until");
531 if (ignoreAssertionsUntil) {
532 auto ignoreUntilConstant = arith::ConstantOp::create(
533 builder, loc,
534 rewriter.getI32IntegerAttr(
535 ignoreAssertionsUntil.getValue().getZExtValue()));
536 auto shouldIgnore =
537 arith::CmpIOp::create(builder, loc, arith::CmpIPredicate::ult,
538 i, ignoreUntilConstant);
539 auto ifShouldIgnore = scf::IfOp::create(
540 builder, loc, builder.getI1Type(), shouldIgnore, true);
541 // If we should ignore, yield the existing value
542 builder.setInsertionPointToEnd(
543 &ifShouldIgnore.getThenRegion().front());
544 scf::YieldOp::create(builder, loc, ValueRange(iterArgs.back()));
545 builder.setInsertionPointToEnd(
546 &ifShouldIgnore.getElseRegion().front());
547 yieldedValue = ifShouldIgnore.getResult(0);
548 }
549
550 auto checkOp =
551 smt::CheckOp::create(rewriter, loc, builder.getI1Type());
552 {
553 OpBuilder::InsertionGuard guard(builder);
554 builder.createBlock(&checkOp.getSatRegion());
555 smt::YieldOp::create(builder, loc, constTrue);
556 builder.createBlock(&checkOp.getUnknownRegion());
557 smt::YieldOp::create(builder, loc, constTrue);
558 builder.createBlock(&checkOp.getUnsatRegion());
559 smt::YieldOp::create(builder, loc, constFalse);
560 }
561
562 Value violated = arith::OrIOp::create(
563 builder, loc, checkOp.getResult(0), iterArgs.back());
564
565 // If we've packaged everything in an IfOp, we need to yield the
566 // new violated value
567 if (ignoreAssertionsUntil) {
568 scf::YieldOp::create(builder, loc, violated);
569 // Replace the variable with the yielded value
570 violated = yieldedValue;
571 }
572
573 // If we created an IfOp, make sure we start inserting after it again
574 builder.restoreInsertionPoint(insideForPoint);
575
576 // Call loop func to update clock & state arg values
577 SmallVector<Value> loopCallInputs;
578 // Fetch clock values to feed to loop
579 for (auto index : clockIndexes)
580 loopCallInputs.push_back(iterArgs[index]);
581 // Fetch state args to feed to loop
582 for (auto stateArg : iterArgs.drop_back().take_back(numStateArgs))
583 loopCallInputs.push_back(stateArg);
584 ValueRange loopVals =
585 func::CallOp::create(builder, loc, loopFuncOp, loopCallInputs)
586 ->getResults();
587
588 size_t loopIndex = 0;
589 // Collect decls to yield at end of iteration
590 SmallVector<Value> newDecls;
591 for (auto [oldTy, newTy] :
592 llvm::zip(TypeRange(oldCircuitInputTy).drop_back(numRegs),
593 TypeRange(circuitInputTy).drop_back(numRegs))) {
594 if (isa<seq::ClockType>(oldTy))
595 newDecls.push_back(loopVals[loopIndex++]);
596 else
597 newDecls.push_back(
598 smt::DeclareFunOp::create(builder, loc, newTy));
599 }
600
601 // Only update the registers on a clock posedge unless in rising
602 // clocks only mode
603 // TODO: this will also need changing with multiple clocks - currently
604 // it only accounts for the one clock case.
605 if (clockIndexes.size() == 1) {
606 SmallVector<Value> regInputs = circuitCallOuts.take_back(numRegs);
607 if (risingClocksOnly) {
608 // In rising clocks only mode we don't need to worry about whether
609 // there was a posedge
610 newDecls.append(regInputs);
611 } else {
612 auto clockIndex = clockIndexes[0];
613 auto oldClock = iterArgs[clockIndex];
614 // The clock is necessarily the first value returned by the loop
615 // region
616 auto newClock = loopVals[0];
617 auto oldClockLow = smt::BVNotOp::create(builder, loc, oldClock);
618 auto isPosedgeBV =
619 smt::BVAndOp::create(builder, loc, oldClockLow, newClock);
620 // Convert posedge bv<1> to bool
621 auto trueBV = smt::BVConstantOp::create(builder, loc, 1, 1);
622 auto isPosedge =
623 smt::EqOp::create(builder, loc, isPosedgeBV, trueBV);
624 auto regStates =
625 iterArgs.take_front(circuitFuncOp.getNumArguments())
626 .take_back(numRegs);
627 SmallVector<Value> nextRegStates;
628 for (auto [regState, regInput] :
629 llvm::zip(regStates, regInputs)) {
630 // Create an ITE to calculate the next reg state
631 // TODO: we create a lot of ITEs here that will slow things down
632 // - these could be avoided by making init/loop regions concrete
633 nextRegStates.push_back(smt::IteOp::create(
634 builder, loc, isPosedge, regInput, regState));
635 }
636 newDecls.append(nextRegStates);
637 }
638 }
639
640 // Add the rest of the loop state args
641 for (; loopIndex < loopVals.size(); ++loopIndex)
642 newDecls.push_back(loopVals[loopIndex]);
643
644 newDecls.push_back(violated);
645
646 scf::YieldOp::create(builder, loc, newDecls);
647 });
648
649 Value res = arith::XOrIOp::create(rewriter, loc, forOp->getResults().back(),
650 constTrue);
651 smt::YieldOp::create(rewriter, loc, res);
652 rewriter.replaceOp(op, solver.getResults());
653 return success();
654 }
655
656 Namespace &names;
657 bool risingClocksOnly;
658 SmallVectorImpl<Operation *> &propertylessBMCOps;
659};
660
661} // namespace
662
663//===----------------------------------------------------------------------===//
664// Convert Verif to SMT pass
665//===----------------------------------------------------------------------===//
666
667namespace {
668struct ConvertVerifToSMTPass
669 : public circt::impl::ConvertVerifToSMTBase<ConvertVerifToSMTPass> {
670 using Base::Base;
671 void runOnOperation() override;
672};
673} // namespace
674
675void circt::populateVerifToSMTConversionPatterns(
676 TypeConverter &converter, RewritePatternSet &patterns, Namespace &names,
677 bool risingClocksOnly, SmallVectorImpl<Operation *> &propertylessBMCOps) {
678 patterns.add<VerifAssertOpConversion, VerifAssumeOpConversion,
679 LogicEquivalenceCheckingOpConversion,
680 RefinementCheckingOpConversion>(converter,
681 patterns.getContext());
682 patterns.add<VerifBoundedModelCheckingOpConversion>(
683 converter, patterns.getContext(), names, risingClocksOnly,
684 propertylessBMCOps);
685}
686
687void ConvertVerifToSMTPass::runOnOperation() {
688 ConversionTarget target(getContext());
689 target.addIllegalDialect<verif::VerifDialect>();
690 target.addLegalDialect<smt::SMTDialect, arith::ArithDialect, scf::SCFDialect,
691 func::FuncDialect>();
692 target.addLegalOp<UnrealizedConversionCastOp>();
693
694 // Check BMC ops contain only one assertion (done outside pattern to avoid
695 // issues with whether assertions are/aren't lowered yet)
696 SymbolTable symbolTable(getOperation());
697 SmallVector<Operation *> propertylessBMCOps;
698 WalkResult assertionCheck = getOperation().walk(
699 [&](Operation *op) { // Check there is exactly one assertion and clock
700 if (auto bmcOp = dyn_cast<verif::BoundedModelCheckingOp>(op)) {
701 // We also currently don't support initial values on registers that
702 // don't have integer inputs.
703 auto regTypes = TypeRange(bmcOp.getCircuit().getArgumentTypes())
704 .take_back(bmcOp.getNumRegs());
705 for (auto [regType, initVal] :
706 llvm::zip(regTypes, bmcOp.getInitialValues())) {
707 if (!isa<UnitAttr>(initVal)) {
708 if (!isa<IntegerType>(regType)) {
709 op->emitError("initial values are currently only supported for "
710 "registers with integer types");
711 return WalkResult::interrupt();
712 }
713 auto tyAttr = dyn_cast<TypedAttr>(initVal);
714 if (!tyAttr || tyAttr.getType() != regType) {
715 op->emitError("type of initial value does not match type of "
716 "initialized register");
717 return WalkResult::interrupt();
718 }
719 }
720 }
721 // Check only one clock is present in the circuit inputs
722 auto numClockArgs = 0;
723 for (auto argType : bmcOp.getCircuit().getArgumentTypes())
724 if (isa<seq::ClockType>(argType))
725 numClockArgs++;
726 // TODO: this can be removed once we have a way to associate reg
727 // ins/outs with clocks
728 if (numClockArgs > 1) {
729 op->emitError(
730 "only modules with one or zero clocks are currently supported");
731 return WalkResult::interrupt();
732 }
733 SmallVector<mlir::Operation *> worklist;
734 int numAssertions = 0;
735 op->walk([&](Operation *curOp) {
736 if (isa<verif::AssertOp>(curOp))
737 numAssertions++;
738 if (auto inst = dyn_cast<InstanceOp>(curOp))
739 worklist.push_back(symbolTable.lookup(inst.getModuleName()));
740 if (auto func = dyn_cast<func::CallOp>(curOp))
741 worklist.push_back(symbolTable.lookup(func.getCallee()));
742 });
743 // TODO: probably negligible compared to actual model checking time
744 // but cacheing the assertion count of modules would speed this up
745 while (!worklist.empty()) {
746 auto *module = worklist.pop_back_val();
747 module->walk([&](Operation *curOp) {
748 if (isa<verif::AssertOp>(curOp))
749 numAssertions++;
750 if (auto inst = dyn_cast<InstanceOp>(curOp))
751 worklist.push_back(symbolTable.lookup(inst.getModuleName()));
752 if (auto func = dyn_cast<func::CallOp>(curOp))
753 worklist.push_back(symbolTable.lookup(func.getCallee()));
754 });
755 if (numAssertions > 1)
756 break;
757 }
758 if (numAssertions == 0) {
759 op->emitWarning("no property provided to check in module - will "
760 "trivially find no violations.");
761 propertylessBMCOps.push_back(bmcOp);
762 }
763 if (numAssertions > 1) {
764 op->emitError(
765 "bounded model checking problems with multiple assertions are "
766 "not yet "
767 "correctly handled - instead, you can assert the "
768 "conjunction of your assertions");
769 return WalkResult::interrupt();
770 }
771 }
772 return WalkResult::advance();
773 });
774 if (assertionCheck.wasInterrupted())
775 return signalPassFailure();
776 RewritePatternSet patterns(&getContext());
777 TypeConverter converter;
778 populateHWToSMTTypeConverter(converter);
779
780 SymbolCache symCache;
781 symCache.addDefinitions(getOperation());
782 Namespace names;
783 names.add(symCache);
784
785 populateVerifToSMTConversionPatterns(converter, patterns, names,
786 risingClocksOnly, propertylessBMCOps);
787
788 if (failed(mlir::applyPartialConversion(getOperation(), target,
789 std::move(patterns))))
790 return signalPassFailure();
791}
assert
assert(baseType &&"element must be base type")
context
static std::unique_ptr< Context > context
Definition DpiEntryPoints.cpp:37
checkOp
static LogicalResult checkOp(Operation *op)
Definition InferDomains.cpp:1438
circt::Namespace
A namespace that is used to store existing names and generate new names in some scope within the IR.
Definition Namespace.h:30
circt::Namespace::add
void add(mlir::ModuleOp module)
Definition Namespace.h:48
circt::SymbolCacheBase::addDefinitions
void addDefinitions(mlir::Operation *top)
Populate the symbol cache with all symbol-defining operations within the 'top' operation.
Definition SymCache.cpp:23
circt::SymbolCache
Default symbol cache implementation; stores associations between names (StringAttr's) to mlir::Operat...
Definition SymCache.h:85
circt
The InstanceGraph op interface, see InstanceGraphInterface.td for more details.
Definition DebugAnalysis.h:21
circt::populateVerifToSMTConversionPatterns
void populateVerifToSMTConversionPatterns(TypeConverter &converter, RewritePatternSet &patterns, Namespace &names, bool risingClocksOnly, SmallVectorImpl< Operation * > &propertylessBMCOps)
Get the Verif to SMT conversion patterns.
Definition VerifToSMT.cpp:675
circt::populateHWToSMTTypeConverter
void populateHWToSMTTypeConverter(TypeConverter &converter)
Get the HW to SMT type conversions.
Definition HWToSMT.cpp:265
hw
Definition hw.py:1
seq
Definition seq.py:1
Generated on Fri Jan 30 2026 00:11:03 for CIRCT by doxygen 1.9.8