Verification of Parameterised FPGA Circuit Descriptions with Layout ...

24.04.2013 Views
CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 90 Overall our tacticals prove good at proving intersection theorems and are mostly effective at proving validity and containment theorems. 4.6.2 Improved Proof Scripts Following our experiments with tactical-based proofs of the Prelude library, we attempt the same proofs using Isabelle’s standard auto proof method. This method interleaves invocations of the simplifier and classical reasoner and can be supplied with sets of simplification rules and theorems to use. All our decompositional theorems are proved in the style of introduction rules and are supplied to auto as such. This method proves effective for validity and containment theorems however its results on intersection theorems are far from impressive. Isabelle’s automatic tools consistently select the wrong parts of the disjunctions to attempt to prove and leave proof states that are not just unproven but actually unprovable. We therefore design a new set of rules for generating proof scripts that combines the best of these methods. auto-based proofs are generated for validity and containment theorems while custom tacticals are generated for intersection theorems. The intersection tacticals include an invocation to auto as a last resort when the other options in the tactical fail to prove the goal, thus handling the rare circumstances when the classical reasoner can prove a goal but our custom tactical can not. Returning to our map example, the complete height function validity theorem and proof is generated as: theorem height ge0 int: "Î(n::int) (R::((’t395⇒ ’t396⇒ bool,’t395⇒ ’t396⇒ int)block)) (i::(’ t395)vector) (o ::(’t396)vector). ∀ (qs691 ::’ t395) (qs692 ::’ t396). 0 ≤ (Height (qs691 ;;; R ;;; qs692)) =⇒ 0 ≤ (height (n, R) i o )" apply (auto intro: sum ge0 maxf ge0 sum ge0 frange maxf ge0 frange z aleq bc simp add: done Let def max def) The containment theorem is similarly proved using an appropriately parameterised auto. The

CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 91 compiler procedure that generates these scripts also supplies the height ge0 and width ge0 theorems for all blocks used in the description as introduction rules (none in this case, since map only instantiates the supplied R block). This allows validity proofs to build upon one another. The intersection theorem for map (page 87) is proved by the generated tactical: apply (simp, rule impI, simp)? apply (( done (rule allI )+, (case tac "0 ≤ n"), rule impdisj 12of4, (rule loop sum overlap|rule loop sum overlap’), (simp add: overlap0’’)+) | ((rule allI )+, (case tac "0 ≤ n"), rule impdisj 34of4, rule loop sum overlap2, (simp add: overlap0’’)+) | auto intro: sum ge0 maxf ge0 sum nsub1 plusf maxf encloses) The loop sum overlap theorems are proved in the Structures theory. This theory contains theorems that match common layout structures, such as the layout of components in a loop. loop sum overlap is given as: Î(n::int) (j :: int) (j ’:: int). m ≤ n ;Îy. 0 ≤ f y =⇒ ((m ≤ j) ∧ (j ≤ (n − 1)) ∧ (m ≤ j’) ∧ (j’ ≤ (n − 1)) ∧ (j’ = j)) −→ ((sum (m, j − 1, f) + f j) ≤ sum (m, j’ − 1, f) | (sum (m, j’ − 1, f) + f j ’) ≤ sum (m, j − 1, f)) Its proof involves a number of steps and is given in Appendix B.8. The other loop sum overlap theorems are similar. Table 4.1 gives statistics on the proofs for some of the blocks in the Prelude library and details for all of those where proofs required manual intervention. Overall of nearly 40 blocks in the Prelude library, only 5 required manual intervention in their proofs. Using the auto method

Page 1 and 2: Imperial College of Science, Techno

Page 3 and 4: Acknowledgements Firstly, I’d lik

Page 5 and 6: TABLE OF CONTENTS iv 2.5 Isabelle:

Page 7 and 8: TABLE OF CONTENTS vi 5.3.1 Speciali

Page 9 and 10: TABLE OF CONTENTS viii C.1.1 fst .

Page 11 and 12: Chapter 1 Introduction This thesis

Page 13 and 14: CHAPTER 1. INTRODUCTION 3 B A C Fig

Page 15 and 16: CHAPTER 1. INTRODUCTION 5 pler, all

Page 17 and 18: CHAPTER 2. BACKGROUND AND RELATED W














Page 45 and 46: CHAPTER 3. GENERATING PARAMETERISED















Page 75 and 76: Chapter 4 Verifying Circuit Layouts

Page 77 and 78: CHAPTER 4. VERIFYING CIRCUIT LAYOUT











Page 99: CHAPTER 4. VERIFYING CIRCUIT LAYOUT








Page 117 and 118: Chapter 5 Specialisation In this ch

Page 119 and 120: CHAPTER 5. SPECIALISATION 109 opera

Page 121 and 122: CHAPTER 5. SPECIALISATION 111 // Ha

Page 123 and 124: CHAPTER 5. SPECIALISATION 113 circu

Page 125 and 126: CHAPTER 5. SPECIALISATION 115 const

Page 127 and 128: CHAPTER 5. SPECIALISATION 117 block

Page 129 and 130: CHAPTER 5. SPECIALISATION 119 Modif

Page 131 and 132: CHAPTER 5. SPECIALISATION 121 Buffe

Page 133 and 134: CHAPTER 5. SPECIALISATION 123 a fas

Page 135 and 136: CHAPTER 5. SPECIALISATION 125 block

Page 137 and 138: CHAPTER 5. SPECIALISATION 127 y y y

Page 139 and 140: CHAPTER 5. SPECIALISATION 129 with

Page 141 and 142: CHAPTER 6. LAYOUT CASE STUDIES 131

















Page 175 and 176: CHAPTER 7. CONCLUSION AND FUTURE WO





Page 185 and 186: Bibliography [1] A. Aggoun and N. B

Page 187 and 188: BIBLIOGRAPHY 177 [19] H. Gelernter.

Page 189 and 190: BIBLIOGRAPHY 179 [41] Y. Li and M.

Page 191 and 192: BIBLIOGRAPHY 181 [60] L. C. Paulson

Page 193 and 194: BIBLIOGRAPHY 183 [83] J. Voeten. On

Page 195 and 196: APPENDIX A. QUARTZ LANGUAGE GRAMMAR

Page 197 and 198: Appendix B Theoretical Basis for La

Page 199 and 200: APPENDIX B. THEORETICAL BASIS FOR L









Page 217 and 218: Appendix C Placed Combinator Librar

Page 219 and 220: APPENDIX C. PLACED COMBINATOR LIBRA






























Page 279 and 280: APPENDIX D. CIRCUIT LAYOUT CASE STU
























Page 327: APPENDIX D. CIRCUIT LAYOUT CASE STU

theorem

layout

bits

height

quartz

width

circuit

combinator

theorems

appendix

verification

parameterised

fpga

descriptions

www.doc.ic.ac.uk

Verification of Parameterised FPGA Circuit Descriptions with Layout ...

Verification of Parameterised FPGA Circuit Descriptions with Layout ... ... View more Verification of Parameterised FPGA Circuit Descriptions with Layout ...

Delete template?

Save as template ?

Verification of Parameterised FPGA Circuit Descriptions with Layout ... Verification of Parameterised FPGA Circuit Descriptions with Layout ...