diff options
author | Liana Hadarean <lianahady@gmail.com> | 2016-01-26 16:04:26 -0800 |
---|---|---|
committer | Liana Hadarean <lianahady@gmail.com> | 2016-01-26 16:04:26 -0800 |
commit | 42b665f2a00643c81b42932fab1441987628c5a5 (patch) | |
tree | aa851e1fc4828f5a4d94ce0c11fa6d2d1199636f /proofs/signatures/th_bv.plf | |
parent | 7006d5ba2f68c01638a2ab2c98a86b41dcf4467c (diff) |
Merged bit-vector and uf proof branch.
Diffstat (limited to 'proofs/signatures/th_bv.plf')
-rw-r--r--[-rwxr-xr-x] | proofs/signatures/th_bv.plf | 287 |
1 files changed, 158 insertions, 129 deletions
diff --git a/proofs/signatures/th_bv.plf b/proofs/signatures/th_bv.plf index 0fb50f8cf..c93541085 100755..100644 --- a/proofs/signatures/th_bv.plf +++ b/proofs/signatures/th_bv.plf @@ -1,145 +1,174 @@ +;;;; TEMPORARY: + +(declare trust-bad (th_holds false)) + +; helper stuff +(program mpz_sub ((x mpz) (y mpz)) mpz + (mp_add x (mp_mul (~1) y))) + +(program mp_ispos ((x mpz)) formula + (mp_ifneg x false true)) + +(program mpz_eq ((x mpz) (y mpz)) formula + (mp_ifzero (mpz_sub x y) true false)) + +(program mpz_lt ((x mpz) (y mpz)) formula + (mp_ifneg (mpz_sub x y) true false)) + +(program mpz_lte ((x mpz) (y mpz)) formula + (mp_ifneg (mpz_sub x y) true (mpz_eq x y))) + +(program mpz_ ((x mpz) (y mpz)) formula + (mp_ifzero (mpz_sub x y) true false)) + + ; "bitvec" is a term of type "sort" -(declare BitVec sort) +; (declare BitVec sort) +(declare BitVec (!n mpz sort)) ; bit type (declare bit type) (declare b0 bit) (declare b1 bit) -; bit vector type +; bit vector type used for constants (declare bv type) (declare bvn bv) (declare bvc (! b bit (! v bv bv))) -; a bv constant term -(declare a_bv (! v bv (term BitVec))) ; calculate the length of a bitvector -(program bv_len ((v bv)) mpz - (match v - (bvn 0) - ((bvc b v') (mp_add (bv_len v') 1)))) +;; (program bv_len ((v bv)) mpz +;; (match v +;; (bvn 0) +;; ((bvc b v') (mp_add (bv_len v') 1)))) + + +; a bv constant term +(declare a_bv + (! n mpz + (! v bv + (term (BitVec n))))) + ; a bv variable (declare var_bv type) ; a bv variable term -(declare a_var_bv (! v var_bv (term BitVec))) - - -; bit vector operators -(define bvoper (! x (term BitVec) - (! y (term BitVec) - (term BitVec)))) -(declare bvand bvoper) -(declare bvadd bvoper) -;.... - -; all bit-vector terms are mapped with "bv_atom" to: -; - a simply-typed term of type "var_bv", which is necessary for bit-blasting -; - a integer size -(declare bv_atom (! x (term BitVec) (! y var_bv (! n mpz type)))) - -(declare decl_bv_atom_var (! n mpz ; must be specified - (! x var_bv - (! p (! u (bv_atom (a_var_bv x) x n) - (holds cln)) - (holds cln))))) - -(declare decl_bv_atom_const (! n mpz - (! v bv - (! s (^ (bv_len v) n) - (! p (! w var_bv - (! u (bv_atom (a_bv v) w n) - (holds cln))) - (holds cln)))))) - - -; other terms here? - - -; bit blasted terms -(declare bblt type) -(declare bbltn bblt) -(declare bbltc (! f formula (! v bblt bblt))) - -; (bblast_term x y) means term x corresponds to bit level interpretation y -(declare bblast_term (! x (term BitVec) (! y bblt formula))) - -; a predicate to represent the n^th bit of a bitvector term -(declare bblast (! x var_bv (! n mpz formula))) - - -; bit blast constant -(program bblast_const ((v bv) (n mpz)) bblt - (mp_ifneg n (match v (bvn bbltn) - (default (fail bblt))) - (match v ((bvc b v') (bbltc (match b (b0 false) (b1 true)) (bblast_const v' (mp_add n (~ 1))))) - (default (fail bblt))))) - -(declare bv_bbl_const (! n mpz - (! v bv - (! x var_bv - (! f bblt - (! u (bv_atom (a_bv v) x n) - (! c (^ (bblast_const v (mp_add n (~ 1))) f) - (th_holds (bblast_term (a_bv v) f))))))))) - -; bit blast variable -(program bblast_var ((x var_bv) (n mpz)) bblt - (mp_ifneg n bbltn - (bbltc (bblast x n) (bblast_var x (mp_add n (~ 1)))))) - -(declare bv_bbl_var (! n mpz - (! x var_bv - (! f bblt - (! u (bv_atom (a_var_bv x) x n) - (! c (^ (bblast_var x (mp_add n (~ 1))) f) - (th_holds (bblast_term (a_var_bv x) f)))))))) - -; bit blast x = y -; for x,y of size n, it will return a conjuction (x.{n-1} = y.{n-1} ^ ( ... ^ (x.0 = y.0 ^ true))) -(program bblast_eq ((x bblt) (y bblt)) formula - (match x - (bbltn (match y (bbltn true) (default (fail formula)))) - ((bbltc fx x') (match y - (bbltn (fail formula)) - ((bbltc fy y') (and (iff fx fy) (bblast_eq x' y'))))))) - -(declare bv_bbl_eq (! x (term BitVec) - (! y (term BitVec) - (! fx bblt - (! fy bblt - (! f formula - (! ux (th_holds (bblast_term x fx)) - (! uy (th_holds (bblast_term y fy)) - (! c (^ (bblast_eq fx fy) f) - (th_holds (impl (= BitVec x y) f))))))))))) - - -; rewrite rule : -; x + y = y + x -(declare bvadd_symm (! x (term BitVec) - (! y (term BitVec) - (! x' var_bv - (! y' var_bv - (! n mpz - (! ux (bv_atom x x' n) - (! uy (bv_atom y y' n) - (th_holds (= BitVec (bvadd x y) (bvadd y x))))))))))) - - - -; necessary? -(program calc_bvand ((a bv) (b bv)) bv - (match a - (bvn (match b (bvn bvn) (default (fail bv)))) - ((bvc ba a') (match b - ((bvc bb b') (bvc (match ba (b0 b0) (b1 bb)) (calc_bvand a' b'))) - (default (fail bv)))))) - -; rewrite rule (w constants) : -; a & b = c -(declare bvand_const (! c bv - (! a bv - (! b bv - (! u (^ (calc_bvand a b) c) - (th_holds (= BitVec (bvand (a_bv a) (a_bv b)) (a_bv c))))))))
\ No newline at end of file +(declare a_var_bv + (! n mpz + (! v var_bv + (term (BitVec n))))) + +; bit vector binary operators +(define bvop2 + (! n mpz + (! x (term (BitVec n)) + (! y (term (BitVec n)) + (term (BitVec n)))))) + +(declare bvand bvop2) +(declare bvor bvop2) +(declare bvor bvop2) +(declare bvxor bvop2) +(declare bvnand bvop2) +(declare bvnor bvop2) +(declare bvxnor bvop2) +(declare bvmul bvop2) +(declare bvadd bvop2) +(declare bvsub bvop2) +(declare bvudiv bvop2) +(declare bvurem bvop2) +(declare bvsdiv bvop2) +(declare bvsrem bvop2) +(declare bvsmod bvop2) +(declare bvshl bvop2) +(declare bvlshr bvop2) +(declare bvashr bvop2) +(declare concat bvop2) + +; bit vector unary operators +(define bvop1 + (! n mpz + (! x (term (BitVec n)) + (term (BitVec n))))) + + +(declare bvneg bvop1) +(declare bvnot bvop1) +(declare rotate_left bvop1) +(declare rotate_right bvop1) + +(declare bvcomp + (! n mpz + (! t1 (term (BitVec n)) + (! t2 (term (BitVec n)) + (term (BitVec 1)))))) + + +(declare concat + (! n mpz + (! m mpz + (! m' mpz + (! t1 (term (BitVec m)) + (! t2 (term (BitVec m')) + (term (BitVec n)))))))) + +;; side-condition fails in signature only?? +;; (! s (^ (mp_add m m') n) + +;; (declare repeat bvopp) + +(declare extract + (! n mpz + (! i mpz + (! j mpz + (! m mpz + (! t2 (term (BitVec m)) + (term (BitVec n)))))))) + +(declare zero_extend + (! n mpz + (! i mpz + (! m mpz + (! t2 (term (BitVec m)) + (term (BitVec n))))))) + +(declare sign_extend + (! n mpz + (! i mpz + (! m mpz + (! t2 (term (BitVec m)) + (term (BitVec n))))))) + +(declare repeat + (! n mpz + (! i mpz + (! m mpz + (! t2 (term (BitVec m)) + (term (BitVec n))))))) + + + +;; TODO: add checks for valid typing for these operators +;; (! c1 (^ (mpz_lte i j) +;; (! c2 (^ (mpz_lt i n) true) +;; (! c3 (^ (mp_ifneg i false true) true) +;; (! c4 (^ (mp_ifneg j false true) true) +;; (! s (^ (mp_add (mpz_sub i j) 1) m) + + +; bit vector predicates +(define bvpred + (! n mpz + (! x (term (BitVec n)) + (! y (term (BitVec n)) + formula)))) + +(declare bvult bvpred) +(declare bvule bvpred) +(declare bvugt bvpred) +(declare bvuge bvpred) +(declare bvslt bvpred) +(declare bvsle bvpred) +(declare bvsgt bvpred) +(declare bvsge bvpred) + |