• Features
  • Building
    • Downloading Vericert and CompCert
    • Setting up Nix
    • Makefile build
  • Running
  • Citation
  • License

A formally verified high-level synthesis (HLS) tool written in Coq, building on top of CompCert. This ensures the correctness of the C to Verilog translation according to our Verilog semantics and CompCert’s C semantics, removing the need to check the resulting hardware for behavioural correctness.

Features

Currently all proofs of the following features have been completed.

• all int operations,
• non-recursive function calls,
• local arrays and pointers
• control-flow structures such as if-statements, for-loops, etc…

Building

To build Vericert, the provided Makefile can be used. External dependencies are needed to build the project, which can be pulled in automatically with nix using the provided default.nix and shell.nix files.

The project is written in Coq, a theorem prover, which is extracted to OCaml so that it can then be compiled and executed. The dependencies of this project are the following:

• Coq: theorem prover that is used to also program the HLS tool.
• OCaml: the OCaml compiler to compile the extracted files.
• dune: build tool for ocaml projects to gather all the ocaml files and compile them in the right order.
• menhir: parser generator for ocaml.
• findlib to find installed OCaml libraries.
• GCC: compiler to help build CompCert.

These dependencies can be installed manually, or automatically through Nix.

Downloading Vericert and CompCert

CompCert is added as a submodule in the lib/CompCert directory. It is needed to run the build process below, as it is the one dependency that is not downloaded by nix, and has to be downloaded together with the repository. To clone CompCert together with this project, and check it out at the correct revision, you can run:

git clone -b v1.2.2 --recursive https://github.com/ymherklotz/vericert

If the repository is already cloned, you can run the following command to make sure that CompCert is also downloaded and the correct branch is checked out:

git checkout v1.2.2
git submodule update --init

Setting up Nix

Nix is a package manager that can create an isolated environment so that the builds are reproducible. Once nix is installed, it can be used in the following way.

To open a shell which includes all the necessary dependencies, one can use:

nix-shell

which will open a shell that has all the dependencies loaded.

Makefile build

If the dependencies were installed manually, or if one is in the nix-shell, the project can be built by running:

make -j8

and installed locally, or under the PREFIX location using:

  make install

Which will install the binary in ./bin/vericert by default. However, this can be changed by changing the PREFIX environment variable, in which case the binary will be installed in $PREFIX/bin/vericert.

Running

To test out vericert you can try the following examples which are in the test folder using the following:

./bin/vericert test/loop.c -o loop.v
./bin/vericert test/conditional.c -o conditional.v
./bin/vericert test/add.c -o add.v

Citation

If you use Vericert in any way, please cite it using our OOPSLA’21 paper:

@inproceedings{herklotz21_fvhls,
  author = {Herklotz, Yann and Pollard, James D. and Ramanathan, Nadesh and Wickerson, John},
  title = {Formal Verification of High-Level Synthesis},
  year = {2021},
  number = {OOPSLA},
  numpages = {30},
  month = {11},
  journal = {Proc. ACM Program. Lang.},
  volume = {5},
  publisher = {Association for Computing Machinery},
  address = {New York, NY, USA},
  doi = {10.1145/3485494}
}

License

This project is licensed under GPLv3. The license can be seen in LICENSE.

The following external code and its license is present in this repository:

• src/pipelining: MIT

Copyright (c) 2008,2009,2010 Jean-Baptiste Tristan and INRIA