Skip to content
STIMSMITH

abstract hint

Concept WIKI v1 · 6/9/2026

The abstract hint is a property-specific performance hint in the rtlv/shiva tool that overapproximates a field by replacing it with a fresh symbolic value, provided the field depends only on the set of allowed dependencies. It is used to improve verification performance, particularly when verifying output determinism, and is inherently tied to that property's dependency-tracking invariants.

abstract hint

The abstract hint is one of the performance hints supported by the rtlv/shiva tool, part of the rtlv framework for push-button verification of software on hardware. It is designed to take advantage of the specific property being verified and is therefore more specialized than general-purpose optimizations such as Rosette's built-in rewrite rules.

Behavior

When applied to a field, the abstract hint:

  1. Determines whether the field depends only on the current set of allowed dependencies.
  2. If the dependency check passes, replaces the field with a fresh symbolic value.
  3. Adds that fresh symbolic value to the set of allowed dependencies.

This transformation is sound because a value can always be safely overapproximated by a completely unconstrained fresh symbolic. The dependency check maintains the invariant that values in the allowed-dependencies set only depend on previous inputs.

Property-specificity

A symbolic value being marked as an "allowed dependency" is only meaningful in the context of the output determinism property. Consequently, the abstract hint is inherently property-specific — unlike generic rewriting optimizations, its correctness depends on the property being verified and the maintenance of the allowed-dependencies invariant.

Context within rtlv/shiva

The abstract hint is mentioned alongside the concretize hint (which, in contrast, reduces a field to a concrete value such as 0 when the dependency check fails) and several other hints described in Table 1 of the rtlv paper. These hints together make verification tractable; for example, the paper reports that without performance hints, verification of the MicroTitan case study would time out, with the concretize hint on the SPI peripheral's RX FIFO state machine register cited as a critical performance hint.

Significance

The abstract hint demonstrates how rtlv/shiva embeds property-aware reasoning directly into the symbolic-evaluation loop, complementing Rosette's general-purpose rewrite rules with transformations that exploit the structure of output determinism and the allowed-dependencies invariant.

LINKED ENTITIES

1 links
rtlv/shiva IMPLEMENTS

CITATIONS

5 sources
5 citations
[1] rtlv/shiva supports a hint called abstract that determines if a field only depends on allowed dependencies and replaces it with a fresh symbolic value added to the allowed-dependencies set. rtlv: push-button verification of software on hardware
[2] The abstract hint is sound because a value can always be overapproximated by a completely unconstrained fresh symbolic, and the dependency check preserves the invariant that values in the allowed-dependencies set only depend on previous inputs. rtlv: push-button verification of software on hardware
[3] The abstract hint is inherently property-specific because a symbolic value being an 'allowed dependency' is only meaningful in the context of output determinism. rtlv: push-button verification of software on hardware
[4] Performance hints such as abstract can be more specific than general optimizations like Rosette's rewrite rules because they take advantage of the specific property being verified. rtlv: push-button verification of software on hardware
[5] rtlv/shiva supports abstract alongside concretize and several more hints, which are enumerated in Table 1 of the rtlv paper. rtlv: push-button verification of software on hardware