pub struct Z3ArmValidator;Expand description
Z3-backed validator for the WASM → ARM selection pattern.
For each call the validator:
- Allocates symbolic 32-bit inputs (a limb pair per i64 operand).
- Builds the WASM op’s reference result from those inputs.
- Builds the ARM sequence’s result by symbolically executing it.
- Asserts the negation of equivalence and checks satisfiability:
unsat⇒ equivalent for all inputs (accept),sat⇒ counterexample (reject).
The validator is trusted code: it is the small, auditable piece that replaces ~150 per-op Rocq proofs. Every formula it builds is 32-bit bitvector arithmetic that a reviewer can check by hand.
Implementations§
Source§impl Z3ArmValidator
impl Z3ArmValidator
Sourcepub fn new() -> Self
pub fn new() -> Self
Construct a fresh validator. Callers should wrap any sequence of
validate calls in crate::with_verification_context (a no-op for
the default ordeal engine; configures Z3’s thread-local context when
the differential oracle is compiled in).
Trait Implementations§
Source§impl Default for Z3ArmValidator
impl Default for Z3ArmValidator
Source§impl Validator<WasmOp, ArmOp> for Z3ArmValidator
impl Validator<WasmOp, ArmOp> for Z3ArmValidator
Source§fn validate(
&self,
sel: &CertifiedSelection<WasmOp, ArmOp>,
) -> Result<Witness, ValidationError>
fn validate( &self, sel: &CertifiedSelection<WasmOp, ArmOp>, ) -> Result<Witness, ValidationError>
Validate
sel. Returns Ok(Witness) iff the selection is
semantically equivalent to the source op.Auto Trait Implementations§
impl Freeze for Z3ArmValidator
impl RefUnwindSafe for Z3ArmValidator
impl Send for Z3ArmValidator
impl Sync for Z3ArmValidator
impl Unpin for Z3ArmValidator
impl UnsafeUnpin for Z3ArmValidator
impl UnwindSafe for Z3ArmValidator
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more