Introduction to Formal Equivalence Verification (FEV) Erik Seligman CS 510, Lecture 4, January 2009.

transcript

Introduction to Formal Equivalence Verification (FEV)

Erik Seligman

CS 510, Lecture 4, January 2009

Introduce basic concepts of FEV Enable you to try FEV using Cadence

Conformal Examine some corner cases

FEV: The Basic Concepts

What Is FEV? Best-established form of FV

• Other names: Equivalence Checking

Answers: Are two models equivalent?

Main Uses of FEV

RTL-Netlist equivalence• Essential part of design flows

• Also leveraged for late hand edits (ECOs)

Verifying quick changes to a model• Fast & easy if model almost the same

Types of FEV Combinatorial / Synchronous

• Models must be (mostly) state-matching• Very efficient due to no time calculations• Works very well for synthesized netlists

– Most synthesis tools expect this

• Cadence Conformal is leader– Others: Synopsys Formality, Magma Quartz

Sequential• Allows more abstract RTL, or HLM-RTL FEV• More flexibility for late netlist timing edits• Much more risk/expense• Few commercial tools (Calypto, NEC)

State-Matching FEV

Are these equivalent?

Step 1: Map key points

Inputs?- Match. Outputs? Match.

States? f1->f3, f2->f4

Step 2: Build Equations

f3 = b, f4 = f3, out = !(a&f4)

f3=b, f4 = !(!f3), out = !a | !f4

Step 3: Compare Equations

f3 = b b EQUALf4 = f3 !(!f3) EQUALout = !(a&f4) !a | !f4 EQUAL

What if there was an error?

f3 = b b EQUALf4 = f3 !f3 DIFFERout = !(a&f4) !a | !f4 EQUAL

Debugging: Where To Look

Fanin cones (“support set”)• Different fanin major issue

Set of counterexample values• If only specific values cause cex, provides

hint of root cause

“Intelligent” hints from tools• Is an overall inversion suspected?

• Identify similar areas of logic within cone?– Isolate error

Debug Schematic View

Combinational other logic irrelevant

Good tools provide annotated cex value

Introduction To Conformal

Conformal Terminology

Gold = golden model (often RTL) Rev = revised model (often netlist)

• Many commands have –gold/-rev option Key Point = points to map

• Basic ones: primary inputs/outputs, states

• Others: blackboxes, dangling (Z) nodes, …

• Can refer to by name or integer ID

Support Set = fanin cone

Conformal Modes

Setup Mode: initial state• Can load models, assign renaming rules

• Can set various global options

• Return to this mode: “set sys mode setup”

LEC Mode: checking state• Transition with “set sys mode lec”

– Automatically tries to map key points

• Models have been loaded, can compare

Conformal Usage Model

Based on command console• Startup with “LEC –nogui”

• Capable of taking general tcl scripts

“help” available for any command• Example: “help read design”

• Full manuals in /pkgs/cadence6/CONFRML71/doc

“set log file <filename>” to start logging • Always do this for homework!

“set gui on” / “set gui off” can be done any time “dofile <filename>.do” to execute script

• Script = any set of console commands

Mapping Key Points

LEC has good automapper• Can guess many mappings

• But sometimes fails

View mapping as “renaming”• Temporarily rename RTL sig to match netlist

• “add renaming rule” to specify mappings– Or “add mapped point” in LEC mode

Skeleton LEC Dofile

set log file lec.log –replaceread design –systemverilog –gold –f myrtl.filelist

read design –systemverilog –rev –f mynetlist.filelist

add renaming rule r1 foo bar –goldset sys mode lecreport unmapped pointsadd compare points –allcomparereport compare data

Skeleton LEC Dofile

Debugging Mismatches

Debug commands available in console• “diagnose <point>”: Display basic info

But easier to debug in gui• Report->Compare Data to see all points

• Red dots indicate mismatches

• Right-click at mismatch point, and “Diagnose”

– Gives support set, cex values, and LEC’s hints

– From Diagnose window can launch sch view

Report -> Compare Data

Example: Fanin Cone

Example: Inversion

Example: Messy Error

Schematic View

Model “Flattening”

Minor exceptions to state-matching Useful if flops/latches don’t map

Are These Equal?

set flatten model –dff_to_dlat_zero

Are These Equal?

set flatten model –dff_to_dlat_feedback

Are These Equal?

set flatten model –seq_constant

Are These Equal?

set flatten model –latch_fold

Are These Equal?

set flatten model –latch_transparent

Model Flattening

Tool modified cases on previous slides• Internally changes view of logic

• Only on request, not automatic

• May cause mismatches rather than curing!

• Often useful if key point imbalance

In Conformal: “set flatten model…”• Many options, not just ones on slides

• Can also use “remodel …” on single point

FEV Constraints

Are these equivalent?

• No! BUT– What if ‘a’ is always 1?

FEV: Why Constraints?

RTL is often very general`ifdef CHIP_VERSION_1

`define A 1

`define A 2

`endif

Design reuse: irrelevant RTL remains assign A = 1’b1;

if (!A) …

Why Do Contraints Matter?

Good synthesis tools take advantage• Assume constants to reduce size/scope

• Don’t synthesize masked-out RTL

• Allow out-of-band constraint specs in control files

FEV must recognize constraints• Otherwise get mismatches

• No effort *if* constraints visible at FEV level– But may be only in wrapper RTL– Or inside analog blackbox– Or could be due to software / outside specs

• If not visible to tool, may need to specify– add pin constraint 0 /foo/bar

Some References

http://en.wikipedia.org/wiki/Formal_equivalence_checking

http://cad-for-vlsi.blogspot.com/2007/03/111-art-of-equivalence-checking.html

Full Conformal docs at /pkgs/cadence6/CONFRML71/doc

Introduction to Formal Equivalence Verification (FEV) Erik Seligman CS 510, Lecture 4, January 2009.

Documents