Handling Complexity in FEV

1
Handling Complexity in FEV

• Erik Seligman
• CS 510, Lecture 6, January 2009

2
Outline

• Complexity Intro Basics
• Hierarchical Comparison
• Cut Points
• Case Splitting
• Cheating

3
Outline

• Complexity Intro Basics
• Hierarchical Comparison
• Cut Points
• Case Splitting
• Cheating

4
Complexity Intro Basics
5
Complexity Time or Memory Blowup

• Two ways to see complexity
• Tool crash (hopefully wont happen)
• Compare Points reported as Abort
• What does this mean?
• Logic was too complex to analyze
• Maybe bad options selected

6
Tool Solutions

• Some tool options can help resolve
• set compare effort highultracomplete
• Causes LEC to work harder before giving up
• analyze datapath -merge analyze multiplier
• LEC looks for common datapath structures
• Useful if lots of arithmetic operations
• Specialized alg if you have a multiplier
• compare -single
• Slow, but concentrates on each point standalone
• analyze abort
• New feature to look at abort point try to ID
  good tool options
• Sloooow though (can run overnight, or abort too!)

7
Tool Capacity Issues

• Monitor LEC process for memory blowup
• May be root cause of abort or seg fault
• Look for options for run on hi-mem server
• Memory blowup is known FV hazard
• If you were close, this may be just enough
• Also try new compare parallel
• Uses multiple machines on network
• May improve memory runtime

8
Design Issues Memories

• Memories are complex
• Usually bbox a memory, verify standalone
• Conformal supplies special library
• LEC is easy with verplex memory primitives
• Otherwise extremely hard
• How are memories FEVed?
• Inherently transistor-based, not simple gates
• Need to define common structures for tool

9
Design Issues Dont Cares

• Dont-Care (DC) Space
• Remember, a DC is an RTL ambiguity
• Synthesis has freedom to decide
• Large DC space makes verification hard
• If DCs cause aborts, consider assigning all
  values
• How to diagnose?
• Look for this compile message
• F34 Convert X assignment(s) as don't care(s)
• report messages -rule F34 verbose for exact
  lines
• Experiment set x conversion 0 gold
• Ambiguous (X) cases 0 ? false negatives
• But experiment useful to see if DCs did cause
  aborts

10
Outline

• Complexity Intro Basics
• Hierarchical Comparison
• Cut Points
• Case Splitting
• Cheating

11
Using Hierarchical Verification
12
Hierarchy Example
TOP
Green
Yellow

• Simple option FEV full TOP design
• Best option if feasible

13
Hierarchy Example
TOP
Green
Yellow

• Hierarchical 3 FEV comparisons
• TOP.Green, Top.Yellow
• TOP with Green and Yellow bboxed
• Are there problems with this approach?

14
Hierarchy Problem Constraints
TOP
Green
Yellow
a
d
c
b

• Circuit topology ? constraints for bboxes
• What constraints needed in this example?

15
Hierarchy Problem Constraints
TOP
Green
Yellow
a
d
c
b

• Circuit topology ? constraints for bboxes
• What constraints needed in this example?
• Green add pin eq a b
• Yellow add pin constraint 0 c
• TOP add pin constraint 0 Yellow.d

16
Hierarchy In Conformal

• write hier dofile constraint
• Odd but convenient command
• IDs common hierarchies
• Writes new dofile, verifying all pieces
• Generates summary report at end
• Tricky when debugging!
• Need to rerun on hierarchy with error

17
Generated dofile excerpts
TOP
Green
Yellow
a
d
c
b
set root module top add pin constraint 0 yellow.d
-both set sys mode lec compare report
hier_compare data set root module green add
pin eq a b both
18
Challenges of Hierarchical FEV

• Synthesis tools can flatten hierarchy
• May make hierarchical FEV impossible
• May need to request backend preserve some
  hierarchy
• Mismatching submodule interfaces
• Extra pins inserted in synthesis
• Pin name changes
• May need to use Conformal commands to ignore/map
  pins

19
Hierarchy Special Case Cell Libraries

• Should use pre-FEVed library
• No sense in repeatedly verifying basic flops,
  latches, ANDs, ORs, etc
• Be sure lib team is doing low-level FEV!
• Check that this is the case
• Should have .v (or .lib) file defining each cell
• You should see simple behavioral RTL for cells,
  not full transistor-level logic
• always _at_(posedge clk) qltd

20
Outline

• Complexity Intro Basics
• Hierarchical Comparison
• Cut Points
• Case Splitting
• Cheating

21
Cut Points in FEV
22
What is a cut point?

• Verifying big logic cone may be hard
• Harder in low-frequency designs
• Divide logic at points other than states?
• Hard synthesis only requires state matching
• But often some internals correspond too
• In extreme cases, recode RTL to enable
• Cut point non-state to treat as key point
• Map verify just like latches/flops
• Reduces logic cones being analyzed

23
Cut Point Example
a
f1
p1
b
out
ck
a
f3
out
p2
b
ck
add cut point p1 gold add cut point p2 rev add
ren rule r1 p1 p2 -gold
24
Cut Point Problems?
a
f1
p1
b
out
ck
p1a
a
f3
out
p2
b
ck
Is p1 still a useful cut point?
25
Cut Point Problems?
a
f1
p1
b
out
ck
p1a
a
f3
out
p2
b
ck
Is p1 still a useful cut point? Maybe
26
Cut Point Problems?
a
f1
p1
b
out
ck
p1a
a
f3
out
p2
b
ck

• Is p1 still a useful cut point? Maybe
• Dont forget about constraint issues too

27
Outline

• Complexity Intro Basics
• Hierarchical Comparison
• Cut Points
• Case Splitting
• Cheating

28
Case Splitting
29
What is Case Splitting?

• FV is analyzes all cases together
• Good tool engines may be smarter
• What if small inputs activate/deactivate lots of
  logic?
• Example mode bits
• Constrain appropriate pins to 1 or 0
• Then compare twice
• Or constrain ltngt bits, then 2n compares

30
Case Splitting Example
f1
f2
a
out1
ck
f3
f4
out2
b
ck
Suppose compare of f2 f4 Aborts, and we want to
case-split on f1/f3.
31
Compare Case 1
CONST 0
f2
a
out1
ck
f4
out2
CONST 0
b
ck
First assign const of 0 to flop.
32
Compare Case 2
CONST 1
f2
a
out1
ck
f4
out2
CONST 1
b
ck
Then assign const value of 1. After both cases
pass, we are equivalent!
33
Case splitting in Conformal

• Conformal terminology partition
• Convenient commands
• add partition key_point
• write partition dofile
• Be careful!
• ltngt partition points ? 2n iterations
• Poorly chosen points worse than useless!

34
Outline

• Complexity Intro Basics
• Hierarchical Comparison
• Cut Points
• Case Splitting
• Cheating

35
Last Resorts Cheating
36
Simulation

• Obvious, defeats point of formal!
• But may be useful last resort
• If small handful of points defying FEV
• Be sure you exhausted FEV options!
• All tool compare/analyze options?
• Did you try hierarchical verify?
• Did you try cut points case splitting?
• Did you consider recoding RTL to increase cut
  points and/or hierarchy, or reduce dont-care
  space?

37
Simulation compare in LEC

• compare random ltngt
• Runs ltngt simulation vectors
• Should only run on specific problem points
• Not a good solution
• But better than nothing
• Probably will get more vectors than GLS
• Fast simulation only on problem cone

38
References / Further Reading

• http//www.cdnusers.org/community/encounter/Resour
  ces/resources_design/equiv/Dtp_cdnliveemea2006_ita
  yarom.pdf
• http//www.cdnusers.org/Portals/0/cdnlive/na2006/2
  .4.1/2.4.1_paper.pdf
• http//www.venusmultimedia.net/Aborts.htm