Introduction%20to%20Formal%20Equivalence%20Verification%20(FEV)

1
Introduction to Formal Equivalence Verification
(FEV)

• Erik Seligman
• CS 510, Lecture 4, January 2009

2
Goals

• Introduce basic concepts of FEV
• Enable you to try FEV using Cadence Conformal
• Examine some corner cases

3
FEV The Basic Concepts
4
What Is FEV?

• Best-established form of FV
• Other names Equivalence Checking
• Answers Are two models equivalent?

5
Main Uses of FEV

• RTL-Netlist equivalence
• Essential part of design flows
• Also leveraged for late hand edits (ECOs)
• Verifying quick changes to a model
• Fast easy if model almost the same

6
Types of FEV

• Combinatorial / Synchronous
• Models must be (mostly) state-matching
• Very efficient due to no time calculations
• Works very well for synthesized netlists
• Most synthesis tools expect this
• Cadence Conformal is leader
• Others Synopsys Formality, Magma Quartz
• Sequential
• Allows more abstract RTL, or HLM-RTL FEV
• More flexibility for late netlist timing edits
• Much more risk/expense
• Few commercial tools (Calypto, NEC)

7
State-Matching FEV
8
Are these equivalent?
a
f1
f2
b
out
ck
a
f3
f4
b
out
ck
9
Step 1 Map key points
a
f1
f2
b
out
f4
f3
ck
a
f3
f4
b
out
ck
Inputs?- Match. Outputs? Match. States? f1-gtf3,
f2-gtf4
10
Step 2 Build Equations
a
f1
f2
b
out
f4
f3
ck
a
f3
f4
b
out
ck
f3 b, f4 f3, out !(af4) f3b, f4 !(!f3),
out !a !f4
11
Step 3 Compare Equations
a
f1
f2
b
out
f4
f3
ck
a
f3
f4
b
out
ck
f3 b b EQUAL f4 f3 !(!f3)
EQUAL out !(af4) !a !f4 EQUAL
12
What if there was an error?
a
f1
f2
b
out
f4
f3
ck
a
f3
f4
b
out
ck
f3 b b EQUAL f4 f3 !f3
DIFFER out !(af4) !a !f4 EQUAL
13
Debugging Where To Look

• Fanin cones (support set)
• Different fanin ? major issue
• Set of counterexample values
• If only specific values cause cex, provides hint
  of root cause
• Intelligent hints from tools
• Is an overall inversion suspected?
• Identify similar areas of logic within cone?
• Isolate error

14
Debug Schematic View
1
1
f1
f2
f4
f3
ck
1
0
1
f3
f4
ck

• Combinational ? other logic irrelevant
• Good tools provide annotated cex value

15
Introduction To Conformal
16
Conformal Terminology

• Gold golden model (often RTL)
• Rev revised model (often netlist)
• Many commands have gold/-rev option
• Key Point points to map
• Basic ones primary inputs/outputs, states
• Others blackboxes, dangling (Z) nodes,
• Can refer to by name or integer ID
• Support Set fanin cone

17
Conformal Modes

• Setup Mode initial state
• Can load models, assign renaming rules
• Can set various global options
• Return to this mode set sys mode setup
• LEC Mode checking state
• Transition with set sys mode lec
• Automatically tries to map key points
• Models have been loaded, can compare

18
Conformal Usage Model

• Based on command console
• Startup with LEC nogui
• Capable of taking general tcl scripts
• help available for any command
• Example help read design
• Full manuals in /pkgs/cadence6/CONFRML71/doc
• set log file ltfilenamegt to start logging
• Always do this for homework!
• set gui on / set gui off can be done any time
• dofile ltfilenamegt.do to execute script
• Script any set of console commands

19
Mapping Key Points

• LEC has good automapper
• Can guess many mappings
• But sometimes fails
• View mapping as renaming
• Temporarily rename RTL sig to match netlist
• add renaming rule to specify mappings
• Or add mapped point in LEC mode

20
Skeleton LEC Dofile

• set log file lec.log replace
• read design systemverilog gold f
  myrtl.filelist
• read design systemverilog rev f
  mynetlist.filelist
• add renaming rule r1 foo bar gold
• set sys mode lec
• report unmapped points
• add compare points all
• compare
• report compare data

21
Skeleton LEC Dofile

• set log file lec.log replace
• read design systemverilog gold f
  myrtl.filelist
• read design systemverilog rev f
  mynetlist.filelist
• add renaming rule r1 foo bar gold
• set sys mode lec
• report unmapped points
• add compare points all
• compare
• report compare data

22
Skeleton LEC Dofile

• set log file lec.log replace
• read design systemverilog gold f
  myrtl.filelist
• read design systemverilog rev f
  mynetlist.filelist
• add renaming rule r1 foo bar gold
• set sys mode lec
• report unmapped points
• add compare points all
• compare
• report compare data

23
Skeleton LEC Dofile

• set log file lec.log replace
• read design systemverilog gold f
  myrtl.filelist
• read design systemverilog rev f
  mynetlist.filelist
• add renaming rule r1 foo bar gold
• set sys mode lec
• report unmapped points
• add compare points all
• compare
• report compare data

24
Skeleton LEC Dofile

• set log file lec.log replace
• read design systemverilog gold f
  myrtl.filelist
• read design systemverilog rev f
  mynetlist.filelist
• add renaming rule r1 foo bar gold
• set sys mode lec
• report unmapped points
• add compare points all
• compare
• report compare data

25
Skeleton LEC Dofile

• set log file lec.log replace
• read design systemverilog gold f
  myrtl.filelist
• read design systemverilog rev f
  mynetlist.filelist
• add renaming rule r1 foo bar gold
• set sys mode lec
• report unmapped points
• add compare points all
• compare
• report compare data

26
Skeleton LEC Dofile

• set log file lec.log replace
• read design systemverilog gold f
  myrtl.filelist
• read design systemverilog rev f
  mynetlist.filelist
• add renaming rule r1 foo bar gold
• set sys mode lec
• report unmapped points
• add compare points all
• compare
• report compare data

27
Debugging Mismatches

• Debug commands available in console
• diagnose ltpointgt Display basic info
• But easier to debug in gui
• Report-gtCompare Data to see all points
• Red dots indicate mismatches
• Right-click at mismatch point, and Diagnose
• Gives support set, cex values, and LECs hints
• From Diagnose window can launch sch view

28
Report -gt Compare Data
29
Example Fanin Cone
30
Example Inversion
31
Example Messy Error
32
Schematic View
33
Model Flattening

• Minor exceptions to state-matching
• Useful if flops/latches dont map

34
Are These Equal?
rst
d
rst
d
DLAT
35
Are These Equal?
rst
d
rst
d
DLAT
set flatten model dff_to_dlat_zero
36
Are These Equal?
rst
ck
rst
DLAT
ck
37
Are These Equal?
rst
ck
rst
DLAT
ck
set flatten model dff_to_dlat_feedback
38
Are These Equal?
ck
39
Are These Equal?
ck
set flatten model seq_constant
40
Are These Equal?
d
ck
d
DLAT
DLAT
ck
41
Are These Equal?
d
ck
d
DLAT
DLAT
ck
set flatten model latch_fold
42
Are These Equal?
DLAT
43
Are These Equal?
DLAT
set flatten model latch_transparent
44
Model Flattening

• Tool modified cases on previous slides
• Internally changes view of logic
• Only on request, not automatic
• May cause mismatches rather than curing!
• Often useful if key point imbalance
• In Conformal set flatten model
• Many options, not just ones on slides
• Can also use remodel on single point

45
FEV Constraints
46
Are these equivalent?
a
f1
f2
b
out
ck
f3
f4
b
out
ck
47
Are these equivalent?
a
f1
f2
b
out
ck
f3
f4
b
out
ck

• No! BUT What if a is always 1?

48
FEV Why Constraints?

• RTL is often very general
• ifdef CHIP_VERSION_1
• define A 1
• else
• define A 2
• endif
• Design reuse irrelevant RTL remains
• assign A 1b1
• if (!A)

49
Why Do Contraints Matter?

• Good synthesis tools take advantage
• Assume constants to reduce size/scope
• Dont synthesize masked-out RTL
• Allow out-of-band constraint specs in control
  files
• FEV must recognize constraints
• Otherwise get mismatches
• No effort if constraints visible at FEV level
• But may be only in wrapper RTL
• Or inside analog blackbox
• Or could be due to software / outside specs
• If not visible to tool, may need to specify
• add pin constraint 0 /foo/bar

50
Some References

• http//en.wikipedia.org/wiki/Formal_equivalence_ch
  ecking
• http//cad-for-vlsi.blogspot.com/2007/03/111-art-o
  f-equivalence-checking.html
• Full Conformal docs at /pkgs/cadence6/CONFRML71/do
  c