The Synergy between Logic Synthesis and Equivalence Checking

1
The Synergy between Logic Synthesis and
Equivalence Checking

• R. Brayton
• UC Berkeley

Thanks to SRC, NSF, California Micro Program and
industrial sponsors, Actel, Altera, Calypto,
Intel, Magma, Synplicity, Synopsys, Xilinx
2
Outline

• Emphasize mostly synthesis
• Look at the operations of classical logic
  synthesis
• Contrast these with newer methods based on ideas
  borrowed from verification
• Themes will be scalability and verifiability
• Look at new approaches to sequential logic
  synthesis and verification

3
Two Kinds of Synergy

• Algorithms and advancements in verification used
  in synthesis and vice versa.
• Verification enables synthesis
• Ability to equivalence check enables use and
  acceptance of sequential operations
• retiming, unreachable states, sequential
  redundancy removal, etc.
• Synthesis enables verification
• Desire to use sequential synthesis operations
  spurs verification developments

4
Examples of The Synergy

• Similar solutions
• e.g. retiming in synthesis / retiming in
  verification
• Algorithm migration
• e.g. BDDs, SAT, induction, interpolation,
  rewriting
• Related complexity
• scalable synthesis ltgt scalable verification
  (approximately)
• Common data-structures
• e.g. combinational and sequential AIGs

5
Quick Overview of Classical Logic Synthesis

• Boolean network
• Network manipulation (algebraic)
• Elimination
• Decomposition (common kernel extraction)
• Node minimization
• Espresso
• Dont cares
• Resubstitution (algebraic or Boolean)

6
Classical Logic Synthesis
Equivalent AIG in ABC
AIG is a Boolean network of 2-input AND nodes and
invertors (dotted lines)
7
One AIG Node Many Cuts
Combinational AIG

• AIG can be used to compute many cuts for each
  node
• Each cut in AIG represents a different SIS node
• No a priori fixed boundaries
• Implies that AIG manipulation with cuts is
  equivalent to working on many Boolean networks at
  the same time

f
a
c
d
e
b
Different cuts for the same node
8
Combinational Rewriting

• iterate 10 times
• for each AIG node
• for each k-cut
• derive node output as function of cut
  variables
• if ( smaller AIG is in the
  pre-computed library )
• rewrite using improved AIG
  structure

Note each AIG node has, on average, 5 4-cuts
compared to a SIS node with only 1 cut Rewriting
at a node can be very fast using hash-table
lookups, truth table manipulation, disjoint
decomposition
9
Combinational Rewriting Illustrated
Working AIG

• AIG rewriting looks at one AIG node, n, at a
  time
• A set of new nodes replaces the old fanin cone of
  n
• History AIG contains all nodes ever created in
  the AIG
• The old root and the new root nodes are grouped
  into an equivalence class (more on this later)

10
Comparison of Two Syntheses

• Classical synthesis
• Boolean network
• Network manipulation (algebraic)
• Elimination
• Decomposition (common kernel extraction)
• Node minimization
• Espresso
• Dont cares computed using BDDs
• Resubstitution

• Contemporary synthesis
• AIG network
• DAG-aware AIG rewriting (Boolean)
• Several related algorithms
• Rewriting
• Refactoring
• Balancing
• Node minimization
• Boolean decomposition
• Dont cares computed using simulation and SAT
• Resubstitution with dont cares

11
Node Minimization Comparison
Call ESPRESSO on node function
Evaluate the gain for all k-cuts of the node and
take the best result
Note Computing cuts becomes a fundamental
computation
12
Types of Dont-Cares

• SDCs
• Input patterns that never appear as an input of a
  node due to its transitive fanin
• ODCs
• Input patterns for which the output of a node is
  not observable
• EXDCs
• Pre-specified or computed external dont cares
  (e.g. subsets of unreachable states)

13
Illustration of SDCs and ODCs (combinational)
14
SPFDs Sets of Pairs of Functions to be
Distinguished
SPFD can be represented as a bi-partite graph
An incompletely-specified function (ISF) as a
SPFD
000
011
offset
onset
001
100
111
beyond dont-cares
15
Scalability of Dont-Care Computation

• Scalability is achieved by windowing
• Window defines local context of a node
• Dont-cares are computed and used in
• Post-mapping resynthesis
• a Boolean network derived from AIG network using
  technology mapping
• High-effort AIG minimization
• an AIG with some nodes clustered

16
Windowing a Node in the Network
Boolean network

• Definition
• A window for a node in the network is the context
  in which the dont-cares are computed
• A window includes
• n levels of the TFI
• m levels of the TFO
• all re-convergent paths captured in this scope
• Window with its PIs and POs can be considered as
  a separate network

17
Dont-Care Computation Framework
Miter constructed for the window POs
18
Implementation of Dont-Care Computation

• Compute the care set
• Simulation
• Simulate the miter using random patterns
• Collect PI (X) minterms, for which the output of
  miter is 1
• This is a subset of a care set
• Satisfiability
• Derive set of network clauses
• Add the negation of the current care set,
• Assert the output of miter to be 1,
• Enumerate through the SAT assignments
• Add these assignments to the care set
• Illustrates a typical use of simulation and SAT
• Simulate to filter out possibilities
• Use SAT to check if the remainder is OK (or if a
  property holds)

1
19
Resubstitution

• Resubstitution considers a node in a Boolean
  network and expresses it using a different set of
  fanins

X
X
Computation can be enhanced by use of dont cares
20
Resubstitution with Dont-Cares - Overview

• Consider all or some nodes in Boolean network
• Create window
• Select possible fanin nodes (divisors)
• For each candidate subset of divisors
• Rule out some subsets using simulation
• Check resubstitution feasibility using SAT
• Compute resubstitution function using
  interpolation
• A low-cost by-product of completed SAT proofs
• Update the network if there is an improvement

21
Resubstitution with Dont Cares

• Given
• node function F(x) to be replaced
• care set C(x) for the node
• candidate set of divisors gi(x) for
  re-expressing F(x)
• Find
• A resubstitution function h(y) such that F(x)
  h(g(x)) on the care set
• SPFD Theorem Function h exists if and only if
  every pair of care minterms, x1 and x2,
  distinguished by F(x), is also distinguished by
  gi(x) for some i

22
Example of Resubstitution

• Any minterm pair distinguished by F(x) should
  also be distinguished by at least one of the
  candidates gi(x)

Given F(x) (x1? x2)(x2 ? x3) Two candidate
sets g1 x1x2, g2 x1 x2x3, g3 x1 ? x2,
g4 x2 x3 Set g3, g4 cannot be used for
resubstitution while set g1, g2 can.
x F(x) g1(x) g2(x) g3(x) g4(x)
000 0 0 0 0 0
001 0 0 0 0 0
010 1 1 0 1 0
011 1 1 0 1 1
100 0 0 0 1 0
101 1 0 1 1 0
110 0 0 0 1 0
111 0 0 0 1 1
23
Checking Resubstitution using SAT
Miter for resubstitution check
F
F
Note use of care set. Resubstitution function
exists if and only if SAT problem is
unsatisfiable.
24
Computing Dependency Function h by Interpolation
(Theory)

• Consider two sets of clauses, A(x, y) and
  B(y, z), such that A(x, y) ? B(y, z) 0
• y are the only variables common to A and B.
• An interpolant of the pair (A(x, y), B(y, z)) is
  a function h(y) depending only on the common
  variables y such that A(x, y) ? h(y) ? B(y, z)

25
Computing Dependency Function h by Interpolation
(Implementation)

• Problem
• Find function h(y), such that C(x) ? h(g(x)) ?
  F(x), i.e. F(x) is expressed in terms of gi.
• Solution
• Prove the corresponding SAT problem
  unsatisfiable
• Derive unsatisfiability resolution proof
  Goldberg/Novikov, DATE03
• Divide clauses into A clauses and B clauses
• Derive interpolant from the unsatisfiability
  proof McMillan, CAV03
• Use interpolant as the dependency function, h(g)
• Replace F(x) by h(g) if cost function improved

• Notes on this solution
• uses dont cares
• does not use Espresso
• is more scalable

26
Sequential Synthesis and Sequential Equivalence
Checking (SEC)

• Sequential SAT sweeping
• Retiming
• Sequential equivalence checking
• Theme ensuring verifiability

27
SAT Sweeping
Combinational CEC

• Naïve approach
• Build output miter call SAT
• works well for many easy problems

• Better approach - SAT sweeping
• based on incremental SAT solving
• Detects possibly equivalent nodes using
  simulation
• Candidate constant nodes
• Candidate equivalent nodes
• Runs SAT on the intermediate miters in a
  topological order
• Refines the candidates using counterexamples

28
Sequential SAT Sweeping

• Similar to combinational in that it detects node
  equivalences
• But the equivalences are sequential guaranteed
  to hold only in the reachable state space
• Every combinational equivalence is a sequential
  one, not vice versa
• ? run combinational SAT sweeping beforehand
• Sequential equivalence is proved by k-step
  induction
• Base case
• Inductive case
• Efficient implementation of induction is key!

29
Base Case
k-step Induction
Inductive Case
Candidate equivalences A B, C D
Symbolic state
30
Efficient Implementation

• Two observations
• Both base and inductive cases of k-step induction
  are runs of combinational SAT sweeping
• Tricks and know-how from the above are applicable
  
• The same integrated package can be used
• starts with simulation
• performs node checking in a topological order
• benefits from the counter-example simulation
• Speculative reduction
• Deals with how assumptions are used in the
  inductive case

31
Speculative Reduction

• Given
• Sequential circuit
• The number of frames to unroll (k)
• Candidate equivalence classes
• One node in each class is designated as the
  representative
• Speculative reduction moves fanouts to the
  representatives
• Makes 80 of the constraints redundant
• Dramatically simplifies the timeframes (observed
  3x reductions)
• Leads to saving 100-1000x in runtime during
  incremental SAT

32
Guaranteed Verifiabilityfor Sequential SAT
Sweeping

• Theorem
• The resulting circuit after sequential SAT
  sweeping using k-step induction can be
  sequentially verified by k-step induction.
• (use some other k-step induction prover)

33
Experimental Synthesis Results

• Academic benchmarks
• 25 test cases (ITC 99, ISCAS 89, IWLS 05)
• Industrial benchmarks
• 50 test cases
• Comparing three experimental runs
• Baseline
• comb synthesis and mapping
• Register correspondence (Reg Corr)
• structural register sweep
• register correspondence using partitioned
  induction
• comb synthesis and mapping
• Signal correspondence (Sig Corr)
• structural register sweep
• register correspondence using partitioned
  induction
• signal correspondence using non-partitioned
  induction
• comb synthesis and mapping

34
Experimental Synthesis Results
Academic Benchmarks
Numbers are geometric averages and their ratios
Industrial Benchmarks
Single clock domain
35
Sequential Synthesis and Equivalence Checking

• Sequential SAT sweeping
• Retiming
• Sequential equivalence checking

36
Retiming and Resynthesis

• Sequential equivalence checking after
• 1) combinational synthesis, followed by
• 2) retiming, followed by
• 3) combinational synthesis
• is PSPACE-complete
• How to make it simpler?

37
How to Make It Simpler?

• Like Hansel and Gretel leave a trail of
  bread crumbs

38
Recording Synthesis History

• Two AIG managers are used
• Working AIG (WAIG)
• History AIG (HAIG)
• Combinational structural hashing is used in both
  managers
• Two node-mappings are supported
• Every node in WAIG points to a node in HAIG
• Some nodes in HAIG point to other nodes in HAIG
  that are sequentially equivalent

WAIG
HAIG
39
Recording History for Retiming
Step 1 Create retimed node
Step 2 Transfer fanout in WAIG and note
equivalence in HAIG
Step 3 Recursively remove old logic and continue
building new logic

• backward retiming is similar

40
Sequential Rewriting
Sequential cut a,b,b1,c1,c
Rewriting step.
41
Recording History with Windowing and ODCs

• In window-based synthesis using ODCs,
• sequential behavior at window PIs and POs is
  preserved

HAIG
Multi-input, multi-output window
not necessarily sequentially equivalent

• In HAIG, equivalence classes of window outputs
  can be used independently of each other

42
AIG Procedures Used for Recording History

• WAIG
• createAigManager
• deleteAigManager
• createNode
• replaceNode
• deleteNode_recur

• HAIG
• createAigManager
• deleteAigManager
• createNode, setWaigToHaigMapping
• setEquivalentHaigMapping
• do nothing

43
Using HAIG for Tech-Mapping

• HAIG contains all AIG structures
• Original and derived
• The accumulated structures can be used to improve
  the quality of technology mapping
• By reducing structural bias (Chatterjee et al,
  ICCAD05)
• By performing integrated mapping and retiming
  (Mishchenko et al, ICCAD07)
• HAIG-based mapping is scalable and leads to delay
  improvements (20-30) with small area degradation

44
Using HAIG for Equivalence Checking

• Sequential depth of a window-based sequential
  synthesis transform is the largest number of
  registers on any path from an input to an output
  of the window
• Theorem 1 If transforms recorded in HAIG have
  sequential depth 0 or 1, the equivalence classes
  of HAIG nodes can be proved by simple induction
  (k1) over two time-frames
• Theorem 2 If the inductive proof of HAIG passes
  without counter-examples, then
• the original and final designs are sequentially
  equivalent

45
Experimental SEC Results

• Notes
• Comparison is done before and after
  register/signal correspondence
• RegCorr, SigCorr and Mapping are synthesis
  runtimes
• SEC is comparison done in usual way without HAIG
• HAIG is the runtime of HAIG-based SEC
• Includes the runtime of speculative reduction and
  inductive proving
• Does not include the runtime of collecting HAIG
  (1 of synthesis time)

46
Summary and Conclusions

• Development of algorithms from either synthesis
  or verification are effective in the other
• Leads to new improved ways to
• synthesize
• equivalence check
• Sequential synthesis can be effective but must be
  able to equivalence check
• Limit scope of sequential synthesis
• Leave a trail of bread crumbs

47
end