1 / 20

Memory Modeling in ESL-RTL Equivalence Checking

Memory Modeling in ESL-RTL Equivalence Checking. Alfred Koelbl, Jerry Burch, Carl Pixley Advanced Technology Group Synopsys, Inc. June 2007. Outline. Motivation Transaction equivalence Requirements for a memory model Memory layout differences Multiple memories Constraints on memories

step
Download Presentation

Memory Modeling in ESL-RTL Equivalence Checking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Memory Modeling in ESL-RTL Equivalence Checking Alfred Koelbl, Jerry Burch,Carl Pixley Advanced Technology Group Synopsys, Inc. June 2007

  2. Outline • Motivation • Transaction equivalence • Requirements for a memory model • Memory layout differences • Multiple memories • Constraints on memories • Proof procedure • Experimental results • Conclusion

  3. Motivation • Problem: ESL to RTL equivalence checking • Arrays in ESL model are often implemented by memories in RTL • Given mapping can greatly simplify equivalence check • Many implementations possible: • Differing memory layout • Multiple memories • Constraints on memory contents • Timing differences • Need to be able to reason about memoryreads / writes

  4. Related Work • Simple read/write memory model used in • Pipeline verification (Burch, Dill 1994) • Symbolic simulation (Bryant, Velev 1997) • Microprocessor verification • Stump et al. 2001:Extensional theory of arrays • Clever encoding:Manolios et al. 2006, Ganai et al. 2005 • Bradley et al. 2006:Extensional theory with quantifiers

  5. Proof procedure • Transaction equivalence • Assume that designs start in valid state (superset of reachable state set) • Execute single transaction by unrolling ESL and RTL models for one transaction • Check outputs after transaction • Check state after transaction • Proof strategy: Induction • Needs state invariants • Register mappings • Memory mappings & memory constraints • Additional invariants • Prove that resulting SAT formula is UNSAT

  6. IA IA0 IA1 OA OA ESL ESL0 ESL1 MA’ SA’ Transaction TA Transaction TB MB’ SB’ RTL0 RTL RTL1 RTL2 OB OB IB0 IB IB1 IB2 Transaction equivalence MA SA MB SB

  7. = Outputs equivalent ? Valid end state ? Transaction equivalence IA0 IA1 OA ESL0 ESL1 MA MA’ SA SA’ Valid starting state(superset of reachable state set) MB MB’ SB SB’ RTL0 RTL1 RTL2 OB IB0 IB1 IB2

  8. • Register mappings • State invariants • Memory mappings • Constraints on memories Transaction equivalence IA0 IA1 OA ESL0 ESL1 MA MA’ SA SA’ MB MB’ SB SB’ RTL0 RTL1 RTL2 OB IB0 IB1 IB2

  9. Operations: read(M, addr), write(M, addr, data) (no timing) How can we express relationships between memories/arrays? Ma’ 0 10 read(Ma, 1) → 7 1 7 2 19 3 1024 write(Ma, 3, 1024) 4 203 5 48 Memories / Arrays Ma 0 10 1 7 2 19 3 5 4 203 5 48

  10. Memory mapping • Relates content of one memory to another • Universally quantified expression over all memory locations • Expressed in terms of reads • Example: One-to-one mapping between Ma and Mb:

  11. Layout differences struct elem{ char a; char b;} elem MA[4] reg [3:0] MB[2:0] 0 1 2 3 01 1 11 0 10 0 01 0 00000001 0 00000001 00000011 1 00000000 00000010 2 00000000 00000001 3 00000000

  12. Layout differences • Differing memory layout due to lack of bit-accurate data-types • Memory mapping is big expression with bit-extracts and concatenation • User can specify mapping with “template”template_t{ a = [2:1]; b = [0];} • Memory mapping expression:

  13. Multiple memories • Single array in ESL implemented by multiple memories in RTL • Increasing memory access performance • Shadow registers • Cache in RTL • Complex address mappings between memories • Optimized memory access pattern in RTL • Splitting / Merging memories in RTL

  14. Multiple memories ESL Memory ME RTL Memory MF RTL Memory MG 0 1 2 3 4 5 6

  15. Constraints on memories • Designs may only be equivalent if memory contents are constrained • Constraints on individual memory elements • Constraints on all memory elements • Constraints relating multiple memories • Constraint becomes proof obligation

  16. Proof procedure • Assumptions • Proof obligations • Check model assumptions, e.g., that no array accesses are out-of-bounds

  17. Proof procedure • Propagate reads over writes • Replace universal quantifier variables in proof obligations by free variables • Expand assumption quantifiers • Perform completeness check

  18. Proof procedure • Replace reads by free variables • Prove formulas using validity checker

  19. Hector experimental results

  20. Conclusion • Arrays in ESL model are often implemented as memories in RTL • Relationship between memories expressed by universally quantified memory map • Memory map must be able to handle • Layout differences • Complicated address mappings • Multiple memories • Constraints on memories • Proof procedure based on induction • Memory maps as assumption and proof obligations • Quantifier elimination

More Related