formal verification of soc register maps · formal verification of soc register maps steve holloway...
Post on 13-Jun-2020
30 Views
Preview:
TRANSCRIPT
Formal Verification of SoC Register Maps
Steve Holloway
Principal Verification Engineer
Dialog Semiconductor
Agenda
Register Verification
Formal Verification Flow
Tips and Tricks
Regression & Debug Flow
Conclusions
IP-XACT Extensions
IP Block
Dialog Semiconductor ©2014 3
SoC Register Verification
SoC
IP 1
IP 2
IP 3
IP 4
IP 5
IP 6
IP 7
IP 8
Registers
R0
R1
RN Bus Interconnect
A
H
B
RW
RO
W1C
Access
policy • Are the registers implemented at their specified locations?
• Do they behave according to their access policy?
• Specifications subject to change …
Specifications
Dialog Semiconductor ©2014 4
Traditional Approach
IP Block
Registers
R0
R1
RN
A
H
B
RW
RO
W1C
Bus
Agent
Register Model
R0
R1
RN
RW
RO
W1C
Sequences
Generator
Checks Coverage
Dialog Semiconductor ©2014 5
Exhaustive Simulation
• Verify that R/W behaviour is correct for all data
Write Read Check Data = 0x00
Write Read Check Data = 0x01
Write Read Check Data = 0x02
Write Read Check Data = 0xFF
• In practise, cannot be done
• Make a pragmatic decision about coverage goals
Agenda
Register Verification
Formal Verification Flow
Tips and Tricks
Regression & Debug Flow
Conclusions
IP-XACT Extensions
Dialog Semiconductor ©2014 7
Formal Approach
IP Block
Registers
R0
R1
RN
A
H
B
RW
RO
W1C
Generator Assertions Property
Checker
Design
Model
Cadence
iRegVal
Dialog Semiconductor ©2014 8
Non-Deterministic Data
• Data can take on any value (e.g. 0x00 .. 0xFF)
• Constant throughout proof
• Proof is complete for all data values
Write Read
Check
Non-Deterministic Data
Dialog Semiconductor ©2014 9
Formal Checking Categories
Reset Checks
• Check the value after reset matches the specification
Read/Write Checks
• Check the read value of the register is consistent with the last write value
Read-Only Checks
• Check the value of the register read after a write sequence is the same as it was before the write
W1C Checks
• Check that writing a ‘1’ to a register bit clears the corresponding bit in the next read value
Agenda
Register Verification
Formal Verification Flow
Tips and Tricks
Regression & Debug Flow
Conclusions
IP-XACT Extensions
Dialog Semiconductor ©2014 11
IP-XACT Description
...
<spirit:register>
<spirit:name>MFSM_CTRL</spirit:name>
<spirit:description></spirit:description>
<spirit:addressOffset>0x0000</spirit:addressOffset>
<spirit:size>8</spirit:size>
<spirit:reset>
<spirit:value>0x0C</spirit:value>
</spirit:reset>
<spirit:field>
<spirit:name>FORCE_OFF</spirit:name>
<spirit:description></spirit:description>
<spirit:bitOffset>0</spirit:bitOffset>
<spirit:bitWidth>1</spirit:bitWidth>
<spirit:access>read-write</spirit:access>
<spirit:vendorExtensions>
<vendorExtensions:hdl_path>`DUT.force_off</vendorExtensions:hdl_path>
<vendorExtensions:hdl_data>
<vendorExtensions:size>1</vendorExtensions:size>
<vendorExtensions:bitOffset>0</vendorExtensions:bitOffset>
</vendorExtensions:hdl_data>
</spirit:vendorExtensions>
</spirit:field>
...
Address
Reset Value
Field
Access Policy
HDL Path
Dialog Semiconductor ©2014 12
Vendor Extensions for Cadence Regval App
Tool-specific Vendor Extensions
• DUT Name
• HDL Ports / Aliases
• Pin Constraints
• Bus Protocol
• Read Sequence
• Write Sequence
• Reset Sequence
• IEV .tcl commands
Excel
Template
Merge
Utility
Agenda
Register Verification
Formal Verification Flow
Tips and Tricks
Regression & Debug Flow
Conclusions
IP-XACT Extensions
Dialog Semiconductor ©2014 14
Tips & Tricks: Master – Specific Access Policy
<spirit:register>
<spirit:name>CTRL1_host</spirit:name>
<spirit:addressOffset>0x0014</spirit:addressOffset>
<spirit:size>8</spirit:size>
<spirit:access>read-only</spirit:access>
<spirit:reset>
<spirit:value>0x00</spirit:value>
</spirit:reset>
...
<spirit:vendorExtensions>
<vendorExtensions:bank>host</vendorExtensions:bank>
</spirit:vendorExtensions>
</spirit:register>
<spirit:register>
<spirit:name>CTRL1_test</spirit:name>
<spirit:addressOffset>0x0014</spirit:addressOffset>
<spirit:size>8</spirit:size>
<spirit:access>read-write</spirit:access>
<spirit:reset>
<spirit:value>0x00</spirit:value>
</spirit:reset>
...
<spirit:vendorExtensions>
<vendorExtensions:bank>test</vendorExtensions:bank>
</spirit:vendorExtensions>
</spirit:register>
CTRL1 is RO to HOST
HMASTER == ‘HOST’
Place in Bank ‘host’
CTRL1 is RW to TEST
HMASTER == ‘TEST’
Place in Bank ‘test’
Dialog Semiconductor ©2014 15
Bank Select in Formal Access Sequence
<vendorExtension:chk_write_sequence>
(REG_bank==nobank ##0 ...)
or
(REG_bank==host ##0 ... && (HMASTER == `HOST) ...)
or
(REG_bank==test ##0 ... && (HMASTER == `TEST) ...)
</vendorExtension:chk_write_sequence>
Default
• Can also be used to handle sideband signals which are not part of the
protocol
• e.g. global ‘lock’ signal
Dialog Semiconductor ©2014 16
Tips & Tricks: Automated Constraints
IP Block
Registers
R0
R1
EVENT
A
H
B
RW
RO
W1C
Event
Detector Trigger config
if { $type == "w1c" } {
set evi_drivers [find_evi_drivers]
cnst_evi_drivers $evi_drivers
}
proc find_evt_detectors {} {
set evt_dets [split [find -rec *u_evt_detect] " "]
return $ evt_dets
}
proc cnst_evt_detect {evt_dets} {
foreach evt $evi_dets {
cutpoint -add $evt.config
cutpoint -add $evt.trigger
constraint -add -pin $evi.config ...
...
}
}
user_reg.tcl
Agenda
Register Verification
Formal Verification Flow
Tips and Tricks
Regression & Debug Flow
Conclusions
IP-XACT Extensions
Dialog Semiconductor ©2014 18
Debug by Counter-Example
Reset sequence Read sequence
HRDATA !=
RST Value
Dialog Semiconductor ©2014 19
Regression & Reporting
Automated regression (vManager flow) for complete chip Debug
Failures!
Dialog Semiconductor ©2014 20
Register Validation Statistics
Dialog SoC Total
IP Blocks 18
Registers 892
Register Properties 3399
CPU Time 6.6 Hours
~7s per
property
~4 per reg
Agenda
Register Verification
Formal Verification Flow
Tips and Tricks
Regression & Debug Flow
Conclusions
IP-XACT Extensions
Dialog Semiconductor ©2014 22
Conclusions
• Formal checking provides exhaustive verification
• Fast flow set-up time (compared to UVM env)
• Debug by counter-example is convenient
• Formal checking of whole chip can be part of
overnight regression
• Multiple issues found over project timeline:
• Design out of sync with spec
• Incorrect implementation of access policies
The power to be...
top related