Verification of Parameterised FPGA Circuit Descriptions with Layout ...

More documents

Recommendations

Info

CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 94 block irow (int n, block R int (‘a, ‘b) ∼ (‘c, ‘a)) (‘a l , ‘b t[n]) ∼ (‘c b[n], ‘a r) attributes { height = if(n==0, 0, height((l, t) ; snd (converse (apr (n − 1))) ; beside (irow (n−1, R), R n) ; fst (apr (n−1)) ; (b, r))). width = if(n==0, 0, width((l, t) ;snd (converse (apr (n − 1))) ; beside (irow (n−1, R), R n) ; fst (apr (n−1)) ; (b, r))). } { // Wires: l = left , t = top, b = bottom, r = right assert (n >= 0) ”n >= 0 is required”. if (n == 0) { l = r. } // b and t are empty vectors anyway else { (l , t) ; snd (converse (apr (n − 1))) ; beside (irow (n−1, R), R n) ; fst (apr (n−1)) ; (b, r) at (0,0). } . } Figure 4.14: Recursive definition of irow n R We investigate proofs of two different versions of the index operators: defined iteratively and defined recursively. Recursively defined versions of some index operators are of particular interest because these versions can be used to represent less regular circuit descriptions. Iterative versions of the index operators are defined a very similar way to the standard prelude operators, and the proof infrastructure developed and tested on the prelude works well for them - all iterative definitions are proved fully automatically. Recursive definitions are slightly more complex and we will examine irow n R as an example. Figure 4.14 gives the recursive definition of this combinator. The first step in verifying this layout is to generate the theory definitions using the compiler as normal, however we must then re-jig the definitions to use Isabelle’s primrec rather than recdef constructs (see Section 4.5.2). This process could be performed automatically. The recursive width function definition for the irow block after this process is given in Figure 4.15. Because the width function recurses over the natural number n, when the parameter is supplied to the R block the conversion function “int” must be used to convert the natural number to an integer. Similarly, the definition of the irow uses the int2nat function we define in the IntAlgebra
CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 95 primrec "width 0 R l t b r = 0" "width (Suc n) R l t b r = Width ((l, t) ;;; snd $ (converse $ (apr $ (int n))) ;; beside $ ((| Def = λb c. arbitrary, Height = λb c. arbitrary, Width = λ (l,t) (b, r). width n R l t b r |), R $ (int n + 1)) ;; fst $ (apr $ (int n)) ;;; (b, r) )" Figure 4.15: Isabelle definition of the irow width function theory to convert the integer parameter to a natural number. int2nat is similar to the inbuilt nat type converter except that it is only defined for values where n ≥ 0. Proofs for recursive functions tend to follow a simple structure: induction and then some application of auto, possibly combined with other methods. In order to prove the validity theorems for irow it is necessary to massage the propositions [55], in order to move variables that must be encompassed by the induction onto the right-hand-side of the meta-implication. For example, the width validity theorem for irow is phrased as: theorem width ge0 int [rule format]: " Î(n::nat) (R::(( int⇒ (’t107∗’t108)⇒ (’t109∗’t107)⇒ bool,int⇒ (’t107∗’t108)⇒ (’t109∗’t107)⇒ int)block)). ∀ (qs137::int) (qs138 ::(’ t107∗’t108)) (qs139 ::(’ t109∗’t107)). 0 ≤ (Height (qs138 ;;; R $ qs137 ;;; qs139)) ; ∀ (qs137::int) (qs138 ::(’ t107∗’t108)) (qs139 ::(’ t109∗’t107)). 0 ≤ (Width (qs138 ;;; R $ qs137 ;;; qs139)) =⇒ ∀ l t b r. 0 ≤ (width n R l t b r)" This differs from the standard representation in that the signals l, t, b and r have been moved from being meta-quantified to being object-level quantified. The “rule format” tag instructs Isabelle to re-phrase the theorem using meta-quantification once it is proved. Proof of this theorem involves applying induction to split it into two cases to prove: goal (theorem (width ge0 int), 2 subgoals): 1.ÎnR. ∀ qs137 qs138 qs139. 0 ≤ Height (qs138 ;;; R $ qs137 ;;; qs139); ∀ qs137 qs138 qs139. 0 ≤ Width (qs138 ;;; R $ qs137 ;;; qs139) =⇒ ∀ l t b r. 0 ≤ irow.width 0 R l t b r
Page 1 and 2:
Imperial College of Science, Techno
Page 3 and 4:
Acknowledgements Firstly, I’d lik
Page 5 and 6:
TABLE OF CONTENTS iv 2.5 Isabelle:
Page 7 and 8:
TABLE OF CONTENTS vi 5.3.1 Speciali
Page 9 and 10:
TABLE OF CONTENTS viii C.1.1 fst .
Page 11 and 12:
Chapter 1 Introduction This thesis
Page 13 and 14:
CHAPTER 1. INTRODUCTION 3 B A C Fig
Page 15 and 16:
CHAPTER 1. INTRODUCTION 5 pler, all
Page 17 and 18:
CHAPTER 2. BACKGROUND AND RELATED W
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
CHAPTER 3. GENERATING PARAMETERISED
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Page 53 and 54: CHAPTER 3. GENERATING PARAMETERISED
Page 75 and 76: Chapter 4 Verifying Circuit Layouts
Page 77 and 78: CHAPTER 4. VERIFYING CIRCUIT LAYOUT
Page 103: CHAPTER 4. VERIFYING CIRCUIT LAYOUT
Page 117 and 118: Chapter 5 Specialisation In this ch
Page 119 and 120: CHAPTER 5. SPECIALISATION 109 opera
Page 121 and 122: CHAPTER 5. SPECIALISATION 111 // Ha
Page 123 and 124: CHAPTER 5. SPECIALISATION 113 circu
Page 125 and 126: CHAPTER 5. SPECIALISATION 115 const
Page 127 and 128: CHAPTER 5. SPECIALISATION 117 block
Page 129 and 130: CHAPTER 5. SPECIALISATION 119 Modif
Page 131 and 132: CHAPTER 5. SPECIALISATION 121 Buffe
Page 133 and 134: CHAPTER 5. SPECIALISATION 123 a fas
Page 135 and 136: CHAPTER 5. SPECIALISATION 125 block
Page 137 and 138: CHAPTER 5. SPECIALISATION 127 y y y
Page 139 and 140: CHAPTER 5. SPECIALISATION 129 with
Page 141 and 142: CHAPTER 6. LAYOUT CASE STUDIES 131
Page 155 and 156:
CHAPTER 6. LAYOUT CASE STUDIES 145
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
CHAPTER 7. CONCLUSION AND FUTURE WO
Page 177 and 178:
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
Bibliography [1] A. Aggoun and N. B
Page 187 and 188:
BIBLIOGRAPHY 177 [19] H. Gelernter.
Page 189 and 190:
BIBLIOGRAPHY 179 [41] Y. Li and M.
Page 191 and 192:
BIBLIOGRAPHY 181 [60] L. C. Paulson
Page 193 and 194:
BIBLIOGRAPHY 183 [83] J. Voeten. On
Page 195 and 196:
APPENDIX A. QUARTZ LANGUAGE GRAMMAR
Page 197 and 198:
Appendix B Theoretical Basis for La
Page 199 and 200:
APPENDIX B. THEORETICAL BASIS FOR L
Page 201 and 202:
Page 203 and 204:
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
Page 211 and 212:
Page 213 and 214:
Page 215 and 216:
Page 217 and 218:
Appendix C Placed Combinator Librar
Page 219 and 220:
APPENDIX C. PLACED COMBINATOR LIBRA
Page 221 and 222:
Page 223 and 224:
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Page 243 and 244:
Page 245 and 246:
Page 247 and 248:
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
Page 255 and 256:
Page 257 and 258:
Page 259 and 260:
Page 261 and 262:
Page 263 and 264:
Page 265 and 266:
Page 267 and 268:
Page 269 and 270:
Page 271 and 272:
Page 273 and 274:
Page 275 and 276:
Page 277 and 278:
Page 279 and 280:
APPENDIX D. CIRCUIT LAYOUT CASE STU
Page 281 and 282:
Page 283 and 284:
Page 285 and 286:
Page 287 and 288:
Page 289 and 290:
Page 291 and 292:
Page 293 and 294:
Page 295 and 296:
Page 297 and 298:
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Page 305 and 306:
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Page 317 and 318:
Page 319 and 320:
Page 321 and 322:
Page 323 and 324:
Page 325 and 326:
Page 327:
show all

Verification of Parameterised FPGA Circuit Descriptions with Layout ...

Create successful ePaper yourself

Delete template?

Save as template?