Verification of Parameterised FPGA Circuit Descriptions with Layout ...

24.04.2013 Views
CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 96 2.ÎnRna. ∀ qs137 qs138 qs139. 0 ≤ Height (qs138 ;;; R $ qs137 ;;; qs139); ∀ qs137 qs138 qs139. 0 ≤ Width (qs138 ;;; R $ qs137 ;;; qs139); ∀ l t b r. 0 ≤ irow.width na R l t b r =⇒ ∀ l t b r. 0 ≤ irow.width (Suc na) R l t b r The proof should now be completed by auto intro: width ser ge0, however the automatic proof tools do not work in this case. We can however prove the base case and expand the induction case using only the simplifier: > apply (simp, simp) goal (theorem (width ge0 int), 1 subgoal): 1.ÎRna. ∀ qs137 a b aa ba. 0 ≤ Height R qs137 (a, b) (aa, ba); ∀ qs137 a b aa ba. 0 ≤ Width R qs137 (a, b) (aa, ba); ∀ l t b r. 0 ≤ irow.width na R l t b r =⇒ ∀ l t b r. 0 ≤ Width (snd.snd $ (converse.converse $ (apr $ int na)) ;; beside $ ((| Def = λb c. arbitrary, Height = λb c. arbitrary, Width = λ(l, t). split (irow.width na R l t) |), R $ int na + 1) ;; fst . fst $ (apr $ int na)) (l, t) (b, r) We can apply the width ser ge0 rule manually, after removing the universal quantifiers, which splits the goal into three sub-goals: > apply (rule allI )+ > apply (rule width ser ge0)+ goal (theorem (width ge0 int), 3 subgoals): 1.ÎRna l t b r x y xa ya. ∀ qs137 a b aa ba. 0 ≤ Height R qs137 (a, b) (aa, ba); ∀ qs137 a b aa ba. 0 ≤ Width R qs137 (a, b) (aa, ba); ∀ l t b r. 0 ≤ irow.width na R l t b r

CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 97 =⇒ 0 ≤ Width (snd.snd $ (converse.converse $ (apr $ int na))) xa ya 2.ÎRna l t b r x y xa ya. ∀ qs137 a b aa ba. 0 ≤ Height R qs137 (a, b) (aa, ba); ∀ qs137 a b aa ba. 0 ≤ Width R qs137 (a, b) (aa, ba); ∀ l t b r. 0 ≤ irow.width na R l t b r =⇒ 0 ≤ Width (beside $ ((| Def = λb c. arbitrary, Height = λb c. arbitrary, Width = λ(l, t). split (irow.width na R l t) |), R $ int na + 1)) xa ya 3.ÎRna l t b r x y. ∀ qs137 a b aa ba. 0 ≤ Height R qs137 (a, b) (aa, ba); ∀ qs137 a b aa ba. 0 ≤ Width R qs137 (a, b) (aa, ba); ∀ l t b r. 0 ≤ irow.width na R l t b r =⇒ 0 ≤ Width (fst.fst $ (apr $ int na)) x y The proof can then be completed by auto. Similar techniques can be adopted for other proofs, although not all will require induction (the containment theorem for irow does not). Note that we have not required any properties of maxf or sum - these functions are used when describing the layout of iteratively defined blocks and are not needed for recursively defined combinators. We also attempted proofs for manually specified size functions which expanded the definitions of apr and apl etc, referring to explicit vector indexes. These are simpler expressions than the full expressions produced by the inference algorithm, however a slightly unexpected result is that this substantially complicates the proofs. Proof now requires expansion of the definitions of intermediate signals within the series compositions to check that there is a correspondence between the values produced by the usages of the append blocks and those that are manually specified. This should be a simple process but it is not because of the way blocks are defined as logical predicates rather than functions. The usage of block predicates to define values bound by the define description operator requires the elimination of definite descriptions to extract the real value. This is a significant

Page 1 and 2: Imperial College of Science, Techno

Page 3 and 4: Acknowledgements Firstly, I’d lik

Page 5 and 6: TABLE OF CONTENTS iv 2.5 Isabelle:

Page 7 and 8: TABLE OF CONTENTS vi 5.3.1 Speciali

Page 9 and 10: TABLE OF CONTENTS viii C.1.1 fst .

Page 11 and 12: Chapter 1 Introduction This thesis

Page 13 and 14: CHAPTER 1. INTRODUCTION 3 B A C Fig

Page 15 and 16: CHAPTER 1. INTRODUCTION 5 pler, all

Page 17 and 18: CHAPTER 2. BACKGROUND AND RELATED W














Page 45 and 46: CHAPTER 3. GENERATING PARAMETERISED















Page 75 and 76: Chapter 4 Verifying Circuit Layouts

Page 77 and 78: CHAPTER 4. VERIFYING CIRCUIT LAYOUT














Page 105: CHAPTER 4. VERIFYING CIRCUIT LAYOUT





Page 117 and 118: Chapter 5 Specialisation In this ch

Page 119 and 120: CHAPTER 5. SPECIALISATION 109 opera

Page 121 and 122: CHAPTER 5. SPECIALISATION 111 // Ha

Page 123 and 124: CHAPTER 5. SPECIALISATION 113 circu

Page 125 and 126: CHAPTER 5. SPECIALISATION 115 const

Page 127 and 128: CHAPTER 5. SPECIALISATION 117 block

Page 129 and 130: CHAPTER 5. SPECIALISATION 119 Modif

Page 131 and 132: CHAPTER 5. SPECIALISATION 121 Buffe

Page 133 and 134: CHAPTER 5. SPECIALISATION 123 a fas

Page 135 and 136: CHAPTER 5. SPECIALISATION 125 block

Page 137 and 138: CHAPTER 5. SPECIALISATION 127 y y y

Page 139 and 140: CHAPTER 5. SPECIALISATION 129 with

Page 141 and 142: CHAPTER 6. LAYOUT CASE STUDIES 131

















Page 175 and 176: CHAPTER 7. CONCLUSION AND FUTURE WO





Page 185 and 186: Bibliography [1] A. Aggoun and N. B

Page 187 and 188: BIBLIOGRAPHY 177 [19] H. Gelernter.

Page 189 and 190: BIBLIOGRAPHY 179 [41] Y. Li and M.

Page 191 and 192: BIBLIOGRAPHY 181 [60] L. C. Paulson

Page 193 and 194: BIBLIOGRAPHY 183 [83] J. Voeten. On

Page 195 and 196: APPENDIX A. QUARTZ LANGUAGE GRAMMAR

Page 197 and 198: Appendix B Theoretical Basis for La

Page 199 and 200: APPENDIX B. THEORETICAL BASIS FOR L









Page 217 and 218: Appendix C Placed Combinator Librar

Page 219 and 220: APPENDIX C. PLACED COMBINATOR LIBRA






























Page 279 and 280: APPENDIX D. CIRCUIT LAYOUT CASE STU
























Page 327: APPENDIX D. CIRCUIT LAYOUT CASE STU

theorem

layout

bits

height

quartz

width

circuit

combinator

theorems

appendix

verification

parameterised

fpga

descriptions

www.doc.ic.ac.uk

Verification of Parameterised FPGA Circuit Descriptions with Layout ...

Verification of Parameterised FPGA Circuit Descriptions with Layout ... ... View more Verification of Parameterised FPGA Circuit Descriptions with Layout ...

Delete template?

Save as template ?

Verification of Parameterised FPGA Circuit Descriptions with Layout ... Verification of Parameterised FPGA Circuit Descriptions with Layout ...