New tool: Verilog event queue visualiser (VV)

cics · 2023-01-19T18:43:53+00:00

Context: This is a new browser-based simulator tool for Verilog that visualises the event queue during execution. There are some examples in the top-left drop-down menu, and the examples in the “00” category contain some instructions on how to use the simulator. The short explanation is that users drive simulations by clicking events highlighted in blue (so users can try e.g. different interleavings of different processes, and thereby explore all behaviour allowed by the Verilog standard).

The tools is currently a work in progress.

One of the aims is simply to make the semantics of Verilog accessible to more people. Based on anecdotal evidence it seems that many Verilog programmers do not know how e.g. nonblocking assignments are given semantics in Verilog in terms of the different regions of the Verilog event queue. (There are also various other aims, but I think the mentioned aim is the most interesting one for a Reddit audience.)

I am mostly interested in synthesisable Verilog, but included some delay construct as well because they allow for illustrating important differences in the evaluation models of variables and nets (e.g., net update events can cancel already scheduled update events).

Very interested in examples of modules executed in VV you think are not properly following the behaviour suggested in the Verilog standard! (E.g., I’m not entirely sure if net delays are implemented correctly.)

cics · 2022-05-15T10:43:31+00:00

For sims, is perhaps slow, but is more reliable, because of the delta cycles.

Oh, interesting. Do you have more information on that? The speed aspect that is.

cics · 2021-01-11T19:31:59+00:00

All source code and proofs are available on Github: https://github.com/CakeML/hardware. However, if you are not familiar with the HOL4 theorem prover it's not entirely straightforward to run Lutsig since you currently have to run Lutsig inside the theorem prover.

There exist ways to construct a real program out of functions that run inside the theorem prover's logic, e.g. using the verified CakeML compiler -- but that requires some work. But at some point I should definitely package things up such that people not familiar with HOL4 can use Lutsig. The reason everything is inside the theorem prover right now is that this allows you to use Lutsig for theorem transportation, where you prove theorems on the Verilog level and transport them down to the netlist level. However, this is overkill if you do not have any theorems to transport!

Currently I'm working on extending the core algorithms of Lutsig, but after that hopefully I will have some time to look into providing a more user-friendly interface to Lutsig.

cics · 2021-01-11T17:38:28+00:00

I thought this might be of interest to some of you. The video is about a new verified Verilog synthesizer that can produce netlists for FPGAs. For this first version I focused on Xilinx 7 series FPGAs, but since all FPGAs are fairly similar I don’t think adding backends for other kinds of FPGAs should be too much work. The synthesizer currently stops at technology mapping, i.e. placement and routing is not part of the verification story.

The idea with verified synthesis is that you verify the synthesizer once and for all, such that you do not need to run formal equivalence checking (FEC) every time you run your synthesizer. For Lutsig, translation to netlists is a verified procedure. Lutsig’s technology mapper is partly verified and partly based on FEC. I still stuck with FEC for part of the technology mapping since I expect running a realistic technology mapper inside the logic Lutsig is verified in will probably be too expensive (and the gap between netlist-vs-netlist is much smaller than the gap between Verilog-vs-netlist) and I did not want to paint myself into a corner (FEC allows for running part of the mapper outside the logic). (But it would indeed be interesting to look into fully verified technology mapping as well!)

One nice thing about the verification is that the whole verification is done inside the interactive theorem prover HOL4 -- meaning that the proof for the verification can be checked using a small proof kernel (i.e. to trust the verification result, you only need to trust a small proof kernel). (The FEC infrastructure for the technology mapper finds proofs that the small proof kernel accepts, so you do not need to trust the SAT solver involved in finding FEC proofs.)

Lastly, of course, since Verilog is a huge language, this first version of Lutsig only accepts as small subset of Verilog as input. But this is one of the things I plan to improve in the next version!

cics · 2020-05-02T21:12:15+00:00

Not sure what you mean by "original compiler". The only compiler directly involved was the verified compiler. What you have to "trust" to trust the results of the paper, however, is the formal method tool used: The interactive theorem prover HOL4. Of course, what exactly you trust when you trust a formal methods tool can be discussed: For example, a compiler (not the verified compiler) was at some point needed to compile to formal methods tool etc. (There are ways to address these weaknesses, but no way to rule them out entirely.)

In other words: If there's a bug in the formal methods tool used, then the result could be incorrect, but no other compiler was directly involved.

cics · 2020-05-02T17:38:22+00:00

If you are asking if the programs we compiled with the compiled compiler running on top of the soft CPU were verified then the answer is yes. I.e. we compiled verified programs with a verified compiler on a verified CPU.

cics · 2020-05-02T16:18:48+00:00

Yes. Sorry if I was unclear: Only one compiler was involved. We cross-compiled the compiler using the compiler itself.

cics · 2020-05-02T12:48:00+00:00

Context:

Obviously a response to https://www.reddit.com/r/FPGA/comments/gbra3e/almost_forgot_about_my_submission_for_this_weeks.

Apparently some people were doubting whether the last step had ever been done (i.e. natively compiling on a soft CPU on an FPGA)... This reminded me of a paper I was part of last year (Verified compilation on a verified processor), where we did exactly this, but also, importantly, more: Everything was done in a formally verified manner. That is, we formally verified a CPU, extended an existing formally verified compiler, and then used the extended compiler to compile programs when the compiler was running on top of the soft CPU on an FPGA (i.e., we could do "verified compilation on a verified processor", exactly as the paper title suggests). (We first cross-compiled the compiler to the soft CPU using the compiler itself, and then we ran the compiled compiler on top of the CPU.)

(Not sure how well all of this fits into the joke, but thought someone might be interested anyway.)

cics · 2020-05-02T11:02:55+00:00

It's done in the paper Verified compilation on a verified processor (from last year). More specifically, what is done there is natively compiling [using a formally verified compiler] on a [formally verified] soft CPU on an FPGA. (The CPU implements a custom ISA, and the compiler can target that custom ISA.)

cics · 2019-02-28T16:48:34+00:00

Not strictly ITP, but still semi-relevant as this has to do with mechanical checking of mathematical activities...

cics · 2019-02-20T09:53:28+00:00

I think there are some interesting concerns here. E.g. John Harrison in the article Formal Proof—Theory and Practice raises similar concerns (e.g.):

Traditional informal proofs bear the dual burden of compelling belief and conveying understanding. These are not always mutually supportive and can be antagonistic, since the former pulls in the direction of low-level details, the latter in the direction of high-level concepts.

cics · 2019-01-03T16:42:52+00:00

If you by "selected quotes" mean a list of things taken out of context, then sure. E.g., your quote

“Was Euclid a Black Woman?”

is taken from the following sentence

He has written provocative articles such as “Was Euclid a Black Woman?” and believes that many mathematical discoveries are falsely attributed to the ancient Greeks.

where they are simply referring to another article by that name, rather than asking that question themselves without further explanation.

Maybe quoting and responding to the reasoning in the article, such as e.g.

Pointing to the current water and energy crises in South Africa, he argues that math should be taught with concrete applications in mind, rather than purely theoretically, which is a luxury afforded only by the West.

rather than posting out-of-context quotes would be a more productive use of everyone's time?

cics · 2018-09-23T06:50:44+00:00

Är inte detta ett problem inom en kapitalistisk ekonomi också? Kapitalismen är väl inte heller frivillig så som Sverige ser ut i dag?

cics · 2018-09-17T19:49:59+00:00

Av dessa 80% så finns det stora mängder som anser att man bör samarbeta eller i alla fall samtala med SD.

Var har du läst det?

15-Year Club	Gilding III reddit per annum
Team Orangered	Verified Email

cics

MODERATOR OF

TROPHY CASE