# Formality<sup>®</sup> User Guide

Version X-2005.12, December 2005

Comments? Send comments on the documentation by going to http://solvnet.synopsys.com, then clicking "Enter a Call to the Support Center."

# **SYNOPSYS**<sup>®</sup>

# **Copyright Notice and Proprietary Information**

Copyright © 2006 Synopsys, Inc. All rights reserved. This software and documentation contain confidential and proprietary information that is the property of Synopsys, Inc. The software and documentation are furnished under a license agreement and may be used or copied only in accordance with the terms of the license agreement. No part of the software and documentation may be reproduced, transmitted, or translated, in any form or by any means, electronic, mechanical, manual, optical, or otherwise, without prior written permission of Synopsys, Inc., or as expressly provided by the license agreement.

#### **Right to Copy Documentation**

The license agreement with Synopsys permits licensee to make copies of the documentation for its internal use only. Each copy shall include all copyrights, trademarks, service marks, and proprietary rights notices, if any. Licensee must assign sequential numbers to all copies. These copies shall contain the following legend on the cover page:

| "This document is duplicated with the permission of Synopsys, Inc., for the exclusive use of |  |
|----------------------------------------------------------------------------------------------|--|
| and its employees. This is copy number                                                       |  |

#### **Destination Control Statement**

All technical data contained in this publication is subject to the export control laws of the United States of America. Disclosure to nationals of other countries contrary to United States law is prohibited. It is the reader's responsibility to determine the applicable regulations and to comply with them.

#### Disclaimer

SYNOPSYS, INC., AND ITS LICENSORS MAKE NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

#### **Registered Trademarks (®)**

Synopsys, AMPS, Arcadia, C Level Design, C2HDL, C2V, C2VHDL, Cadabra, Calaveras Algorithm, CATS, CRITIC, CSim, Design Compiler, DesignPower, DesignWare, EPIC, Formality, HSIM, HSPICE, Hypermodel, iN-Phase, in-Sync, Leda, MAST, Meta, Meta-Software, ModelTools, NanoSim, OpenVera, PathMill, Photolynx, Physical Compiler, PowerMill, PrimeTime, RailMill, RapidScript, Saber, SiVL, SNUG, SolvNet, Superlog, System Compiler, TetraMAX, TimeMill, TMA, VCS, Vera, and Virtual Stepper are registered trademarks of Synopsys, Inc.

#### Trademarks (™)

Active Parasitics, AFGen, Apollo, Apollo II, Apollo-DPII, Apollo-GA, ApolloGAII, Astro, Astro-Rail, Astro-Xtalk, Aurora, AvanTestchip, AvanWaves, BCView, Behavioral Compiler, BOA, BRT, Cedar, ChipPlanner, Circuit Analysis, Columbia, Columbia-CE, Comet 3D, Cosmos, CosmosEnterprise, CosmosLE, CosmosScope, CosmosSE, Cyclelink, Davinci, DC Expert, DC Expert *Plus*, DC Professional, DC Ultra, DC Ultra Plus, Design Advisor, Design Analyzer, Design Vision, DesignerHDL, DesignTime, DFM-Workbench, Direct RTL, Direct Silicon Access, Discovery, DW8051, DWPCI, Dynamic Model Switcher, Dynamic-Macromodeling, ECL Compiler, ECO Compiler, EDAnavigator, Encore, Encore PQ, Evaccess, ExpressModel, Floorplan Manager, Formal Model Checker, FoundryModel, FPGA Compiler II, FPGA *Express*, Frame Compiler, Galaxy, Gatran, HANEX, HDL Advisor, HDL Compiler, Hercules, Hercules-Explorer, Hercules-II, Hierarchical

Optimization Technology, High Performance Option, HotPlace, HSIM<sup>DIS</sup>, HSPICE-Link, i-Virtual Stepper, iN-Tandem, Integrator, Interactive Waveform Viewer, Jupiter, Jupiter-DP, JupiterXT, JupiterXT-ASIC, JVXtreme, Liberty, Libra-Passport, Libra-Visa, Library Compiler, Magellan, Mars, Mars-Rail, Mars-Xtalk, Medici, Metacapture, Metacircuit, Metamanager, Metamixsim, Milkyway, ModelSource, Module Compiler, MS-3200, MS-3400, Nova Product Family, Nova-ExploreRTL, Nova-Trans, Nova-VeriLint, Nova-VHDLlint, Optimum Silicon, Orion\_ec, Parasitic View, Passport, Planet, Planet-PL, Planet-RTL, Polaris, Polaris-CBS, Polaris-MT, Power Compiler, PowerCODE, PowerGate, ProFPGA, ProGen, Prospector, Protocol Compiler, PSMGen, Raphael, Raphael-NES, RoadRunner, RTL Analyzer, Saturn, ScanBand, Schematic Compiler, Scirocco, Scirocco-i, Shadow Debugger, Silicon Blueprint, Silicon Early Access, SinglePass-SoC, Smart Extraction, SmartLicense, SmartModel Library, Softwire, Source-Level Design, Star, Star-DC, Star-MS, Star-MTB, Star-Power, Star-Rail, Star-RC, Star-RCXT, Star-Sim, Star-SimXT, Star-Time, Star-XP, SWIFT, Taurus, TimeSlice, TimeTracker, Timing Annotator, TopoPlace, TopoRoute, Trace-On-Demand, True-Hspice, TSUPREM-4, TymeWare, VCS Express, VCSi, Venus, Verification Portal, VFormal, VHDL Compiler, VHDL System Simulator, VirSim, and VMC are trademarks of Synopsys, Inc.

### Service Marks (<sup>SM</sup>)

MAP-in, SVP Café, and TAP-in are service marks of Synopsys, Inc.

SystemC is a trademark of the Open SystemC Initiative and is used under license. ARM and AMBA are registered trademarks of ARM Limited. All other product or company names may be trademarks of their respective owners.

Printed in the U.S.A.

Formality User Guide, version X-2005.12

# Contents

|    | About This User Guide                                 | xviii |
|----|-------------------------------------------------------|-------|
|    | Customer Support                                      | xxi   |
| 1. | Introduction to Formality                             |       |
|    | What Is Formality?                                    | 1-2   |
|    | How Does Formality Fit Into My Design Methodology?    | 1-4   |
|    | What Designs Can I Verify?                            | 1-7   |
|    | Design Requirements                                   | 1-7   |
|    | Design Types                                          | 1-7   |
|    | Verification of Two RTL Designs                       | 1-8   |
|    | Verification of an RTL Design and a Gate-Level Design | 1-8   |
|    | Verification of Two Gate-Level Designs                | 1-9   |
|    | What Pieces Make Up Formality?                        | 1-10  |
|    | General Process Flow                                  | 1-12  |
|    | Input and Output File Types                           | 1-14  |
|    | Input                                                 | 1-14  |
|    | Libraries                                             |       |

|    | Output                               |      |
|----|--------------------------------------|------|
|    | Synopsys Setup File                  | 1-23 |
|    | Concepts                             | 1-24 |
|    | Compare Points                       | 1-24 |
|    | Compare Rules                        | 1-27 |
|    | Containers                           | 1-28 |
|    | Design Equivalence                   | 1-30 |
|    | Logic Cones                          | 1-32 |
|    | Reference and Implementation Designs | 1-33 |
|    | Solvers                              | 1-34 |
| 2. | A Quick Start With Formality         |      |
|    | Before You Start                     | 2-2  |
|    | Creating Tutorial Directories        | 2-2  |
|    | Tutorial Directory Contents          | 2-3  |
|    | Invoking the Formality Shell and GUI | 2-3  |
|    | The Graphical User Interface         | 2-4  |
|    | Verifying fifo.vg Against fifo.v     | 2-6  |
|    | Specifying the Reference             | 2-6  |
|    | Specifying the Implementation        | 2-8  |
|    | Setting Up the Design                | 2-10 |
|    | Compare Point Matching               | 2-10 |
|    | Verifying the Designs                | 2-12 |
|    | Debugging                            | 2-12 |

| Verifying fifo_with_scan.v Ag                                          | ainst fifo_mod.vg | 2-17                 |
|------------------------------------------------------------------------|-------------------|----------------------|
| Verifying fifo_jtag.v Against fi                                       | fo_with_scan.v    | 2-21                 |
| Debugging Using Diagnosis                                              |                   | 2-25                 |
| For More Information                                                   |                   | 2-27                 |
| 3. Starting Formality                                                  |                   |                      |
| Starting the Shell Interfac                                            |                   | 3-3<br>3-3<br>3-5    |
| Entering Commands                                                      | nent              | 3-5<br>3-6<br>3-7    |
|                                                                        | nd Line           | 3-9                  |
| Recalling Commands                                                     | d Commands        | 3-12                 |
| Using Command Aliases<br>Using the alias Comm<br>Using the unalias Com | nmand             | 3-14<br>3-15<br>3-15 |
|                                                                        | ent               |                      |
| Managing Formality Wind                                                | lows              | 3-17                 |
|                                                                        | anscript Area     |                      |

|    | Copying Text to the Formality Prompt               | 3-20 |
|----|----------------------------------------------------|------|
|    | General Formality Usage Options                    | 3-20 |
|    | Getting Help                                       | 3-21 |
|    | Interrupting Formality                             | 3-23 |
|    | Understanding and Controlling Messages             | 3-24 |
|    | Setting Message Thresholds                         | 3-25 |
|    | Working With Script Files                          | 3-26 |
|    | Using the Command Log File                         | 3-28 |
|    | Controlling the File Search Path                   | 3-28 |
|    | The Tcl Source Command                             | 3-29 |
|    | Examining the File Search Path                     | 3-29 |
| 4. | Setting Basic Elements for Design Verification     |      |
|    | Reading in Libraries and Designs                   | 4-3  |
|    | Technology Libraries                               | 4-4  |
|    | Designs                                            | 4-5  |
|    | Changing Bus Naming and Dimension Separator Styles | 4-6  |
|    | Supporting DesignWare Components                   | 4-7  |
|    | Setting Variables for VHDL and Verilog Directives  | 4-8  |
|    | Setting EDIF Variables for Power and Ground        |      |
|    | Top-Level Design                                   | 4-11 |
|    | Loading the Reference Design                       | 4-11 |
|    | Reading Technology Libraries                       |      |
|    | Synopsys (.db) Format.                             |      |
|    | Verilog and VHDL RTL Format.                       |      |
|    | Verilog Simulation Data                            |      |
|    | Reading Design Libraries.                          | 4-17 |

|    | Reading Milkyway and DDC Databases<br>Milkyway Databases<br>DDC Databases | 4-20<br>4-21 |
|----|---------------------------------------------------------------------------|--------------|
|    | Setting the Top-level Design                                              | 4-21         |
|    | Loading the Implementation Design                                         | 4-25         |
|    | Setting Up and Managing Containers                                        | 4-27         |
| 5. | Preparing the Design for Verification                                     |              |
|    | Using Don't-Care Cells                                                    | 5-3          |
|    | Setting Up Designs                                                        | 5-4          |
|    | Supporting Multibit Library Cells                                         | 5-5          |
|    | Resolving Nets With Multiple Drivers                                      | 5-6          |
|    | Eliminating Asynchronous State-Holding Loops                              | 5-10         |
|    | Working With Cutpoints                                                    | 5-11         |
|    | Working With Black Boxes                                                  | 5-14         |
|    | Loading Design Interfaces Only                                            | 5-16         |
|    | Marking a Design as Black Box for Verification                            | 5-18         |
|    | Reporting Black Boxes                                                     | 5-19         |
|    | Performing Identity Checks                                                | 5-20         |
|    | Setting Pin and Port Directions for Unresolved Black Boxes                | 5-21         |
|    | Working With Constants                                                    | 5-22         |
|    | Defining Constants                                                        | 5-23         |
|    | Removing User-Defined Constants                                           | 5-24         |
|    | Listing User-Defined Constants                                            | 5-24         |
|    | Working With Equivalences                                                 | 5-25         |
|    | Defining an Equivalence.                                                  |              |
|    | Removing User-Defined Equivalences                                        | 5-26         |

| Listing User-Defined Equivalences                   | 5-27 |
|-----------------------------------------------------|------|
| Working With External Constraints                   | 5-30 |
| Defining an External Constraint                     | 5-32 |
| Creating a Constraint Type                          | 5-33 |
| Removing an External Constraint.                    | 5-34 |
| Removing a Constraint Type                          | 5-34 |
| Reporting Constraint Information                    | 5-35 |
| Reporting Information on Constraint Types           | 5-35 |
| Working With Hierarchical Designs                   | 5-35 |
| Setting the Flattened Hierarchy Separator Character | 5-36 |
| Propagating Constants                               | 5-37 |
| Working With Combinational Design Changes           | 5-38 |
| Disabling Scan Logic                                | 5-38 |
| Disabling Boundary-Scan in Your Designs             | 5-39 |
| Managing Clock Tree Buffering                       | 5-41 |
| Working With Sequential Design Changes              | 5-42 |
| Managing Asynchronous Bypass Logic                  | 5-43 |
| Setting Clock Gating                                | 5-45 |
| Enabling Inversion Push                             | 5-49 |
| Instance-Based Inversion Push                       | 5-51 |
| Environmental Inversion Push                        | 5-52 |
| Working with Retention Registers                    | 5-53 |
| Working With Re-Encoded Finite State Machines       | 5-54 |
| Using the Automated Setup File for FSM Re-Encoding  | 5-55 |
| Reading a User-Supplied FSM State File              | 5-55 |
| Defining FSM States Individually                    | 5-56 |
| Multiple Re-encoded FSMs In a Single Module         | 5-57 |
| Listing State Encoding Information.                 |      |
| Working With FSMs Re-encoded Using Design Compiler  | 5-58 |

| Working With Retimed Designs                         | 5-59 |
|------------------------------------------------------|------|
| Working With Single-State Holding Elements           | 5-60 |
| Working With Multiplier Architectures                | 5-61 |
| Reading the Automated Setup File                     | 5-62 |
| Setting the Multiplier Architecture                  | 5-62 |
| Reporting Your Multiplier Architecture               | 5-65 |
| Working With Arithmetic Blocks                       | 5-66 |
| Datapath Support                                     | 5-67 |
| Producing SVF Data with Design Compiler              | 5-68 |
| Reading the SVF Data Into Formality                  | 5-68 |
| Transformation Messages                              | 5-69 |
| svf_datapath Example                                 | 5-71 |
| Working With the Automated Setup File                | 5-73 |
| Creating an Automated Setup File                     | 5-73 |
| Reading an Automated Setup File Into Formality       | 5-74 |
| Writing a Text Version of the Automated Setup File   | 5-75 |
| Reading in Multiple Automated Setup Files            | 5-75 |
| Automated Setup File Commands                        | 5-77 |
| Using the Automated Setup File to Verify Multipliers | 5-78 |
| Automated Setup File Diagnostic Messages             | 5-79 |
| SVF Conversion to Text                               | 5-80 |
| Removing Information                                 | 5-81 |
| Removing Designs                                     | 5-81 |
| Removing Design Libraries                            | 5-82 |
| Removing Technology Libraries                        | 5-82 |
| Removing Containers                                  | 5-83 |
| Black Boxing Objects                                 | 5-84 |

|    | Saving Information.                               | 5-84 |
|----|---------------------------------------------------|------|
|    | Saving Containers                                 | 5-85 |
|    | Saving the Entire Formality Session               | 5-85 |
|    | Restoring Information                             | 5-87 |
|    | Restoring Containers                              | 5-87 |
|    | Restoring a Session                               | 5-88 |
| 6. | Compare Point Matching and Verification           |      |
|    | Matching Compare Points                           | 6-3  |
|    | Performing Compare Point Matching                 | 6-5  |
|    | Reporting Unmatched Points                        | 6-6  |
|    | Undoing Matched Points                            | 6-7  |
|    | Debugging Unmatched Points                        | 6-8  |
|    | How Formality Matches Compare Points              | 6-9  |
|    | Exact-Name Matching                               |      |
|    | Name Filtering                                    | 6-13 |
|    | Topological Equivalence                           |      |
|    | Signature Analysis                                |      |
|    | Compare Point Matching Based on Net Names         | 6-16 |
|    | Performing Verification                           | 6-17 |
|    | Verifying a Design                                | 6-17 |
|    | Verifying a Single Compare Point                  | 6-19 |
|    | Removing Compare Points from the Verification Set | 6-20 |
|    | Controlling Verification Runtimes                 | 6-22 |
|    | Distributing Verification Processes.              | 6-23 |
|    | Setting Up the Distributed Environment            | 6-23 |

|    | Verifying Your Environment                        | 6-26 |
|----|---------------------------------------------------|------|
|    | Interrupting Verification                         | 6-27 |
|    | Performing Hierarchical Verification              | 6-27 |
|    | Using Batch Jobs                                  | 6-30 |
|    | Starting Verification                             |      |
|    | Controlling Verification                          |      |
|    |                                                   |      |
|    | Verification Progress Reporting                   | 6-32 |
|    | Reporting and Interpreting Results                | 6-33 |
| 7. | Debugging Failed Design Verifications             |      |
|    | Debugging Process Flow                            | 7-3  |
|    | Gathering Information                             | 7-4  |
|    | Handling Designs That Don't Complete Verification | 7-4  |
|    | Determining Failure Causes                        | 7-7  |
|    | Debugging Using Diagnosis                         | 7-9  |
|    | Debugging Using Logic Cones                       | 7-11 |
|    | Eliminating Setup Possibilities                   | 7-13 |
|    | Black Boxes                                       | 7-14 |
|    | Unmatched Points                                  | 7-14 |
|    | Matching With User-Supplied Names                 | 7-14 |
|    | Matching With Compare Rules.                      |      |
|    | Matching With Name Subset                         |      |
|    | Renaming User-Supplied Names or Mapping File      |      |
|    | Design Transformations                            | 7-27 |

|    | Working With Schematics                                                                                | 7-28              |
|----|--------------------------------------------------------------------------------------------------------|-------------------|
|    | Viewing Schematics                                                                                     | 7-28              |
|    | Traversing Design Hierarchy                                                                            | 7-32              |
|    | Finding a Particular Object                                                                            | 7-32              |
|    | Generating a List of Objects                                                                           | 7-33              |
|    | Zooming In and Out of a View                                                                           | 7-34              |
|    | Viewing RTL Source Code                                                                                | 7-35              |
|    | Working With Logic Cones                                                                               | 7-36              |
|    | Pruning Logic                                                                                          | 7-40              |
|    | Working With Failing Patterns                                                                          | 7-41              |
|    | Saving Failing Patterns                                                                                | 7-44              |
|    | Running Previously Saved Failing Patterns                                                              | 7-45              |
| 8. | Cell Library Verification                                                                              |                   |
|    | Overview                                                                                               | 8-3               |
|    | Initializing Library Verification                                                                      | 8-4               |
|    |                                                                                                        |                   |
|    | Loading the Reference Library                                                                          | 8-5               |
|    | Loading the Reference Library                                                                          | 8-5<br>8-6        |
|    |                                                                                                        |                   |
|    | Loading the Implementation Library                                                                     | 8-6               |
|    | Loading the Implementation Library                                                                     | 8-6<br>8-7        |
|    | Loading the Implementation Library         Listing the Cells         Specifying a Customized Cell List | 8-6<br>8-7<br>8-8 |

| Debugging Failed Library Cells                                | 8-14 |
|---------------------------------------------------------------|------|
| Appendix A. Tcl Syntax As Applied to Formality Shell Commands |      |
| Using Application Commands                                    | A-3  |
| Understanding the Command Syntax                              | A-4  |
| Using Special Characters                                      | A-5  |
| Using Return Types                                            | A-5  |
| Quoting Values                                                | A-6  |
| Using Built-In Commands                                       | A-6  |
| Using Procedures                                              | A-7  |
| Using Lists                                                   | A-8  |
| Using Other Tcl Utilities                                     | A-10 |
| Using Environment Variables                                   | A-10 |
| Nesting Commands                                              | A-11 |
| Evaluating Expressions                                        | A-12 |
| Using Control Flow Commands                                   | A-12 |
| Using the if Command                                          | A-13 |
| Using while and for Loops                                     | A-13 |
| Using while Loops                                             | A-14 |
| Using for Loops                                               | A-14 |
| Iterating Over a List: foreach                                | A-15 |
| Terminating a Loop: break and continue                        | A-15 |
| Using the switch Command                                      | A-16 |

| Creating Procedures A-                   | -16 |
|------------------------------------------|-----|
| Programming Default Values for Arguments | ·17 |
| Specifying a Varying Number of Arguments | ·17 |
| Appendix B. Formality Library Support    |     |
| Overview                                 | 3-2 |
| Supported Library Formats                | 3-3 |
| Synopsys Synthesis Libraries             | 3-3 |
| Verilog Simulation Libraries             | 3-3 |
|                                          | 3-4 |
| Gate-Level Netlists                      | 3-4 |
| Updating Synthesis Libraries             | 3-4 |
| Library Enhancement/Generation Process   | 3-8 |
| Using Synthesis Libraries                | 3-9 |
| Using Verilog Libraries                  | 3-9 |
| Library Loading Order B-                 | ·12 |
| Single-Source Packaging B-               | ·12 |
| Multiple-Source Packaging B-             |     |
| Augmenting a Synthesis (.db) Library     |     |
| Augmenting a Simulation (.v) Library     | -13 |
| Appendix C. Reference Lists              |     |
| Shell Variables                          | 2-2 |
| Shell Commands C-                        | -10 |
| Index                                    |     |

xiv

# **About This Manual**

This preface includes the following sections:

- About This User Guide
- Customer Support

# **About This User Guide**

The *Formality User Guide* provides information about Formality concepts, procedures, file types, menu items, and methodologies with a hands-on tutorial to get you started with the tool.

## Audience

This manual is written for engineers who use the Formality product on a UNIX workstation to perform equivalence checking. Additionally, you need to understand the following concepts:

- Logic design and timing principles
- Logic simulation tools
- The UNIX operating system

## **Related Publications**

For additional information about Formality, see

- Documentation on the Web, which is available through SolvNet at https://solvnet.synopsys.com/DocsOnWeb
- The documentation installed with the Formality software and available through the Formality Help menu
- Synopsys Online Documentation (SOLD), which is included with the software for CD users or is available to download through the Synopsys Electronic Software Transfer (EST) system
- The Synopsys MediaDocs Shop, from which you can order printed copies of Synopsys documents, at http://mediadocs.synopsys.com

You might also want to refer to the documentation for the following related Synopsys products:

- ESP (for the FM-ESP User Guide)
- Design Compiler
- HDL Compiler
- PrimeTime

## Conventions

The following conventions are used in Synopsys documentation.

| Convention     | Description                                                                                                   |
|----------------|---------------------------------------------------------------------------------------------------------------|
| Courier        | Indicates command syntax.                                                                                     |
| Courier italic | Indicates a user-defined value in Synopsys syntax, such as <pre>object_name.</pre>                            |
| Regular italic | A user-defined value that is not Synopsys syntax, such as a user-defined value in a Verilog statement.        |
| Courier bold   | Indicates user input—text you type verbatim—in Synopsys syntax and examples.                                  |
| Regular bold   | User input that is not Synopsys syntax, such as a user name or password you enter in a GUI.                   |
| []             | Denotes optional parameters, such as                                                                          |
|                | pin1 [pin2 pinN]                                                                                              |
|                | Indicates that a parameter can be repeated as many times as necessary                                         |
| I              | Indicates a choice among alternatives, such as                                                                |
|                | low   medium   high                                                                                           |
|                | (This example indicates that you can enter one of three possible values for an option: low, medium, or high.) |
| -              | Connects terms that are read as a single term by the system, such as set_annotated_delay                      |
| Control-c      | Indicates a keyboard combination, such as holding down the Control key and pressing c.                        |
| ١              | Indicates a continuation of a command line.                                                                   |
| /              | Indicates levels of directory structure.                                                                      |
| Edit>Copy      | Indicates a path to a menu command, such as opening the Edit menu and choosing Copy.                          |

About This Manual

# **Customer Support**

Customer support is available through SolvNet online customer support and through contacting the Synopsys Technical Support Center.

## Accessing SolvNet

SolvNet includes an electronic knowledge base of technical articles and answers to frequently asked questions about Synopsys tools. SolvNet also gives you access to a wide range of Synopsys online services including software downloads, documentation on the Web, and "Enter a Call to the Support Center."

To access SolvNet,

- 1. Go to the SolvNet Web page at http://solvnet.synopsys.com.
- 2. If prompted, enter your user name and password. (If you do not have a Synopsys user name and password, follow the instructions to register with SolvNet.)

If you need help using SolvNet, click HELP in the top-right menu bar or in the footer.

## **Contacting the Synopsys Technical Support Center**

If you have problems, questions, or suggestions, you can contact the Synopsys Technical Support Center in the following ways:

- Open a call to your local support center from the Web by going to http://solvnet.synopsys.com (Synopsys user name and password required), then clicking "Enter a Call to the Support Center."
- Send an e-mail message to your local support center.
  - E-mail support\_center@synopsys.com from within North America.
  - Find other local support center e-mail addresses at http://www.synopsys.com/support/support\_ctr.
- Telephone your local support center.
  - Call (800) 245-8005 from within the continental United States.
  - Call (650) 584-4200 from Canada.
  - Find other local support center telephone numbers at http://www.synopsys.com/support/support\_ctr.

# 1

# Introduction to Formality

In this chapter you are introduced to the Formality application.

This chapter contains the following sections:

- What Is Formality?
- How Does Formality Fit Into My Design Methodology?
- What Designs Can I Verify?
- What Pieces Make Up Formality?
- General Process Flow
- Input and Output File Types
- Concepts

# What Is Formality?

Formality is an application that uses formal techniques to prove or disprove the functional equivalence of two designs or two cell libraries. For example, you can use Formality to compare a gate-level netlist to its register transfer level (RTL) source or to a modified version of that gate-level netlist. After the comparison, Formality reports whether the two designs or cell libraries are functionally equivalent. The Formality tool can significantly reduce your design cycle by providing an alternative to simulation for regression testing.

The techniques Formality uses are static and do not require simulation vectors. Consequently, for design verification you only need to provide a functionally correct, or "golden" design (called the reference design), and a modified version of the design (called the implementation). By comparing the implementation against the reference design, you can determine whether the implementation is functionally equivalent to the reference design. Cell library verification is similar except that each cell in the implementation library is compared against each cell in the reference library one cell at a time.

Today's design methodology requires regression testing at several points in the design process. Currently, traditional simulation tools, such as event-driven and cycle-based simulators, handle this regression testing. However, as designs become larger and more complex and require more simulation vectors, regression testing with traditional simulation tools becomes a bottleneck in the design flow. The bottleneck is caused by these factors:

• Large numbers of simulation vectors are needed to provide confidence that the design meets the required specifications.

- Logic simulators must process more events for each stimulus vector because of increased design size and complexity.
- More vectors and larger design sizes cause increased memory swapping, slowing down performance.

Formality fits well within established electronic design automation (EDA) methodologies used to create large-scale designs, because it can replace the traditional simulation tools used for regression testing. This replacement, combined with the continued use of static timing analysis tools, gives you two distinct advantages: significantly reduced verification times and complete verification.

Reduced verification times occur because Formality requires no input vectors. Reducing gate-level simulation time means you can spend more time verifying the initial golden RTL design to get better functional coverage. Formality maintains that coverage through all subsequent regressions.

Complete verification, the second advantage, means 100 percent equivalence over the entire vector space. Complete verification is significant because you no longer have to compromise the subset of vectors for gate-level simulation.

The following list summarizes the Formality features:

- Proves two designs or cell libraries are functionally equivalent, faster than verification using event-driven simulators.
- Provides complete verification (not vector-dependent).
- Performs RTL-to-RTL, RTL-to-gate, and gate-to-gate design verifications.
- Performs Verilog-to-DB, Verilog-to-Verilog, DB-to-DB, Verilog-to-SPICE, and DB-to-SPICE cell library verifications.

- Offers diagnostic capabilities to help you locate and correct functional discrepancies between designs.
- Reads synthesizable VHDL, Verilog, Synopsys internal .db format, and EDIF netlists.
- Performs automatic hierarchical verification.
- Uses existing Synopsys Design Compiler technology libraries.
- Saves and restores designs and verification sessions.
- Offers a graphical user interface (GUI) and a shell command-line interface (fm\_shell).
- Verifies a wide range of design transforms or modifications, including pipeline retiming and reencoded finite state machines.
- Offers schematic views and isolated "cone of logic" views that support location of design discrepancies.

# How Does Formality Fit Into My Design Methodology?

For design verification, Formality fits into a design process exactly the same way a logic simulator fits when it is used for regression testing. Specifically, any time you make a nonfunctional change to a design, you can use Formality to prove that the implementation is still functionally equivalent to the reference.

After proving the implementation is equivalent to the reference design, you can use the implementation as the reference design for the next regression test. By establishing the most recent design as the reference design throughout your design process, you minimize the overall verification time. A reduction in time occurs because structurally similar designs can be compared faster than structurally dissimilar designs.

Figure 1-1 shows the incremental usage model that best suits the design flow using Formality. The box with the bold border represents Formality.





Figure 1-2 shows how Formality fits into a typical ASIC verification methodology. In Figure 1-2, ovals represent data and boxes represent processes. Boxes with bold borders represent verification using Formality.





Chapter 1: Introduction to Formality

# What Designs Can I Verify?

This section presents fundamental design requirements and describes situations in which Formality works particularly well.

## **Design Requirements**

The reference design and implementation design that you use with Formality must meet these fundamental requirements:

- Design files must be in the Synopsys internal database format (.db) or must use only synthesizable VHDL or Verilog constructs accepted by HDL Compiler and VHDL Compiler. Formality can also read designs in EDIF netlist format.
- Designs should use a synchronous design style; they should not contain state-holding loops implemented as combinational logic.
- Top-level I/O ports, sequential components, and black box components in both the reference design and implementation must be aligned structurally. Formality automatically matches as many ports and components as possible between the implementation and reference design during verification. You can use Formality commands to create matches where Formality cannot automatically determine them.

## **Design Types**

This section presents examples of situations in which Formality offers a good solution for regression testing.

## **Verification of Two RTL Designs**

When you make an architectural change to an RTL design, use Formality to verify that you did not change how the design functions. In this situation, you are verifying an RTL implementation against an original RTL reference design.

Situations where this type of regression testing becomes necessary include

- Adding clock gating circuitry for power reduction
- Restructuring critical paths
- Reorganizing logic for area reduction

## Verification of an RTL Design and a Gate-Level Design

Verification of an RTL design against a gate-level design can occur at several points in the design methodology. For example, it is important to verify the gate-level implementation that results from synthesis against the golden RTL design for functional equivalence. This gate-level design becomes the golden design used in verifying subsequent implementations.

Another example is when you make minor functional changes in the gate-level netlist and you simultaneously update the RTL source without using synthesis. In this case, you can use Formality to verify that the changes made in the RTL source match the current implementation.

Verification becomes important in situations such as these:

• You maintain the RTL design as the source design for future design revisions.

- You use the RTL design in system-level simulations.
- You use the RTL design as the official "documentation" of design functions.
- You synthesize the RTL design.

Note:

Formality does not support PLA (.pla), state tables (.st), or equation tables (.e). Therefore, do not write your RTL to these formats when using Formality.

## **Verification of Two Gate-Level Designs**

Any time you produce a new gate-level implementation of the design by making nonfunctional changes, you can use Formality to verify the functional equivalence of the design.

These are typical changes that result in a new implementation but do not affect functionality:

- Adding test logic (scan circuitry) to a design
- Reordering a scan chain in a design
- Inserting a clock tree into a design
- Adding I/O pads to the netlist
- Performing design layout
- Performing flattening and cell sizing
- Creating a netlist for hardware acceleration or emulation

## What Pieces Make Up Formality?

Formality consists of four functional areas surrounded by a command-line interface (fm\_shell) and a graphical user interface (GUI). Figure 1-3 illustrates these areas.

Figure 1-3 Functional Areas Within Formality



This list describes the user-visible areas shown in Figure 1-3.

## GUI

The GUI offers a windows-based, menu-driven interface that lets you access most Formality functions. Through the GUI, you can perform design management, verify designs, generate reports, and diagnose and debug designs.

For more information about the GUI, see section "The Formality GUI Environment" on page 3-17.

## fm\_shell

The fm\_shell is a command-line interface that offers the same commands as the GUI as well as functions unique to the fm\_shell. From the fm\_shell, you can do everything that you can with the GUI except view schematic representations of designs and view logic cones.

For more information on shell commands, see the online man pages.

Design management

The design management functions let you set up and control the verification process. For example, you can load designs, establish environmental parameters, save and restore verification sessions, and help Formality match points in the designs.

For more information on design management, see Chapter 5, "Preparing the Design for Verification," and Chapter 7, "Debugging Failed Design Verifications."

Verification

Verification is the primary function of Formality. By default, Formality checks for design consistency when you verify a design or cell library. An implementation is consistent with a reference design when it is functionally equivalent, given that a don't-care state (X) in the reference design can be represented by either a 0 or 1 state in the implementation.

You can also test for design or cell library equality. An implementation is equal to a reference design when it meets both these requirements:

• It is consistent with the reference design.

• The set of don't-care vectors matches that of the reference design set.

See section "Working With Equivalences" on page 5-25 for more information. For procedures that describe how to perform verification, see Chapter 6, "Compare Point Matching and Verification."

**Report generation** 

Formality allows you to generate several types of reports. These reports provide information about the most recent verification, the most recent diagnosis, environment parameters, or parameters that affect a particular design.

Diagnosis

You use the diagnosis function when design verification fails. Diagnosis produces information that helps you isolate areas in the design that could be responsible for the failed verification. For more information, see Chapter 7, "Debugging Failed Design Verifications."

## **General Process Flow**

The flow chart in Figure 1-4 provides an overall guide to the Formality design verification process. Starting with Chapter 3, "Starting Formality," each chapter describes one or more steps in detail. This chart appears in the beginning of each applicable chapter to remind you where you are in the process.

Figure 1-4 Design Verification Process Flow Overview



Note:

You generally use the application commands from the fm\_shell up to the "Run Verify" step. Thereafter, you will generally use the GUI. Unless otherwise noted, this manual presents instructions for both the fm\_shell and the GUI.

Cell library verification is a self-contained process that is described in Chapter 8, "Cell Library Verification."

## Input and Output File Types

This section describes the types of files the Formality tool accepts and generates for design verification. It includes the following sections:

- Input
- Output
- Synopsys setup file

## Input

Formality accepts several types of files as input. File formats consist of design formats and Formality-specific files. Figure 1-5 illustrates Formality input.





ASIC library

Groups of cell-sized designs in the Synopsys internal database format. Libraries are described in detail in "Libraries" on page 1-18.

Automated Setup Files

Setup information in the form of guidance (.svf) files to help Formality understand and verify the transformations between designs. SVF files are described in detail in "Working With the Automated Setup File" on page 5-73.

Batch script

A file that contains Formality shell commands. Because Formality supports batch mode operation, you can supply a file that contains valid Formality shell commands to direct the verification process. For information about how to prepare a batch script, see "Using Batch Jobs" on page 6-30.

EDIF

EDIF language design files. For information about how to read EDIF files into Formality, see "Reading in Libraries and Designs" on page 4-3.

Failing patterns

This file contains failing input vectors of the most recent failed verification or diagnosis, or the most recent application of a set of previously saved failing patterns. Formality uses this file as input when simulating previously failing patterns. For information about how to simulate previously failing patterns, see "Running Previously Saved Failing Patterns" on page 7-45.

FSM state information

A file that contains flip-flop names and their encoding for FSMs. This file defines FSMs so that Formality can create compare points necessary for verification. For information about reading these types of files, see "Working With Re-Encoded Finite State Machines" on page 5-54.

Name mapping file

A file that contains one-to-one name mappings that Formality applies to specific designs. Formality performs verification based on compare points composed of comparable design objects. Sometimes the naming scheme for design objects in an implementation deviates measurably from that of the reference design. In such cases, a mapping file might be used to make the match. For information about how to map names between designs, see "Unmatched Points" on page 7-14.

Saved containers

The Formality internal representation of a container and its contents. You supply this file when you want to restore a previously saved container. For information about saving containers, see section "Saving the Entire Formality Session" on page 5-85.

## Saved session

A file that contains the state of the verification session. You supply this file when you want to restore a previously saved Formality session. For information about how to restore a Formality session, see section "Restoring a Session" on page 5-88.

Synopsys internal database files

Files formatted in the Synopsys internal database design format (.ddc and .db files). The database format is the default output format used for the Synopsys Design Compiler tool. For information about how to read Synopsys database files into Formality, see "Reading in Libraries and Designs" on page 4-3.

Verilog

Verilog hardware description language design files. This design format specifies digital systems at a wide range of levels of abstraction. Formality supports the same synthesizable subset of Verilog as does the Synopsys Design Compiler tool. For information about how to read Verilog files into Formality, see "Reading in Libraries and Designs" on page 4-3.

Verilog Simulation Library

Verilog simulation library files. You can read the cell definition information into a technology library. The library reader extracts the pertinent information to determine the gate-level behavior of the design, and generates a netlist that represents the functionality of the Verilog library cells. Libraries are described in detail in "Libraries" on page 1-18.

VHDL

VHDL design files. This design format specifies digital systems at a high level of abstraction. For information about how to read VHDL files into Formality, see "Reading in Libraries and Designs" on page 4-3.

# Libraries

Libraries are collections of designs. When you read design data into Formality, it is grouped into libraries. Formality supports two types of libraries: design libraries and technology libraries.

Design library

A collection of designs usually associated with a single design effort. For example, a design library might contain individual designs that represent the parts of a hierarchical design: core, control\_block, mux\_out, mux\_in, and so on. Depending on the size and complexity of the top-level design, it might be better to use more than one design library to organize the design data.

Technology library

A collection of cells usually associated with a particular vendor and design technology. For example, when you create a new container in Formality, it automatically loads in the generic technology (GTECH) library. There are two types of technology libraries: shared and nonshared. Shared technology libraries are visible in every container and are automatically loaded into every container subsequently created during the Formality session. Nonshared technology libraries are loaded into a particular container.

Figure 1-6 illustrates the library concept in the Formality environment. The figure shows one technology library and one design library in the container. Each container can have any number of such libraries.

#### Figure 1-6 Libraries



In the fm\_shell, you use the Formality "read" type commands to load libraries. In some cases, a command option determines whether the data is read in as a technology library or as a design library.

When specifying libraries in the fm\_shell, you provide a libraryID. A libraryID is like a path name that specifies the container in which the library resides and the name of the library. See section "Conventions" on page 2-xx for more information about libraryID.

In the GUI, you view libraries directly in container windows. You can expand and collapse libraries to view individual designs and cells.

# Output

Formality generates several types of output files as illustrated in Figure 1-7.

Figure 1-7 Generated Output



Failing patterns

This file contains failing input vectors of the most recent failed verification or diagnosis, or the most recent application of a set of previously saved failing patterns. For information about how to simulate previously failing patterns, see "Running Previously Saved Failing Patterns" on page 7-45.

Formality log files

Formality maintains two log files: formality.log and fm\_shell\_command.log. The formality.log file contains verbose information not printed to the transcript. For example, during verification the transcript might print an informational message indicating that constants were propagated in the reference design and to see the formality.log file for details. The fm\_shell\_command.log file contains a history of Formality shell commands run during the session.

Chapter 1: Introduction to Formality

If multiple sessions of Formality are running, the working directory and log files are named using the following scheme, where n is an integer value:

FM\_WORKn
formalityn.log
fm\_shell\_commandn.log

Note:

Exiting abnormally from Formality can clutter your file system with locked files associated with Formality logs and with the Formality working directory. You can safely delete these files when the Formality session associated with them is no longer running.

Formality reports

ASCII files you produce by redirecting output from the Formality reporting feature. These reports contain information about all aspects of the verification and diagnosis.

Formality work directory

The Formality work directory named FM\_WORK. Formality creates this directory upon invocation. It contains containers and shared technology libraries.

Saved containers

The Formality internal representation of a container. You create these files by saving individual containers. For information about saving containers, see "Saving Containers" on page 5-85. Saved session

A file that contains the state of the verification session. You create this file by saving the Formality session. For information about how to save a Formality session, see "Saving the Entire Formality Session" on page 5-85.

# **Controlling Formality-Generated File Names**

Formality allows you to control the naming of its files and directory names. These names can be appended with a unique suffix for each verification run.

Specifying a unique name can be useful for correlating the Formality transcript with the Formality log file when you run multiple verifications within the same directory.

Use the fm\_shell -name\_suffix *suffix* command to specify unique file names. Formality constructs the file names and directories as follows:

- formality\_suffix.log
- fm\_shell\_command\_suffix.log
- FM\_WORK\_suffix

In addition, the option -overwrite allows you to overwrite existing files. If you use the -name\_suffix option, and a file with the same suffix already exists, Formality generates an error message. If you want to overwrite any existing files, use the -overwrite option with the fm\_shell command.

You can access (read only) the following two Tcl variables to see the new file names for the formality.log file and the fm\_shell\_command.log file:

- formality\_log\_name
- sh\_command\_log\_file

# **Synopsys Setup File**

Every time you invoke Formality, it executes the commands in the Formality setup files, all named .synopsys\_fm.setup. These setup files can reside in three directories, which Formality reads in a specific order. You can use these files to automatically set variables to your preferred settings. The following list shows the order in which Formality reads the files:

1. Synopsys root directory. For example, if the release tree root is /usr/synopsys, the setup file is:

/usr/synopsys/admin/setup/.synopsys\_fm.setup

- 2. Your home directory. You create this .synopsys\_fm.setup file, and it applies to all sessions started by you.
- 3. The directory from which Formality is invoked (the current working directory). You create this .synopsys\_fm.setup file and customize it for a particular design.

If a particular variable is set in more than one file, the last file read overwrites the previous setting.

# Concepts

This section presents key concepts that help you effectively use Formality. It includes the following sections:

- Compare Points
- Compare Rules
- Containers
- Design Equivalence
- Logic Cones
- Reference and Implementation Designs

### **Compare Points**

A compare point is a design object used as a combinational logic endpoint during verification. A compare point can be an output port, register, latch, black box input pin, or net driven by multiple drivers.

Formality uses the following design objects to automatically create compare points:

- Primary outputs
- Sequential elements
- Black box input pins
- Nets driven by multiple drivers, where at least one driver is a port or black box

Formality verifies a compare point by comparing the logic cone from an implementation compare point against a logic cone for a matching compare point from the reference design.





When functions defining the cones of logic for a matched pair of compare points (one from the reference design and one from the implementation design) are proved by Formality to be functionally equivalent, the result is that both the reference and the implementation compare points have passing status. If all compare points in the reference design pass verification, the final verification result for the entire design is a successful verification.

Prior to design verification, Formality tries to match each primary output, sequential element, black box input pin, and qualified net in the implementation with a comparable design object in the reference design. For more information on how compare points are matched, see "How Formality Matches Compare Points" on page 6-9.

For Formality to perform a complete verification, all compare points must be verifiable. There must be a one-to-one correspondence between the design objects in the reference and implementation designs, except for two cases where you can still attain complete verification when you are testing for design consistency:

• The implementation design contains extra primary outputs.

• Either the implementation or the reference design contains extra registers, and no compare points fail during verification.

Compare points are primarily matched by object names in the designs. If the object names in the designs are different, Formality uses various methods to match up these compare points automatically. You can also match up these names manually when all automatic methods fail.

Compare point matching techniques in Formality can be broadly divided into two categories:

- Name-based matching techniques
- Nonname-based matching techniques

For more information, see "Matching Compare Points" on page 6-3.

Unmatched design objects from either the implementation or the reference design are reported as failing compare points, with a note indicating that there is no comparable design object in the reference design.

Sometimes you might have to provide information so Formality can match all design objects before performing verification. For example, the implementation and reference design might contain design objects that differ in name but are otherwise comparable, and Formality is not able to match them by using its matching algorithms (including signature analysis). In such cases, you can map design object names yourself using any of several methods. For details, see section "Unmatched Points" on page 7-14.

Figure 1-9 shows an example of how the combination of automatic and user-defined compare points results in complete verification. Automatically created compare points result when Formality can match the name and type of two design objects by using normal matching techniques or signature analysis. User-defined compare points result when you take steps to map names between design objects.





See "Reporting and Interpreting Results" on page 6-33 for compare point status messages.

### **Compare Rules**

A compare rule is a name translation rule applied by Formality during compare point creation. Compare rules are one of many methods that allow you to map object names between the implementation and reference designs. For example, suppose that a certain bus in the reference design has a different name in the implementation, and Formality cannot match the two objects using structural or signature analysis. You can define a compare rule to enable Formality to correctly create compare points. Application of the compare rule maps the bus names in the reference design to those in the implementation.

Compare rules have a regular expression syntax identical to that supported by the test\_compare\_rules command. Therefore, you can use the test\_compare\_rules command to ensure your compare rules behave as desired.

### Containers

A container is a complete, self-contained space into which Formality reads designs. It is typical for one container to hold the reference design while another holds the implementation design. In general, you do not need to concern yourself with containers. You simply load designs in as either reference or implementation. This is described in section "Reading in Libraries and Designs" on page 4-3.

A container typically contains a set of related technology libraries and design libraries that fully describe a design that is to be compared against another design. A technology library is a collection of "parts" associated with a particular vendor and design technology. A design library is a collection of designs associated with a single design effort. Designs contain design objects such as cells, ports, nets, and pins. A cell can be a primitive or an instance of another design.

Figure 1-10 and Figure 1-11 illustrate the concept of containers.

#### Figure 1-10 Containers



In general, to perform a design comparison, you should load all of the information on one design into a container (the reference), and all the information on the other design into another container (the implementation).

You can create, name, reuse, delete, open, and close containers. In some cases, Formality automatically creates a container when you read data into the Formality environment.

Each container can hold many design and technology libraries, and each library can hold many designs and cells. Components of a hierarchical design must reside in the same container. Figure 1-11 illustrates the concept of containers.

#### Figure 1-11 Containers



In Formality, one container is always considered the "current" container. Unless you specifically set the current container, Formality uses the last container into which a design is read. That container remains the current container until you specifically change it or you create a new container. Many Formality commands operate on the current container by default (when you do not specify a specific container).

For details about containers, see "Setting Up and Managing Containers" on page 4-27.

#### **Design Equivalence**

The term "design equivalence" refers to the verification test objective. Formality can test for two types of design equivalence: design consistency and design equality.

Design consistency

For every input pattern for which the reference design defines a 1 or 0 response, the implementation design gives the same response. If there is a don't-care (X) condition in the reference, verification still passes if there is a 0 or a 1 at the equivalent point in the implementation.

**Design equality** 

Includes design consistency with additional requirements. The functions of the implementation and reference designs must be defined for exactly the same set of input patterns. If there is a don't-care (X) condition in the reference, verification passes only when there is an X at the equivalent point in the implementation.

See "Using Don't-Care Cells" on page 5-3 for information about don't-care conditions; also see "Working With Equivalences" on page 5-25.

The type of design equivalence is also called the verification mode. By default, verification mode tests for design consistency, which is adequate in most cases. For the rare occasion that it is not, you can test for design equality.

Note:

Sometimes conditions exist where one design (design A) is consistent with a second design (design B), but design B is not consistent with design A. For example, design B might have a don't care condition that is implemented as a 0 or 1 in design A as shown in the following example

Here, design A gives an output value of X for the d=2b'11 input condition.

```
model A (d, q);
input [1:0] d;
output q;
reg q;
always @ (d)
case (d)
  2'b00: q = 1'b0 ;
  2'b01: q = 1'b1 ;
  2'b10: q = 1'b1 ;
  2'b11: q = 1'bX ;
endcase
```

endmodule

Here, design B gives an output value of 1 for the d=2'b11 input condition.

```
model A (d, q);
input [1:0] d;
output q;
reg q;
always @ (d)
case (d)
2'b00: q = 1'b0 ;
2'b01: q = 1'b1 ;
2'b10: q = 1'b1 ;
2'b11: q = 1'b1 ;
endcase
```

endmodule

If you run a verification with design A as the reference and design B as the implementation, verification passes (X in the reference versus 1 in the implementation). However, if you run a verification with design B as the reference and design A as the implementation, verification fails (1 in the reference versus X in the implementation).

# **Logic Cones**

A logic cone consists of combinational logic originating from a particular design object and fanning backward to terminate at certain design object outputs. The design objects from which logic cones originate are those used by Formality to create compare points. These design objects are primary outputs, internal registers, black box input pins, and nets driven by multiple drivers where at least one driver is a port or black box. The design objects at which logic cones terminate are primary inputs and those that Formality uses to create compare points. Figure 1-12 illustrates the logic cone concept.

#### Figure 1-12 Logic Cones



In Figure 1-12, the design object of concern is a primary output. Formality compares this design object (compare point) to a comparable object (compare point) in a second design during verification. The shaded area of the figure represents the logic cone for the primary output. The cone begins at the input net of the port and works back toward the termination points. In this illustration, the termination points are nets connected to primary inputs.

### **Reference and Implementation Designs**

The reference and implementation designs are the designs Formality tests for equivalence.

Reference

This design is the "golden" design, the standard against which Formality tests for equivalence.

Implementation

This design is the changed design. The implementation is the design whose correctness you want to prove. For example, a newly synthesized design is an implementation of the source RTL design.

Concepts

Note:

For cell library verification, the reference and implementation definitions don't apply because you always test for equality. In addition, you are generally specifying different types of libraries against one another. For example, a synthesis library against a SPICE library.

After Formality proves an implementation design's equivalence to a known reference design, you can establish that implementation as the new reference design. Using this technique during regression testing keeps overall verification times at a minimum. Conversely, working through an entire design methodology and then verifying the sign-off netlist against the original VHDL can result in difficult verifications and in longer overall verification times.

In the fm\_shell or the GUI, you can designate a design you have read into the Formality environment as either the implementation or reference design. There are no special requirements to restrict your designation, but there can be no more than one implementation and reference design at any given time in the Formality environment.

# Solvers

Formality enlists various solvers during pre-verification and verification to attempt to prove the equivalence or non-equivalence of two designs using algorithms particular to that solver. To check for equivalence, the solvers look for internal equivalences, redundancies, constants, and so forth.

For example, the datapath solver uses a particular algorithm to solve multipliers in the pre-verification stage, which can significantly reduce the entire verification runtime. When the solver successfully pre-verifies a multiplier in your design, Formality black boxes it for the rest of verification. If the datapath solver is unable to pre-verify your multiplier, Formality returns an inconclusive result in the transcript.

For suggestions on how to help prepare your designs for successful verification, see "Handling Designs That Don't Complete Verification" on page 7-4.

Chapter 1: Introduction to Formality 1-36

# A Quick Start With Formality

This chapter is intended to get you up and running quickly with Formality. The quick-start tutorial demonstrates the steps followed during a typical Formality design verification session.

This chapter contains the following sections:

- Before You Start
- Invoking the Formality Shell and GUI
- The Graphical User Interface
- Verifying fifo.vg Against fifo.v
- Verifying fifo\_with\_scan.v Against fifo\_mod.vg
- Verifying fifo\_jtag.v Against fifo\_with\_scan.v
- Debugging Using Diagnosis

• For More Information

# **Before You Start**

Before you begin this tutorial, ensure that Formality is properly installed on your system. Your .cshrc file should set the path to include the bin directory of the Formality installation. For example, if your installation directory is /u/admin/formality and your platform type is sparcOS5, specify the set path statement, where /u/admin/formality represents the Formality installation location on your system:

```
set path = ($path /u/admin/formality/bin)
```

You do not need a separate executable path for each platform. The Formality invocation script automatically determines which platform you are using and calls the correct binary. To do this, however, you must make sure all platforms needed are installed in one Formality tree. Install Formality in its own directory tree, separate from other Synopsys tools such as Design Compiler.

# **Creating Tutorial Directories**

After installation of Formality, the files needed for the example designs are located in the *fm\_install\_path*/doc/fm/tutorial directory. You must copy the necessary files to your home directory.

To create a tutorial directory with all of its subdirectories, do the following:

1. Change to your home directory.

% cd \$HOME

Chapter 2: A Quick Start With Formality

2. Use the following command to copy the tutorial data, where fm\_install\_path is the location of the Formality software:

```
% cp -r fm_install_path/doc/fm/tutorial $HOME
```

3. Change to the new tutorial directory:

```
% cd tutorial
```

# **Tutorial Directory Contents**

The tutorial directory contains the following subdirectories:

- GATE: Verilog gate-level netlist.
- GATE\_WITH\_JTAG: Verilog gate-level netlist with scan and JTAG insertions.
- GATE\_WITH\_SCAN: Verilog gate-level netlist with scan insertion.
- LIB: Technology library required for the gate-level netlists.
- RTL: RTL source code.

# Invoking the Formality Shell and GUI

To start Formality, enter the following command at the operating system prompt:

```
% fm_shell
...
fm_shell (setup)>
```

The fm\_shell command starts the Formality shell environment and command-line interface. From here, start the GUI as follows:

fm\_shell (setup)> start\_gui

The word "(setup)" indicates the current mode of operation. When you invoke Formality, you begin in the setup phase.

Refer to Chapter 3, "Starting Formality," in the *Formality User Guide* for more information about the fm\_shell and GUI environments.

# **The Graphical User Interface**

The main GUI session window contains the following window areas, as shown in Figure 2-1 on page 5:

- Pull-down menu bar: GUI commands, some of which are duplicated in the toolbar buttons and right-click pop-up menus.
- Toolbar: Easy-access buttons to common GUI commands. The contents of the toolbar change depending on the view displayed in the console area.
- Flow-based toolbar: Buttons that indicate the correct flow to employ to perform formal verification. The buttons highlight to indicate you where you are in the flow. Each button displays a new view in the console area. By default, the GUI opens at the first step, Reference, with the reference work area displayed in the console area.

When you use the fm\_shell to perform steps, and then invoke the GUI, the GUI opens with the correct button highlighted to indicate where you are in the flow. This also occurs when you continue a previously saved Formality session.

- Console area: The main working area. From here, you perform the actions necessary to perform verification as well as view reports.
- Command status area: Transcripts and other information is displayed here depending on the button selected below the command status window.
- Formality prompt: Text box that allows you to enter Formality prompts and environment variables that are not available through the GUI interface.
- Status area: Current state of the tool.

| Pull-down                                                      | menu bar               | Toolbar                   | Flow-bas      | ed toolbar        |                      |
|----------------------------------------------------------------|------------------------|---------------------------|---------------|-------------------|----------------------|
| Reference:                                                     |                        | Formality (R) Console - S | ynopsys Inc.  |                   | Verification Not Run |
| Implementation:<br>1. Reference 2.                             | Implementation         | 3. Setup                  | 4. Match      | 5. Verify         | 6. Debug             |
| 1. Read Design Files 2. Read DB Libraries 3. Set Top Design    |                        |                           |               |                   |                      |
| Verilog VHDL EDIF DB<br>Preferences<br>Design Library:<br>WORK |                        |                           | Load<br>Files | Currently Loaded: |                      |
| Options                                                        | Verilog                | Remove                    | Clear         |                   |                      |
| Log Errors Warnings History<br>Formality (setup)><br>[Ready    | Last Command Diagnosis |                           |               |                   | Shell State: setup   |
| Console area Command status area Formality prompt              |                        |                           |               |                   |                      |

#### Figure 2-1 GUI Session Window

The Graphical User Interface

# Verifying fifo.vg Against fifo.v

In this portion of the tutorial you will verify a synthesized design named fifo.vg, which is a pure Verilog gate-level netlist, against a RTL reference design named fifo.v.

### **Specifying the Reference**

As Figure 2-1 on page 5 shows, the first step as indicated by the flow-based toolbar is to specify the reference. The tabbed selections below the flow-based toolbar indicate that to do this you:

- 1. Read Design Files.
- 2. Read DB (technology) Libraries (optional).
- 3. Set Top Design.

The reference design is the design against which you compare the transformed (implementation) design. The reference design in this case is the RTL source file named fifo.v.

Refer to the Formality User Guide for conceptual information.

To specify the reference design, do the following:

1. Click the Reference button if its work area is not already displayed in the console area.

The Read Design File tab and Verilog tab are active by default.

2. Click the Verilog button.

The Add Verilog Files dialog box appears.

- 3. Navigate to the RTL subdirectory where you copied the tutorial directory, then select the fifo.v file. Click Open.
- Click the Options button, and in the DesignWare root directory (hdlin\_dwroot) area, browse to or specify the path name to the Synopsys software root directory.

This step is necessary because fifo.v contains a DesignWare instantiated RAM block. As needed, enter echo \$SYNOPSYS at the Formality prompt to obtain the root directory's path name.

- 5. In the Options dialog box, click the VCS Style Options tab.
- 6. In the Options pane, select Library Directory (-y) and in the Enter Directory Name text box browse to or specify the RTL subdirectory. Click Add.
- 7. In the Options pane, select Library Extension (+libext) and in the Enter File Extension text box, enter ".v". Click Add.

The -y and +libext options you selected are Verilog simulator (VCS) options, where -y specifies to look in the current directory for any unresolved modules and +libext specifies to look in files with the specified extension (".v" in this case).

8. Click OK to exit the dialog box, then click Load Files.

The fifo.v file appears as the loaded reference design file.

9. Click the Set Top Design tab.

In this case, you skip the Read DB Libraries tab because the fifo.v design does not require a technology library. Technology libraries contain cells to which the netlist must be mapped; fifo.v does not require mapping.

10. In the choose-a-library pane, select the WORK library.

Notice that this pane lists all the loaded libraries, which includes DesignWare (DW\*) libraries and the GTECH library, which contains the GTECH components required to map RTL.

- 11. In the choose-a-design pane, select "fifo", the name of the toplevel design.
- 12. Click the Set Top button.

Setting the top-level design starts the linking and elaboration process on all files and reports if there are any missing files. Formality searches for the DesignWare RAM automatically.

Before you click Set Top, only the top-level design ("fifo") is listed and the lower-level modules are not listed. The reason for this is that during linking, the netlist reader searches for the unresolved modules under the directory specified using the VCS -y option.

After you click Set Top, the choose-a-design pane lists the entire design hierarchy.

A green check-mark appears on the Reference button located on the flow-based toolbar, indicating that you successfully specified the reference. You can move on to specifying the implementation.

### Specifying the Implementation

The procedure for specifying the implementation is identical to that for specifying the reference:

- 1. Read Design Files.
- 2. Read DB (technology) Libraries (optional).

3. Set Top Design.

To specify the implementation, do the following:

1. Click the Implementation button on the flow-based toolbar.

The Read Design Files and Verilog tabs are selected by default. That is, their work areas are displayed when you click the Implementation button.

2. Click the Verilog button.

The Add Verilog Files dialog box appears.

- 3. Navigate from the RTL directory to the GATE directory, then select the fifo.vg file. Click Open.
- 4. Click the Load Files button.

The fifo.vg file appears as the loaded implementation design.

5. Click the Read DB Libraries tab, then the DB button.

The Add DB Files dialog box appears. Unlike the fifo.v reference design, fifo.vg requires a technology library for mapping.

- 6. Navigate to the LIB directory, then select the technology library named lsi\_10k.db. Click Open.
- 7. Click the Load Files button.
- 8. Click the Set Top Design tab.
- 9. In the choose-a-library pane, select WORK, then the top-level design, fifo, from the choose-a-design pane.
- 10. Click the Set Top button.

Formality links and elaborates all the files and reports if there are any missing files. Because this tutorial uses a DesignWare RAM, the tool searches for technology-dependent modules from the lsi\_10k technology library.

A green check-mark appears on the Implementation button located on the flow-based toolbar, indicating that you successfully specified the implementation. You can move on to the setup stage, as necessary.

# **Setting Up the Design**

You often need to specify additional setup information to account for designer knowledge not contained in the design netlist or to achieve optimal performance.

This step involves supplying information to Formality. For example, you may need to set constants if the design underwent transformations such as scan or JTAG insertion. In this case, only fifo.vg was synthesized; therefore, you can move on to the next step, Match.

For detailed information about setup possibilities, refer to Chapter 5, "Preparing the Design for Verification," in the *Formality User Guide*.

### **Compare Point Matching**

Note:

Refer to the *Formality User Guide* for conceptual information about compare points.

Compare point matching is the process by which Formality segments the reference and implementation designs into logical units, called logic cones. Each logic cone feeds a compare point, and each compare point in the implementation must match each compare point in the reference or verification will fail. Matching ensures that there are no mismatched logic cones and allows Formality to proceed with verifying the implementation for functionality.

Refer to the *Formality User Guide* for detailed information on how Formality matches compare points.

To match compare points between fifo.v and fifo.vg, do the following:

- 1. Click the Match button on the flow-based toolbar.
- 2. Click the Run Matching button.

When matching is completed, the results appear in the command status area. You can also click the Summary tab to view the results. In this case, there are no unmatched compare points to debug.

If the summary indicated unmatched compare points, you would click the Unmatched Compare Points tab to view them. For example, unmatched compare points in the reference might indicate extra registers that were optimized away during synthesis. If you expect such optimizations, then you can ignore the extra (unmatched) compare points in the reference.

3. Click OK to close the Information dialog box.

Refer to the *Formality User Guide* for detailed information about compare point matching, including how to debug unmatched compare points.

# Verifying the Designs

You are now ready to verify the functionality of fifo.vg against its reference, fifo.v.

To verify fifo.vg against fifo.v, do the following:

- 1. Click the Verify button on the flow-based toolbar.
- 2. Click the Verify All button.

Verification begins, as shown by the scrolling transcript in the command status area. Verification fails, which means fifo.vg underwent some transformations during synthesis that render it unequivalent to fifo.v.

3. Click OK to close the dialog box notifying you of the failed verification.

In this case verification will fail. This testcase includes a deliberate design error to introduce you to the debug capabilities of Formality.

# Debugging

The challenge for most users is debugging failed verifications. That is, you must find the exact points in the designs that exhibit the difference in functionality and then fix them. To debug fifo.vg, do the following:

1. Click the Debug button on the flow-based toolbar if it is not already selected.

The console area displays the Failing Points report. You will notice groups of failing points with similar names except for the last elements, which might then be \*\_[reg0], \*\_[reg1], \*\_[reg2], and \*\_[reg3], for example. Typically a group of failing points are caused by a single error.

2. Click the Diagnose button to run diagnosis on the failing points. Diagnosis is the process by which Formality analyzes a set of compare points and finds the error candidates. When Formality completes the diagnosis run, it brings up the Error Candidates tab, which displays the error candidates found in your design.

#### Note:

Although this is not shown in this tutorial, if while debugging you get an error stating there was a diagnosis failure due to too many errors (and you know the error is not caused by setup problems), select a group of failing points with similar names and click the Diagnose Selected Points button. This might help to direct diagnosis down to a specific section of the design.

3. From the Error Candidates Window, right-click on the error U81 and choose View Logic Cones. You will see a list of related failing points for that error, from which you select one of those points (for this example use push\_logic/pop\_count\_svd\_reg[0]), and double-click to bring up the logic cone.

A new window appears, called the Cone Schematics, which displays reference (top screen) and implementation (bottom screen) schematics for the logic cone. It highlights and zooms to the error candidate inverter, U81, in the implementation cone. The reference schematic highlights the matching region corresponding to the error candidate in the implementation design.

The error candidate is highlighted in orange. The corresponding matching region in the reference design is highlighted in yellow. To view the error region in isolation, click the Isolate Error Candidate Pruning Mode button in the cone view. This prunes away all the logic and shows the error inverter.

Colors in the schematics window have different meanings depending on the color mode selected. The color modes are none (the default), constants, simulation values, and error candidates.

- None—The default color mode.
- Constants—Nets with a constant logic value 0 are blue, nets with logic 1 are orange, and the remaining nets are gray.
   Remaining objects are colored in the default color mode.
- Simulation values—Nets with simulation logic 0 are blue, nets with simulation logic 1 are orange, and the remaining objects are colored in the default color mode.
- Error candidates—Error drivers corresponding to the error candidates are highlighted orange. The corresponding matching region is highlighted in yellow.
- 4. Observe the patterns annotated on the CLK net. The reference shows logic 0, while the implementation shows logic 1.

To discover the cause for this functional difference, do the following:

- Select the net in the implementation design.

- Right-click and select Isolate Subcone.
- Select the net in the reference design.
- Right-click and select Isolate Subcone.

The screens change to display just the net in question. Notice that the logic driving the implementation CLK pin includes an inverter. During synthesis an inverter may have been inserted to fix hold-time problems.

You can zoom in by clicking the Zoom In Tool toolbar button then clicking in the schematic. Deselect the button to return to the pointer.

You can copy selected objects in design and cone schematics using Copy Name, Copy Reference Name, and Copy Implementation Name. You can paste these names into the console (or any other editable text field) using Ctrl+V or your middle mouse button.

5. Fix the error by editing the netlist or resynthesizing the design to generate a new netlist free of errors in clock-tree manipulations.

The fifo\_mod.vg file in the GATE directory contains the corrected netlist. Execute the following command at the UNIX prompt to view the difference:

```
%> diff fifo.v fifo.mod.vg
```

You can see that the modified netlist removes the inverter.

- After closing the Logic Cone View, verify the corrected implementation, fifo\_mod.vg, against the reference. First respecify fifo\_mod.vg as the new implementation design as follows:
  - Click the Implementation button on the flow-based toolbar.

- Click the Read Design Files tab.
- Click the Verilog button.
- Click Yes to remove the current implementation design data.

#### Note:

Clicking Yes permanently removes the current implementation data. In practice, be sure to save the data prior to specifying a new implementation (or reference) design.

- Navigate to the GATE subdirectory, and select fifo\_mod.vg. Click Open.
- Click Load Files.
- Skip the Read DB Libraries tab because the technology library is shared, and click the Set Top Design tab.
- Be sure WORK and fifo are selected, and click the Set Top button.
- 7. As before skip the Setup step. In this case, you can also skip the Match step because you did not change the setup (which could alter compare points) and you did not appreciably change the implementation by removing the inverter. In addition, you know that all the compare points matched previously.
- 8. Click the Verify button on the flow-based toolbar, then the Verify All button.

Formality performs automatic compare point matching prior to verification when you do not perform the Match step beforehand. Verification is successful.

Now that you have completed this section of the tutorial, prepare the GUI as follows for the next section:

- 1. Click the Remove Reference toolbar button, then click Yes.
- 2. Click the Remove Implementation toolbar button, then click Yes.

Note:

Clicking Yes permanently removes the current

reference and implementation data. In practice, be sure to save (as necessary) prior to removing design data.

3. At the Formality prompt, enter the following command:

remove\_library -all

Notice that the transcript says "Removed shared technology library 'LSI\_10K'.

You now have the equivalent of a fresh session with which to execute the next section of the tutorial.

# Verifying fifo\_with\_scan.v Against fifo\_mod.vg

Note:

At any point during a Formality session you can exit and save the current state by selecting File > Save Session. When you invoke a new session later, select File > Restore Session to continue where you ended previously.

In this portion of the tutorial you will specify the successfully verified netlist, fifo\_mod.vg, as the reference, design. You will then verify a design that went through a design transformation against it. The fifo\_with\_scan.v implementation design, as the name suggests, had scan logic inserted.

The following procedure takes you through the six verification steps (Reference, Implementation, Setup, Match, Verify, and Debug) in one continuous flow.

Do the following:

- 1. Click the Reference button on the flow-based toolbar.
- 2. Click the Verilog button, navigate to the fifo\_mod.vg file in the GATE directory, click Open, and finally, click Load Files.
- 3. Click the Read DB Libraries tab and ensure the Read as a shared library check button is selected.

Because this is a gate-to-gate verification, the technology library needs to be available for both fifo\_mod.vg and fifo\_with\_scan.v. By default, DB technology libraries are shared.

If you use a Verilog or VHDL technology library, you must specify the read\_verilog -tech or read\_vhdl -tech command at the Formality prompt, because they are not shared libraries.

- 4. Click the DB button, then navigate to the technology library named lsi\_10k.db in the LIB directory. Click Open.
- 5. Click Load Files.
- 6. Click the Set Top Design tab and ensure that the fifo design inside the WORK library is selected as the top-level design. Click the Set Top button.

Now move on to specifying the implementation design, which is much the same process as described in section "Specifying the Implementation" on page 2-8.

- 7. Click the Implementation button on the flow-based toolbar and then the Verilog button.
- In the Add Verilog Files dialog box, navigate to the fifo\_with\_scan.v design file located in the GATE\_WITH\_SCAN directory. Click Open.
- 9. Click the Load Files button.
- 10. Click the Set Top Design tab and ensure that fifo design inside the WORK library is selected as the top-level design. Click the Set Top button.

You skipped the Read DB Libraries step because you had previously specified lsi\_10k.db as a shared technology library.

11. Click the Setup tab.

Unlike the verification you performed between fifo.vg and fifo.v, in which you skipped the setup phase, the implementation design you just specified must have its inserted scan disabled prior to verification.

12. Click the Constants tab, then the Set button.

The Set Constant dialog box appears. It lists all the input, output, and bidirectional ports within fifo\_with\_scan.v. You can use the Search text box to easily find the signal you want to change.

13. Click the Implementation tab and ensure that fifo is selected and that Ports appears in the choice text box near the top of the display area.

- 14. Scroll or search for the port named test\_se and select it.
- 15. In the Constant Value choice area at the bottom of the dialog box, click "0". Click OK.

Setting the test signal, test\_se, to a constant zero state disables the scan logic in fifo\_with\_scan.v. Notice that test\_se now appears in the Constants report area.

- 16. Click the Match button on the flow-based toolbar, then Run Matching. Matching yields one unmatched compare point, which you need to analyze and fix, if necessary.
- 17. Click OK to remove the Information dialog box, then click the Unmatched Points tab.

You see a report on the unmatched point, test\_se. It is an extra compare point in the implementation, related to the inserted scan, which you previously disabled. In this case, extra compare points are expected in the implementation; therefore, you can ignore them and move on to verification.

Note:

Extra compare points in the reference would *not* have been expected and would require you to debug them as outlined in the *Formality User Guide*.

18. Click the Verify button on the flow-based toolbar, then the Verify All button.

The verification is successful; the scan insertion did not alter the functionality of the implementation design. Note that if you had not disabled the test signal test\_se in step 15, verification would have failed.

Now that you have completed this section of the tutorial, prepare the GUI as follows for the next section:

- 1. Click the Remove Reference toolbar button, then click Yes.
- 2. Click the Remove Implementation toolbar button, then click Yes.

Note:

Clicking Yes permanently removes the current reference and implementation data. In practice, be sure to save (as necessary) prior to removing design data.

3. At the Formality prompt, enter the remove\_library -all command.

The transcript says "Removed shared technology library 'LSI\_10K'.

You now have the equivalent of a fresh session with which to execute the next section of the tutorial.

# Verifying fifo\_jtag.v Against fifo\_with\_scan.v

In this portion of the tutorial you will specify the successfully verified scan-inserted netlist, fifo\_with\_scan.v, as the reference, design. You will then verify a design that went through another type of design transformation against it. The fifo\_jtag.v implementation design, as the name suggests, includes a JTAG insertion as well as a scan insertion.

The procedure that follows leads you through the six verification steps (Reference, Implementation, Setup, Match, Verify, and Debug) in one continuous flow. Do the following:

- 1. Click the Reference button on the flow-based toolbar.
- 2. Click the Verilog button, navigate to the fifo\_with\_scan.v file in the GATE\_WITH\_SCAN directory, click Open, and finally, click Load Files.
- 3. Click the Read DB Libraries tab and ensure the Read as a shared library check button is selected.

Because this is a gate-to-gate verification, the technology library needs to be available for both fifo\_with\_scan.v and fifo\_jtag.v.

- 4. Click the DB button, then navigate to the technology library named lsi\_10k.db in the LIB directory. Click Open.
- 5. Click Load Files.
- 6. Click the Set Top Design tab and ensure that the fifo design inside the WORK library is selected as the top-level design. Click the Set Top button.
- 7. Click the Implementation button on the flow-based toolbar then the Verilog button.
- In the Add Verilog Files dialog box, navigate to the fifo\_jtag.v design file located in the GATE\_WITH\_JTAG directory. Click Open.
- 9. Click the Load Files button.
- 10. Click the Set Top Design tab and ensure that the fifo design inside the WORK library is selected as the top-level design. Click the Set Top button.

Notice that because of the inserted JTAG modules listed at the top of the choose-a-design pane, you need to scroll down to find the fifo design.

Note:

If you accidentally set the wrong design as the top-level design, you must redefine the implementation (or reference) by first clicking the Remove Reference or Remove Implementation toolbar button, then starting again.

You skipped the Read DB Libraries step because you had previously specified lsi\_10k.db as a shared technology library.

11. Click the Setup tab.

For this verification you must disable the scan in fifo\_with\_scan.v just as you performed in the previous section of the tutorial. Remember that this design is now the reference design. You must also disable JTAG signals in the implementation design.

12. Click the Constants tab, then the Set button.

The Set Constant dialog box appears with the Reference tab selected.

- 13. Ensure that fifo is selected and that Ports appears in the choice text box near the top of the display area.
- 14. Scroll or search for the port named test\_se and select it.
- 15. In the Constant Value choice area at the bottom of the dialog box, click "0". Click Apply.
- 16. Click the Implementation tab and ensure that fifo is selected and that Ports appears in the choice text box near the top of the display area.

- 17. Repeat steps 14 and 15 to disable the test\_se test signal for the implementation.
- 18. In a similar process, disable the JTAG signals, jtag\_trst, and jtag\_tms, by setting them to constant 0. Click OK to exit the dialog box.

The Constants report lists the four disabled signals, one for the reference and three for the implementation.

19. Click the Match button on the flow-based toolbar, then Run Matching.

Matching yields 171 unmatched compare points, which you need to analyze and fix, if necessary.

20. Click OK to remove the Information dialog box, then click the Unmatched Points tab if it is not already selected.

You see that the extra compare points are located in the implementation and related to the inserted JTAG, which you previously disabled. Specifically, JTAG insertion results in the addition of a large logic block called a tap controller; therefore, extra compare points are expected in the implementation. You can ignore them and move on to verification.

21. Click the Verify button on the flow-based toolbar, then click the Verify All button.

The verification is successful; the JTAG insertion did not alter the functionality of the implementation design.

# **Debugging Using Diagnosis**

In some designs, you can reach a point where you have fixed all setup problems in your design or determined that no setup problems exist. Therefore, the failure must have occurred because Formality found functional differences between the implementation and reference designs.

Use the following steps to isolate the problem (this section assumes you are working in the GUI).

1. In the Debug screen, click the Failing Points tab to view the failing points.

During verification, Formality creates a set of failing patterns for each failing point. These patterns show the differences between the implementation and reference design. Diagnosis is the process of analyzing these patterns and identifying error candidates that might be responsible for the failure. Sometimes the design can have multiple errors and, therefore, an error candidate can have multiple locations.

2. Run diagnosis on all of the failing points listed in this window by clicking the Diagnose button.

Note:

On occasion, after clicking the Diagnose button, you might get a warning (FM-417) stating too many error locations caused diagnosis to fail (if the error locations exceed 5). If this occurs, and you have already verified no setup problems exist, try selecting a group of failing points (such as, a group of buses with common names), and click the Diagnose Selected Points button. This can help diagnosis by paring down the failing points to a specific section in the design. Finally, if the group diagnosis fails, select one of the failing points and run diagnosis.

3. Click the Errors Candidates tab to view the error candidates. You will see a list of error candidate in this window.

Sometimes an error candidate can have multiple errors associated with it. For each of the errors, the number of related failing points are also reported in this window.

Sometimes there can be alternate error candidates apart form the recommended ones shown in this window. You can inspect the alternate candidates using the Next and Previous buttons available in this tab. You can reissue the error candidate report anytime after running diagnosis by using the report\_error\_candidates command.

4. Choose an error with the maximum number of failing points. Right click on that error, then choose View Logic Cones.

If there are multiple failing points, a list will appear, from which you can choose a particular failing point to view.

A logic cone view of the failing compare point appears. The logic cone zooms in to the error candidate and highlights it in orange. The associated matching region in the reference design is highlighted in yellow.

Error candidates can consist of multiple errors. Errors are the drivers in the design whose function can be changed to fix the failing compare point.

Note:

Changing the function of an error location sometimes can cause previously passing input patterns to fail.

Examine the logic cone for the instance causing the failure. The problem instance is highlighted in orange. You can click isolate error candidates pruning mode button to view the error region in isolation. You can undo this pruning mode by choosing the Undo option from the Edit menu.

## For More Information

For detailed information about each stage of the formal verification process demonstrated in the tutorial, refer to the following chapters in the *Formality User Guide*:

- Chapter 3, "Starting Formality," describes the user interfaces and describes how to invoke the tool.
- Chapter 4, "Setting Basic Elements for Design Verification," describes how to read in designs and libraries, and define the reference and implementation designs.
- Chapter 5, "Preparing the Design for Verification," describes how to set design-specific parameters to help Formality perform verification and to optimize your design for verification.
- Chapter 6, "Compare Point Matching and Verification," describes how to match compare points and perform verification.
- Chapter 7, "Debugging Failed Design Verifications," describes diagnostic procedures that can help you locate areas in the design that caused failure.
- Chapter 8, "Cell Library Verification," describes how to compare two technology libraries.

- Appendix A, "Tcl Syntax As Applied to Formality Shell Commands," describes Tcl syntax as it relates to more advanced tasks run from the fm\_shell. Topics include application commands, built-in commands, procedures, control flow commands, and variables.
- Appendix B, "Formality Library Support," describes how to verify and modify cell libraries to make them suitable for Formality to perform equivalence checking.
- Appendix C, "Reference Lists," provides reference tables listing Formality application commands and environment variables.

# **Starting Formality**

Formality offers two working environments: the Formality shell (a command-line based user interface) and the Formality GUI (a graphical windows-based interface). This chapter describes how to invoke them, as well as how to use interface elements such as the command log file and the help facility.

The following sections are contained in this chapter:

- Invoking Formality
- The Formality Shell Environment
- The Formality GUI Environment
- General Formality Usage Options

This chapter's subject matter pertains to the box outlined in Figure 3-1.

Figure 3-1 Design Verification Process Flow Overview



Chapter 3: Starting Formality

# **Invoking Formality**

The Formality fm\_shell is the command-line interface. Formality fm\_shell commands are made up of command names, arguments, and variable assignments. Commands use the tool command language (Tcl), which is used in many applications in the EDA industry.

The Formality GUI is the graphical, menu-driven interface. It allows you to perform verification as well as provides schematic and logic cone views to help you debug failed verifications.

## **Starting the Shell Interface**

To start the fm\_shell, type the following command at the operating system prompt (%):

```
% fm_shell
fm_shell (setup)>
```

The Formality copyright or license notice, program header, and fm\_shell prompt appear in the window from which you started Formality.

You can use the following command-line options when starting the fm\_shell.

-file filename

Invokes Formality in a shell and runs a batch script. For example,

```
% fm_shell -file my_init_script.fms
```

Invoking Formality

```
-no_init
```

Prevents setup files from being automatically read upon invocation. This is useful when you have a command log or other script file you want to use to reproduce a previous Formality session. For example,

```
% fm_shell -no_init -f fm_shell_command.log.copy
```

```
-64bit | -32bit
```

Invoke formality using the 64-bit binary executable on platforms that support it. The default value is 32 bits. Use 64 bits only when Formality runs out of memory running with the default 32-bit executable.

```
-overwrite
```

Overwrite existing FM\_WORK, formality.log and fm\_shell\_command.log files.

```
-name_suffix filename_suffix
```

Append the suffix to the log files created by Formality. For example,

% fm\_shell -name\_suffix tmp

generates files named FM\_WORK\_tmp, formality\_tmp.log, and fm\_shell\_command\_tmp.log.

-version

Prints the version of Formality, then exits.

-session session\_file\_name

Specifies a previously saved Formality session.

-gui

Starts the Formality graphical user interface (GUI).

## **Invoking the GUI**

To invoke the GUI, enter the following command after you have invoked the fm\_shell:

```
fm_shell (verify) > start_gui
```

You can also start the GUI by specifying fm\_shell -gui.

You can choose to display or hide primary sections of the GUI session window. For example, to hide or display the toolbar or status bar, use the View menu bar item. In the menu, select an option to display or hide the corresponding area of the session window. A check mark is shown next to the menu item if the corresponding section is currently being displayed in the window.

The lower pane is called the console window. Use the Log, Errors, Warnings, History, and Last command executed buttons above it to display different types information in the pane.

You can exit the GUI without exiting from the Formality session.

# **The Formality Shell Environment**

This section presents the following topics related to using the Formality fm\_shell:

- Entering Commands
- Supplying Lists of Arguments
- Listing Previously Entered Commands
- Recalling Commands

- Redirecting Output
- Using Command Aliases
- Listing Design Objects

For more information on the Tcl syntax, see Appendix A, "Tcl Syntax As Applied to Formality Shell Commands." If you want more detailed information about the Tcl language, consult books on Tcl in the engineering section of your local bookstore or library.

# **Entering Commands**

Formality considers case when it processes fm\_shell commands. All command names, option names, and arguments are case-sensitive. For example, the following two commands are equivalent but refer to two different containers, named r and R:

```
fm_shell (setup)> read_verilog -r top.v
fm_shell (setup)> read_verilog -R top.v
```

Each Formality command returns a result, which is always a string. The result can be passed directly to another command, or it can be used in a conditional expression. For example, the following command uses an expression to derive the right side of the resulting equation:

```
fm_shell (setup)> echo 3+4=[expr 3+4]
3+4=7
```

When you enter a long command with many options and arguments, you can extend the command across more than one line by using the backslash (\) continuation character. During a continuing command

input (or in other incomplete input situations), Formality displays a secondary prompt, the question mark (?). Here is an example:

```
fm_shell (setup)> read_verilog -r "top.v \
? bottom.v"
Loading verilog file...
Current container set to `r'
1
fm_shell (setup)>
```

### **Supplying Lists of Arguments**

When supplying more than one argument for a given Formality command, adhere to Tcl rules. Most publications about Tcl contain extensive discussions about specifying lists of arguments with commands. This section highlights some important concepts.

- Because command arguments and results are represented as strings, lists are also represented as strings, but with a specific structure.
- Lists are typically entered by enclosing a string in braces, as follows:

{file\_1 file\_2 file\_3 file\_4}

In this example, however, the string inside the braces is equivalent to the following list:

[list file\_1 file\_2 file\_3 file\_4]

Note:

Do not use commas to separate list items.

If you are attempting to perform command or variable substitution, the form with braces does not work. For example, the following command reads a single file that contains designs in the Synopsys internal .db format. The file is located in a directory defined by the variable DESIGNS.

```
fm_shell (setup)> read_db $DESIGNS/my_file.db
Loading db file '/u/project/designs/my_file.db'
No target library specified, default is WORK
1
fm_shell (setup)>
```

Attempting to read two files using the following command fails because the variable is not expanded within the braces.

```
fm_shell (setup)> read_db {$DESIGNS/f1.db $DESIGNS/f2.db}
Error: Can't open file $DESIGNS/f1.db.
0
fm_shell (setup)>
```

Using the list command expands the variables.

```
fm_shell (setup)> read_db [list $DESIGNS/f1.db $DESIGNS/
f2.db]
Loading db file '/u/designs/f1.db'
No target library specified, default is WORK
Loading db file '/u/designs/f2.db'
No target library specified, default is WORK
1
fm_shell (setup)>
```

You can also enclose the design list in double quotation marks to expand the variables.

```
fm_shell (setup)> read_db "$DESIGNS/f1.db $DESIGNS/f2.db"
Loading db file '/u/designs/f1.db'
No target library specified, default is WORK
Loading db file '/u/designs/f2.db'
No target library specified, default is WORK
1
fm_shell (setup)>
```

### **Editing from the Command Line**

You can use the command-line editing capabilities in Formality to complete commands, options, variables, and files that have a unique abbreviation. This line editing capability is useful by allowing you to use the shortcuts and options available in the emacs or vi editor.

Use the list\_key\_bindings command to display current key bindings and the current edit mode. To change the edit mode, set the sh\_line\_editing\_mode variable to either the .synopsys\_fm.setup file or directly in the shell. To disable this feature you must set the sh\_enable\_line\_editing variable to false in your .synopsys\_fm.setup file. It is set to true by default.

By typing part of a command, variable, etc. then clicking the tab key, the editor will complete the word(s) or file for you. A space is added to the end, if there isn't already one there, to speed typing and provide a visual indicator of successful completion. Completed text pushes the rest of the line to the right. If there are multiple matches, all matching commands, variables, and so on are auto listed. If no match is found (for example, if the partial command name you've typed is not unique), the terminal bell rings.

# **Listing Previously Entered Commands**

The history command with no arguments lists the last *n* commands that you entered. The most recent 20 commands are listed by default.

The syntax is

```
history [keep number_of_lines] [info number_of_entries]
      [-h] [-r]
```

keep number\_of\_lines

Changes the length of the history buffer to the number of lines you specify.

info number\_of\_entries

Limits the number of lines displayed to the specified number.

-h

Shows the list of commands without loading numbers.

-r

Shows the history of command in reverse order.

For example, use the following command to review the 20 most recent commands entered:

```
fm_shell (setup)> history
1 alias warning_only "set message_level_mode warning"
2 include commands.pt
3 warnings_only
4 help set
5 history -help
6 alias warnings_only "set message_level_mode warning"
7 warnings_only
8 ls -al
9 unalias warning_only
10 unalias warnings_only
11 history
fm_shell (setup)>
```

You can use the keep argument to change the length of the history buffer. To specify a buffer length of 50 commands, enter the following command:

fm\_shell (setup)> history keep 50

You can limit the number of entries displayed, regardless of the buffer length, by using the info argument. For example, enter:

```
fm_shell (setup)> history info 3
    10 unalias warnings_only
    11 history
    12 history info 3
fm_shell (setup)>
```

You can also redirect the output of the history command to create a file to use as the basis for a command script. For example, the following command saves a history of commands to the file my\_script:

```
fm_shell (setup)> redirect my_script { history }
```

## **Recalling Commands**

Use these UNIX-style shortcuts to recall and execute previously entered commands:

!!

Recalls the last command.

!-n

Recalls the *n*th command from the last.

!n

Recalls the command numbered *n* (from a history list).

!text

Recalls the most recent command that started with *text*, *text* can begin with a letter or underscore (\_) and can contain numbers.

The following example recalls and runs the most recent verification command:

```
fm_shell (verify)> !ver
verify ref:/WORK/CORE impl:/WORK/CORE
.
.
.
fm_shell (verify)>
```

This example recalls and starts the most recently run command:

```
fm_shell (setup)> !!
    1 unalias warnings_only
    2 read_verilog -r top.v
fm_shell (setup)>
```

Chapter 3: Starting Formality

# **Redirecting Output**

You can cause Formality to redirect the output of a command or a script to a specified file by using the Tcl redirect command or using the > and >> operators.

Use a command in the following form to redirect output to a file using the redirect command:

```
fm_shell(setup)> redirect file_name "command_string"
```

For more information on the redirect command, see the online man pages.

Use a command in the following form to redirect output to a file using the > operator:

```
fm_shell(setup)> command > file
```

If the file does not exist, Formality creates it. If the file does exist, Formality overwrites it with new output.

Use a command in the following form to append output to a file:

```
fm_shell (setup)> command >> file
```

If the file does not exist, Formality creates it. If the file does exist, Formality adds the output to the end of the file.

Unlike UNIX, Formality treats the > and >> operators as arguments to a command. Consequently, you must use spaces to separate the operator from the command and from the target file. In the following example, the first line is incorrect.

fm\_shell (setup)> echo \$my\_variable>>file.out
fm\_shell (setup)> echo \$my\_variable >> file.out

Note:

The Tcl built-in command puts does not redirect output. Formality provides a similar command, echo, that allows output redirection.

# **Using Command Aliases**

You can use aliases to create short forms for the commands you commonly use. For example, the following command creates an alias called err\_only that invokes the set command:

```
fm_shell (setup)> alias err_only "set message_level_mode
error"
```

After creating the alias, you can use it by typing err\_only at the fm\_shell prompt.

The following applies to alias behavior and use:

- Aliases are recognized only when they are the first word of a command.
- An alias definition takes effect immediately and lasts only until you exit the Formality session.
- Because Formality reads the .synopsys\_fm.setup file when you invoke it, define commonly used aliases in the setup file.

- You cannot use an existing command name as an alias name; however, aliases can refer to other aliases.
- You can supply arguments when defining an alias by surrounding the entire definition for the alias in quotation marks.

## **Using the alias Command**

The syntax of the alias command is

```
alias [ name [ definition ] ]
```

name

Represents the name (short form) of the alias you are creating (if a definition is supplied) or listing (if no definition is supplied). The name can contain letters, digits, and the underscore character (\_). If no name is given, all aliases are listed.

definition

Represents the command and list of options for which you are creating an alias. If an alias is already defined, *definition* overwrites the existing definition. If no *definition* is defined, the definition of the named alias is displayed.

When you create an alias for a command containing dash options, enclose the whole command in quotation marks.

# Using the unalias Command

The unalias command removes alias definitions.

The syntax of the unalias command is

```
unalias [ pattern... ]
```

pattern

Lists one or more patterns that match existing aliases whose definitions you want removed.

For example, use the following command to remove the set\_identity\_check alias:

fm\_shell (setup)> unalias set\_identity\_check

## **Listing Design Objects**

In the fm\_shell, you can create lists of pins, ports, cells, nets, and references by using a variety of fm\_shell commands that begin with find\_ (such as find\_cells and find\_nets). Here are some examples using the find\_ commands.

The following command lists all the input ports that start with SCAN:

#### find\_ports -input container:/library/design/SCAN\*

The following command returns a list of all pins (across hierarchy) that are connected to net123 in the specified design:

# find\_pins -hierarchy -of\_object container:/library/design/ net123

The following command returns the name of the design that is referenced by cell123:

# find\_references -of\_object container:/library/design/ cell123

Chapter 3: Starting Formality

For more information on these commands, see the online man pages.

# The Formality GUI Environment

This section presents the following topics related to using the Formality GUI:

- Managing Formality Windows
- Using the Formality Prompt
- Saving the Transcript
- Copying Text From the Transcript Area
- Copying Text to the Formality Prompt

## **Managing Formality Windows**

The Formality GUI uses multiple windows to display different types of information, such as schematics and logic cones. These windows are opened by certain menu commands in the GUI.

The Window menu bar item lists the GUI windows that are present and lets you manage those windows. It lists up to nine Formality windows. Selecting any window in the list "activates" that window (restores the window from icon form, if necessary, and moves it to the front).

Refer to the following sections for detailed information about the various windows available to you:

• "Working With Schematics" on page 7-28.

- "Working With Logic Cones" on page 7-36.
- "Working With Failing Patterns" on page 7-41.

## **Using the Formality Prompt**

The Formality prompt allows you to run fm\_shell commands without leaving the GUI.

To run an  ${\tt fm\_shell}$  command from within the GUI, follow these steps:

- 1. Enter the desired command in the text area at the Formality prompt. You can use any of these methods:
  - Type the command directly.
  - Click the History button, then copy and paste commands into the text box.
- 2. Press the Enter key to execute the command.

After performing these steps, Formality runs the command and adds it to the command history list. The transcript area displays the command results.

You can use multiple lines at the prompt by pressing Shift-Enter to move to the next line. Specify a "\" at the end of each line to indicate that the text continues on the next line.

Press the Shift-Up Arrow or Shift-Down Arrow key to cycle through the command history.

# Saving the Transcript

To save the transcript area, follow these steps:

- 1. Choose the File > Save Transcript menu item to open the Save Transcript File dialog box.
- 2. Enter a file name or use the browser to select the file in which to save the transcript text.
- 3. Click the Save button.

# **Copying Text From the Transcript Area**

You can copy text to another application window by following these steps:

- 1. Click the Log button to display the transcript.
- 2. Select the text in the transcript area you want to copy.
- 3. Right-click and select Copy.
- 4. Move the pointer to a shell window outside the Formality tool, or another open application, and execute the Paste command.

In addition, you can use the UNIX-style method of selecting with the left-mouse button and pasting with middle-mouse button to transfer text into a shell window.

## **Copying Text to the Formality Prompt**

You can copy text from an application window to the Formality prompt by following these steps:

- 1. Select the text you want to copy.
- 2. Use the Copy command to place the highlighted text on the clipboard.
- 3. Locate the pointer in the command bar where you want the text to appear, and execute the Paste command.

In addition, you can use the UNIX-style method of selecting with the left-mouse button and pasting with middle-mouse button to transfer text from a shell window to the prompt line.

# **General Formality Usage Options**

Whether you work in the fm\_shell or the GUI, Formality provides certain facilities that can increase your productivity and tool's overall ease-of-use. This section contains the following sections:

- Getting Help
- Interrupting Formality
- Understanding and Controlling Messages
- Working With Script Files
- Using the Command Log File
- Controlling the File Search Path

## **Getting Help**

Formality provides various forms of online help, such as the help and man commands.

You can use a wildcard pattern as the argument for the help command. The available wildcards are

\*

Matches any number of characters.

?

Matches exactly one character.

Use the help command to list all commands alphabetically:

fm\_shell (setup)> help

The following command uses a wildcard character to display all commands that start with the word "find":

| <pre>fm_shell &gt; help find*</pre> |                                |
|-------------------------------------|--------------------------------|
| find_cells                          | #Find the specified cells      |
| find_nets                           | #Find the specified nets       |
| find_pins                           | #Find the specified pins       |
| find_ports                          | #Find the specified ports      |
| find_references                     | #Find design references of the |
|                                     | specified design               |

You can use the -help option to display syntax information for any command:

General Formality Usage Options

Man pages are supplied for each Formality shell command. The man command allows you to get detailed help for a specific command:

```
fm_shell (setup)> man command_name
```

To display the man page for an environment variable, use the printvar command followed by the variable name:

```
fm_shell (setup)> printvar verification_auto_loop_break
```

The following command displays a detailed description of the Formality shell command cputime:

```
fm_shell (setup)> man cputime
```

NAME

cputime

Returns the CPU time used by the Formality shell.

```
SYNTAX
```

cputime

DESCRIPTION

Use this command to return cputime used by the Formality shell. The time is rounded to the nearest hundredth of a second.

RETURN VALUES

The cputime command returns the following:

\* 0 for failure

\* The CPU time rounded to the nearest hundredth of a second for success

#### EXAMPLES

This example shows the output produced by the cputime command:

fm\_shell (setup)> cputime
3.73
fm\_shell (setup)>

Chapter 3: Starting Formality

# **Interrupting Formality**

In fm\_shell, you can interrupt Formality by pressing Control-c. The response depends on what Formality is doing currently.

- If Formality is processing a script, script processing stops.
- If Formality is in the middle of a process, the following message appears:

Interrupt detected: Stopping current operation

Depending on the design, it can take Formality one or two minutes to respond to Control-c.

• If Formality is waiting for a command (not in the middle of a process), the following message appears:

```
Interrupt detected: Application exits after three \ensuremath{^{\rm C}} interrupts
```

In this case, you can exit Formality and return to the UNIX shell by pressing Control-c two more times within 20 seconds, no more than 10 seconds between each press.

In the GUI, when you run a verification, a progress bar appears in the status bar. You can interrupt the process by clicking the Stop button. Processing may not stop immediately.

### **Understanding and Controlling Messages**

Formality issues messages using certain formats and during certain situations. You can control the types of messages Formality displays.

Formality generates messages using one of two formats:

```
severity: message (code)
severity: message
```

#### severity

Represents the level of severity (note, warning, or error) as described in Table 3-1.

#### message

The text of the message.

code

Helps identify the source of the message. The code is separated into a prefix and a number. The prefix is two, three, or four letters, such as INT-2. For information on a particular message code, use the man command (for example, "man INT-2").

The Formality-specific message prefixes are FM-, FMR-, and FML-. The prefix indicates the type of Formality function involved: a general Formality function, the Verilog RTL reader, or the Verilog library reader, respectively.

In the following example, Formality displays an error-level message as a result of an incorrectly entered read\_db command.

```
fm_shell (setup)> read_db -foo
Error: unknown option '-foo' (CMD-010)
Error: Required argument 'file_names' was not found (CMD-007)
fm_shell (setup)>
```

Chapter 3: Starting Formality

Table 3-1 describes the different error message levels.

| Severity | Description                                                                                                                                                                                                                  | Example                                                           |
|----------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------|
| Note     | Notifies you of an item of general interest. No action is necessary.                                                                                                                                                         | ^C Interrupt detected: Stopping current operation                 |
| Warning  | Appears when Formality<br>encounters an unexpected, but not<br>necessarily serious, condition.                                                                                                                               | Warning: License for "DW-IP-<br>Consultant" has expired. (SEC-6)  |
| Error    | Appears when Formality<br>encounters an unexpected<br>condition that is more serious than<br>a warning. Commands in progress<br>are not completed when an error is<br>detected. An error can cause a<br>script to terminate. | Error: Required argument "file_names"<br>was not found (CMD-007). |

Table 3-1 Message Severities

Each message is identified by a code such as "CMD-010". To obtain more information on a message, look at the man page for the code. For example, if Formality reports "Error: Can't open file xxxx (FM-016)," you can obtain more information by entering the command man FM-016.

#### **Setting Message Thresholds**

You can establish a message-reporting threshold that remains effective during the Formality session. This threshold can cause Formality to display error messages only, warnings and errors only, or notes, warnings, and errors. By default, Formality issues the three levels of messages described in Table 3-1. A fourth message type, fatal error, occurs when Formality encounters a situation that causes the tool to exit. Regardless of the threshold setting, Formality always issues a fatal error message before it exits the tool and returns control to the shell.

To set the message threshold, do one of the following:

| fm_shell                         | GUI                                                                          |
|----------------------------------|------------------------------------------------------------------------------|
| Specify:                         | Click the Modify Formality Shell Variable toolbar button.                    |
| set message_level_mode threshold | Choose the Setup tab and select<br>message_level_mode.                       |
|                                  | In the Value text box, select error, warning,<br>info, or none.<br>Click OK. |
|                                  |                                                                              |

Specify "error", "warning", "info", or "none" for threshold.

# **Working With Script Files**

You can use the source command to run scripts in Formality. A script file, also called a command script, is a sequence of fm\_shell commands in a text file. The syntax of the source command is

```
fm_shell (setup)> source [-echo] [-verbose] script_file_name
```

-echo

Displays each command in the script as it is run.

-verbose

Displays the result of each command in the script.

Chapter 3: Starting Formality

#### script\_file\_name

Represents the name of the script file to be run.

Table 3-2 lists some of the tasks that you can perform using script files.

Table 3-2 Script File Actions

| Task                                                 | Description                                                                                                                                                                                                                                                                                                                                         | Example                                                       |
|------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------|
| Add comments                                         | Add block comments by beginning comment lines with the pound sign (#).                                                                                                                                                                                                                                                                              | #<br># Set the new string<br>#<br>set newstr "New"; # comment |
|                                                      | Add in-line comments by using a semicolon to end a command, and then using a pound sign to begin the comment.                                                                                                                                                                                                                                       |                                                               |
| Continue<br>processing<br>after an error             | If an error occurs during the script<br>execution, by default, Formality<br>discontinues processing the script.<br>To force Formality to continue<br>processing in this situation, set the<br>sh_continue_on_error variable<br>to true. (This is generally not<br>recommended because the results<br>might be invalid if an error has<br>occurred.) | set sh_continue_on_error<br>true                              |
| Find scripts<br>using the<br>search_path<br>variable | Set the variable<br>sh_source_uses_search_path to<br>true. (See "The Tcl Source<br>Command" on page 3-29.)                                                                                                                                                                                                                                          | set<br>sh_source_uses_search_path<br>true                     |

# Using the Command Log File

The Formality command log file is called fm\_shell\_command*n*.log (where *n* is an integer indicating more than one invocation of Formality from the same directory). This log file records the fm\_shell commands in a Formality session, including setup file commands and variable assignments.

You can use the log file in the following situations:

- After a Formality session to keep a record of the design analysis.
- By sourcing it as a script to duplicate a Formality session.

If you have problems using Formality, save this log file for reference when you contact Synopsys. Move the log file to another file name to prevent it from being overwritten by the next fm\_shell session.

# **Controlling the File Search Path**

You can define the search path Formality uses for reading data by setting the search\_path Tcl environment variable. If you do not set this variable, Formality only searches for files in the current directory.

Use a command in the following form to set the search\_path variable:

```
set search_path "path_1 path_2 path_3 ... "
```

By surrounding the path list with double quotation marks, you expand any environment variables listed as part of a path. Be sure to separate individual paths with a space character. The following example instructs Formality to search in the current directory, in the expanded \$TEST directory, and in the /proj/files directory (in that order) when reading data.

```
fm_shell (setup)> set search_path ". $TEST/files /proj/
files"
```

# The Tcl Source Command

An exception to search path control described in the previous section occurs when you use the Tcl source command, which ignores the Tcl environment variable search\_path. However, you can direct Formality to use the path as defined by the search\_path variable by setting another Tcl environment variable,

sh\_source\_uses\_search\_path, to true. Use the following
command to set the variable:

fm\_shell (setup)> set sh\_source\_uses\_search\_path true

#### **Examining the File Search Path**

You can examine the current file search path that Formality is using by entering the following command:

```
fm_shell (setup)> echo $search_path
```

Chapter 3: Starting Formality 3-30

# 4

# Setting Basic Elements for Design Verification

Prior to design verification you must have a few basic elements in place, such as your libraries and designs. This chapter describes the read-design flow, in which you specify your libraries, designs, and top-level cells.

This chapter assumes that you have invoked Formality as described in

Chapter 3.

This chapter contains the following sections:

- Reading in Libraries and Designs
- Loading the Reference Design
- Loading the Implementation Design

#### • Setting Up and Managing Containers

This chapter's subject matter pertains to the boxes outlined in Figure 4-1.

Figure 4-1 Design Verification Process Flow Overview



Chapter 4: Setting Basic Elements for Design Verification

# **Reading in Libraries and Designs**

This section describes the process you use to read in your libraries and designs. Specific commands are described in the sections that follow.

Figure 4-2 outlines the Formality tool's read-design process flow.

Figure 4-2 Formality Read-Design Process Flow



To run Formality, you must read in both a reference and an implementation design and any related technology libraries. As shown in Figure 4-2, you read in only the libraries and designs needed for the reference, then immediately specify its top-level design. Next, read in only the files you need for the implementation, then immediately specify its top-level design. You must set the top-level design for the reference before proceeding to the implementation.

# **Technology Libraries**

For proper design verification, you generally need to read in technology libraries, which contain descriptions of the lowest-level, or primitive, cells used in the design. Technology libraries are also referred to as cell libraries in this guide. Refer to Chapter 8, "Cell Library Verification," to learn how to verify two cell libraries.

Formality often needs primitive cell information to determine the behavior of each cell so that it can perform a gate-level comparison between the reference and implementation designs.

Formality can read the following types of cell libraries:

- Synopsys internal database (.db) files
- Synthesizable Verilog RTL files
- Synthesizable VHDL RTL files
- Verilog simulation library files

Formality reads one or more cell description files in the specified format and puts the cell definition information into a technology library. Formality uses this information when it performs a comparison between different designs.

For a purely RTL design description, reading a technology library is not necessary.

## Designs

Designs are collections of design objects. A design library provides the same functionality as a technology library except that the details of a design library are visible to the user. Use a design library when you want the data to be restricted to a single design, such as RTL or gate-level netlists.

You can read designs into the Formality environment in four formats:

Synopsys internal database (.db or .ddc) designs

Files compiled by Design Compiler or files that represent technology libraries. Reading a Synopsys internal database file into a container results in a design library that can consist of one or more designs.

VHDL designs

Files consisting of VHDL entity and architecture pairs that, when read into a container, represent a design library that can consist of one or more designs.

Verilog files

Files consisting of Verilog modules that, when read into a container, represent a design library that can consist of one or more designs.

**EDIF** netlists

Files consisting of EDIF netlists, when read into a container, represent design that can consist of one or more designs.

The following sections describe environment variables you might need to set prior to reading in your designs.

# **Changing Bus Naming and Dimension Separator Styles**

When you read Verilog or VHDL designs into the Formality environment, Formality uses a default bus naming style and a default bus dimension separator to support bus names. Formality uses %s[%d] as the bus naming style and a pair of square-bracket characters (][) as the bus dimension separator.

For example:

```
BUSA[1]
BUSA[2]
BUSB[1][1]
BUSC[1][2]
```

Your design might not follow this default bus naming scheme. If it does not, you can change the default bus naming scheme for both the bus naming style and the bus dimension separator by setting environment variables.

**Changing the Bus Naming Style.** To change the bus naming style, do one of the following:

| fm_shell                      | GUI                                                                       |
|-------------------------------|---------------------------------------------------------------------------|
| Specify:                      | Click the Modify Formality Shell Variable toolbar button.                 |
| set bus_naming_style<br>value | Choose the Setup tab and select<br>bus_naming_style.                      |
|                               | Under the Value prompt, enter the text<br>string you desire.<br>Click OK. |

For *bus\_name\_style*, supply the string %s*x[*%d*x]*, where *x* is any character or character string. For an explanation of this variable, see the online man pages.

**Changing the Bus Dimension Separator.** To change the bus dimension separator style, do one of the following:

| fm_shell                                | GUI                                                                         |
|-----------------------------------------|-----------------------------------------------------------------------------|
| Specify:                                | Click the Modify Formality Shell Variable toolbar button.                   |
| set bus_dimension_separator_style style | Choose the Setup tab and select bus_dimension_separator_style.              |
|                                         | Under the Value prompt, enter the character string you desire.<br>Click OK. |

For style, supply any character string. For more information about this variable, see the online man pages.

#### Supporting DesignWare Components

DesignWare is a library of functions that you can instantiate in a netlist or infer in RTL code. Following is an example of instantiated DesignWare:

```
module mult8 ( Y, A, B );
parameter width=8;
parameter A_width=8, B=width=8;
output [width*2-1:0] Y;
input [width-1:0] A, B;
//instantiation of DesignWare multiplier
DWO2_mult #(A_width,B_width) mil ( A, B, 1'b0, Y);
endmodule
```

To read in a VHDL or Verilog design that has DesignWare components instantiated directly, do one of the following:

| fm_shell                     | GUI                                                                                       |
|------------------------------|-------------------------------------------------------------------------------------------|
| Specify:                     | Click the Modify Formality Shell Variable toolbar button.                                 |
| set hdlin_dwroot "root_path" | Choose the Reference and Implementation tab and select hdlin_dwroot.                      |
|                              | Under the Value prompt, enter the Design<br>Compiler software tree location.<br>Click OK. |

Set the hdlin\_dwroot variable to the location of your Design Compiler software tree. For example:

```
fm_shell (setup)> set hdlin_dwroot "/synopsys/2002.09"
```

This variable is only required for instantiated DesignWare. It applies to both Verilog and VHDL RTL code. Do not create separate libraries, such as DWARE, DW01, or DW02 for VHDL RTL code. Creating separate libraries causes linking errors.

When your design is elaborated in the linking phase, all your instantiated DesignWare components are generated automatically.

#### **Setting Variables for VHDL and Verilog Directives**

Before you read in a VHDL or Verilog design file, you might need to specify how Formality should treat VHDL or Verilog Design Compiler directives that are defined by Synopsys. Formality either ignores or does not ignore each directive in order to get a simulation interpretation of the RTL. You can override the Formality tool's default behavior regarding these directives with the variables described in Table 4-1. Formality directly supports the Verilog preprocessor directives `define, `ifdef, `else, `endif, `ifndif, and `undefineall. Therefore, you do not need to set a variable before reading a Verilog design containing these directives.

Although the default variable settings provide a good starting point for verification, there might be cases where overriding the default behavior toward a specific directive can help you accurately verify your design.

Note:

Overriding the default variable settings can cause Formality to overlook simulation or synthesis mismatches. The default settings minimize this risk.

Table 4-1 lists the common Formality variables used to control VHDL and Verilog Design Compiler directives defined by Synopsys. If a variable is set to "true", the corresponding directive is ignored. If the variable is set to "false", the corresponding directive is not ignored.

| Variable                   | Description                                                                                                                                                          |
|----------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| hdlin_ignore_full_case     | Used to ignore or not ignore the Verilog or VHDL full_case directive. For more information on this directive, see the HDL Compiler for Verilog Reference Manual.     |
| hdlin_ignore_parallel_case | Used to ignore or not ignore the Verilog or VHDL parallel_case directive. For more information on this directive, see the HDL Compiler for Verilog Reference Manual. |
| hdlin_ignore_synthesis     | Used to ignore or not ignore the Verilog or VHDL synthesis directive. For more information on this directive, see the VHDL Compiler Reference Manual.                |
| hdlin_ignore_translate     | Used to ignore or not ignore the Verilog or VHDL translate directive. For more information on this directive, see the HDL Compiler for Verilog Reference Manual.     |

| Table 4-1 | Variables for Design Compiler Directives |
|-----------|------------------------------------------|
|-----------|------------------------------------------|

For information on how to change these variables, see "Using Environment Variables" on page A-10.

#### **Setting EDIF Variables for Power and Ground**

Before you read in an EDIF design file, you might need to change the default settings for power and ground specification. Power and ground connection is controlled by EDIF variable settings in Formality. By default, Formality connects nets named VDD to power and nets named GND to ground.

As described in Table 4-2, the variable called edifin\_power\_and\_ground\_representation specifies power and ground to be represented by either nets or cells. If you specify "net", the edifin\_ground\_net\_name variable supplies the net name, and the edifin\_power\_net\_name variable supplies the power name. If you specify "cell", the edifin\_ground\_cell\_name variable supplies the cell name, and the edifin\_power\_cell\_name variable supplies the power name.

For information on how to change these variables, see "Using Environment Variables" on page A-10.

| Table 4-2 | EDIF Variable for Setting Power and Ground |
|-----------|--------------------------------------------|
|-----------|--------------------------------------------|

| Edif variables                             | Description                                                                                                                                                 |
|--------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------|
| edifin_power_and_ground<br>_representation | Specifies the power and ground representation as either net or cell. The default is net.                                                                    |
| edifin_ground_net_name                     | Specifies the name of the ground net. The default name is GND. This variable is used if the edifin_power_ground_representation variable is set to net.      |
| edifin_power_net_name                      | Specifies the name of the power net. The default name is VDD.<br>This variable is used if the<br>edifin_power_ground_representation variable is set to net. |

Table 4-2 EDIF Variable for Setting Power and Ground (Continued)

| Edif variables          | Description                                                                                                                                                  |
|-------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------|
| edifin_ground_cell_name | Specifies the name of the ground cell. The default name is logic_0. This variable is used if the edifin_power_ground_representation variable is set to cell. |
| edifin_power_cell_name  | Specifies the name of the power cell. The default name is logic_1. This variable is used if the edifin_power_ground_representation variable is set to cell.  |

## **Top-Level Design**

Specifying the top-level design causes Formality to resolve named references, which is crucial for proper verification. This linking process appears in the transcript window. If Formality cannot resolve references, the link errors by default. When Formality resolves all references, linking is completed successfully. If the design is an RTL (VHDL or Verilog) design, Formality then performs elaboration.

You can use the hdlin\_unresolved\_modules environment variable to cause Formality to create black boxes when it encounters unresolved or empty designs during linking. Refer to the online man page for information about this variable.

# Loading the Reference Design

This section describes in detail the three steps required for loading the reference design as shown in Figure 4-2 on page 4-3.

# **Reading Technology Libraries**

As needed, read in the technology libraries that support your reference design. If you do not specify a technology library name with the commands described in the following section, Formality uses the default name, TECH\_WORK.

# Synopsys (.db) Format

Note:

This is a shared library by default. If you read in a Synopsys internal database file without specifying whether it applies to the reference or implementation, it will apply to both.

To read cell definition information contained in Synopsys database (.db) files, do one of the following:

| fm_shell                                       | GUI                                                                         |
|------------------------------------------------|-----------------------------------------------------------------------------|
| Specify:                                       | Click the Reference > Read DB Libraries tab.                                |
| read_db file_list<br>[ -libname library_name ] | (Optional) Specify a Target Library other than the default WORK as desired. |
| [ -merge ]<br>[ -replace_black_box]            | (Optional) Check Read as a shared library if necessary.                     |
|                                                | Click the DB button.                                                        |
|                                                | Navigate to file(s) and click Open.                                         |
|                                                | Click the Load Files button.                                                |

The fm\_shell commands are not listed with all their options; see the online man pages for details. The options listed in this table pertain to reading in technology library data only.

You use the read\_db command to read both designs and technology library information into Formality. The command automatically determines the type of data being read and puts that information into the appropriate type of Formality library, either a design library or a technology library. For option descriptions, see the online man pages.

# Verilog and VHDL RTL Format

Verilog and VHDL cell definition information must be in the form of synthesizable RTL or a structural netlist. In general, Formality cannot use behavioral constructs or simulation models such as VHDL VITAL models.

When reading libraries in Formality, you use the `celldefine Verilog attribute to indicate a logic description is a library cell. This might be necessary in order to take advantage of extra processing needed to build the correct logical behavior (you would use the hdlin\_library\_enhanced\_analysis variable to run this extra processing). However, because `celldefine is not required by Verilog, many libraries don't include it in the source file. This would require modifications to your source file, which is not always possible. The hdlin\_library\_files and hdlin\_library\_directory variables provide you with an easier mechanism for defining a library to Formality.

Note:

Unlike Synopsys database (.db) files, Verilog and VHDL technology files are not shared. You must read them in for the reference, then for the implementation by including the -r and -i options, respectively.

To read cell definition information contained in Verilog or VHDL RTL files, do one of the following:

| fm_shell                                                                                                                            | GUI                                                                                                                                                                    |
|-------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:<br>set hdlin_library_file <file></file>                                                                                    | At the Formality prompt, specify:<br>set hdlin_library_file <file></file>                                                                                              |
| set hdlin_library_directory <directory></directory>                                                                                 | set hdlin_library_directory <directory></directory>                                                                                                                    |
| read_verilog<br>[ -r   -i   -con containerID ]<br>[ -technology_library ]<br>[ -libname library_name ]<br>[ -01 ] [ -95 ] file_list | read_verilog<br>[ -r   -i   -con containerID ]<br>[ -technology_library ]<br>[ -libname library_name ]<br>[ -01 ] [ -95 ] file_list                                    |
| or                                                                                                                                  | or                                                                                                                                                                     |
| set hdlin_library_file <file></file>                                                                                                | set hdlin_library_file <file></file>                                                                                                                                   |
| set hdlin_library_directory <directory></directory>                                                                                 | set hdlin_library_directory <directory></directory>                                                                                                                    |
| read_vhdl<br>[ -r   -i   -con containerID ]<br>[ -technology_library ]<br>[ -libname library_name ]<br>[ -87   -93 ]<br>file_list   | At the Formality prompt, specify:<br>read_vhdl<br>[ -r   -i   -con containerID ]<br>[ -technology_library ]<br>[ -libname library_name ]<br>[ -87   -93 ]<br>file_list |

The hdlin\_library\_files variable designates all designs contained within a file or set of files as technology libraries. The value you set for this variable is a space-delimited list of files.

The hdlin\_library\_directory variable designates all designs contained within directories as technology libraries. The value you set for this variable is a space delimited list of directories. After you mark a design for library processing, any subdesign would also go through that processing.

The fm\_shell commands are not listed with all their options; see the online man pages for details. The options listed in this table pertain to reading in technology library data only.

Use the -technology\_library option to specify that the data goes into a technology library rather than a design library. This option does not support mixed Verilog and VHDL technology libraries, nor does it support Verilog technology library cells with mixed userdefined primitives and synthesizable constructs. When you specify the -technology\_library option, you must also specify -r, -i, or -c.

# **Verilog Simulation Data**

You generally read in Verilog simulation data by specifying the -y option with the read\_verilog command when you read in designs, as discussed in the next section, "Reading Design Libraries" on page 4-17.

However, certain users, such as ASIC vendors, use the read\_simulation\_library or read\_verilog -vcs -y command to read in the Verilog simulation data. This allows you to explore the library in detail for validation because it loads all data into Formality and displays all warnings. This command is not necessary for most users.

To read cell definition information contained in Verilog simulation library files, do one of the following:

| fm_shell                                                                                                                                                                                                                                                                | GUI                                                                                                                                                                                                                                                                     |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:                                                                                                                                                                                                                                                                | At the Formality prompt, specify:                                                                                                                                                                                                                                       |
| read_simulation_library<br>[-r   -i   -con containerID ]<br>[ -libname library_name ]<br>[ -work_library libname ]<br>[ -skip_unused_udps ]<br>[ -write_verilog ] [ -verbose ]<br>[ -save_binary ] [ -merge ]<br>[ -replace_black_box ]<br>[ -halt_on_error ] file_list | read_simulation_library<br>[-r   -i   -con containerID ]<br>[ -libname library_name ]<br>[ -work_library libname ]<br>[ -skip_unused_udps ]<br>[ -write_verilog ] [ -verbose ]<br>[ -save_binary ] [ -merge ]<br>[ -replace_black_box ]<br>[ -halt_on_error ] file_list |
| Or                                                                                                                                                                                                                                                                      | Or                                                                                                                                                                                                                                                                      |
| read_verilog -vcs -y                                                                                                                                                                                                                                                    | read_verilog -vcs -y                                                                                                                                                                                                                                                    |

This command specifies to build non-black-box models for cells that use user-defined primitives and Verilog primitives as the leaf objects. The library reader extracts the pertinent information from the Verilog library to determine the gate-level behavior of the design, and generates a netlist that represents the functionality of the Verilog library cells. For option descriptions, see the online man page.

The read\_simulation\_library command supports cells that contain user-defined primitives and structural constructs. It does not support cells that use synthesizable behavioral and structural constructs.

To generate the gate-level models, the library reader parses the structural Verilog modules and table-based descriptions. Using this information, it creates efficient gate-level models that can be used for verification.

A Verilog simulation library is intended for simulation, not synthesis. Therefore, the library reader might make certain assumptions about the intended gate-level functions of the user-defined primitives in the simulation model. The library reader generates comprehensive warning messages about these primitives to help you eliminate errors and write a more accurate model.

Each warning message is identified by a code. To obtain more information, look at the man page for the code. For example, if Formality reports "Error: Can't open file xxxx (FM-016)," you can obtain more information by entering the command man FM-016.

The library reader supports the following features:

- Sequential cells (each master-slave element pair is merged into a single sequential element)
- User-defined strengths (assign statements, user-defined primitive instantiations, and built-in primitives)
- Advanced net types: wand, wor, tri0, tri1, and trireg
- Unidirectional transistor primitives: pmos, nmos, cmos, rpmos, rnmos, and rcmos
- Pull primitives (a pull-up or pull-down element is modeled as an assign statement with a value of 1 or 0)

#### **Reading Design Libraries**

Note:

Review the section "Designs" on page 4-5. It describes environment variables you may need to set prior to reading in your design. To read the reference design into the current session, do one of the following, where the -r option indicates the reference design:

| fm_shell                                                                  | GUI                                                                                                                                                        |
|---------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify one of the following, depending on your design type:              | Click the Reference > Read Design Files tab.                                                                                                               |
| read_db -r file(s)                                                        | Choose the Verilog, VHDL, EDIF, or DB tab.                                                                                                                 |
| read_edif -r file(s)<br>read_verilog -r file(s)<br>[ -vcs "-v lib_file" ] | (Optional) For Verilog designs, click the<br>Options button and choose one of the option<br>tabs (such as -v or -y) as needed. When<br>finished, click OK. |
| [ -vcs "-y lib_dir" ]<br>read_VHDL -r file(s)                             | Click applicable the Verilog, VHDL,<br>EDIF, or DB button to open the file<br>navigator.                                                                   |
|                                                                           | Navigate to files and click Open.<br>Click the Load Files button.                                                                                          |

The fm\_shell commands are not listed with all their options; see the online man pages for details.

In the Formality shell, you represent the design hierarchy by using a designID argument. The designID argument is a path name whose elements indicate the container (by default, "r" or "i"), library, and design name.

When specifying more than one VHDL file to be read with a single read\_vhdl command, Formality will attempts to read your files in the correct automatically. If there are VHDL configurations in the list of files, this feature will not work. Disable it by setting the variable hdlin\_vhdl\_strict\_libs to false before using the read\_vhdl command. If using multiple read\_vhdl commands, you'll need to issue your read\_vhdl commands in the correct compilation order.

When reading in Verilog designs, you can use the hdlin\_auto\_netlist variable to specify that Formality automatically use the Verilog netlist reader. The default is to use the netlist reader. This can decrease loading times. If the Verilog netlist reader is unsuccessful, Formality uses the default Verilog reader.

Use the VCS options -v and -y if you have Verilog simulation libraries or design modules you want to link to the reference or implementation designs. These options tell Formality to search in the specified library or file for unresolved module references. These options do not support Verilog technology library cells with mixed user-defined primitives and synthesizable constructs.

Reading in design libraries with one of the commands listed creates a design library with the default name r:/WORK (or i:/WORK for the implementation).

#### **Reading Milkyway and DDC Databases**

To read design netlists and cell libraries from Milkyway and DDC databases, you use the read\_mdb and read\_ddc commands, respectively. These commands allow Formality to read design information including netlists and cell libraries from Milkyway databases produced by Astro and DDC databases produced by Design Compiler in XG mode.

You must set the hdlin\_synroot variable to point to an installation tree of Design Compiler before using the read\_mdb or read\_ddc commands. This variable allows you to read mdb and ddc files that were created by multiple versions of Design Compiler.

# Milkyway Databases

To read designs from a Milkyway database, do one of the following:

| fm_shell                                                                                                                                                                     | GUI                                                                                                                                                                        |
|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:                                                                                                                                                                     | At the Formality prompt, specify:                                                                                                                                          |
| read_mdb<br>[ -r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -technology_library ]<br>-cell_name cell_name<br>[ -design design_name ]<br>mdb_path_name | read_mdb<br>[ -r   -i   -container containerID ]<br>[[ -libname library_name ]<br>[ -technology_library ]<br>-cell_name cell_name<br>[ -design design_name ] mdb_path_name |

Formality reads in designs from a Milkyway design database (created using Physical Compiler and updated using Jupiter or Astro) using the external reader program (fmxr). The fmxr reader reads the logic view netlist description from the Milkyway database, sets current\_design to the design you define, links the design, and eco updates the logical information from the CEL view to the design in memory. Make certain you set the search\_path in Formality prior to running read\_mdb as fmxr uses the information to locate the designs.

Use the variables mw\_logic0\_net and mw\_logic1\_net to specify
the name of the Milkyway ground and power net, respectively.

Note:

Although linking is done inside fmxr inorder to update design changes, you still must run set\_top in Formality to link the entire design.

# **DDC Databases**

To read designs from a DDC database into a container, do one of the following:

| fm_shell                                                                                                           | GUI                                                                                                                |
|--------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------|
| Specify:                                                                                                           | At the Formality prompt, specify:                                                                                  |
| read_ddc<br>[ -r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -technology_library ] file_list | read_ddc<br>[ -r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -technology_library ] file_list |

Formality reads in files formatted as Synopsys DDC database designs. Formality returns a 1 when the design is successfully read, or 0 if the design isn't successfully read into the destination container. In situations where existing designs are present in the destination container, Formality overwrites them with the designs being read. For additional information, see the online man page.

#### Setting the Top-level Design

To set the top-level design for the reference, do the one of the following:

| fm_shell                                                                                    | GUI                                                                                                    |
|---------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| Specify:                                                                                    | Click the Reference > Set Top Design tab.                                                              |
| set_top<br>[ -vhdl_arch name ]<br>[ moduleName   designID  <br>-auto ] [ -parameter value ] | Select the library that contains the top-level design, and then a design.<br>Click the Set Top button. |

If you are elaborating VHDL and you have more than one architecture, use the -vhdl\_architecture option. For option descriptions, see the online man page.

The set\_top command tells Formality to set and link the top-level design. If you're using the default "r" and "i" containers, this command also sets the top-level design as the reference or implementation. Be aware of the following:

- Once you start reading in a reference or implementation design, you must finish before specifying the set\_top command. In addition, you cannot start reading in the implementation until you have specified set\_top for the reference.
- The set\_top command always applies to the design data just previously read into Formality (whether implementation or reference). You receive an error if you specify a design that you have not loaded.
- You cannot save, restore, or verify a design until you have specified the set\_top command.
- Be sure that the module or design you specify is your top design. If not, you must remove the reference design and start over. This holds true when you are loading the implementation design also.
- Use the -auto option if the top-level design is unambiguous. You generally specify a module or design by name in cases where you don't want the actual top-level design to be considered the top for the current session or when you have multiple modules that could be considered at the top-level.
- Set the top-level design to the highest level you plan to work with in the current session.

• Once you set the top-level design you cannot change it, whereas you can change the reference or implementation designs to be verified with the set\_reference\_design, set\_implementation\_design, or verify commands. The design you specify must reside within the top-level design.

To set parameters in your top-level design, use the -parameters option to the set\_top command. Use this option to specify a new value for your design parameters. You can set the parameter only on the top-level design. Parameters must be Verilog parameters or VHDL generics on the design you are setting them on. The parameter values can either be integers or specified in the format <param\_name> <hex value format> <base>'h<value>. For VHDL designs, the generics may have the following data types for the parameter value:

- integer
- bit
- bit\_vector
- std\_ulogic
- std\_ulogic\_vector
- std\_logic
- std\_logic\_vector
- signed (std\_logic\_arith and numeric\_std)
- unsigned (std\_logic\_arith and numeric\_std)

For additional information on setting parameters, see the  $\mathtt{set\_top}$  man page.

You can generate a report on any simulation/synthesis mismatches in your design after setting the top level of your design. Formality automatically generates an RTL report summary describing any simulation/synthesis mismatches when you run set\_top (or read\_container). Running the command report\_hdlin\_mismatches after set\_top (or read\_container) generates a verbose report detailing the various constructs encountered and their state. For additional information on reporting simulation/synthesis mismatches, see the report\_hdlin\_mismatches man page.

If you have straightforward designs, such as Verilog designs, you can use the hdlin\_auto\_top environment variable rather than the set\_top command to specify and link the top-level module, but only when you specify one and only one read\_verilog command for the container.

To set the top-level design with the hdlin\_auto\_top variable, do one of the following:

| fm_shell                | GUI                                                                    |
|-------------------------|------------------------------------------------------------------------|
| Specify:                | Click the Modify Formality Shell Variable toolbar button.              |
| set hdlin_auto_top true | Choose the Reference and Implementation tab and select hdlin_auto_top. |
|                         | Under the Value prompt, click set top design automatically.            |
|                         | Click OK.                                                              |

This variable causes Formality to determine the top-level module and automatically link to it. This command only applies when you are reading in a Verilog design. If you are reading in technology libraries, Formality ignores this variable. Formality issues an error if it cannot determine the top-level design. In this case, you must explicitly specify the top design with the set\_top command.

If there are multiple VHDL configurations or architectures that could be considered the top level, Formality issues a warning and sets the top-level design to the default architecture.

The hdlin\_auto\_top variable requires you to use a single read command to load the design. You cannot use it for mixed language designs or for designs that use multiple design libraries or architectures/configurations.

# Loading the Implementation Design

The process for loading the implementation design is nearly identical to that described in the section "Loading the Reference Design" on page 4-11. This section provides an overview of the read-design process flow for the implementation. Refer to the aforementioned section for details.

Note:

If you already specified a Synopsys internal database (.db) library for the reference, it is automatically shared with the implementation.

To specify the implementation, do one of the following, where the -i option signifies the implementation:

| fm_shell                                                                                                                                                | GUI                                                                                                                                                                                            |
|---------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| As needed, specify one of the following<br>to read the technology files, depending<br>on the file format:<br>read_db file_list<br>[-technology_library] | Click the Implementation button.<br>(Optional) Click the Read DB Libraries tab<br>or specify read_verilog or read_vhdl at the<br>Formality prompt, depending on the<br>technology file format. |
| read_verilog<br>[ -r   -i   -con containerID ]                                                                                                          | When finished reading technology files,<br>choose the Read Design Files tab.                                                                                                                   |
| [ -technology_library ]<br>file_list<br>read_vhdl<br>[ -r   -i   -con containerID ]                                                                     | Choose the Verilog, VHDL, EDIF, or DB tab.<br>Specify Options for Verilog designs as<br>needed.                                                                                                |
| [ -technology_library ]<br>file_list                                                                                                                    | Click applicable the Verilog, VHDL,<br>EDIF, or DB button to open the file<br>navigator.                                                                                                       |
| Specify one of the following to<br>read the design files, depending on                                                                                  | Navigate to file(s) and click Open.                                                                                                                                                            |
| your design type:                                                                                                                                       | Click the Load Files button.                                                                                                                                                                   |
| read_db -i file(s)<br>read_edif -i file(s)                                                                                                              | Choose the Set Top Design tab.                                                                                                                                                                 |
| read_verilog -i file(s)<br>[ -vcs "-v lib_file" ]<br>[ -vcs "-y lib_dir" ]<br>read_VHDL -i file(s)<br>set_top [ moduleName  <br>designID   -auto ]      | Select the library that contains the top-level design, and then select the design.                                                                                                             |
|                                                                                                                                                         | Click the Set Top button.<br>Note: For VHDL, file order matters. Arrange<br>the design files in proper order with the<br>Order up and down buttons prior to clicking                           |
|                                                                                                                                                         | the Load Files button.                                                                                                                                                                         |

The fm\_shell commands are not listed with all their options; see the online man pages for details. Refer to section "Verilog Simulation Data" on page 4-15 for special Verilog considerations, otherwise use the VCS -y option on the read\_verilog command if you have Verilog simulation data.

# **Setting Up and Managing Containers**

As described in section "Containers" on page 1-28, a container is a complete, self-contained space into which Formality reads designs. Each design to be verified must be stored in its own container. If you follow the steps described in section "Reading in Libraries and Designs" on page 4-3, Formality uses default containers named "r" and "i."

You generally don't need to work directly with containers. However, Formality allows you the option, if, for example:

- You want to read your reference and implementation designs into names you specify rather than the default "r" and "i."
- You require backwards compatibility with existing Formality scripts.
- You need to load intermediate states of the design in the current session to investigate a failed verification.
- You apply user-defined external constraints on your designs.

Note:

The r and i containers exist by default, even if empty. When you specify them as the containerID with the create\_containers command, Formality issues a warning that the container already exists.

To create a container, do one of the following:

| fm_shell                            | GUI                                 |
|-------------------------------------|-------------------------------------|
| Specify:                            | At the Formality prompt, specify:   |
| create_container<br>[ containerID ] | create_container<br>[ containerID ] |

Formality uses the containerID string as the name of the new container. For more information on this command, see the online man page. If using this command, you must do so before reading in your libraries and designs.

Alternatively, you can specify a container with the -con containerID option to the read\_db, read\_verilog, read\_vhdl, and read\_edif commands. If you specify a containerID in which to place a technology library, the library can be seen only in that container. This is called a "nonshared" technology library. If you do not specify a container, the technology library can be seen in all current and future containers. This is called a "shared" technology library. Only the read\_db command can be used to read shared technology libraries.

When you create a new container, Formality automatically puts the generic technology library, GTECH, into the container. The GTECH library contains the cell primitives that Formality uses internally to represent RTL designs.

In fm\_shell, Formality considers one design the "current" design. When you create or read into a container, it becomes the "current container." Once the current container is set, you cannot operate on any other container until you either:

- specify set\_top for the current container, or
- specify remove\_container to remove the container and its contents. For the default r and i containers, this command merely removes the contents.

In the GUI, the concept of a current container does not apply directly. You simply work on the reference and implementation designs. You can still execute Formality shell commands that rely on the current container concept; however the GUI recognizes only the containers that store the reference and implementation designs. To view a third design in the GUI, you must choose it as a reference or implementation design.

Note:

When you create a new container, Formality automatically adds any shared technology libraries. If you do not want a particular shared technology library in the new container, you must specifically remove it.

The write\_container and save\_session commands do not execute if you have not linked the top-level design using the set\_top command.

In the GUI, you can view the reference and implementation containers by choosing Designs > Show Reference and Designs > Show Implementation. Choose File > Save to save the design.

Chapter 4: Setting Basic Elements for Design Verification

# 5

# Preparing the Design for Verification

After reading designs into the Formality environment and linking them, you generally need to set design-specific options to help Formality perform verification. For example, if you are aware of certain areas in a design that Formality cannot verify, you might want to prevent the tool from attempting to verify those areas. Or, if you want to speed up verification, you might declare blocks in two separate designs black boxes.

This chapter describes the things you should consider to optimize your design for verification. For example, you will find discussions about black boxes, equivalences, external constraints, and don'tcare cells. The chapter includes the following sections:

- Using Don't-Care Cells
- Setting Up Designs
- Removing Information

- Saving Information
- Restoring Information

This chapter's subject matter pertains to the box outlined in Figure 5-1.





Chapter 5: Preparing the Design for Verification

# **Using Don't-Care Cells**

Don't-care conditions are input patterns for which the function of a design or block is not defined. Prior to verification you must define don't-care conditions, as necessary.

There are three ways to create don't-care conditions:

- Explicitly in the design. For input patterns that you do not expect to occur, you can specify the output values as X (don't care) rather than 0 or 1 in the HDL description of the design.
- Implicitly in the design. In the HDL description, you might specify the output values for certain combinations of input values, and not for others. The output values for the unspecified combinations of input values are don't care.
- User-specified in Formality. In Formality, you can insert userdefined don't-care values into the verification by applying external constraints to the design. For example, you can constrain an input bus so that Formality only considers "one-hot" values for that bus during verification. "One-hot" means that exactly one bit is 1 and all others are 0 on the bus. See section "Working With External Constraints" on page 5-30 for details.

When Formality encounters a don't-care condition, it models the logic using an extra cell called a don't-care cell. This cell has two inputs, dc (don't care) and f (function), and a single output. When the dc input is 0, the f input is passed through to the output unchanged. When the dc input is 1, the f input is ignored and the output value is X (don't care).

In the consistency verification mode (the default mode), the value X is the don't-care parameter in the reference design and unknown in the implementation design. Therefore, the value 0, 1, or X in the implementation design is considered equivalent to an X in the reference design.

If it is important for the implementation to have the same don't-care set as the reference design, use the equality (rather than consistency) verification mode. In the equality mode, all don't-care conditions must match exactly between the reference and implementation designs in order to pass verification. Doing this is appropriate only when both the implementation and reference designs are RTL designs, because gate-level designs do not have don't-care information.

# **Setting Up Designs**

This section describes how to set up your designs for verification. You might not perform all of the operations described in this section, depending on your design. This section discusses the following topics:

- Supporting Multibit Library Cells
- Resolving Nets With Multiple Drivers
- Eliminating Asynchronous State-Holding Loops
- Working With Black Boxes
- Working With Constants
- Working With Equivalences
- Working With External Constraints

Chapter 5: Preparing the Design for Verification

- Working With Hierarchical Designs
- Working With Combinational Design Changes
- Working With Sequential Design Changes
- Working With Re-Encoded Finite State Machines
- Working With Retimed Designs
- Working With Single-State Holding Elements
- Working With Multiplier Architectures
- Working With Arithmetic Blocks
- Working With the Automated Setup File

# **Supporting Multibit Library Cells**

Formality supports the use of multibit library cells. You can control multibit component inference in Design Compiler by using the hdlin\_infer\_multibit variable. For more information, see the man page on the hdlin\_infer\_multibit variable in Design Compiler. If you choose not to use this capability in Design Compiler, and you manually group register bits into library cells instead, then you need to follow certain naming rules. Otherwise, Formality might encounter difficulties in matching compare points where the multibit components are used.

These are the naming rules for manually grouping register bits into library cells:

• When you group registers into multibit cells, use the syntax name\_number to number to name the grouped cell. For example, the name my\_reg\_7to0 maps to the eight registers named my\_reg\_0, my\_reg\_1, ... my\_reg\_7 in the other design.

• If the grouped register contains multiple elements that are not in sequential order, you can use syntax in the form of name\_number to number, number, number... For example, the name treg\_6to4,2 maps to the four registers named treg\_6, treg\_5, treg\_4, and treg\_2 in the other design. In this syntax, a comma separates the individual elements of the multibit cell.

#### **Resolving Nets With Multiple Drivers**

During verification, Formality ensures that each net with more than one driver is resolved to the correct function. At the design level, you can instruct Formality to use resolution functions to resolve these types of nets.

To define net resolution, do one of the following:

| fm_shell                                                           | GUI                                                                                                                                                                                                                           |
|--------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:<br>set_parameters<br>[ -resolution function ]<br>designID | Choose the Setup > Design Parameters tab.<br>Select the Reference or Implementation tab.<br>Select a library, then a design.<br>Click the Consensus, Treat Drivers as Black<br>Boxes, Wired AND, or Wired OR radio<br>button. |
|                                                                    | button.                                                                                                                                                                                                                       |

The -resolution *function* option defines the behavior of nets that have more than one driver. Formality provides a choice of four resolution functions: consensus, black box, AND, and OR. Not all options are shown; see the online man page for more details about this command.

With the consensus resolution function, Formality resolves each net in the same manner as a four-state simulator. Each driver can have any of four output values: 0, 1, X (unknown), or Z (high-impedance state). Formality uses this function by default.

Table 5-1 shows the net resolution results for a net with two drivers. The top row and left column show the possible driver values, and the table entries show the resulting net resolution results.

0 1 Х Ζ 0 0 Х Х 0 1 Х 1 Х 1 Х Х Х Х Х Ζ 0 1 Х Ζ

 Table 5-1
 Consensus Resolution for a Net With Two Drivers

The consensus resolution function works similarly for nets with more than two drivers. If all drivers on the net have the same output value, the result is that common value. If any two active (non-Z) drivers are in conflict, the result is X.

With the AND resolution function, the result is the logical AND of all active (non-Z) drivers on the net. Similarly, with the OR resolution function, the result is the logical OR of all active drivers on the net.

Note:

If you want to use AND or OR resolution types, your designs must support wired-AND and wired-OR functionality. Do not use these resolution types with CMOS technology. With the black box resolution function, Formality creates a black box for each net with multiple drivers. It connects the net to the output of the black box, connects the net drivers to the inputs of the black box, and makes the net a compare point. The inputs to the black box are treated just like the inputs to any other compare point. In other words, to pass verification, the inputs need to be matched between the two designs and the logic cones feeding these inputs need to be equivalent.

If you do not specify how to resolve nets having more than one driver, Formality looks at the types of drivers on the net. If none of the drivers are primary input ports or black box outputs, Formality uses the consensus resolution function. However, if any driver is a primary input port or the output of a black box, Formality cannot determine the value of that driver. In that case, Formality inserts a black box function at that point, driven by the primary input port or by the existing black box, and combines the output of the inserted black box function with any other drivers on the net using the consensus resolution function.

Using the consensus function causes Formality to resolve the value of the net according to a set of consensus rules. For information on these rules, see set\_parameters in the online man pages.

In Figure 5-2, a single net is driven by two three-state devices, an inverter, and a black box component. By default, Formality attempts to use the consensus resolution function to resolve the net at the shaded area. In this case, one of the drivers comes from a black box component. Because Formality cannot determine the state of a driver that originates from a black box component or an input port, it cannot use the consensus resolution.

Chapter 5: Preparing the Design for Verification





Figure 5-3 shows how Formality resolves the net in this case. The three drivers at the bottom of the circuit can be resolved by the consensus function. That function in turn drives a black box resolution function that ultimately drives the register.

Default Resolution Function: Part Two Figure 5-3



Setting Up Designs

# **Eliminating Asynchronous State-Holding Loops**

Formality is used to verify synchronous designs. This means your design should not contain asynchronous state-holding loops implemented as combinational logic. Asynchronous state-holding loops can cause some compare points to be aborted, thus giving inconclusive results.

Asynchronous state-holding loops affect Formality in the following ways:

- If Formality establishes that an asynchronous state-holding loop affects a compare point, it aborts that compare point, and that point is not proven equivalent or nonequivalent.
- If Formality establishes that an asynchronous state-holding loop has a path that does not affect a compare point, it proves that point equivalent or nonequivalent.
- If Formality cannot establish that an asynchronous state-holding loop has a path that does not affect a compare point, it aborts that compare point, and that point is not proven equivalent or nonequivalent.

Formality automatically breaks loops during verification if they are identical. To change this behavior, set the verification\_auto\_loop\_break variable to false. For information about the verification\_auto\_loop\_break variable, see the online man pages.

Note:

You can also specify the report\_loops command after verification. In this case, Formality reports the original loops even if they were automatically broken during verification.

Chapter 5: Preparing the Design for Verification

To report asynchronous state-holding loops, do one of the following:

| fm_shell                                                    | GUI                                                         |
|-------------------------------------------------------------|-------------------------------------------------------------|
| Specify:                                                    | At the Formality prompt, specify:                           |
| report_loops [ -ref ] [ -impl ]<br>[ -limit N ] [ -unfold ] | report_loops [ -impl ] [ -ref ]<br>[ -limit N ] [ -unfold ] |

By default, the report\_loops command returns a list of nets and pins for loops in both the reference and implementation designs. It reports 10 loops per design and 100 design objects per loop unless you specify otherwise with the -limit option. Objects are reported using instance-based path names.

The -unfold option specifies to report subloops embedded within a loop individually. Otherwise, they are reported together. Refer to the online man page for more information about this command.

If a loop is completely contained in a technology library cell, this command lists all the nets and pins associated with it. If only part of a loop belongs to a technology library cell, the cell name will not appear in the list. In addition, the report displays the hierarchical structure if a loop crosses boundaries.

After you determine the locations of any asynchronous state-holding loops, ensure Formality successfully verifies the loop circuit by inserting cutpoints, as described in the next section.

## **Working With Cutpoints**

As previously mentioned, Formality uses black box input pins as compare points. You also can manually insert compare points at a specific net or hierarchical block pin. Inserting a cutpoint at a specific net or hierarchical block pin in a design has the effect of creating a new primary output and a new primary input to the downstream logic. This is called a cutpoint because it effectively cuts the net on which it is inserted.

You can use cutpoints to create specific compare points to verify designs that contain asynchronous state-holding loops. Setting cutpoints on hierarchical block pins and internal nets allows Formality to verify these points independently and use them as a free variable for verification of downstream compare points.

When the design you want to verify has asynchronous state-holding loops, you can manually break each loop by specifying a net or hierarchical block pin of a cell in the loop, then inserting a cutpoint. Likewise, when you encounter a design that is difficult to verify, you can simplify the cones under verification by inserting cutpoints at specific nets or hierarchical block pins, thereby creating new compare points and reducing the size of the logic cones to be verified.

There are several ways to determine a point in the design that is causing (or is likely to cause) a verification problem:

- Your prior knowledge of loops in the circuit design. If you properly insert cutpoints from the start, you can avoid the time spent on generating an inconclusive verification.
- The occurrence of inconclusive verification results. Following the verification run, use the report\_loop -ref and report\_loop -impl commands to locate the loops.
- Timing loop reports generated by other tools such as PrimeTime and Design Compiler.

After you determine the location of a loop in the design, you can insert cutpoints anywhere in the loop without risk of harming the verification setup. Adding a cutpoint merely introduces a new compare point that will be verified by Formality. Be sure to place cutpoints in exactly the same locations in the reference and implementation designs. Use the set\_user\_match command to match the corresponding cutpoints.

**Creating a Cutpoint.** To insert a cutpoint in a design, do one of the following:

| fm_shell                                         | GUI                                              |
|--------------------------------------------------|--------------------------------------------------|
| Specify:                                         | At the Formality prompt, specify:                |
| set_cutpoint objectID<br>[ -type objectID_type ] | set_cutpoint objectID<br>[ -type objectID_type ] |

Specify the name of the net or pin along with the design object where Formality should insert the cutpoint. If the name of the specified design object is associated with more than one type of design object, you must specify the type (either pin or net), using the -type option. For more information about this command, see the online man pages.

**Reporting Information on Cutpoints.** To report the cutpoints inserted with the set\_cutpoint command, do one of the following:

| fm_shell         | GUI                               |
|------------------|-----------------------------------|
| Specify:         | At the Formality prompt, specify: |
| report_cutpoints | report_cutpoints                  |

For more information about this command, see the online man pages.

**Removing a Cutpoint.** To remove cutpoints added with the set\_cutpoint command, do one of the following:

| fm_shell                                    | GUI                                         |
|---------------------------------------------|---------------------------------------------|
| Specify:                                    | At the Formality prompt, specify:           |
| remove_cutpoint object_list<br>-type   -all | remove_cutpoint object_list<br>-type   -all |

#### **Working With Black Boxes**

A black box represents logic whose function is unknown. Black boxes can cause verification failures because input pins become compare points in the design. If black boxes found in the reference design do not match those found in the implementation design, failing compare points result.

In addition, compare point mismatches can occur when black box buses are not normalized in the same manner. When Formality encounters a missing design, it normalizes the bus on the black box to the form WIDTH-1:0. However, when it encounters an empty design, it does not normalize black box buses and bus indexes are preserved. Therefore, you must either not include a design or use an empty design for both the implementation and reference so that buses are normalized in like manner.

When Formality verifies a design, its default action is to consider a black box in the implementation equivalent to its counterpart in the reference design. This behavior can be misleading in cases where

designs contain many unintentional black boxes, such as an implementation that uses black boxes as bus holders to capture the last state placed on a bus. Figure 5-4 shows an example.





The example in Figure 5-4 uses a bidirectional pin to connect to the bus. Because this pin is bidirectional, the bus has an extraneous driver. If the reference design doesn't use similar bus holders, the implementation fails verification. To solve this problem, you can declare the direction "in." Assigning the pin a single direction removes the extraneous driver.

By default, Formality stops processing with an error if it encounters unresolved designs (those that can't be found during the linking process) and empty designs (those with an interface only). For example, suppose a VHDL design has three instances of designs whose logic is defined through associated architectures. If the architectures are not in the container, Formality halts.

You can use the hdlin\_unresolved\_modules environment variable to cause Formality to create black boxes when it encounters unresolved or empty designs during linking. Refer to the online man page for information about this variable.

Note:

Setting the hdlin\_unresolved\_modules variable to black box can cause verification problems.

You can use the verification\_ignore\_unmatched\_ implementation\_blackbox\_input variable to cause Formality to allow successful verification of unmatched input pins on matched black boxes in the implementation design. Refer to the online man page for information on this variable.

Because of the uncertainty that black boxes introduce to verification, Formality allows you some control over how the tool handles them. You can:

- Load only the design interface (ports and directions) even though the model exists.
- Mark a design as a black box for verification even though its model exists and the design is linked.
- Report a list of black boxes.
- Perform an identity check between comparable black boxes.
- Set the port and pin directions.

See the subsections that follow this discussion for details.

## Loading Design Interfaces Only

Note:

Specify the environment variable described below before reading in your designs.

If you know that you want an object to be a black box, specify the hdlin\_interface\_only variable rather than loading nothing into Formality. Formality benefits from having the pin names and directions supplied by this variable.

To load only the pin names and directions for designs, do one of the following:

| fm_shell                              | GUI                                                                        |
|---------------------------------------|----------------------------------------------------------------------------|
| Specify:                              | Click Reference or Implementation.                                         |
| est bellin interfess only "design(s)" | Click Options.                                                             |
| set hdlin_interface_only "design(s)"  | Choose the Variables tab.                                                  |
|                                       | Under Read interface only for these designs prompt, enter list of designs. |
|                                       | Click OK.                                                                  |

This environment variable allows you to load the specified designs as black boxes, even when their models exist, which can be helpful when loading in RAM, IP, and other special models. When you specify report\_black\_boxes, these designs are attributed with an "I" (interface only) to indicate that you specified this variable.

This variable supports wildcards. It ignores syntax violations within specified designs. However, if Formality cannot create an interfaceonly model due to syntax violations in the pin declarations, it treats the specified design as missing.

Modules names must be simple design names. For example, to mark all RAMS in a library as black boxes, where they are named SRAM01, SRAM02...:

fm\_shell (setup)> set hdlin\_interface\_only "SRAM\*"

This variable is not cumulative. Subsequent specifications cause Formality to override prior specifications. Therefore, if you want to mark all RAMS with names starting with DRAM\* and SRAM\* as black boxes, for example, specify both on one line.

fm\_shell (setup)> set hdlin\_interface\_only "DRAM\* SRAM\*"

#### Marking a Design as Black Box for Verification

To mark a design as a black box for verification, do one of the following:

| fm_shell               | GUI                               |
|------------------------|-----------------------------------|
| Specify:               | At the Formality prompt, specify: |
| set_black_box designID | set_black_box designID            |

You specify this command for a loaded design. When you specify report\_black\_boxes, these designs are attributed with an "S" to indicate that you specified this command. To remove this attribute, specify the remove\_black\_box command.

This command allows you to work in black-box mode or not (by removing the attribute as stated previously) as desired. Designs you specify with the hdlin\_interface\_only variable on unresolved references always retain their black box attribute.

# **Reporting Black Boxes**

To report black boxes, do one of the following:

| fm_shell                                                 | GUI                                                      |
|----------------------------------------------------------|----------------------------------------------------------|
| Specify:                                                 | At the Formality prompt, specify:                        |
| report_black_boxes                                       | report_black_boxes                                       |
| [ design_list   -r   -i  <br>-con containerID ] [ -all ] | [ design_list   -r   -i  <br>-con containerID ] [ -all ] |
| [ -unresolved ] [-empty ]                                | [ -unresolved ] [-empty ]                                |
| [ -interface_only ]                                      | [ -interface_only ]                                      |
| [ -set_black_box ]                                       | [ -set_black_box ]                                       |

By default, this command lists the black boxes for both the reference and implementation designs. Formality issues an error if these are not set. You can specify to restrict the report to only the implementation or reference designs, or a container or design that you specify.

In addition, the report lists a reason, or attribute, code for each black box, as follows:

- U: Unresolved design.
- E: Empty design. An asterisk (\*) next to this code indicates that the design is not linked by the set\_top command. Once linked, the design make show up as a black box if it's not really empty.
- I: Interface only, as specified by the hdlin\_interface\_only variable.
- S: Set with the set\_black\_box command.

You can specify to report only black boxes of a certain attribute with the -unresolved, -empty, -interface\_only, and -set\_black\_box options. The default -all option specifies to report all four black box types.

The report output during set\_top processing also lists black boxes.

Note:

Formality places black boxes created due to unresolved designs in the FM\_BBOX library.

## **Performing Identity Checks**

To perform an identity check between two comparable black boxes, do one of the following:

| fm_shell                                     | GUI                                                               |
|----------------------------------------------|-------------------------------------------------------------------|
| Specify:<br>set verification_blackbox_match_ | Click the Modify Formality Shell Variable toolbar button.         |
| mode identity                                | Choose the Match tab and select verification_blackbox_match_mode. |
|                                              | Click the identity radio button.                                  |
|                                              | Click OK.                                                         |

This variable causes Formality to perform an identity check between each set of two comparable black boxes, ensuring that both black boxes have the same library and design names. For more information on this variable, see the online man pages.

#### Setting Pin and Port Directions for Unresolved Black Boxes

By definition, you don't know the function of a black box. For unresolved black boxes, Formality attempts to define pin direction from the connectivity and local geometries. If the tool cannot determine the direction, it assumes that the pin is bidirectional. This could result in an extra driver on a net in one design that does not exist in the other.

To circumvent this failure, you can create a wrapper for the block with the pin directions defined. You can use a Verilog module or VHDL entity declaration. This takes the guesswork out of determining pin direction. You can also use the set\_direction command to define pin direction.

To redefine a black box's pin or port direction, do one of the following:

| fm_shell                            | GUI                                 |
|-------------------------------------|-------------------------------------|
| Specify:                            | At the Formality prompt, specify:   |
| set_direction<br>objectID direction | set_direction<br>objectID direction |

For *objectID*, supply the object ID for an unlinked port or pin. (You cannot set the direction of a linked port or pin.) For *direction*, specify either in, out, or inout. See the online man pages for more details.

#### **Working With Constants**

Formality recognizes two types of constants: design and userdefined. Design constants are nets in your design that are tied to a logical 1 or 0 value. User-defined constants are ports or nets to which you attach a logical 1 or 0 value using Formality commands. User-defined constants are especially helpful when several problem areas exist in a circuit and you want to isolate a particular trouble spot by disabling an area of logic. For example, suppose your implementation has scan logic and you don't want to consider it in the verification process. You can assign a constant to the scanenable input port to disable the scan logic and to take it out of the verification process.

You can apply a user-defined constant to a port or net. However, if you assign a constant to a net with a driver, Formality displays a warning message.

Formality tracks all user-defined constants and enables you to generate reports on them. You can specify how Formality propagates constants through different levels of the design hierarchy.

You can define constant states on ports or nets within a design to restrict the scope of a verification. This technique is useful when you have designs that contain scan logic and you want to disable that logic during verification. For example, you can define a constant to disable a scan enable line and thus verify the design in mission mode.

You can manage user-defined constants by performing the tasks in the following sections.

# **Defining Constants**

To set a net, port, cell, or pin to a constant state of 0 or 1, do one of the following:

| fm_shell                     | GUI                                                                                  |
|------------------------------|--------------------------------------------------------------------------------------|
| Specify:                     | Choose the Setup > Constants tab.                                                    |
| set_constant [ -type type ]  | Click Add then choose the Reference or<br>Implementation tab.                        |
| instance_path constant_value | In the left-hand pane, navigate through tree-<br>view to the instance and select it. |
|                              | In right-hand pane, select the object.                                               |
|                              | Click the "0" or "1" radio button.                                                   |
|                              | Click OK.                                                                            |

For *constant\_value*, specify either 0 or 1. If more than one design object shares the same name as that of the specified object, use the -type option and specify the object type (either port or net). You can specify an ObjectID or instance-based path name for instance\_path. Use the latter if you want to apply a constant to a single instance of an object instead of all instances. In addition, you can use wildcards to specify objects to be set constant. For information about the set\_constant command, see the online man pages.

# **Removing User-Defined Constants**

To remove a user-defined constant, do one of the following:

| fm_shell                     | GUI                               |
|------------------------------|-----------------------------------|
| Specify:                     | Choose the Setup > Constants tab. |
| remove_constant -all         | Select a constant.                |
| or                           | Click Remove.                     |
| remove_constant              |                                   |
| [ -type type ] instance_path |                                   |

If more than one design object shares the same name as that of the specified object, use the -type option and specify port or net (whichever applies) for the type. You can specify an ObjectID or instance-based path name for file\_path. Use the latter if you want to remove a constant on a single instance of an object instead of all instances. For more information about this command, see the online man pages.

## **Listing User-Defined Constants**

To list user-defined constants, do one of the following:

| fm_shell                              | GUI                               |
|---------------------------------------|-----------------------------------|
| Specify:                              | Choose the Setup > Constants tab. |
| report_constants<br>[ instance_path ] |                                   |

If you omit instance\_path, Formality returns a list of all userdefined constants. You can specify an ObjectID or instance-based path name for instance\_path. Each line of the report shows the constant value, design object type, and design object name. For information about this command, see the online man pages.

# **Working With Equivalences**

You might want to declare two design objects as equivalent. You can use the set\_user\_match command to match one object in the reference to many objects in the implementation. For example, suppose the reference design has a single clock port, and the implementation design has several clock ports, use set\_user\_match to match all of the implementation ports to the reference port.

To make an equivalence declaration, use the set\_equivalence command. The set\_equivalence command declares a pair of nets or ports to be equivalent in the reference and implementation designs. You can also declare a pair of ports, pins, or nets in the same design are equivalent; therefore, when two pins are set as equivalent, the second pin will use the value of the first pin. In the case of a net, Formality disconnects the net from the driver in the implementation design and then reconnects that net to the corresponding driver in the reference design. The net in the implementation design will now be driven by the equivalent net in the reference design. Most importantly this means that any logic driving the net in the implementation will not be verified. The same is true for two input ports declared to be equivalent.

# Defining an Equivalence

To make two design objects equivalent, do one of the following:

| fm_shell                                                                                   | GUI                                                                  |
|--------------------------------------------------------------------------------------------|----------------------------------------------------------------------|
| Specify:                                                                                   | Choose the Setup > Equivalences tab.                                 |
| set_equivalence<br>[ -type type ] [ -propagate ]<br>[ -inverted ] objectID_1<br>objectID_2 | Click Add, and then select Ports or Nets for the object type.        |
|                                                                                            | In the Reference section, select a library, design, and object.      |
|                                                                                            | In the Implementation section, select a library, design, and object. |
|                                                                                            | (optional) Click the Propagate or Invert option.                     |
|                                                                                            | Click OK.                                                            |

If more than one design object shares the same name with either specified design object, use the -type option and specify port or net (whichever applies) for the object type. For information about this command, see the online man page.

## **Removing User-Defined Equivalences**

To remove a single user-defined equivalence, do one of the following:

| fm_shell                                                               | GUI                                                               |
|------------------------------------------------------------------------|-------------------------------------------------------------------|
| Specify:                                                               | Choose the Setup > Equivalences tab.                              |
| remove_equivalence<br>[ -all ] [ -type type ]<br>objectID_1 objectID_2 | Select a user-defined equivalence from the list.<br>Click Remove. |

If more than one design object shares the same name as a specified item, use the -type option and specify port or net (whichever applies) for the type. For more information about this command, see the online man page.

#### **Listing User-Defined Equivalences**

To list user-defined equivalences, do one of the following:

| fm_shell                        | GUI                                  |
|---------------------------------|--------------------------------------|
| Specify:<br>report_equivalences | Choose the Setup > Equivalences tab. |

Formality produces a list of user-defined equivalences for designs, ports, and nets. For more information about this command, see the online man page.

**Using Verilog 2001 Constructs.** You can perform equivalency checking on designs that incorporate commonly used Verilog 2001 constructs. These constructs include, but are not limited to:

- Indexed vector part
- Signed arithmetic extensions
- Power operator
- Combinational logic sensitivity token
- Automatic width extensions
- Combined port and data type declarations
- ANSI style input and output declarations

The following sections describe and provide examples for each of the supported Verilog 2001 constructs.

#### **Indexed Vector Part**

Indexed vector part selects are supported. Formality allows indexed part select, a base expression, and an offset direction. For instance, the following is allowed:

```
[base_expr +: width_expr]
[base_expr -: width_expr]
wire [7:0] byteN = word[byte_num*8 +: 8]
```

#### **Signed Arithmetic Extensions**

Formality will accept signed arithmetic extensions: data type, system function (\$signed, \$unsigned), and arithmetic shift operators (>>> and <<<). Data type support includes register and net data types and ports and functions to be declared as signed types. System function support includes \$signed and \$unsigned, which are used to convert signed values to unsigned and vice versa. Arithmetic shift operator support will maintain the sign of a value by filling in the signed-bit value as it shifts.

This example shows a signed data type.

```
reg signed [ 63a:0] data;
wire signed [7:0] vector;
input signed [31:0] a;
function signed [128:0] alu;
```

This example shows a system function.

```
reg [63:0] a; //unsigned data type
always @(a) begin
    result1 = a + 2; //unsigned
    result2 = $signed(a) +2; //signed
end
```

Chapter 5: Preparing the Design for Verification

This example shows arithmetic shift operators.

```
D >> 3 //logical shift yields 8'b00010100
D >>> 3 //arithmetic shift yields 8;b11110100
```

#### **Power Operator**

Formality accepts a power operator, which is similar to the C pow () function. This is useful when you need the power operator to calculate values such as a2. An example of a power operator is

```
always @(posedge clock)
result = base ** exponent;
```

#### **Combinational Logic Sensitivity Token**

The combinational logic sensitivity token is now accepted by Formality. This token (@\*) represents a logic sensitivity list, indicating that statement groups should automatically be sensitive to changes on any values read in that group. An example of this is

```
always @* //combinational logic
if (sel)
    y = a;
else
    y = b;
```

#### **Automatic Width Extensions**

Formality can handle automatic width extensions beyond 32 bits. Therefore, an un-sized value of Z or X will automatically expand to fill the full width of the vector on the left-hand side of the argument. An example showing how Formality handles automatic width extensions is

#### **Combined Port and Data Type Declarations**

Formality will accept declarations that combine the direction of the port and data type of that signal into one statement. The following shows an example of this

```
module mux8 (y, a, b, en);
output reg [7:0] y;
input wire [7:0] a, b;
input wire en;
```

#### **ANSI C Style Module Input and Output Declarations**

Formality supports ANSI C style port declarations for modules. An example of this is

```
module mux8 (output reg [7:0) y,
output reg [7:0] a,
input wire [7:0] b,
input wire en );
```

## **Working With External Constraints**

Sometimes you might want to restrict the inputs used for verification by setting an external constraint. By setting an external constraint, you can limit the potential differences between two designs by eliminating unused combinations of input values from consideration, thereby reducing verification time and eliminating potential false failures that might result from verification with the unconstrained values.

By defining the allowed values of (and relationships between) primary inputs, registers, and black box outputs, and allowing the verification engine to use this information, the resulting verification is restricted to identify only those differences between the reference and the implementation designs that result from the allowed states. Typical constraint types you can set are

- One-hot: one control point at logic 1; others at logic 0.
- One-cold: one control point at logic 0; others at logic 1.
- Coupled: related control points always at the same state.
- Mutually exclusive: two control points always at opposite states.
- User-defined: you define the legal state of the control points.

The following paragraphs describe three cases where setting external constraints within verification is important.

The most common case is when your designs are part of a larger design, and the larger design defines the operating environment for the designs under verification. You only want to verify the equivalence of the two designs within the context of this operating environment. By limiting the verification to the restricted operating conditions using external constraints, you can eliminate the false negatives that might arise out of the unexercised functions.

The second case is when one of the designs you want to verify was optimized under the assumption that some control point conditions cannot occur. The states outside the assumed legal values might be true don't-care conditions during optimization. If the equivalent behavior doesn't occur under these invalid stimulus conditions, false negatives might arise during verification. Setting the external constraints prevents Formality from marking these control points as false negatives under these conditions. The third case is when you want to constrain the allowed output states for a black box component within the designs being verified. Using external constraints eliminates the false negatives that might arise if the black box component is not constrained to a subset of output state combinations.

You can set and remove external constraints, create and remove constraint types, and report information about the constraints you have set.

#### **Defining an External Constraint**

GUI fm\_shell Specify: At the Formality prompt, specify set constraint set constraint [ -name constraint1 constraint2 ] [ -name constraint1 constraint2 ] [-map map list1 map list2] [-map map list1 map list2] constraint type constraint type control\_point\_list control\_point\_list [designID] [designID]

To define an external constraint, do one of the following:

For type\_name, supply the type of external constraint you want to use. For control\_point\_list, specify the list of control points (primary inputs, registers, and black box outputs) to which the constraint applies. Use designID to specify a particular design; otherwise, the default is the current design. For more information about this command, see the online man page.

# **Creating a Constraint Type**

To create a user-defined (arbitrary) constraint type and establish the mapping between the ports of a design that define the constraint and control points in the constrained design, do one of the following:

| fm_shell                                            | GUI                                                 |
|-----------------------------------------------------|-----------------------------------------------------|
| Specify:                                            | At the Formality prompt, specify:                   |
| create_constraint_type<br>type_name<br>[ designID ] | create_constraint_type<br>type_name<br>[ designID ] |

For type\_name, specify the type of constraint. For designID, specify a particular design; otherwise, the default is the current design. For more information about this command, see the online man page.

User-defined constraints allow you to define the allowable states of the control points by specifying a constraint module. The constraint module is a design you create that determines whether the inputs are legal (care) or illegal (don't-care) states. When the output of the constraint module evaluates to 1, the inputs are in a legal state. For information about don't-care cells, see "Using Don't-Care Cells" on page 5-3.

When you later reference the user-defined constraint from the set\_constraint command, Formality automatically hooks the constraint module design into the target of the set\_constraint command and uses the output of the module to force the verification to consider only the legal states for control points.

The characteristics of a constraint module are that it has:

- One or more inputs and exactly one output
- Outputs must be in logic 1 for a legal state; otherwise logic 0

- No inouts (bidirectional ports)
- No sequential logic
- No three-state logic
- No black boxes

#### **Removing an External Constraint**

To remove an external constraint from the control points of a design, do one of the following:

| fm_shell                             | GUI                                  |
|--------------------------------------|--------------------------------------|
| Specify:                             | At the Formality prompt, specify:    |
| remove_constraint<br>constraint_name | remove_constraint<br>constraint_name |

For *constraint\_name*, specify the name of the constraint to remove. For more information about this command, see the online man page.

## **Removing a Constraint Type**

To remove external constraint types, do one of the following:

| fm_shell                         | GUI                               |
|----------------------------------|-----------------------------------|
| Specify:                         | At the Formality prompt, specify: |
| remove_constraint_type type_name | remove_constraint_type type_name  |

For  $t_{YP}e\_name$ , specify the type of user-defined constraint to remove. For more information about this command, see the online man page.

Chapter 5: Preparing the Design for Verification

# **Reporting Constraint Information**

To report information about the constraints set in your design, do one of the following:

| fm_shell                                       | GUI                                            |
|------------------------------------------------|------------------------------------------------|
| Specify:                                       | At the Formality prompt, specify:              |
| report_constraint<br>[ -long ] constraint_name | report_constraint<br>[ -long ] constraint_name |

For *constraint\_name*, specify the name of the constraint for which you want to obtain a report. For more information about this command, see the online man page.

## **Reporting Information on Constraint Types**

To report information on constraint types set in your design, do one of the following:

| fm_shell                                      | GUI                                           |
|-----------------------------------------------|-----------------------------------------------|
| Specify:                                      | At the Formality prompt, specify:             |
| report_constraint_type<br>[ -long ] type_name | report_constraint_type<br>[ -long ] type_name |

For more information about reporting information on constraint types, see the online man pages.

#### **Working With Hierarchical Designs**

You can control the following features of hierarchical design verification: the separator character used to create flattened path names, operating mode for propagating constants throughout hierarchical levels, and whether or not Formality disregards hierarchical boundaries. The following sections describe these features.

#### **Setting the Flattened Hierarchy Separator Character**

Formality uses hierarchical information to simplify the verification process, but it verifies designs in a flat context. By default, Formality uses the slash (/) character as the separator in flattened design path names. If this separator character is not consistent with your naming scheme, you can change it.

To establish a character as the flattened path name separator, do one of the following:

| fm_shell                                                            | GUI                                                                                    |
|---------------------------------------------------------------------|----------------------------------------------------------------------------------------|
| Specify:                                                            | Click the Modify Formality Shell Variable toolbar button.                              |
| set name_match_flattened_<br>hierarchy_separator_style<br>character | Choose the Setup tab and select<br>name_match_flattened_hierarchy_<br>separator_style. |
|                                                                     | In the Value text box, enter the required separator character.<br>Click OK.            |

This variable reads in the design hierarchy, and the character separator allows Formality to understand where the hierarchical boundaries are. For more information about this variable, see the online man page.

# **Propagating Constants**

When Formality verifies a design that contains hierarchy, the default behavior is to propagate all constants throughout the hierarchy. For a description of constant types as they apply to Formality, see "Working With Constants" on page 5-22.

In some cases, you might not want to propagate all constants during hierarchical verification. To determine how Formality propagates constants, do one of the following:

| fm_shell                                    | GUI                                         |
|---------------------------------------------|---------------------------------------------|
| Specify:                                    | At the Formality prompt, specify:           |
| set<br>verification_constant_prop_mode mode | set<br>verification_constant_prop_mode mode |

You can use this variable to specify where Formality is to start propagation during verification. In auto mode, the default, Formality traverses up the reference and implementation hierarchy in lock-step to automatically identify the top design from which to propagate constants. Therefore, correspondence between the hierarchy of the two designs impacts this mode. Specify top to tell Formality to propagate from the design you set as top using the set\_top command. Specify target to instruct Formality to propagate constants from the currently set ref and impl designs.

#### Note:

Set verification\_constant\_prop\_mode to top or target only if your reference and implementation designs do not have matching hierarchy. Setting the mode to auto when you have different levels of hierarchy can cause Formality to propagate from an incorrect top-level design.

For more information about this variable, see the online man page.

# **Working With Combinational Design Changes**

This section describes how to prepare designs that have undergone a combinational transformation. Special attention is required if your design contains combinational design changes, such as:

- Internal scan insertions
- Boundary scan insertions
- Clock tree buffers

Your design might also include sequential transformations. For more information, see "Working With Sequential Design Changes" on page 5-42.

# **Disabling Scan Logic**

Internal scan insertion is a technique used to make it easier to set and observe the state of registers internal to a design. During scan insertion, scan flops replace flip-flops. The scan flops are then connected into a long shift register. The additional logic added during scan insertion means that the combinational function has changed, as shown in Figure 5-5.



#### Pre-Scan



After determining which pins disable the scan circuitry, disable the inserted scan logic by specifying "0" for the set\_constant command. See the procedure described in section "Defining Constants" on page 5-23.

## **Disabling Boundary-Scan in Your Designs**

Boundary scan is similar to internal scan in that it involves the addition of logic to a design. This added logic makes it possible to set and observe the logic values at the primary inputs and outputs (the boundaries) of a chip, as shown in Figure 5-6. Boundary scan is also referred to as the IEEE 1149.1 Std. specification.

#### Figure 5-6 Boundary Scan Insertion



Designs with boundary-scan registers inserted requires setup attention because:

- The logic cones at the primary outputs differ.
- The boundary-scan design has extra state holding elements.

Boundary scan must be disabled in your design in the following cases:

- If the design contains an optional asynchronous TAP reset pin (such as TRSTZ or TRSTN), use set\_constant on the pin to disable to scan cells.
- If the design contains only the four mandatory TAP inputs (TAS, TCK, TDI and TDO), force an internal net of the design with the set\_constant command. For example:

```
fm_shell (setup)> set_constant gates:/WORK/TSRTS 0
fm_shell (setup)> set_constant gates:/WORK/alu/somenet 0
```

Specify "0" for the set\_constant command as described in the procedure described in section "Defining Constants" on page 5-23.

# Managing Clock Tree Buffering

Clock tree buffering is the addition of buffers in the clock path to allow the clock signal to drive large loads, as shown in Figure 5-7.

Figure 5-7 Clock Tree Buffer



Without setup intervention, verification of blocka fails. As shown in the figure, the clock pin of ff3 is clk in the pre-buffer design, while in the post-buffer design the clock pin of ff3 is clk3. The logic cones for ff3 are different, which results in a failing point.

To counteract clock tree buffering, you must use the set\_user\_match command to specify that the buffered clock pins
are equivalent. With set\_user\_match you can match one object in
the reference to multiple objects in the implementation (1-to-n
matching). For example, if you want to match a clock port, clk, in the
reference to three clock ports in your implementation, clk, clk1, and
clk2, you can use

```
set_user_match r: /WORK/design/clk i:/WORK/design/clk i:/
WORK/
design/clk1 i:/WORK/design/clk2
```

Alternately, you can issue multiple commands for each port in the implementation:

```
set_user_match r: /WORK/design/clk i:/WORK/design/clk
set_user_match r: /WORK/design/clk i:/WORK/design/clk1
set_user_match r: /WORK/design/clk i:/WORK/design/clk2
```

If you know a clock port is inverted, use the -inverted option to the set\_user\_match command. Therefore, if your reference had a clock port, clk, and your implementation had a clk port and an inverted clock port, clk\_inv, you would use the following command:

```
set_user_match r:/WORK/design/clk i:/WORK/design/clk
set_user_match -inverted r:/WORK/design/clk i:/WORK/design/
clk_inv
```

For more information about the set\_user\_match command, see the online man page.

#### **Working With Sequential Design Changes**

Like the combinational design changes described in section "Working With Combinational Design Changes" on page 5-38, sequential design changes also require setup prior to verification. Sequential design changes include:

- Adding asynchronous bypass circuitry to registers
- Clock gating
- Pushing inversions across registers

FSM re-encoding and module retiming are also considered sequential design changes. For more information, see "Working With Re-Encoded Finite State Machines" on page 5-54 and "Working With Retimed Designs" on page 5-59.

# Managing Asynchronous Bypass Logic

A sequential cell where some of the asynchronous inputs have combinational paths to the outputs (bypassing the SEQGEN) is said to have an asynchronous bypass, as shown in Figure 5-8.

Figure 5-8 Asynchronous Bypass Logic



Asynchronous bypass logic can result from:

- Mapping from one technology library to another.
- Verilog simulation libraries. The Verilog module instantiates logic creating a combinational path that directly affects the output of a sequential user defined primitive (UDP).
- Modeling a flip-flop with RTL code. The RTL has an explicit asynchronous path defined or the RTL specifies that both Q and QN have the same value when Clear and Preset are both active.

Asynchronous bypass logic cannot come from a .lib file that was converted to a .db file. Library Compiler uses a SEQGEN's capability to model asynchronous behavior to avoid creating explicit bypass paths around a sequential element.

Asynchronous bypass logic results in a failing point, as shown in Figure 5-9.

#### Figure 5-9 Asynchronous Bypass Failing Point



To prevent an aborted verification due to the downstream failing point, do one of the following:

| fm_shell                               | GUI                                                          |
|----------------------------------------|--------------------------------------------------------------|
| Specify:                               | Click the Modify Formality Shell Variable toolbar button.    |
| set<br>verification_asynch_bypass true | Choose the Verify tab and select verification_asynch_bypass. |
|                                        | Click the true radio button.<br>Click OK.                    |

This creates asynchronous bypass logic around every register in the design. Setting verification\_asynch\_bypass to true can cause the following:

- Longer verification runtimes
- Introduction of loops into the design
- Aborted verification due to design complexity

Chapter 5: Preparing the Design for Verification

Asynchronous bypass affects the entire design and cannot be placed on a single instance. In addition, asynchronous bypass is automatically enabled when you verify cells in a technology library; because of the relative simplicity of library cells no negative effects occur.

## **Setting Clock Gating**

Clock gating can be used to implement load enable signals in synchronous registers. It results in more power-efficient circuits than multiplexer-based solutions. In its simplest form, clock gating is the addition of logic in a register's clock path that disables the clock when the register output is not changing, as shown in Figure 5-10. You use clock gating to save power by not clocking register cells unnecessarily.







The correct operation of such a circuit imposes timing restrictions, which can be relaxed if clock gating uses latches or flip-flops to eliminate hazards.

There are two clock-gating styles that are widely used in designs: combinational clock gating and latch-based clock gating. They are described later in this section. Both techniques often use a single AND or a single OR gate to eliminate unwanted transitions on the clock signal.

The Formality clock-gating support covers Power Compiler inserted clock gating. Formality can also verify clock gating inserted by other tools or manually. In general, verification of a design with no gating against a design with inserted gating can result in a failure because of extra logic (latches) in the gated design. This works for both RTL2gate and Gate2Gate verifications.

Clock gating results in the following two failing points:

- A compare point is created for the clock-gating latch. This compare point does not have a matching point in the other design, causing it to fail.
- The logic feeding the clock input of the register bank changes. Thus, the compare points created at the register bank fail.

To instruct Formality to account for clock-gating logic, do one of the following:

| fm_shell                                                                | GUI                                                                                                                           |
|-------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------|
| Specify:                                                                | Click the Modify Formality Shell Variable toolbar button.                                                                     |
| set<br>verification_clock_gate_hold_mode<br>[ none   low   high   any ] | Choose the Verify tab and select<br>verification_clock_gate_hold_mode.<br>Click the level desired from the menu.<br>Click OK. |

In this command:

- None is the default (off).
- Low allows clock gating that holds the clock low when inactive.
- High allows clock gating that holds the clock high when inactive.
- Any considers both high and low styles of clock gating within the same design.

The verification\_clock\_gate\_hold\_mode command affects the entire design. It cannot be placed on a single instance, and enabling it causes slower runtimes.

When you use combinational logic to gate a clock, Formality does not detect glitches. You must use a static timing tool such as PrimeTime to detect glitches.

**Combinational Gate Clocking.** Assume the reference design in Figure 5-11.

Figure 5-11 Reference Design



The typical combinational clock-gating circuitry is presented in Figure 5-12. The gate has two inputs, en and clk, the output of which feeds a register clock. To the right, you see the corresponding waveforms.

Figure 5-12 Combinational Clock Gating Using AND Gate



You see that if glitches occur on the signal load\_en, invalid data can be loaded into the register. Hence, this circuit is functionally nonequivalent to that in Figure 5-11. In default mode, Formality considers this glitch a possible input pattern and produces a failing point. Formality disregards such a non equivalence if you set the verification\_clock\_gate\_hold\_mode variable to low.

Chapter 5: Preparing the Design for Verification 5-48

Latch-Based Clock Gating. The typical latch-based clock-gating circuitry, such as that used by Power Compiler, is presented in Figure 5-13. The latch has two inputs, en and clk, and one output, q. The clock (clk) is gated with the output of the latch and then feeds the register clock. You can also see the corresponding waveforms.

Figure 5-13 Latched-Based Clock Gating Using AND Gate



#### During verification, when the

verification\_clock\_gate\_hold\_mode variable is set, Formality recognizes clock-gating latches and takes into account their role in the design under verification.

You can see that whenever load\_en goes low, gated clk also goes low. Data coming out of the register transforms at the same instant and continues to remain there until load\_en goes up again. If you set the verification\_clock\_gate\_hold\_mode variable to low, Formality determines that this setup is the same as that of a design that has no clock gating (Figure 5-11).

# **Enabling Inversion Push**

Inversion push means moving an inversion across register boundaries, as shown in Figure 5-14.

Figure 5-14 Inversion Push



Inversion pushing causes two failing points, as shown in Figure 5-15.

Figure 5-15 Inversion Push Failing Points



There two techniques for handling of inversion pushes in Formality: instance-based and environmental. The manner in which you solve the resulting failing points differs depending on the type of inversion push.

Chapter 5: Preparing the Design for Verification 5-50

# **Instance-Based Inversion Push**

Instance-based inversion pushing specifies that a specific register had an inversion pushed across it. Formality must push an inversion across the register, which can be useful when you know which register had an inverter pushed across it. This method can be applied to library cells. You apply instance-based inversion pushing before verification begins. Next state and Q/QN pins are inverted.

To remedy the resulting failing points, do one of the following:

| fm_shell                                         | GUI                                              |
|--------------------------------------------------|--------------------------------------------------|
| Specify:                                         | At the Formality prompt, specify:                |
| set_inv_push<br>[ -shared_lib ]<br>objectID_list | set_inv_push<br>[ -shared_lib ]<br>objectID_list |

For example:

fm\_shell (setup)> set\_inv\_push ref:/WORK/alu/z\_reg

To indicate inversion push, you might prefer to use set\_user\_match with the options of -inverted or noninverted. This command with either option handles inverted
polarity. Polarity conflicts between set\_inv\_push and
set\_user\_match applied to the same point are resolved by using
the polarity specified by set\_user\_match.

For more information on set\_inv\_push and set\_user\_match, see their respective online man pages.

# **Environmental Inversion Push**

Every compare point matched pair has a compare polarity, which is either inverted or non-inverted. Inverted polarities can occur due to the style of vendor libraries, design optimizations by synthesis, or manually generated designs. If environmental inversion push is not enabled Formality matches all compare points with a non-inverted compare polarity, unless you specify otherwise using set\_user\_match -inverted.

Environmental inversion pushing allows Formality to automatically match all state points with the correct compare polarity during matching. Environmental inversion pushing is off by default. Enable it only after you resolve all setup issues and assure differences in the designs are due to inverted state points. If there are failing compare points, environmental inversion push may spend a long time attempting to find a set of inverted matches to solve the verification, but this may be impossible because the compare points are not equivalent. Only use this variable if you know an inversion push was used during creation of the implementation design.

To instruct Formality to automatically use environmental inversion pushing to match state points with the correct polarity, do one of the following:

| fm_shell                             | GUI                                                           |
|--------------------------------------|---------------------------------------------------------------|
| Specify:                             | Click the Modify Formality Shell Variable toolbar button.     |
| set verification_inversion_push true | Choose the Verify tab and select verification_inversion_push. |
|                                      | Click the true radio button.                                  |
|                                      | Click OK.                                                     |

In the GUI, compare polarity is indicated by "+" for non-inverted, "-" for inverted, and "?" for unspecified. In addition, match-related reports now have a column to indicate polarity. The "-" indicates inverted polarity, a space, "", indicates non-inverted polarity. For user match reports a "?" indicates unspecified polarity.

## **Working with Retention Registers**

Formality supports the verification of designs with retention registers. You will find information on retention registers in the *Power Compiler User Guide*. To verify a netlist with retention registers against the RTL without retention registers requires you to disable all retention registers sleep mode. To disable their sleep mode, set a constant on the sleep pins on the retention registers.

Formality reads design information describing retention registers from RTL, cell libraries, and implementation netlists produced by Power Compiler. During compare point matching, Formality checks retention registers in the reference against matching registers in the implementation for the power\_gating\_style attribute. Set the enable\_power\_gating variable to true to enable Formality to check retention registers. The default is false.

You can define the power of the gating style using the set\_power\_gating\_style command. To apply different retention
registers to different HDL blocks, use the command
set\_power\_gate\_style

-hdl\_blocks <block\_label> -type <type\_name>. The hdl\_blocks is a required option for this command. The block\_label should match the Verilog name always blocks or VHDL processes. The type\_name should name the power\_gating\_cell attribute value. To have Formality issue the retention register check report, use the report\_power\_gating command. This report summarizes matching register pairs without power gating attributes, with compatible power gating attributes, and with incompatible power gating attributes.

#### **Working With Re-Encoded Finite State Machines**

The architecture for a finite state machine (FSM) consists of a set of flip-flops for holding the state vector, and a combinational logic network that produces the next state vector and the output vector. For detailed information about FSMs, see the Synopsys Design Compiler documentation.

Before verifying a re-encoded FSM in the implementation against its counterpart in the reference design, you must take steps that allow Formality to make verification possible. These steps define the FSM state vectors and establish state names with their respective encoding.

Without your intervention, Formality is unable to verify two FSMs that have different encoding, even if they have the same sequence of states and output vectors.

Formality provides several methods by which you can name flip-flops and define encoding. User-defined encoding is not verified by Formality so take care to specify the encoding correctly. The easiest method is to use the automated setup file generated by design compiler. You can also use a single  $fm_shell$  command to read a user-supplied file that contains all the information at once, or you can use two commands to first name state vector flip-flops and then define the state names and their encoding. These methods are described in the following sections.

# Using the Automated Setup File for FSM Re-Encoding

The automated setup file generated by Design Compiler contains FSM state vector encoding. These are in the form of guide\_fsm\_reencoding commands. Use the following variable to tell Formality to use the FSM guidance in the SVF file:

```
set svf_ignore_unqualified_fsm_information false
```

Set this variable before reading the automated setup file. For more information see "Working With the Automated Setup File" on page 5-73. The guide\_fsm\_reencoding commands may also be performed manually as described in the man pages.

# **Reading a User-Supplied FSM State File**

To simultaneously name the FSM state vector flip-flops and provide state names with their encoding, do one of the following:

| fm_shell                 | GUI                                                             |
|--------------------------|-----------------------------------------------------------------|
| Specify:                 | Click the View Reference or View Implementation toolbar button. |
| read_fsm_states filename | Choose File > Read FSM States.                                  |
| [ designID ]             | Navigate to and select the FSM state file.<br>Click OK.         |

This is the recommended method when your FSM has many states. If your FSM has only a few states, consider the method described in the next section. For more information about this command, see the online man page.

Note:

You must supply FSM information for both the reference and implementation designs for verification to succeed.

The file you supply must conform to certain syntax rules. You can generate a suitable file by using the report\_fsm command in Design Compiler and redirecting the report output to a file. For information about the file format and the read\_fsm\_states command, see the online man pages.

## **Defining FSM States Individually**

To first name an FSM state vector flip-flop and then define the state name and its respective encoding, do one of the following:

| fm_shell                                            | GUI                                                 |
|-----------------------------------------------------|-----------------------------------------------------|
| Specify:                                            | At the Formality prompt, specify:                   |
| set_fsm_state_vector flip-flop_list<br>[ designID ] | set_fsm_state_vector<br>flip-flop_list [ designID ] |
| then specify:                                       | then specify:                                       |
| set_fsm_encoding encoding_list [ designID ]         | set_fsm_encoding encoding_list [ designID ]         |

Using these commands might be convenient when you have just a few flip-flops in the FSMs that store states. If you use these commands, you must use them in the order shown.

Note:

You must supply FSM information for both the reference and implementation designs for verification to succeed.

The first command names the flip-flops, and the second command defines the state names with their encoding. For more information about the set\_fsm\_state\_vector command, and the set\_fsm\_encoding command, see the online man pages.

Chapter 5: Preparing the Design for Verification

# Multiple Re-encoded FSMs In a Single Module

Formality supports multiple re-encoded FSMs in a single module. FSM re-encoding might occur during synthesis, resulting in the reference and implementation design having different state registers due to differing state-encoded machines. Formality will support these re-encoded FSMs if you provide both the FSM state vector and the state encoding using -name option with the set\_fsm\_state\_vector and set\_fsm\_encoding commands, or by using the read\_fsm command with the FSM information provided in a file you specified.

For example:

```
set_fsm_state_vector {ff1 ff2} -name fsm1
set_fsm_encoding {s1=2#01 s2=2#10} -name fsm1
set_fsm_state_vector {ff3 ff4} -name fsm2
set_fsm_encoding {s1=2#01 s2=2#10 s3=2#11} -name fsm2
```

Formality uses this information to verify FSM re-encoded designs by first modifying the reference design by replacing the original state registers with the new state registers. Then Formality synthesizes the logic around the new state registers to keep the new reference design functionally equivalent to its original. Finally, Formality can verify the FSM re-encoded designs because the new reference and implementation have the same state registers.

# Listing State Encoding Information

To list FSM state information for a particular design, do one of the following:

| fm_shell                | GUI                               |
|-------------------------|-----------------------------------|
| Specify:                | At the Formality prompt, specify: |
| report_fsm [ designID ] | report_fsm [ design_ID ]          |

Formality produces a list of FSM state vector flip-flops and their encoding. For more information about this command, see the online man page.

# Working With FSMs Re-encoded Using Design Compiler

If you are verifying a design with an FSM that has been re-encoded with Design Compiler, you need to supply the state register mapping and state encoding to Formality first, before matching. If FSMs are present, but the encoding has not been changed, no setup information is required.

There are several methods for addressing FSM setup in Formality, if you used Design Compiler to do the re-encoding. These methods are listed in order of preference.

The first, and preferred method, is to write out an automated setup file (.svf extension) from Design Compiler, then read the .svf back into Formality.

The second option is to use the

fsm\_export\_formality\_state\_info command in Design
Compiler to write out the <module\_name>.ref and
<module\_name>.impl files, then read these files back into Formality
using the read\_fsm\_states command.

The third option is to use the report\_fsm command in Design Compiler for both the reference and implementation designs, then read these reports back into Formality using the read\_fsm\_states command.

Alternately, if you manually re-encoded your design, or the reencoding was done by a tool other than Design Compiler, you can use the following two commands in Formality to specify the state encoding and register state mapping.

```
set_fsm_encoding
set_fsm_state_vector
```

You will need to use these two commands for both the reference and implementation designs.

## **Working With Retimed Designs**

Retiming designs moves registers across combinational logic in an effort to meet timing or area requirements. Retiming can occur during synthesis or can be a result of "hand editing" a design. Retiming can change the number of registers in a design and the logic driving the registers.

Situations can arise when one design (the implementation) has been retimed and the other (the reference design) has not. At the design level, you can set a parameter that tells Formality that a particular design has been retimed. Doing so instructs Formality to take steps during compare point creation that account for the design changes caused by retiming.

To specify that a design has been retimed, do one of the following:

| fm_shell                         | GUI                                         |
|----------------------------------|---------------------------------------------|
| Specify:                         | Choose the Setup > Design Parameters tab.   |
| set_parameters -retimed designID | Choose the Reference or Implementation tab. |
|                                  | Select a library and a design.              |
|                                  | Check the Design has been retimed box.      |

For information about this command, see the online man page.

Using set\_parameters -retimed is recommended for designs that have been retimed manually (for example, using the optimize\_registers command in Design Compiler). For other types of sequential optimizations, it might be more appropriate to use one of the following features:

verification\_merge\_duplicated\_registers, verification\_inversion\_push, or set\_user\_match -inverted. For additional information about these commands, see their online man pages.

# Working With Single-State Holding Elements

A level-sensitive scan design (LSSD) cell is a single-state holding element that consists of two latches arranged in a master-slave configuration. LSSD cells occur frequently when you use IBM libraries. LSSD cells result in two compare points in the gate-level design, as shown in Figure 5-16. The RTL design contains a SEQGEN that results in one compare point.

#### Figure 5-16 LSSD Cells



Two criteria must be met in order for Formality to determine that a latch is part of an LSSD cell:

- The latch pair must reside within a single technology library cell.
- The latches must be matched to a flip-flop using a name-based solution, such as the exact name, fuzzy name match, rename\_object, or compare rule. Signature analysis cannot be used.

The two latches can be verified against a single sequential element if they meet the LSSD cell criteria.

## **Working With Multiplier Architectures**

Formality uses the arithmetic generator functionality automatically to improve the performance and ability to solve designs where multipliers have been flattened into gate-level netlists. Use of the arithmetic generator in Formality creates multipliers of a specific type so the synthesized representation of the reference RTL will more closely match the gate implementation; therefore, assisting in the verification of hard datapath problems.

The arithmetic generator can create the following multiplier architectures:

- Carry save array (csa)
- Non-Booth Wallace tree (nbw)
- Booth-encoded Wallace tree (wall)

Refer to the section, "Working With the Automated Setup File" on page 5-73, for details on the mechanism for transferring details of csmult and mcarch multipliers.

# **Reading the Automated Setup File**

Prior to setting your multiplier architecture, read in any automated setup files you have using the set\_svf command. The automated setup file can contain your multiplier architecture information, which will be used in the verification to improve performance and verification success. For more information on automated setup file, see "Working With the Automated Setup File" on page 5-73.

# **Setting the Multiplier Architecture**

You can set the multiplier architecture for your entire design or on particular instances of cells in your design. The following sections describe both methods for setting the multiplier architecture. Set the Multiplier Architecture On Entire Design. Manually instruct Formality to use a specific multiplier architecture for your entire design file using your RTL source and the TCL variables hdlin\_multiplier\_architecture and enable\_multiplier\_architecture.

To instruct Formality to use a specific multiplier architecture for a specific design file, do one of the following:

| fm_shell                                                                       | GUI                                   |
|--------------------------------------------------------------------------------|---------------------------------------|
| Specify:                                                                       | At the Formality prompt, specify:     |
| set hdlin_multiplier_architecture csa<br>set enable_multiplier_generation true | set hdlin_multiplier_architecture csa |
| read_verilog foo.v                                                             | set enable_multiplier_generation true |
|                                                                                | read_verilog foo.v                    |

The default value for hdlin\_multiplier\_architecture is none. The arithmetic generator will attempt to duplicate the architecture Design Compiler used in determining which architecture is appropriate. Formality uses the value defined in the Tcl variable dw\_foundation\_threshold to help select the architecture. If you don't want Formality to determine the architecture, set the value of the hdlin\_multiplier\_architecture variable to your preferred architecture.

For more information on the hdlin\_multiplier\_architecture or dw\_foundation\_threshold variables, see their online man pages.

Note:

You also have the choice of setting the multiplier architecture using the Tcl variable architecture\_selection\_precedence. With this variable you can define which mechanism takes precedence.

Set the Multiplier Architecture On Specific Cell Instance. You can replace the architecture for a specific multiplier instance. While you are in setup mode and after elaboration, use the enable\_multiplier\_generation variable and the set\_architecture command with the specific cell instance name and specific architecture to set the multiplier architecture as desired.

To instruct Formality to use a specific multiplier architecture for a specific instance, do one of the following:

| fm_shell                              | GUI                                   |
|---------------------------------------|---------------------------------------|
| Specify:                              | At the Formality prompt, specify:     |
| set enable_multiplier_generation true | set enable_multiplier_generation true |
| set_architecture                      | set_architecture                      |

For more information on the enable\_multiplier\_generation variable or the set\_architecture command, see their respective online man pages.

Alternatively to setting the multiplier architecture while in setup mode, you can set a pragma in your VHDL or Verilog source code that will set the multiplier architecture for a specific cell instance. To do this, you would set the pragma with the syntax formality multiplier [ csa | nbw | wall ] immediately before the intended multiplier instance in your source code.

Set the Multiplier Architecture Using Pragmas. You can use a pragma to set the multiplier architecture by annotating your RTL source code with the architecture desired for a given instance. This pragma is a constant in the RTL source that appears immediately before the multiplier instance using formality multiplier [ csa | nbw | wall ].

When present in a comment, the pragma causes Formality to synthesize the next multiplier instance in the RTL source using the specified architecture. If multiple pragmas are present before a single multiplier instance, the arithmetic generator will build the architecture with the pragma preceding it.

The pragma can be in Verilog or VHDL source. The following shows an example of each.

Verilog:

```
// formality multiplier nbw
z <= a*b;</pre>
```

VHDL:

```
-- formality multiplier nbw
z <= a*b;</pre>
```

In both instances, this pragma informs the arithmetic generator to use an nbw architecture for the "a \* b" multiplier instance.

# **Reporting Your Multiplier Architecture**

To report the architecture used to implement a certain instance, as well as what caused that instance to be selected, you can use the report\_architecture command.

To instruct Formality to report on the multiplier architecture used in your design, do one of the following:

| fm_shell                 | GUI                               |
|--------------------------|-----------------------------------|
| Specify:                 | At the Formality prompt, specify: |
| report_architecture -all | report_architecture               |

For more information on the report\_architecture command and its options, see the online man page.

#### **Working With Arithmetic Blocks**

When attempting to verify RTL-to-gates you might encounter long, and in some cases inconclusive, verifications for circuits that contain significant arithmetic datapath logic. These hard verifications can occur in both Design Compiler Expert and Design Compiler Ultra flows. To reduce the number of difficult verifications, use the Formality automated setup file (SVF) produced by Design Compiler and set the following variable:

```
set svf_datapath true
```

This directs Formality to process datapath transformation directives found in the active SVF file.

This variable controls whether Formality processs all guidetransformation commands found in the user-specified SVF file. A value of true indicates that guide-transformation commands are accepted. A value of false indicates that guide-transformation commands are not processed. No guide commands other than guide-transformation commands are affected.

Chapter 5: Preparing the Design for Verification

The Presto reader in Design Compiler must be used in order for this enhanced datapath flow to work properly. For Verilog, the Presto reader is enabled by default. For VHDL, the following two variables must be set to true to ensure compatibility with Presto:

set hdlin\_vhdl\_presto\_naming true
set hdlin\_vhdl\_presto\_shift\_div true

These variables allow Formality to build operator names that match those of Design Compiler.

This capability addresses arithmetic datapaths that involve:

- Tree rebalancing
- Resource sharing
- Operator merging

# **Datapath Support**

Formality uses an automated setup file to convey information about datapath transformations due to tree rebalancing or re-ordering, resource sharing, and operator merging. Multiplier architecture information is a key component of this overall datapath capability. Any datapath information from the automated setup file is completely validated before it is taken into consideration for the verification.

Design Compiler produces an automated setup file referred to as the SVF file with a .svf suffix. Formality then reads in the SVF file and performs verification. During the match and verify stages the appropriate datapath solvers are called to perform the task.

The enhanced datapath flow consists of the following steps:

- 1. Produce SVF data with Design Compiler.
- 2. Read SVF data into Formality.
- 3. Perform verification with Formality.

# Producing SVF Data with Design Compiler

The variables required to produce SVF data for datapath support are active by default. This includes the creation of the SVF file itself. Even if nothing is specified, a file named "default.svf" is created.

Design Compiler produces the SVF file that contains descriptions of datapath transformations, specifically in regards to tree rebalancing and resource sharing. These datapath descriptions are in addition to the other guide information Design Compiler normally generates, such as for constants or change\_names.

If either complex multipliers or merge operations due to ultraoptimizations are present, Design Compiler also creates a netlist representing the multipliers or merged block. Formality validates that the netlist successfully compares to the RTL then loads the netlist into the reference as part of the overall verification.

# **Reading the SVF Data Into Formality**

To use the SVF file, include the following commands in your Formality script:

```
set svf_datapath true
set_svf filename.svf
```

Insert set\_svf prior to the read commands in your Formality script. Otherwise, Formality will not properly use the automated setup file contents for datapath. For more information on the SVF file, see "Working With the Automated Setup File" on page 5-73.

For VHDL designs, add the following to enable Formality to use Presto names:

```
set hdlin_vhdl_presto_naming true
```

This variable allows Formality to build operator names that match those of Design Compiler.

Any DesignWare SVF netlist directory created by Design Compiler must be in the same directory as the SVF file that refers to it.

# **Transformation Messages**

During verification, Formality reports the status on its ability to utilize all of the transformations presented to it in the SVF file. The transformations are as follows:

- Map: Mapping a single operation to a resource
- Tree: Reordering or rebalancing resources
- Share: Sharing two or more operations on a single resource
- Merge: Merging operators into a single datapath resource

#### The output report looks as follows:

| Status                                                     | Мар               | Tree                                  | Share            | Merg                                                | ge          | Total                     |
|------------------------------------------------------------|-------------------|---------------------------------------|------------------|-----------------------------------------------------|-------------|---------------------------|
| Accepted :<br>Rejected :<br>Unsupported :<br>Unprocessed : | 27<br>0<br>0<br>0 | 2<br>0<br>0<br>0                      | 3<br>1<br>0<br>0 | 2<br>0<br>0<br>0                                    | 1 (         | 97%)<br>2%)<br>0%)<br>0%) |
| Total :                                                    | 27                | 2                                     | <br>4            |                                                     | 2           | 35                        |
| Transformation                                             | r                 | Гуре                                  | S                | tatus                                               |             |                           |
| FM_1<br>FM_2<br>FM_3<br>FM_4                               | I                 | TREE<br>TREE<br>MAP<br>MAP            | A<br>A           | .ccepted<br>.ccepted<br>.ccepted<br>.ccepted        | 1<br>1      |                           |
| FM_31<br>FM_32<br>FM_33<br>FM_34<br>FM_35                  | ]<br>;<br>]       | MAP<br>MAP<br>SHARE<br>MERGE<br>MERGE | A<br>R<br>A      | ccepted<br>ccepted<br>ejected<br>ccepted<br>ccepted | 1<br>1<br>1 |                           |

You can generate this report at any time by specifying the report\_guidance -datapath -long command, but it will only have meaningful data relating to transformations after the matching process has completed. For detailed information for this command, run man report\_guidance.

The results of the status fields are:

Accepted

•

Formality validated and applied this transformation to the reference.

Rejected

Formality either could not validate or could not apply this transformation to the reference.

Unsupported

Formality does not currently support this transformation.

Unprocessed

Formality has not processed this transformation.

For the status results, Formality only uses the datapath information provided in the guidance file for those transformations marked "Accepted" by first validating them, then applying them to the reference design.

All transformations are not necessarily required to complete a successful verification. Guidance for a single transformation might be enough to enable Formality to come to a conclusive verification. Conversely, there might be some cases in which all transformations are accepted, yet some aspects of the design can result in a hard verification.

# svf\_datapath Example

The following example illustrates the setup required for Design Compiler synthesis verified using the datapath transformation guidance found in the SVF file.

For the synthesis run, instruct Design Compiler to write out SVF file datapath information by adding the set\_svf command to the beginning of your Design Compiler Tcl script. This is optional as Design Compiler creates a SVF file, by default.

After the Design Compiler run is complete, you have a file named test.svf and might have a directory randomly named dwsvf-xxxx (where xxxx is a random machine generated suffix) that contains a netlist representing the architectures of any multipliers or merged operators (for ultra-compilations only).

In the Formality script, reference the generated SVF file, as follows:

```
set svf_datapath true
set_svf test.svf
```

These commands allow Formality to use enhanced datapath verification. All other verification setups are done as if you didn't use this flow.

You can use the report\_guidance command to indicate which transformations were used in the verification. If you execute the command prior to the matching step, all transformations are marked as "Unprocessed."

In the following example, there were merged blocks due to a DC-Ultra compilation. Therefore, the files output by Design Compiler are gates.v, test.svf, and dwsvf\_29355-0/dwarchs-0.e.

| Status                                           |   | Мар               | Tree             | Share            | Me               | rge               | Total                                  |
|--------------------------------------------------|---|-------------------|------------------|------------------|------------------|-------------------|----------------------------------------|
| Accepted<br>Rejected<br>Unsupporte<br>Unprocesse |   | 12<br>0<br>0<br>0 | 1<br>0<br>0<br>0 | 0<br>0<br>0<br>0 | 2<br>0<br>0<br>0 | 15<br>0<br>0<br>0 | ( 100% )<br>( 0% )<br>( 0% )<br>( 0% ) |
| Total                                            | : | 12                | 1                | 0                |                  | 2                 | 15                                     |

report\_guidance -datapat -long

Chapter 5: Preparing the Design for Verification

# Working With the Automated Setup File

The automated setup file (.svf extension) provides a conduit for automatically conveying setup information to Formality. It enables Formality to correctly set up the verification with no intervention on your part. To use an automated setup file, you first enable the creation of the file in the implementation tool. Alternately, you can manually create an automated setup file. Then, you instruct Formality to read the file at the start of the verification process.

The benefit of this setup file is that it alleviates the need to enter setup information manually, a task that can be time-consuming and error prone. For example, during synthesis, a register might be duplicated to improve drive strength. This register duplication is recorded in the automated setup file. When Formality reads the .svf, it can account for the extra register during compare point matching and verification. For additional information on the automated setup file, refer to the *SVF User Guide*.

# **Creating an Automated Setup File**

In Design Compiler you can write out an automated setup file that describes the design changes. The commands that comprise an automated setup file script consist of an operation followed by the several options. The options can span several lines immediately following the operation. The operations are Tcl commands, and alternatively to including them in the .svf file, you can use them on the Formality command line as well.

This list shows the automated setup file operations that are written in Design Compiler and fully understood by Formality when you use the  $set\_svf$  command.

- Name Change Operations
  - change\_names
  - group
  - ungroup
  - uniquify
- Register Optimization Operations
  - fsm\_reencoding
  - reg\_constant

To create an automated setup file in Design Compiler, use the set\_svf command. For example, to invoke the setup file use

dc\_shell> set\_svf myfile.svf

If you want to append the setup information to an existing .svf, use the following syntax.

```
dc_shell> set_svf -append myfile2.svf
```

# **Reading an Automated Setup File Into Formality**

To read a .svf into Formality, use the  $set\_svf$  command. Because Formality uses the setup information in the setup file during matching as well as verification, the  $set\_svf$  command must occur before the match command in your Formality script. The following example reads in the setup file, myfile.svf.

```
fm_shell> set_svf myfile.svf
SVF set to `myfile.svf'.
1
fm_shell>
```

# Writing a Text Version of the Automated Setup File

You can instruct Formality to write a text file containing the information in the setup file you've set using the report\_guidance command. The report\_guidance command reports the name, and optionally the contents, of setup files you've set.

Use the following example to write out the automated setup file data to an unencrypted text file.

```
fm_shell > report_guidance
SVF hasn't been set.
1
fm_shell> set_svf myfile.svf
SVF set to `myfile.svf'.
1
fm_shell> report_guidance -to myfile_unencrypted.txt
SVF set to `myfile.svf'.
1
```

# **Reading in Multiple Automated Setup Files**

The commands in the .svf files describe transformations in an incremental fashion. The transformation occurs in the order in which the commands were applied as the RTL design was processed through design implementation or optimization. Therefore, the ability to read in multiple automated setup files is important as no command

in the file can be viewed completely independently because it describes the incremental transformation and is reliant on the context in which it is applied.

You can read multiple automated setup files into Formality using the set\_svf command. To order or instruct Formality to look for extensions other than .svf, use the -ordered or -extension options to the set\_svf command, respectively. The ability to read in multiple setup files is useful when you have run bottom-up synthesis on your designs, generating multiple setup files.

You use the -ordered option to indicate that the list of the automated setup files you specify are already ordered and should not be reordered by timestamp. If you use -ordered and list a directory or directories where the setup files are located, Formality might order the directory files in any order. The following example sets the order of two automated setup files, bot.svf and top.svf, for Formality to process:

set\_svf -ordered bot.svf top.svf

The -extension option will load and automatically order all matching files in the directory you define, based the extension you define. For example, Formality automatically looks for files with the .svf extension. If you have automated setup files in a directory with extensions other than .svf, you use this option to instruct Formality to read and order those files with that extension. The ordering of the files is done using timestamp information typically found in the setup file header information. Formality doesn't require the timestamp information to be in the header, and can use specific guide commands for passing timestamp information directly. See the following section for information on the guide commands.

Chapter 5: Preparing the Design for Verification

The following example instructs Formality to load and order setup files ending in fm in the fmdir directory:

set\_svf -extenstion fm fmdir

# **Automated Setup File Commands**

You can use the automated setup file Tcl guide commands on the Formality command line. You need to enter the guide mode (using the guide command) as the first step in Formality before you can manually enter the guide commands. The guide commands are

- guide\_architecture\_db
- guide\_architecture\_netlist
- guide\_change\_names
- guide\_datapath
- guide\_fsm\_reencoding
- guide\_group
- guide\_mc
- guide\_multiplier
- guide\_reg\_constant
- guide\_reg\_duplication
- guide\_reg\_merging
- guide\_transformation
- guide\_ungroup

- guide\_uniquify
- guide\_ununiquify

See the individual command's online man page for specific information on each command. For detailed information on the guide mode and examples using it, see the *SVF User Guide*.

# Using the Automated Setup File to Verify Multipliers

The arithmetic generator in Formality can create specific types of multipliers so the synthesized representation of your reference RTL more closely matches your gate implementation; thereby assisting with hard verification problems. This technique is particularly useful for the flat netlists where Formality cannot use the Data Path Solver (DPS) because it cannot identify the multipliers in the implementation.

For the traditional multiplier architectures supported by Design Compiler (CSA, NBW, and Wallace), the arithmetic generator can generate the appropriate multiplier architectures without any additional information. However, the more advanced multiplier architectures from Design Compiler (mcarch and csmult) are so customized for each instance that the arithmetic generator needs additional information from it.

Using the automated setup file flow, you can instruct Design Compiler to automatically create netlist Verilog files for each multiplier in the design when performing synthesis. Design Compiler will produce a Verilog file containing the netlist for all multipliers as well as generate the setup file. Formality will verify each of these multipliers with the DPS; if the multipliers pass verification, Formality will load them into the reference design. To instruct Design Compiler to generate the appropriate netlist files, append your script with the following information.

- 1. Set the enable\_dw\_multiplier\_in\_svf variable to true
- 2. Use the set\_svf command.

Along with the automated setup file, Design Compiler will produce a directory (which begins with +\_) containing a Verilog netlist. You must make both the setup file and the dwsvf directory available for the arithmetic generator to perform a successful verification.

See "Working With Multiplier Architectures" on page 5-61 for instructions on using the arithmetic generator in Formality.

You can view the contents of the Verilog netlist passed from Design Compiler to Formality with the report\_guidance command. Using the -to filename option causes architecture netlists found in the current automated setup file to be unencrypted. Formality copies the encrypted netlist files to filename.orig files and the unencrypted files overwrite the original netlists.

# **Automated Setup File Diagnostic Messages**

In order to assist expert users in debugging SVF file issues, a set of SVF diagnostic messages is written out to the transcript and the formality.log file.

Sometimes Formality may be unable to completely process the SVF information passed to it from Design Compiler. Since the SVF is an evolving format, at times specified transformations can have syntax issues (that are rejected by Formality) or can be superfluous.

Inaccurate or incomplete information is rejected, which may result in an inconclusive verification. Correcting the SVF information may help change an inconclusive verification to a successful verification.

The following items are reported in the SVF file:

- The SVF operation that had a problem.
- The line number in the SVF for this particular operation.
- The name of the missing design if the problem is due to the design not being found.
- The name of the missing cell name if the name cannot be found.
- Any transformations that cannot be applied for the change\_names or unquify commands.

Any unfound dwsvf directories referenced in the SVF file.

The following examples demonstrate SVF log messages:

```
SVF Operation 3 (line 36) - transformation (map) succeeded
SVF Operation 4 (line 47) - fsm
Info: Cannot find reference cell 'in_cur_reg[3]'. failed
SVF Operation 6 (line 93) - merging succeeded
```

Formality places the SVF diagnostic messages in the formality.log file.

# **SVF Conversion to Text**

Formality automatically converts the encrypted SVF information into ASCII text during the execution of the  $set\_svf$  command. The decrypted SVF file has the suffix .txt appended to the original file name.

# **Removing Information**

Situations can arise that call for removing information from the Formality session prior to verification. This section describes how to remove designs, design libraries, technology libraries, and containers.

#### **Removing Designs**

Note:

Before removing a design, be sure that its removal does not affect the verification of surrounding logic. Surrounding logic can depend on states generated inside the removed design.

To remove one or more designs from the Formality environment, do one of the following:

| fm_shell                                    | GUI                                                                             |
|---------------------------------------------|---------------------------------------------------------------------------------|
| Specify:                                    | Choose the Reference or Implementation tab, and then the Read Design Files tab. |
| remove_design [ -hierarchy ]<br>design_list | Choose the Verilog, VHDL, Edif, or DB tab as applicable to your design.         |
|                                             | Select the design you want to remove.                                           |
|                                             | Click Remove.                                                                   |

#### Note:

The remove\_design command is enabled during "setup" mode. After you have executed the set\_top command during the read-design flow as described in Chapter 4, Formality calls the set\_black\_box command when you specify remove\_design. The design is treated as a black box for verification.

# **Removing Design Libraries**

Note:

You cannot specify the remove\_design\_library command after you have executed set\_top during the read-design flow as described in Chapter 4. Formality issues an error.

To remove one or more design libraries from the Formality environment, do one of the following:

| fm_shell                              | GUI                                   |
|---------------------------------------|---------------------------------------|
| Specify:                              | At the Formality prompt, specify:     |
| remove_design_library<br>library_list | remove_design_library<br>library_list |

# **Removing Technology Libraries**

Note:

You cannot specify the remove\_library command after you have executed set\_top during the read-design flow as described in Chapter 4. Formality issues an error.

To remove one or more technology libraries from the Formality environment, do one of the following:

| fm_shell                                | GUI                                     |
|-----------------------------------------|-----------------------------------------|
| Specify:                                | At the Formality prompt, specify:       |
| remove_library [ -all ]<br>library_list | remove_library [ -all ]<br>library_list |

To remove a technology library from a specific container, specify the container name, as in the following example:

```
fm_shell (setup)> remove_library container1:/CBA_CORE
```

To remove a shared technology library from all containers, specify the technology library name without a container name, as follows:

```
fm_shell (setup)> remove_library CBA_CORE
```

# **Removing Containers**

To remove one or more containers from the Formality environment, do one of the following:

| fm_shell                                    | GUI                                                                      |
|---------------------------------------------|--------------------------------------------------------------------------|
| Specify:                                    | Choose Designs > Remove Reference or<br>Designs > Remove Implementation. |
| remove_container [ -all ]<br>container_list | Click Yes.                                                               |

From the fm\_shell, you can use the remove\_container to remove any container. The GUI only recognizes the default reference and implementation containers, named "r" and "i", respectively. Removing non-default containers does not affect what you see in the GUI.

You generally remove containers when you want to reset the reference or implementation and start over.

The GUI allows you to import data stored within non-default containers into the "r" or "i" containers. Refer to the section "Restoring Containers" on page 5-87.

# **Black Boxing Objects**

Black boxing designs can be beneficial when you are using a bottomup verification style for hierarchical designs. For example, during the course of verification, some large blocks in the lower levels of the design hierarchy might be successfully verified. Once verified, you might not want to spend time reverifying these subdesigns as you move up the hierarchy.

You can black box a design in one of three ways.

- After you have issued set\_top on your design, use the set\_black\_box command on the individual design blocks or technology cells from the design library that you want black boxed.
- Use the hdlin\_interface\_only variable before you begin to read in your design objects. Upon reading in the design, those objects you specified when setting the variable will be black boxed.
- Read in your design, then issue set\_top. If there are design references that can't be found, the default is to error out. If you set the hdlin\_unresolved\_modules variable to black\_box, Formality will black box those missing references.

# **Saving Information**

Situations can arise that call for saving information in the Formality session. This section describes how to save individual containers as well as how to save the entire Formality session.

# **Saving Containers**

Note:

You must execute the set\_top command on the designs within a container before you can save the container.

Occasionally, the time required to read a design into the Formality environment and link it can be great enough that you might not want to repeat the process. In such cases, you can save the container that holds the loaded design.

To save the current container to a file, do one of the following:

| fm_shell                                                                                     | GUI                                                                           |
|----------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------|
| Specify:                                                                                     | Choose Designs > Save Reference or Designs > Save Implementation.             |
| write_container<br>[ -r   -i   -container container ]<br>[ -replace ]<br>[ -quiet ] filename | Navigate to the file or specify it in the File<br>name text box.<br>Click OK. |

Issuing the write\_container command causes Formality to save the container to a file whose extension is .fsc. Formality does not save any environment or design parameters. For more information about this command, see the online man page.

# **Saving the Entire Formality Session**

Note:

You must execute the set\_top command on the designs within a session before you can save the session.

Sometimes you might find it necessary to save the entire Formality session. When you save a Formality session, you save all design data, environment parameter settings, and verification results in a single file.

To save a Formality session, do one of the following:

| fm_shell              | GUI                                                           |  |
|-----------------------|---------------------------------------------------------------|--|
| Specify:              | Choose File > Save Session.                                   |  |
| save_session filename | Navigate to the file or specify it in the File name text box. |  |
|                       | Click OK.                                                     |  |

Formality appends an .fss file name extension to the specified file name. If you do not supply directory information as part of the file name, Formality uses the current working directory.

Saving a session is useful when you read, set up, and verify the design by running Formality in batch mode and you want to use the GUI to interactively debug a failed verification. In such a case, you can save the session during the batch run and read it in later after invoking the GUI version of Formality. See section "Restoring Information" on page 5-87.

Saving the session is also useful for long debugging sessions. You can save the session and continue later when it is convenient to do so.

Note:

Only containers can be used between different Formality versions; sessions cannot. For archival purposes, or for sending protected information, use containers with the appropriate Formality run scripts.

Chapter 5: Preparing the Design for Verification

# **Restoring Information**

Formality allows you to restore information by reading previously saved containers or by reading in a previously saved Formality session. This section describes how to restore both types of data.

#### **Restoring Containers**

Note:

Containers saved from releases prior to Formality version 2002.03 must have been linked or verification will fail. In addition, you must execute set\_top on the designs within the pre-2002.03 containers before performing verification.

To restore a saved container, do one of the following:

| fm_shell                                                                            | GUI                                                                           |
|-------------------------------------------------------------------------------------|-------------------------------------------------------------------------------|
| Specify:                                                                            | Choose Designs > Restore Reference or<br>Designs > Restore Implementation.    |
| read_container<br>[ -r   -i   -container container_name ]<br>[ -replace ] file_name | Navigate to the file or specify it in the File<br>name text box.<br>Click OK. |

Issuing this command causes Formality to read the file and restore libraries to a container having the same name as the original saved container. For more information about this command, see the online man page.

In the GUI, you can only restore data saved within the default "r" and "i" containers. If you want to restore data located in non-default containers for viewing within the GUI, you must first import the data into the "r" or "i" container. Ensure that data currently located in the "r" or "i" container has been saved.

To import design data into the "r" or "i" container for viewing in the GUI, do the following:

- 1. Choose Designs > Choose New Reference or Designs > Choose New Implementation.
- 2. Select the design you want to import into "r" or "i."
- 3. Click OK.

# **Restoring a Session**

To restore a previously saved Formality session, do one of the following:

| fm_shell                  | GUI                                                                           |
|---------------------------|-------------------------------------------------------------------------------|
| Specify:                  | Choose File > Restore Session.                                                |
| restore_session file_name | Navigate to the file or specify it in the File<br>name text box.<br>Click OK. |

Issuing this command causes Formality to discard all information in the current session then restore all containers, design data, setup parameters, and verification results from the specified file. For more information about this command, see the online man page.

# **Compare Point Matching and Verification**

After you have prepared your verification environment and set up your design, you are ready to match compare points and then verify the design. This chapter describes how to match compare points and verify one design against another. It also offers some tips for batch verifications, interpreting results, and saving data.

This chapter includes the following sections:

- Matching Compare Points
- Performing Verification
- Reporting and Interpreting Results

This chapter's subject matter pertains to the boxes outlined in Figure 6-1.

Figure 6-1 Design Verification Process Flow Overview



Chapter 6: Compare Point Matching and Verification

# **Matching Compare Points**

Prior to verification, Formality must match compare points in the designs as described in section "Compare Points" on page 1-24. This occurs automatically when you specify the verify command. If automatic matching results in unmatched points, you must then view and troubleshoot the results. Unmatched compare points may result in non-equivalence of the two designs.

Formality allows you to match compare points in a separate step prior to specifying the verify command. This allows you to iteratively debug unmatched compare points, as follows:

- Perform compare point matching.
- Report unmatched points.
- Modify or undo results of the match, as needed.
- Debug the unmatched compare points.
- Repeat these steps incrementally, as needed, until all compare points are matched.

Performing compare point matching changes the operational mode from "setup" to "match" even if matching was incomplete. Ensure that you have properly set up your design as specified in Chapter 5, "Preparing the Design for Verification," because the following commands and variables cannot be changed in the matched state:

```
set_cutpoint
remove black box
remove_constant
remove_cutpoint
remove design
remove inv push
remove_object
remove_parameters -resolution -retimed -all_parameters
remove resistive drivers
rename_object
set black box
set constant
set_direction
set equivalence
set fsm encoding
set_fsm_state_vector
set inv push
set parameters -resolution -retimed
ungroup
uniquify
verification_assume_reg_init
verification_auto_loop_break
verification clock gate hold mode
verification_constant_prop_mode
verification_inversion_push
verification merge duplicated registers
verification set undriven signals
verification_use_partial_modeled_cells
```

You can return to setup mode using the setup command, but all points matched during match mode will no longer be matched.

Chapter 6: Compare Point Matching and Verification

# **Performing Compare Point Matching**

To match compare points, do one of the following:

| fm_shell                   | GUI                            |
|----------------------------|--------------------------------|
| Specify:                   | Click the Match button.        |
| match -datapath -hierarchy | Click the Run Matching button. |

This command attempts to match only unmatched points. Previously matched points are not processed again. Prior to compare point matching, you can create compare rules; refer to section "Matching With Compare Rules" on page 7-18.

The matching results from incremental matching can differ from those you receive when you run the match command once after fixing all setup problems. For example, suppose your last setup change implements a compare rule that helps match the last remaining unmatched points. This same rule might force incorrect matches or prevent matches if you had implemented it at the beginning of the matching process.

Also, you can instruct Formality to match datapath blocks or all hierarchical blocks during compare point matching by using the -datapath or -hierarchy option, respectively. By default, if you don't set these options, no datapath or hierarchical blocks will be matched during compare point matching.

You can interrupt matching by pressing Control-c. All matched points from the interrupted run remain matched.

To return to "setup" mode, specify the setup command in the fm\_shell or at the GUI's Formality prompt. This allows you to use commands and variables disabled in the matched state. This

command does not remove any compare rules or user matches. Use the remove\_compare\_rules command and the remove\_user\_match command to get rid of those previously set values. Existing compare rules and user matches will be used again during the next match.

#### **Reporting Unmatched Points**

An unmatched point is a compare point in one design that was not matched to a corresponding point in the other design. You must match all compare points before a verification will succeed unless the unmatched compare points do not affect downstream logic.

After each match iteration, examine the results to see which compare points remain unmatched.

To report unmatched points, do one of the following:

| fm_shell                                                                                                                                                                                                                                                     | GUI                               |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|
| Specify:<br>report_unmatched_points<br>[ -compare_rules ] [ -datapath ]<br>[-substring string ]<br>[ -point_type point_type ]<br>[ -status status ] [ -except_status status ]<br>[ -method matching_method ] [ -last ]<br>[ [ -type ID_type ] compare_point] | Choose the Match > Unmatched tab. |

This command reports compare points, input points, and higher-level matchable objects that are unmatched. Use the options to filter the report as desired. Refer to the online man page for more information.

To view a list of matched points, specify the report\_matched\_points command or view the Match > Matched window in the GUI. This report shows matched design

Chapter 6: Compare Point Matching and Verification

objects (such as inputs) as well as matched compare points. You can specify a filter to report only the matched compare points, or view the Match > Summary window. Refer to the online man page for details.

# **Undoing Matched Points**

To undo the results of the match command, do one of the following:

| fm_shell          | GUI                               |
|-------------------|-----------------------------------|
| Specify:          | At the Formality prompt, specify: |
| undo_match [-all] | undo_match [-all]                 |

This command returns all points matched during the most recent match command back to their unmatched state. It returns you to the matched state achieved by the next previously specified match command. The -all option specifies to undo all matches.

You remain in the matched state even if you undo the first match or specify the -all option. To return to the setup state, specify the setup command in fm\_shell or at the GUI's Formality prompt.

This command is especially useful when you have made changes that did not achieve the results you desired for compare point matching.

# **Debugging Unmatched Points**

After you report the unmatched compare points, you can use any or all of the following user-specified techniques to match them:

• Renaming user-supplied names or mapping file

- Matching with user-supplied names
- Matching with compare rules
- Matching with name subset

Each matching technique is described in detail in section "Unmatched Points" on page 7-14.

Note:

In Verilog and VHDL files, unmatched compare points can be caused by a difference between the bus naming scheme and the default naming conventions. See "Changing Bus Naming and Dimension Separator Styles" on page 4-6.

If the number of unmatched points in the reference and implementation designs is the same, the likely cause is an object name change.

If the number of unmatched points in the reference and implementation designs is different, you might need to perform additional setup steps. For example:

- You might have a black box in one design but not in the other.
- An extra compare point in the implementation design might be caused by a design transformation that created extra logic.
- An extra compare point in the reference design may be a result of ignoring a full\_case directive in the RTL code.

Table 6-1 shows that actions you can take for unmatched compare points.

| Table 6-1 | Unmatched | Compare | Points Action |
|-----------|-----------|---------|---------------|
|-----------|-----------|---------|---------------|

| Symptom                                                                  | Possible cause                                 | Action                                                                                      |
|--------------------------------------------------------------------------|------------------------------------------------|---------------------------------------------------------------------------------------------|
| Same number of<br>unmatched points in<br>reference and<br>implementation | -Names have undergone<br>a transformation      | set_user_match command.                                                                     |
|                                                                          |                                                | Write and test compare rule.                                                                |
|                                                                          |                                                | Modify name match variables.                                                                |
|                                                                          |                                                | Turn on signature analysis.                                                                 |
|                                                                          |                                                | For all, see section "Unmatched Points" on page 7-14.                                       |
| More unmatched points in reference than in implementation                | -Unused cells                                  | No action necessary.                                                                        |
|                                                                          | -Ignoring a full_case<br>directive in RTL code | Set hdlin_ignore_full_case to false.                                                        |
|                                                                          | -Black box was created for missing cells       | Reread reference design including the missing cells.                                        |
|                                                                          |                                                | Make black box in implementation.                                                           |
| More unmatched points in implementation than in reference                | -Design transformation<br>created extra logic  | Account for design transformation.<br>See section "Design<br>Transformations" on page 7-27. |
|                                                                          | -Black box was created for missing cells       | Reread reference design including the missing cells.                                        |
|                                                                          |                                                | Make black box in reference.                                                                |

#### **How Formality Matches Compare Points**

As described in section "Compare Points" on page 1-24, compare point matching is either named-based or non-name-based. The following matching techniques occur by default when you match compare points.

Name-based matching:

- Exact-name matching
- Compare point matching based on net names
- Name filtering

Non-name-based matching:

- Topological equivalence
- Signature and topological analysis

These matching techniques are executed in the following order:

- Exact-name matching
- Name filtering
- Topological equivalence
- Signature analysis
- Compare point matching based on net names

Note:

Four other user-specified matching techniques are also available, but you normally use them to debug unmatched points. For more information, see "Unmatched Points" on page 7-14.

Once a technique succeeds in matching a compare point in one design to a compare point in the other design, that compare point becomes exempt from processing by other matching techniques.

All name matching in Formality is case-insensitive. The following sections describe each default compare point matching technique.

Table 6-2 lists variables that control matching. Some are described in the following sections. Refer to the online man pages for details.

| Variable name                                      | Default                             |
|----------------------------------------------------|-------------------------------------|
| name_match                                         | all                                 |
| name_match_allow_subset_match                      | strict                              |
| name_match_based_on_nets                           | true                                |
| name_match_filter_chars                            | `~!@#\$%^&*()_+=<br> \{}[]":;<>?,./ |
| name_match_flattened_hierarchy_<br>separator_style | /                                   |
| name_match_multibit_register_reverse_order         | false                               |
| name_match_use_filter                              | true                                |
| signature_analysis_match_primary_input             | true                                |
| signature_analysis_match_primary_output            | false                               |
| signature_analysis_match_compare_points            | true                                |
| verification_blackbox_match_mode                   | any                                 |

#### **Exact-Name Matching**

Formality matches unmatched compare points by exact casesensitive name matching, then by exact case-insensitive name matching. The exact-name matching technique is used by default in every verification. Using this algorithm, Formality matches all compare points that have the same name both in reference and implementation designs.

For example, the following design objects are matched automatically by the Formality exact-name matching technique:

```
Reference: /WORK/top/memreg(56)
Implementation: /WORK/top/MemReg(56)
```

To control whether compare point matching uses object names or relies solely on function and topology to match compare points, specify the name\_match variable, as follows:

| fm_shell                     | GUI                                                       |
|------------------------------|-----------------------------------------------------------|
| Specify:                     | Click the Match button                                    |
| set name_match               | Click the Modify Formality Shell Variable toolbar button. |
| [ all   none   port   cell ] | Select name_match.                                        |
|                              | Under the Value prompt, choose all, none, port, or cell.  |
|                              | Click OK.                                                 |

The default value "all" enables all name-based matching. You can also specify "none," "port," and "cell." The value "none" ensures that all name-based matching is disabled, except for the primary inputs. The value "port" enables name-based matching of top-level output ports. The value "cell" enables name-based matching of registers and other cells, including black box input and output pins.

The name\_match\_multibit\_register\_reverse\_order variable reverses the bit order of the bits of multibit registers during compare point matching. The default is false, meaning that the order of the bits of multibit registers is not reversed. Formality automatically matches multibit registers to their corresponding single-bit counterparts based on their name and bit order. If the bit order has been changed after synthesis, you must set this variable to true. The value true means that the order of the bits of multibit registers is reversed. For more information about Formality multibit support, see section "Supporting Multibit Library Cells" on page 5-5. In the GUI, you access this variable from the same window that appears in step 2 for name\_match previously described.

Chapter 6: Compare Point Matching and Verification

# **Name Filtering**

After exact-name matching, Formality attempts filtered caseinsensitive name matching. Compare points are matched by filtering out some characters in the object names.

To turn off the default filtered-name matching behavior, do one of the following:

| fm_shell                        | GUI                                                       |
|---------------------------------|-----------------------------------------------------------|
| Specify:                        | Click the Match button.                                   |
| set name_match_use_filter false | Click the Modify Formality Shell Variable toolbar button. |
|                                 | Select name_match_use_filter.                             |
|                                 | Under the Value prompt, check false.                      |
|                                 | Click OK.                                                 |

The name\_match\_use\_filter variable is supported by the name\_match\_filter\_chars variable, which lists all the characters that are to be replaced by an underscore (\_) character during the name-matching process.

Filtered name matching requires that any nonterminating sequence of one or more filtered characters in a name must be matched by a sequence of one or more filtered characters in the matched name.

For example, the following design object pairs are matched automatically by the Formality name-filtering algorithms:

```
Reference: /WORK/top/memreg__[56][1]
Implementation: /WORK/top/MemReg_56_1
Reference: /WORK/top/BUS/A[0]
Implementation: /WORK/top/bus_a_0
```

The following design objects are not matched by the Formality namefiltering algorithms:

```
Reference: /WORK/top/BUS/A[0]
Implementation: /WORK/top/busa_0
```

```
You can remove or append characters in the name_match_filter_chars variable. The default character list is `~!@#$%^&*()_-+=|\[]{}"':;<>?,./
```

For example, the following command resets the filter characters list to include "V":

```
fm_shell (match)> set name_match_filter_chars \
    {~!@#$%^&*()_-+=|\[]{}"':;<>?,./V}
```

# **Topological Equivalence**

Formality attempts to match the remaining unmatched compare points by topological equivalence. In other words, if the cones of logic driving two unmatched compare points are topologically equivalent, those compare points are matched.

# **Signature Analysis**

Signature analysis is an iterative analysis of the compare points' functional and topological signatures. Functional signatures are derived from random pattern simulation; topological signatures are derived from fanin cone topology.

The signature analysis algorithm uses simulation to produce output data patterns, or signatures, of output values at registers. The simulation process in signature analysis is used to uniquely identify a controlled node.

Chapter 6: Compare Point Matching and Verification

For example, if a particular vector makes a certain register pair go to a 1 and all other controlled registers go to a 0 in both designs, then signature analysis has completed one match.

For signature analysis to work, the primary input ports from both designs must have matching names or you must have manually matched them by using the set\_user\_match, set\_compare\_rule, or rename\_object command.

During signature analysis Formality will also automatically attempt to match previously unmatched datapath and hierarchical blocks and their pins. To turn off automatic matching of datapath or hierarchical blocks and pins, set the

signature\_analysis\_match\_datapath or signature\_analysis\_match\_hierarchy variable to false, respectively. If you notice a performance decrease when running hierarchical verification, you can change the setting of signature\_analysis\_match\_hierarchy to false.

Signature analysis in Formality works well if the number of unmatched objects is limited, but the algorithm is less likely to work if there are thousands of compare point mismatches. To save time in such a case, you can turn off the algorithm by doing one of the following:

| fm_shell                              | GUI                                                       |
|---------------------------------------|-----------------------------------------------------------|
| Specify:                              | Click the Match button.                                   |
| set signature_analysis_matching false | Click the Modify Formality Shell Variable toolbar button. |
|                                       | Select signature_analysis_matching.                       |
|                                       | Click the false choice button.                            |
|                                       | Click OK.                                                 |

By default, signature analysis does not try to match primary output ports. However, you can specify the matching of primary outputs by setting the signature\_analysis\_match\_primary\_output variable to true. In addition, signature analysis does try to match primary input ports. Set the signature\_analysis\_match\_primary\_input variable to false to disable this matching. In the GUI, these variables are located in the window that appears in step two for the signature\_analysis\_match\_compare\_points variable described earlier.

You might be able to reduce matching runtimes by writing a compare rule rather than disabling signature analysis. Compare rules, for example, work well if there are extra registers in both the reference and implementation designs. See section "Matching With Compare Rules" on page 7-18.

# **Compare Point Matching Based on Net Names**

Formality matches any remaining unmatched compare points by exact and filtered matching on their attached nets. Matches can be made through either directly attached driven or driving nets.

To turn off net name-based compare point matching, do one of the following:

| fm_shell                           | GUI                                                       |
|------------------------------------|-----------------------------------------------------------|
| Specify:                           | Click the Match button.                                   |
| set name_match_based_on_nets false | Click the Modify Formality Shell Variable toolbar button. |
|                                    | Select name_match_based_on_nets.                          |
|                                    | Unclick Use net names.                                    |
|                                    | Click OK.                                                 |

For example, the following design objects have different names:

Reference: /WORK/top/memreg(56) Implementation: /WORK/top/MR(56)

Formality cannot match them by using the exact-name matching technique. If nets driven by output of these registers have the same name, Formality will match the registers successfully.

# **Performing Verification**

When you issue the verify command Formality attempts to prove design equivalence between an implementation design and a reference design. This section describes how to verify a design or a single compare point, as well as how to perform traditional hierarchical verification and batch verifications.

# Verifying a Design

To verify the implementation against the reference, do one of the following:

| fm_shell                                                                    | GUI                                                      |
|-----------------------------------------------------------------------------|----------------------------------------------------------|
| Specify:<br>verify<br>[ reference_designID ]<br>[ implementation_designID ] | Click the Verify button.<br>Click the Verify All button. |

If you omit the reference and implementation design IDs from the command, Formality uses the reference and implementation designs you specified when you read in your designs. See section "Reading in Libraries and Designs" on page 4-3 for more information.

If you did not match compare points prior to verification as described in section "Matching Compare Points" on page 6-3, the verifycommand first matches compare points then checks equivalence. If all compare points are matched and no setup changes have been made, verification moves directly to equivalence checking without rematching.

If matching was performed but there are still unmatched points or the setup was altered, Formality attempts to match remaining unmatched points prior to equivalence checking. The verify command does not re-match already matched compare points.

To force the verify command to rematch everything, specify the undo\_match -all command beforehand.

Formality makes an initial super-low-effort verification attempt on all compare points before proceeding onto the remaining compare points with matching hierarchy by signature analysis and high-effort verification. This can significantly improve performance by quickly verifying the easy-to-solve compare points located throughout your designs. The

verification\_super\_low\_effort\_first\_pass variable set to true (the default) controls the default behavior of the verify command to run this super-low-effort verification first. Afterwards, Formality proceeds with verifying all the remaining compare points.

Verification automatically runs in incremental mode, controlled by the verification\_incremental\_mode variable (true by default). Each verify command attempts to verify only compare points in the unverified state. This means after the verification is completed or has stopped, upon reissue of verify, the status of previously passing and failing points is retained and verification continues for unverified points. If matching setup has changed through use of set\_user\_match or set\_compare\_rule, Formality determines

Chapter 6: Compare Point Matching and Verification

which compare points are affected, moves them to the unverified state, and reverifies them. In addition, if the verification\_effort\_level has increased, points that were aborted due to complexity will also be reverified. To force verify to re-verify all compare points, use the command's -restart option.

If you don't want Formality to independently verify blocks under a certain level, use the -level option. This causes Formality to ignore hierarchical boundaries underneath the level you set. You should use this option only if you have a reason to know that certain hierarchical boundaries below the level you specified have not been preserved. Use this option with caution because if you use it incorrectly, it can negatively impact verification performance.

For more information on the verify command, see the online man page. For information on how to interpret results, see "Reporting and Interpreting Results" on page 6-33.

#### Verifying a Single Compare Point

Single compare point verification is useful when you have trouble verifying a complete design and you have isolated problem areas in the implementation.

To verify a single compare point, do one of the following:

| fm_shell                                                    | GUI                                 |
|-------------------------------------------------------------|-------------------------------------|
| Specify:                                                    | Click the Verify button.            |
| verify [ type type ]                                        | Select a compare point in the list. |
| verify [ -type type ]<br>objectID_1 objectID_2<br>-inverted | Click Verify Selected Point.        |
| [ -constant0   -constant1 ]                                 |                                     |

Sometimes design objects of different type share the same name. If this is the case, change the  $-t_{ype}$  option to the unique object type. For more information about this command, see the online man page.

Besides verifying single compare points between two designs, you also can verify two points in the same design, or verify an inverted relationship between two points. To verify that a certain output port has the same value as a certain input port in the same design, use the command

```
verify $impl/input_port $impl/output_port
```

To verify an inverted relationship between two given points, use the -inverted switch to the verify command.

You also can verify a single compare point with a constant 1 or 0. Using either the -constant0 or -constant1 option to the verify command causes Formality to treat a point that evaluates to a constant as a special single compare point during verification. You can access this functionality through the GUI when you are in the Match or Verify steps buy using the Run pull-down menu from the main window menu bar. For more information on -constant, see the verify command online man page.

To verify a subset of compare points, refer to section "Removing Compare Points from the Verification Set" on page 6-20. For information on how to interpret results, see "Reporting and Interpreting Results" on page 6-33.

#### **Removing Compare Points from the Verification Set**

You can elect to remove any matched compare points from the verification set. This is useful when you need to pinpoint problems in a failed verification.

To prevent Formality from checking for design equivalence between two objects that constitute a matched compare point, do one of the following:

| fm_shell                                                               | GUI                                                                    |
|------------------------------------------------------------------------|------------------------------------------------------------------------|
| Specify:                                                               | At the Formality prompt, specify:                                      |
| set_dont_verify_point<br>[ -type ID_type ]<br>[ object_1 [ object_2 ]] | set_dont_verify_point<br>[ -type ID_type ]<br>[ object_1 [ object_2 ]] |

When you specify an object belonging to a matched compare point set, the second object is automatically disabled. Sometimes design objects of different types share the same name. If this is the case, change the  $-t_{ype}$  option to the unique object type. See the online man page for details.

Specify instance-based path names or objectIDs for compare points in the reference and implementation. Black boxes and hierarchical blocks are not compare points, but black box input pins are compare points.

Specify the remove\_dont\_verify\_point command to undo the effect of the set\_dont\_verify\_point on specified objects; that is, to add them to the verification set again.

Specify report\_dont\_verify\_points to view a list of points disabled by the set\_dont\_verify\_point command. These commands accept instance-based path names or objectIDs. Refer to the online man pages for more information about these commands.

## **Controlling Verification Runtimes**

In addition to the

signature\_analysis\_match\_compare\_points variable described in section "Signature Analysis" on page 6-14, an environment variable exists that you can use to limit verification runtimes.

To control the verification time limit, do one of the following:

| fm_shell                                         | GUI                                                                                                                                         |
|--------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:<br>set verification_timeout_limit value | Click the Verify button.<br>Click the Modify Formality Shell Variable<br>toolbar button.<br>Under the Value prompt, type the time<br>value. |
|                                                  | Click OK.                                                                                                                                   |

The verification\_timeout\_limit variable sets a maximum wall-clock time (not CPU time) limit on the verification run. Be careful when using this variable, because Formality halts the verification when it reaches the limit regardless of the state of the verification.

In addition, you can also lessen runtimes by using the verification\_failing\_point\_limit variable in the fm\_shell or Verify > Modify Formality Shell Variable window. This variable specifies the maximum number of failing compare points allowed before Formality halts the verification process.

For more information on these environment variables, see the online man pages.

Chapter 6: Compare Point Matching and Verification

# **Distributing Verification Processes**

You can execute Formality verification processes in parallel across several CPUs to increase performance. The following sections describe a typical user flow when working with parallel verification.

# Setting Up the Distributed Environment

You must set the default working directory to FM\_WORK/server, as this is the storage area for all the files required for exchanging data and information between the various machines. Make sure that the directory is accessible to each machine involved in the distributed process and that each machine is able to read from and write to this directory. If this directory is not accessible from any one of the servers, or you want to use another directory as a working directory, you must change the working directory with the distributed\_work\_directory TCL variable. For example:

```
fm_shell (setup)> set distributed_work_directory /home/
myname/
dist/work
```

You specify the working directory using an absolute path name starting from the root of the system. Relative paths are not supported.

After you set the working directory, you have two options for specifying distribution. First, you can populate the distributed servers list. For example:

```
fm_shell (setup)> add_distributed_processors {pandora
hermes}
```

After defining the distributed servers list, you will receive messages from Formality similar to the following:

Arch: sparc 64, Users: 22, Load: 2.18 2.14 2.17 Arch: sparc 64, Users: 1, Load: 1.45 1.41 1.40

For each machine, Formality checks that fm\_shell can be started on the remote machine; that the release version matches the master; and that the distributed\_work\_directory is accessible. Formality prints the type of platform (architecture), the number of users currently logged on that machine, and the load average. There is a limit to the number of servers that you can add; you can have one master, with four additional CPUs during verification. To avoid starting more distributed servers than the number of available processors, determine the number of processors on that machine.

A second option for specifying distribution is to specify an LSF executable along with the number of servers. For example:

```
add_distributed_processors -lsf bsub_exec -nservers d -
toptions
"optionslist"
```

If using the *-lsf* option, you need to specify the path to the LSF submission executable.

You can use the report\_distributed\_processors command to report the list of servers. For example:

Chapter 6: Compare Point Matching and Verification

Formality lists the name of the machine and its architecture; one line per server. It also displays the working directory in the report along with the type of executable in use (32 bit or 64 bit). The master machine automatically determines the executable type, subject to the setting of the distributed\_64bit\_mode TCL variable. This variable is false by default; therefore, spawned servers will run a 32bit executable by default.

On occasion you might want to remove a server from the server list, for instance if you have an overloaded machine. In this situation, you use the remove\_distributed\_processors command to remove servers from the server list. For example:

### When you add servers and set the Tcl variable

distributed\_verification\_mode to enable (the default), the verify command will execute in distributed mode:

fm\_shell (setup)> verify ref:/WORK/test imp:/WORK/test

At the end of the verification, Formality reports verification results in the same format as in serial process mode.

If unexpectedly one server process dies (for example, due to an internal error or system problem), the entire <code>verify</code> command is immediately terminated.

# **Verifying Your Environment**

Whenever Formality starts a distributed server, it executes fm\_shell. Your \$PATH environment variable must be able to find fm\_shell on each distributed host.

**Remote Shell Considerations.** Formality relies on the rsh (remsh for HP platforms) UNIX command to start a process on a remote machine. This command runs the login shell on the remote host and executes your shell initialization file. Interactive commands, run-time errors, and environment settings can cause remote execution to fail. The following notes can help diagnose such problems.

You need to have special privileges to start a distributed process with an rsh (or remsh) command. In many UNIX installations, those privileges are given by default; however, the system administrator might have changed them. If you experience a problem starting servers and suspect it is due to a problem with rsh, you can test remote execution from the Unix shell command prompt using the following command:

```
UNIX> rsh <distributed_server_machine> fm_shell
```

If you get an error message, its cause might be either commands or environment settings in your shell initialization file or privilege settings that prevent you from executing a remote shell. **Tuning Shell Resource File.** Be aware of what is in your shell initialization file (.cshrc, .profile, and so on) to avoid having shell commands that have the following behavior:

- Interacts with the user (that is, the shell asking you to enter something from the keyboard). Because you won't have the ability to answer (distributed processes are not interactive), it is possible that the process will hang waiting for an answer to a question it won't see.
- Requires some GUI display. The DISPLAY environment variable will not be set on the servers. X Windows clients will fail.

If you have any trouble using add\_distributed\_processors, you might want to have a dedicated shell initialization file for running distributed tasks.

### **Interrupting Verification**

To interrupt verification, press Control-c. Formality preserves the state of the verification at the point you interrupted processing, and you can report the results. You also can interrupt Formality during automatic compare point matching.

### **Performing Hierarchical Verification**

By default, Formality incorporates a hybrid verification methodology that combines the easy setup associated with flat verification with the benefits of traditional hierarchical performance capacities. From a user perspective, Formality appears to be performing a flat verification, regardless of the design hierarchy, and all results are presented in the context of the flat top-level design. Formality allows you to perform a traditional hierarchical verification, which can be helpful when you want to view explicit, block-by-block hierarchical results.

To perform traditional hierarchical verification, do one of the following:

| fm_shell                                                                                                                                                                                                       | GUI                                                                                                                                                                                                            |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:                                                                                                                                                                                                       | Specify:                                                                                                                                                                                                       |
| write_hierarchical_verification_script<br>[ -replace ] [ -noconstant ]<br>[ -noequivalence ]<br>[ -match type ]<br>[ -save_directory pathname ]<br>[ -save_file_limit integer ]<br>[ -level integer ] filename | write_hierarchical_verification_script<br>[ -replace ] [ -noconstant ]<br>[ -noequivalence ]<br>[ -match type ]<br>[ -save_directory pathname ]<br>[ -save_file_limit integer ]<br>[ -level integer ] filename |

This command generates an editable Tcl script that you can source to perform traditional hierarchical verification. You can customize this script to verify specific blocks, as well as specify constraining context information on instantiated blocks. Refer to the man page for more information on this command.

The Tcl script specifies to initially attempt verification on comparable lower hierarchical blocks in their isolated context. Verification starts at the lowest levels of hierarchy and works upward. Explicit setup commands are generated to capture top-level context.

The script specifies to verify each block once, regardless of the number of instantiations. It reports the verification result for each block in a text file, which is concatenated to the transcript. By default, for each matched block for the current top-level implementation and reference designs, the Tcl script:

- Generates black boxes for matched subdesigns.
- Removes unused compare points.
- Sets port matches for ports matched by means other than their names.
- Sets input port constants. Override this behavior by specifying the -noconstant option.
- Sets input port equivalences for unmatched input ports known to be equivalent to other matched ports. Override this behavior by specifying the -noequivalence option.
- Verifies the target block as a top-level design.
- Saves the Formality session if the verification fails. Override this behavior by specifying the -save\_file\_limit option.

The script ignores inconsistent setup information for port matches, constants, and equivalencies, and a comment appears in the generated script.

### The script produced by

write\_hierarchical\_verification\_script is designed to run in the same session that it is created. If you run the hierarchical verification script separately, you must manually insert commands that read and link the reference and implementation designs.

## **Using Batch Jobs**

Running Formality shell commands in a batch job can save you time in situations where you have to verify the same design more than once. You can assemble a stream of commands, or script, that sets up the environment, loads the appropriate designs and libraries, performs the verification, and tests for a successful verification. Any time you want to control verification through automatic processing, you can run a batch job.

# **Starting Verification**

Given a sequence of fm\_shell commands, you can start the batch job several different ways.

• Enter fm\_shell commands one at a time as redirected input. For example, from the shell, use commands in the following form:

```
% fm_shell << !
? shell_command
? shell_command
? shell_command
.
.
.
? shell_command
? !</pre>
```

• Store the sequence of commands in a file and source the file using the Tcl source command. For example, from the shell, use a command in the following form and supply a .csh file that contains your sequence of fm\_shell commands:

% source file

Note:

Be sure that your .csh file starts by invoking Formality and includes the appropriate controls to redirect input.

 Submit the file as an argument to the -f option when you invoke Formality from the shell. For example, from the shell, use a command in the following form and supply a text file that contains your sequence of fm\_shell commands:

```
% fm_shell -f my_commands.fms
```

The output Formality produces during a batch job is identical to that of a verification performed from the shell or GUI. For information on how to interpret results, see "Reporting and Interpreting Results" on page 6-33.

# **Controlling Verification**

In your script, you can provide control statements that are useful in concluding verification. In particular, you can take advantage of the fact that fm\_shell commands return a 1 for success and a 0 for failure. Given this, the following set of commands at the end of your script can direct Formality to perform diagnosis, report the failing compare points, and save the session, should verification fail.

```
if {[verify]!=1} {
    diagnose
    report_failing_points
    cd ..
    save_session ./saved_state
}
```

# **Interrupting Verification**

To interrupt the batch job, press Control-c from the shell. Doing so causes script processing to stop. Any Formality process interrupted is immediately stopped, and no intermediate results are retained. Note that it is not possible to have Formality continue verification from the point of interruption.

## **Verification Progress Reporting**

You can specify how much time you want to elapse between each progress report using the

verification\_progress\_report\_interval variable. During long verifications, Formality issues a progress report every 30 minutes. For updates more or less frequently, you can the value of this variable in minutes to the desired interval.

# **Reporting and Interpreting Results**

As part of your troubleshooting efforts, Formality allows you to report on passing, failing, unverified, and aborted compare points. Do one of the following:

| fm_shell                                                   | GUI                                                                                     |
|------------------------------------------------------------|-----------------------------------------------------------------------------------------|
| Specify any of the following commands:                     | Choose the Debug button.                                                                |
| report_passing_points [ -point_type point_type ]           | Choose the Passing Points, Failing Points,<br>Aborted Points, or Unverified Points tab. |
| report_failing_points<br>[ -point_type                     |                                                                                         |
| report_failing_unverified [ -point_type point_type ]       |                                                                                         |
| report_aborted_points<br>[ -point_type <i>point_type</i> ] |                                                                                         |

Use the -point\_type option to filter the reports for specific object types, such as ports and black box cells. Refer to the online man page for a complete list of objects you can specify.

From the fm\_shell, Formality displays information to standard output. This information is updated as the verification proceeds. From the transcript, you can see which design is being processed and observe the results of the verification. In the GUI, the transcript is displayed in the transcript area.

During verification, Formality assigns one of three types of status messages for each compare point it identifies:

### Passing

A passing point represents a compare point match that passes verification. Passing verification means that Formality determined that the functions that define the values of the two compare point design objects are functionally equivalent.

### Failing

A failing point represents a compare point match that does not pass verification or does not consist of two design objects. Failing verification means that Formality determined that the two design objects that constitute the compare point are not functionally equivalent.

### Unverified

A compare point that has not yet been verified. Unverified points occur during the verification process when the failing point limit has been reached or a wall-clock time limit is exceeded. Formality normally stops verification once 20 failing points have been found.

### Aborted

An aborted point represents a compare point that Formality did not determine as either passing or failing due to a combinational loop that Formality cannot break automatically, or when the compare point is too difficult to verify. Based on the preceding categories, Formality classifies final verification results in one of the following ways:

Succeeded

The implementation was determined functionally equivalent to the reference design. All compare points passed verification.

Failed

The implementation was determined not functionally equivalent to the reference design. Formality could not successfully match all design objects in the reference design with comparable objects in the implementation, or at least one design object in the reference design was determined nonequivalent to its comparable object in the implementation (a compare point failure).

If verification is interrupted, either because you press Control-c or a user-defined time-out occurs (such as the CPU time limit), and if at least one failing point was detected prior to the interruption, it is still reported as a verification failure.

Inconclusive

Formality could not determine whether the reference design and implementation are equivalent. This situation occurs in the following cases:

- A matched pair of compare points was too difficult to verify, causing an "aborted" compare point, and no failing points were found elsewhere in the design.
- The verification was interrupted, either because you pressed Control-c or a user-defined time-out occurred, and no failing compare points were detected prior to the interruption.

For information on what to look for when you have an inconclusive verification due to an aborted compare point, see "Handling Designs That Don't Complete Verification" on page 7-4.

If a verification is inconclusive because it was interrupted, partial verification results might still be available. You can create reports on the partial verification results.

7

# **Debugging Failed Design Verifications**

This chapter describes procedures that help you find problem areas in a design that fails verification.

It contains the following sections:

- Debugging Process Flow
- Gathering Information
- Handling Designs That Don't Complete Verification
- Determining Failure Causes
- Debugging Using Diagnosis
- Debugging Using Logic Cones
- Eliminating Setup Possibilities
- Working With Schematics

- Working With Logic Cones
- Working With Failing Patterns

This chapter's subject matter pertains to the box outlined in Figure 7-1.

Figure 7-1 Design Verification Process Flow Overview



Chapter 7: Debugging Failed Design Verifications

# **Debugging Process Flow**

Figure 7-2 shows an overview of the debugging process as described in this chapter. The debugging process for cell library verification is described in Chapter 8, "Cell Library Verification."

Figure 7-2 Debugging Process Flow Overview



# **Gathering Information**

When a verification run reports that the designs are not equivalent, failure is due either to an incorrect setup or to a logical design difference between the two designs. Formality provides information that can help you determine the cause of the verification failure. The information sources are the following:

- The transcript window provides information on verification status, black box creation, and simulation/synthesis mismatches.
- The formality.log file provides a complete list of black boxes in the design, assumptions made about directions of black box pins, and a list of multiply driven nets.
- Reports contain data on every compare point that affects the verification output. These reports are named report\_failing, report\_passing, and report\_aborted.

This chapter describes when and how to use the various information sources during the debugging process.

# Handling Designs That Don't Complete Verification

Occasionally, Formality encounters a design that cannot be verified because it is particularly complex. For example, asynchronous state-holding loops can cause Formality to abort verification if you did not check for their existence prior to executing the verify command. (Refer to section "Eliminating Asynchronous State-Holding Loops" on page 5-10.)

The following steps provide a strategy to apply when verification won't finish due to a design difficulty. Note that these steps are different from those presented in section "Determining Failure Causes" on page 7-7, which describes what to do when verification finishes, but fails.

### Note:

Incomplete verifications can occur when Formality reaches a prespecified number of failing compare points, which causes Formality to stop processing. Use the verification\_failing\_point\_limit variable to adjust the limit, as needed.

- 1. If you have both aborted points and failing points, locate and fix the failing compare points. For strategies on debugging failed compare points, refer to the section "Debugging Unmatched Points" on page 6-7.
- 2. Verify the design again. Fixing the failing compare points can sometimes eliminate the aborted points.
- 3. After eliminating all failing compare points, isolate the problem in the design to the smallest possible block.
- 4. Declare the failing blocks as black boxes. Declare them black boxes by using the set\_black\_box command, as described in the section "Removing Designs" on page 5-81.

Alternatively, you can insert cutpoint black boxes to simplify hardto-verify designs, as described in section "Working With Cutpoints" on page 5-11.

5. Verify the implementation again. This time the verification should finish. However, the problem block is still unverified.

6. Use an alternative method to prove the functionality of the isolated problem block. For example, in a multiplier example, use a conventional simulation tool to prove that the multiplier having the different architecture in the implementation is functionally equivalent to the multiplier in the reference design.

At this point, you have proved the problem block to be equivalent and you have proved the rest of the implementation equivalent. One proof is accomplished through a conventional simulation tool, and the other is accomplished through Formality. Both proofs combined are sufficient to verify the designs as equal.

Establish the existing implementation design as the new reference design. This substitution follows the recommended incremental verification technique described in Figure 1-1 on page 1-5.

- 7. Prior to running verification a second time, match any equivalent multipliers that Formality hasn't automatically matched in the reference and implementation design by hand. Manually matching the multipliers will aid the solver in successfully matching remaining multipliers. Use the report\_unmatched\_points -datapath command to identify those unmatched multipliers.
- 8. Pre-verification might have timed out due to the effort level set in the verification\_datapath\_effort\_level variable. You can set this limit to a higher effort level to allow Formality more time to successfully pre-verify and black box equivalent datapath blocks. See the man page for additional information.

# **Determining Failure Causes**

To debug your design, you must first determine if a failing verification is due to a setup problem or a logical difference between the designs. If the verification failed due to a setup problem, you should start the debug process by looking for obvious problems, such as forgetting to disable scan.

Sometimes you can determine the failure cause by examining the number of failing, aborted, and unmatched points, as shown in Table 7-1.

| Table 7-1 | Determining Failure Cause |
|-----------|---------------------------|
|-----------|---------------------------|

| Unmatched  | Failing | Aborted | Possible cause                                           |
|------------|---------|---------|----------------------------------------------------------|
| large      | -       | -       | Compare point matching problem, or black boxes           |
| very small | some    | small   | Logical difference                                       |
| very small | some    | large   | Setup problem                                            |
| very small | none    | some    | Complex circuits, combinational loops, or limits reached |

#### Number of points in each category:

Setup problems that can cause a failed verification include unmatched primary inputs and compare points, missing library models and design modules, and incorrect variable settings.

The following steps describe how to make sure design setup did not cause the verification failure:

 If you automatically matched compare points with the verify command, look at the unmatched-points report by specifying the report\_unmatched\_points command in the fm\_shell or choosing Match > Unmatched in the GUI. The report shows matched design objects (such as inputs) as well as matched compare points; use the filtering options included with the command to view only the unmatched compare points.

Use the iterative compare point matching technique described in section "Matching Compare Points" on page 6-3 to resolve the unmatched points.

A likely consequence of an unmatched compare point (especially a register) is that downstream compare points will fail due to their unmatched inputs.

2. Specify the report\_black\_boxes command in the fm\_shell or at the GUI's Formality prompt to check for unmatched black boxes. During verification, Formality treats comparable black boxes as equivalent objects. However, to be considered equivalent, a black box in the implementation must map one-toone with a black box in the reference design. In general, use black box models for large macrocells (such as RAMs and microprocessor cores) or when you are running a bottom-up verification.

Note:

Black boxes that don't match one-to-one will result in unmatched compare points.

For information on how to handle black boxes in your design, see "Working With Black Boxes" on page 5-14.

 Check for incorrect environment variable settings, especially for the design transformations listed in section "Design Transformations" on page 7-27. To view a list of current variable settings, use the printvar command. If you determine that your design contains setup errors, skip to section "Eliminating Setup Possibilities" on page 7-13 to help you fix them. You must fix setup problems then reverify the implementation before debugging any problems caused by logical differences between the designs.

# **Debugging Using Diagnosis**

At this point, you have fixed all setup problems in your design or determined that no setup problems exist. Consequently, the failure occurred because Formality found functional differences between the implementation and reference designs. Use the following steps to isolate the problem. This section assumes you are working in the GUI. For a more detailed explanation of the Formality verification and debugging processes, see Chapter 2, "A Quick Start With Formality."

After you have run verification and are ready to debug your design:

- 1. In the Debug screen, click the Failing Points tab to view the failing points.
- 2. Run diagnosis on all of the failing points listed in this window by clicking the Diagnose button.

Note:

On occasion, after clicking the Diagnose button, you might get a warning (FM-417) stating that too many distinct errors caused diagnosis to fail (if the number of distinct errors exceeds five). If this occurs, and you have already verified that no setup problems exist, try selecting a group of failing points (such as a group of buses with common names), and click the Diagnose Selected Points button. This can help diagnosis by paring down the failing points to a specific section in the design. Finally, if the group diagnosis fails, select a single failing point and run selected diagnosis.

3. When diagnosis completes, the Error Candidates window appears.

You will see a list of error candidates in this window. An error candidate can have multiple distinct errors associated with it. For each of the errors, the number of related failing points is reported.

There can be alternate error candidates apart from the recommended ones shown in this window. You can inspect the alternate candidates using the Next and Previous buttons available in this tab. You can reissue the error candidate report anytime after running diagnosis by using the report\_error\_candidates Tcl command.

4. Choose an error with the maximum number of failing points. Right-click on that error, then choose View Logic Cones. If there are multiple failing points, a list will appear from which you can choose a particular failing point to view. Errors are the drivers in the design whose function can be changed to fix the failing compare point.

The schematic shows the error highlighted in the implementation design along with the associated matching region of the reference design.

Examine the logic cone for the driver causing the failure. The problem driver is highlighted in orange. You can click the Isolate Error Candidates Pruning Mode button to view the error region in isolation. You can also prune the associated matching region of the reference design. You can undo this pruning mode by choosing the Undo option from the Edit menu.

Chapter 7: Debugging Failed Design Verifications

Note:

You can employ the previous diagnosis method by setting the diagnosis\_enable\_error\_isolation variable to false and then rerunning verification.

# **Debugging Using Logic Cones**

In general, you want to debug the failing point that shows the design difference as quickly and easily as possible. Start with primary outputs. You know that the designs are equivalent at primary outputs, whereas internal points could have different logic cones due to changes such as boundary optimization or retiming. Pick the smallest cone to debug. Look for a point that is not part of a vector.

You can open a logic cone view of a failing compare point to help you debug design nonequivalencies. The following steps provide information on how to debug failing points in your design from the logic cone view.

• To show the entire set of failing input patterns, click the Show Patterns toolbar button in the logic cone window.

A pattern view window appears. Click the number above a column to view the pattern in the logic cone view. For each pattern applied to the inputs, Formality displays logic values on each pin of every instance in the logic cone.

Check the logic cone for unmatched inputs. Look for unmatched inputs in both the reference and implementation columns.For example, two adjacent unmatched cone inputs (one in the references and one in the implementation) that have opposite values on all patterns indicates these unmatched cone inputs should probably be matched.

Alternatively, you can also specify the command report\_unmatched\_points compare\_point at the Formality prompt, or check the pattern view window for inputs that appear in one design, but not the other.

There are two types of unmatched inputs:

Unmatched in cone—This input is not matched to any input in the corresponding cone for the other design. The logic for this cone might be functionally different. The point might have been matched incorrectly.

Globally unmatched—This input is not matched to any input anywhere in the other design. The point might need to be matched using name-matching techniques. The point might represent extra logic that is in one design but not in the other.

Unmatched inputs indicate a possible setup problem you didn't fix previously. If this is the case, see "Eliminating Setup Possibilities" on page 7-13. If you change the setup, you must reverify the implementation before continuing the debugging process.

For detailed information about failing input patterns and the pattern view window, see section "Working With Failing Patterns" on page 7-41.

• Bring up a logic cone view of your design.See the section "Working With Logic Cones" on page 7-36 for details on having your design display in a logic cone.

A pattern view window appears. Click the number above a column to view the pattern in the logic cone view. For each pattern applied to the inputs, Formality displays logic values on each pin of every instance in the logic cone.

- Look for clues in the input patterns. These clues can sometimes indicate that the implementation design has undergone a transformation of some kind. For a list of design transformations that require setup prior to verification, see "Design Transformations" on page 7-27.
- Prune the logic cones and subcones as needed to better isolate the problem. See "Pruning Logic" on page 7-40.

After you have isolated the difference between the implementation and reference designs by using this procedure, change the original design accordingly and reverify it.

If the problem is in the gate-level design, a one-to-one correspondence between the symbols in the logic cone and the instances in the gate netlist should help you pinpoint where to make changes in the netlist.

To further help you debug designs, you can click the Zoom Full toolbar button to view a failing point in the context of the entire design. Return to the previous view by pressing Shift-a.

## **Eliminating Setup Possibilities**

As discussed in section "Determining Failure Causes" on page 7-7, you must resolve setup problems as part of the debugging process. This section describes what you should look for if your design has setup problems. In order of importance, you should check:

- Black Boxes
- Unmatched Points
- Design Transformations

## **Black Boxes**

If the evidence points to a setup problem, check for black boxes. You can do this by:

- Viewing the transcript.
- Checking the formality.log file.
- Executing report\_unmatched -point\_type bbox command.
- Executing the report\_black\_boxes command in the fm\_shell or Formality prompt. See the online man pages for information about this command.

See "Working With Black Boxes" on page 5-14 for more information.

# **Unmatched Points**

As described in section "Debugging Unmatched Points" on page 6-7, you may need to manually match compare points using the techniques described in this section. Normally, you do this during the compare point matching process, prior to running verification.

## **Matching With User-Supplied Names**

You can force Formality to verify two design objects by setting two compare points to match. For example, if your reference and implementation designs have comparable output ports with different names, creating a compare point match that consists of the two ports forces Formality to match the object names.

### Important:

Use caution when adding and removing compare points. Avoid creating a situation where two design objects not intended to form a match are used as compare points. Understanding the design and using the Formality tool's reporting feature can help you avoid this situation.

To force an object in the reference to match an object in the implementation, do one of the following:

| fm_shell                                                                                   | GUI                                                                        |
|--------------------------------------------------------------------------------------------|----------------------------------------------------------------------------|
| Specify:                                                                                   | Choose the Match > Unmatched Points tab.                                   |
| set_user_match<br>[ -type ID_type ]<br>[ -inverted ] [ -noninverted ]<br>object_1 object_2 | Select a point in the reference list.                                      |
|                                                                                            | Select a point in the implementation list.                                 |
|                                                                                            | Click the +, -, or ? button.                                               |
|                                                                                            | Click the User Match Setup tab to view the list of user-specified matches. |

Sometimes design objects of different types share the same name. If this is the case, change the -type option to the unique object type. Refer to the online man pages for details about this command.

You can set the -inverted or -noninverted option to handle cases of inverted polarities of state points. Inverted polarities of state registers can occur due to the style of design libraries, design optimizations by synthesis, or manually generated designs. The inverted option matches the specified objects with inverted polarity; the -noninverted option matches the specified objects with noninverted polarity. Polarity is indicated in the GUI with a "+" for non-inverted, "-" for inverted, and "?" for unspecified. This command accepts instance-based path names and objectIDs. You can match objects such as black box cells and cell instances, pins on black boxes or cell instances, registers, and latches. The two objects should be comparable in type and location.

Along with matching individual points in comparable designs, you can use this command to match multiple implementation objects to a single reference object (1-to-n matching). You do this by issuing set\_user\_match, matching each implementation object to the reference object. You cannot, however, match multiple reference objects to one implementation object. Doing so would cause an error. For example, the following command sets several implementation objects to one reference object, datain[55].

This command allows you to match an individual point in a design and is useful if you do not see multiple mismatches of very similar nature. Note that this command does not change the names in the database. For example, the following design objects will not be matched by the Formality name-matching algorithms:

reference:/WORK/CORE/carry\_in
implementation:/WORK/CORE/cin

You can use the set\_user\_match command to match these design objects as follows:

```
fm_shell (verify)> set_user_match ref:/WORK/CORE/carry_in \
    impl:/WORK/CORE/cin
```

**Removing User-Matched Compare Points.** To un-match objects previously matched by the set\_user\_match command, do one of the following:

| fm_shell                                                      | GUI                                                           |
|---------------------------------------------------------------|---------------------------------------------------------------|
| Specify:                                                      | At the Formality prompt, specify:                             |
| remove_user_match<br>[ -all ] [ -type type ]<br>instance_path | remove_user_match<br>[ -all ] [ -type type ]<br>instance_path |

This command accepts instance-based path names and objectIDs. For more information about the remove\_user\_match command, see the online man page. Listing User-Matched Compare Points. You can generate a list of points matched by the set\_user\_match command. Do one of the following:

| fm_shell                                                       | GUI                                                             |
|----------------------------------------------------------------|-----------------------------------------------------------------|
| Specify:                                                       | At the Formality prompt, specify:                               |
| report_user_matches [ -inverted  <br>-noninverted   -unknown ] | report_user_matches [ -inverted   -<br>noninverted   -unknown ] |

The -inverted option reports only those user-specified inverted matches. The -noninverted option reports only those user-specified noninverted matches. The -unknown option reports those user matches with unspecified polarity. The GUI displays polarity of these points using "-" to indicate inverted polarity, " " to indicate positive polarity, and "?" to indicate unspecified polarity.

## **Matching With Compare Rules**

As described in section "Compare Rules" on page 1-27, compare rules are user-defined regular expressions that Formality uses to translate the names in one design before applying any namematching methods. This is especially useful if names changed in a predictable way and many compare points are unmatched as a result.

### Important:

Because a single compare rule can map several design object names between the implementation and reference designs, use caution when defining compare rules. Regular expressions with loose matching criteria can affect many design object names. Defining a compare rule allows you to affect many design objects during compare point matching. For example, suppose the implementation uses a register naming scheme where all registers end in the string "\_r\_0", while the reference design uses a scheme where all registers end in "\_reg". One compare rule could successfully map all register names between the two designs.

Compare rules are applied during the compare point matching step of the verification process.

**Defining Compare Rules.** To create a compare rule, do one of the following:

| fm_shell                                                                    | GUI                                                                                                                        |
|-----------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|
| Specify:                                                                    | Choose the Match > Compare Rule tab.                                                                                       |
| set_compare_rule<br>-from search_pattern<br>-to replace_pattern<br>designID | Click Add, and choose the Reference or<br>Implementation tab.                                                              |
|                                                                             | Select a library, and a design as needed.                                                                                  |
|                                                                             | Enter the initial search pattern in the Search value field, and the replacement search pattern in the Replace value field. |
|                                                                             | Select the object Type: Any, Port, Cell or Net.                                                                            |
|                                                                             | Click OK.                                                                                                                  |

Supply "from" and "to" patterns to define a single compare rule, and specify the designID to be affected by the compare rule. For the patterns you can supply any regular expression or arithmetic operator. You need to use ( and ) as delimiters for arithmetic expressions and can use +, -, \*, /, and % for operators.

This command does not permanently rename objects; it "virtually" renames compare points for matching purposes. The report commands are available for use after compare point matching completes.

Compare rules are additive in nature so they should be written in such a way that rules do not overlap. Overlap can cause unwanted changes to object names, which can negatively affect subsequent compare rules. The rules are applied one at a time throughout the design.

For example, the following registers are unmatched when two designs are verified:

```
reference:/WORK/top_mod/cntr_reg0
```

reference:/WORK/top\_mod/cntr\_reg9

implementation:/WORK/top\_mod/cntr0

implementation:/WORK/top\_mod/cntr9

You can use a single set\_compare\_rule command to match up all these points, as follows:

```
fm_shell (verify)> set_compare_rule ref:/WORK/top_mod \
    -from {_reg\([0-9]*\)$} -to {\1}
```

In this example, the rule is applied on the reference design. Hence, all "\_reg#" format object names in the reference design are transformed to "#" format during compare point matching.

In the following example, assume that the registers are unmatched when two designs are verified:

```
RTL:/WORK/P_SCHED/MC_CONTROL/FIFO_reg2[0][0]
RTL:/WORK/P_SCHED/MC_CONTROL/FIFO_reg2[0][1]
RTL:/WORK/P_SCHED/MC_CONTROL/FIFO_reg2[1][1]
```

```
GATE:/WORK/P_SCHED/MC_CONTROL/FIFO_reg20_0
GATE:/WORK/P_SCHED/MC_CONTROL/FIFO_reg20_1
GATE:/WORK/P_SCHED/MC_CONTROL/FIFO_reg21_1
```

A single set\_compare\_rule matches up all these points:

```
fm_shell (verify)> set_compare_rule $ref \
    -from {_reg2\[\([0-1]\)\]\[\([0-1]\)\]$} \
    -to {\1_reg2\1_\2}
```

This rule transforms all objects in the reference design that follow the format name\_reg#[#][#] to name\_reg##\_#, where # is restricted to only 0 and 1 values. This rule is applied on the reference design, but it also can be changed so that it can be applied on the implementation design.

You can use ( and ) as delimiters for arithmetic expressions, then use +, -, \*, /, and % operators inside the delimiters to unambiguously determine them to be arithmetic operators. For example, to reverse a vector from the reference bus [15:0] to the implementation bus [0:15] using an arithmetic expression, use the following command:

```
fm_shell (verify)> set_compare_rule ref:/WORK/design_name
    -from {bus\[\([0-9]*\)\]} -to {bus\[\(15-\1\)\]}
```

The "-" operator in the replace pattern means arithmetic minus.

**Testing Compare Rules.** You can test name translation rules on unmatched points. Test name translation rules on unmatched points or arbitrary user-defined names by doing one of the following:

| fm_shell                                                                                      | GUI                                                                                                                                                                              |
|-----------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:<br>test_compare_rule                                                                 | Choose the Match > Compare Rule tab.<br>Click the Reference or Implementation<br>button.                                                                                         |
| [ -designID   -r   -i ]<br>-from search_pattern<br>-to replace_pattern<br>[-substring string] | Set the object name and enter search<br>pattern and replace pattern in their<br>respective fields.                                                                               |
| [-type type]<br>Or                                                                            | Click the Test button, and choose the Test<br>With Unmatched Points or Test With<br>Specified Points tab.                                                                        |
| test_compare_rule<br>-from search_pattern<br>-to replace_pattern<br>-name list_of_names       | If you choose "Test with Unmatched Points,"<br>you can optionally enter a substring that<br>restricts the test to those unmatched points<br>that contain the inputted substring. |
|                                                                                               | If you choose "Test with Specified Names,"<br>you must add a name or list of names in the<br>"Enter a name to test against" field, then<br>click the Add button.                 |
|                                                                                               | Click Test.                                                                                                                                                                      |

You can test a single compare rule on a specific design or arbitrary points. You can also use this command to check the syntactic correctness of your regular and arithmetic expressions. To do so you supply "from" and "to" patterns, specify the name to be mapped, indicate the substring and the point type, and specify the designID to be affected by the proposed compare rule. A string that shows the results from applying the compare point rule is displayed; 0 for failure, 1 for success. **Removing Compare Rules.** To remove all compare rules from a design, do one of the following:

| fm_shell                          | GUI                                   |
|-----------------------------------|---------------------------------------|
| Specify:                          | Choose the Match > Compare Rules tab. |
| remove_compare_rules [ designID ] | Click the Remove button.              |
|                                   | Select a design, and then click OK.   |

There is currently no way to remove a single compare rule. For more information about the remove\_compare\_rules command, see the online man pages.

**Listing Compare Rules.** To track compare rules, you can generate reports that list them by doing one of the following:

| fm_shell                          | GUI                                   |
|-----------------------------------|---------------------------------------|
| Specify:                          | Choose the Match > Compare Rules tab. |
| report_compare_rules [ designID ] |                                       |

Each line of output displays the search value followed by the replace value for the specified design. For information about the report\_compare\_rules command, see the online man pages.

# **Matching With Name Subset**

During subset matching, each name is viewed as a series of tokens, separated by characters in the name\_match\_filter\_chars variable. Formality performs a best-match analysis to match names containing shared tokens. If an object in either design has a name that is a subset of an object name in the other design, Formality can match those two objects by using subset-matching algorithms. If multiple potential matches are equally good, no matching occurs.

Digits are special cases, and mismatches involving digits lead to an immediate string mismatch. An exception is made if there is a hierarchy difference between the two strings and that hierarchy name contains digits.

Use the name\_match\_allow\_subset\_match variable to specify whether to use any of the methods, or to specify which particular name subset (token)-based name matching method to use. By default, the variable value is set to strict. Strict subset matching should automatically match many of the uniform name changes that might otherwise require a compare rule. This is particularly helpful in designs having extensive, albeit fairly uniform, name changes resulting in an unreasonably high number of unmatched points for signature analysis to handle. The strict value ignores delimiter characters as well as alphabetic tokens appearing in at least 90% of all names of a given type of object (as long as doing either does not cause name collision issues).

If the value of the name\_match\_use\_filter variable is false, subset matching will not be performed regardless of the value of the name\_match\_allow\_subset\_match variable.

For example, the following design object pairs are matched by the subset-matching algorithms:

reference:/WORK/top/state
implementation:/WORK/top/state\_reg

```
reference:/WORK/a/b/c
implementation:/WORK/a/c
```

```
reference:/WORK/cntr/state2/reg
implementation:/WORK/cntr/reg
```

The following designs object pairs would not be matched by the subset-matching algorithms:

```
reference:/WORK/top/state_2
implementation:/WORK/top/statereg_2
reference:/WORK/cntr/state_2/reg_3
implementation:/WORK/cntr/state/reg[3]
```

The first pair fails because state is not separated from statereg with a "/" or "\_". In the second pair, the presence of digit 2 in state2 causes the mismatch.

# **Renaming User-Supplied Names or Mapping File**

Renaming design objects is generally used for matching primary input and outputs.

To rename design objects, do one of the following:

| fm_shell                                                                                                                                               | GUI                                                                                                                                                    |
|--------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:                                                                                                                                               | At the Formality prompt, specify:                                                                                                                      |
| rename_object<br>-file file_name<br>[ -type object_type ]<br>[ -shared_lib ]<br>[ -container container_name ]<br>[ -reverse ] objectID<br>[ new_name ] | rename_object<br>-file file_name<br>[ -type object_type ]<br>[ -shared_lib ]<br>[ -container container_name ]<br>[ -reverse ] objectID<br>[ new_name ] |

This command permanently renames any object in the database. The new name is used by all subsequent commands and operations, including all name-matching methods. Supply a file whose format matches that of the report\_names command in the Design Compiler tool. For information about the rename\_object command, see the online man pages.

Note:

To rename multiple design objects from a file, select the -file option. The file format should match that of the report\_names command in the Synopsys Design Compiler tool.

The rename\_object command also allows you to rename design objects that are not verification compare points. For example, you can use this command to rename the input ports of a design so that they match with input ports in the other design. Input ports must be matched to obtain a successful verification. This command supplies exact name pairs so you will know the exact change that is going to take place.

For example, the following rename\_object command renames a port called clk\_in to clockin to successfully match the primary inputs:

fm\_shell (verify)> rename\_object impl:/\*/am2910/clk\_in
clockin

You can use this command to change the name of a hierarchical cell, possibly benefiting the automatic compare point matching algorithms. In addition, you can use it on primary ports to make a verification succeed where the ports have been renamed (perhaps inadvertently).

You can also use the change\_names command in Design Compiler to change the names in the gate-level netlist. However, depending on the complexity of name changes, Formality might or might not be able to match the compare points successfully when verifying two designs (pre-change names design to post-change names design). To work around this problem, obtain the changed-names report from Design Compiler then supply it to Formality with the rename\_object command for compare point matching.

For example, the following rename\_object command uses a file to rename objects in a design:

```
fm_shell (verify) > rename_object -file names.rpt \
    -container impl -reverse
```

# **Design Transformations**

Various combinational and sequential transformations can cause problems if you don't perform the proper setup before verification. Setup requirements are discussed in Chapter 5, "Preparing the Design for Verification," for the following common design transformations:

- Internal scan insertion on page 5-38.
- Boundary scan on page 5-39.
- Clock tree buffering on page 5-41.
- Asynchronous bypass logic on page 5-43.
- Clock gating on page 5-45.
- Inversion push on page 5-49.
- Re-encoded finite state machines on page 5-54.
- Retimed designs on page 5-59.

# **Working With Schematics**

Viewing cells and other design objects in the context of the overall design can help you locate and understand failing areas of the design. This section describes how to use schematics to help you debug failing compare points. It pertains to the GUI only.

# **Viewing Schematics**

Viewing cells and other design objects in the context of the overall design can help you locate failing areas of the design.

In any type of report window, you can view a schematic for any object described in the report. This feature lets you quickly find the area in your design related to an item described in the report.

To generate a schematic view, do the following:

• Right-click in a design in any of the following report windows:

Verify

Match > Unmatched and Match > Unmatched

Debug > Failing Points, Debug > Passing Points, Debug > Aborted Points

• Choose View Reference Object or View Implementation Object.

After you perform these steps, a schematic view window appears that shows the selected object in the context of its parent design. The object is highlighted and centered in the schematic view window. From the schematic view window you can zoom in and zoom out of a view, print schematics, and search for objects. You can also use the schematic view window menus to move up and down through the design hierarchy of the design.

To change the text size in a schematic, choose View > Preferences > Increase Font Size or Decrease Font Size. Increasing or decreasing the font size changes the menu and window text, but not the text in the schematic. Schematic text automatically increases or decreases was you zoom in or out.

Figure 7-3 shows a schematic view window.



Figure 7-3 Schematic View Window

Status bar

-

Some of the more important areas are:

Toolbar

The toolbar contains tool buttons that act as shortcuts to some menu selections. The schematic viewer supports the following tool buttons:

- Click to select particular sections of the design.
- Click to increase the magnification applied to the schematic area by approximately 2X.
- Click to decease the magnification applied to the schematic area by approximately 2X.
- Click to redraw the displayed schematic sheet so that all logic is viewable.
- Click to view the previous view.
  - Click to view the next view.
- Click to find the driver for the selected net.
- Click to find the load on the selected net.
- Click to find and zoom to the compare point in the schematic.
- Click to display the object finder dialog in order to find an object by name in the schematic.

Chapter 7: Debugging Failed Design Verifications

- Click to set highlighting on the selected objects.
- Click to remove highlighting from the selected objects.
- Click to clear highlighting from all objects.
- Click to display the name visibility dialog with which you can select the visibility of the objects.
  - Click to bring up help for the Schematic View window.

#### Schematic area

The schematic area displays a digital logic schematic of the design. You can select an object in the design by clicking it. To select multiple objects, hold down the Shift key. Selected objects are highlighted in yellow.

Formality displays the wire connections in different colors to represent the different coverage percentages of the error candidates. While debugging, concentrate on the nets with the highest coverage percentage.

For a description of the color-coding scheme, refer to step two in "Debugging Using Diagnosis" on page 7-9.

# **Traversing Design Hierarchy**

From a schematic view window, you can move freely through a design's hierarchy.

You can use either of these methods to traverse a design's hierarchy:

- To move down the hierarchy, select a cell then click the Push Design toolbar button. Formality displays the schematic for the selected instance. This button is dimmed when there is nothing inside the selected cell.
- To move up the hierarchy, select a cell then click the Pop Design toolbar button. Formality displays the design containing the instance of the current design, selects that instance in the new schematic, and zooms in on it.

# Finding a Particular Object

To find an object in the currently displayed design, do the following:

- In the schematic view window, choose Edit > Find by Name. This opens the Find By Name dialog box, which lists the objects contained in the design.
- 2. In the top text box, select Cells, Ports, or Nets. Objects of the selected type are displayed in the list box, which you can scroll through.
- 3. Select an object from the list.
- 4. Click OK.

Formality zooms in on the object, putting it at the center of the view, and the object is selected and highlighted in yellow.

Chapter 7: Debugging Failed Design Verifications

# **Generating a List of Objects**

Using the object finder, you can interact with a schematic through dynamic lists of drivers, loads, nets, cells, and ports. Clicking Find Driver, Find Load, Find X, or Find By Name buttons, or choosing the correlated item from the drop-down menu in the GUI, brings up the dialog box that you use to generate your preferred list.

For example, to get a list of loads for a net, follow these steps:

- 1. Click the desired net in your schematic.
- 2. Click the Find Load button from the tool bar.

The Object Finder dialog box appears with a list of loads for the nets you selected.

Note:

If the net has a single load and you click the Find Load button, the GUI takes you directly to the load without bringing up the dialog box. This is true when using the Find Driver button.

3. Click one of the loads from the list.

Notice the schematic has centered around and highlighted that cell.

Also, you can switch to a list of drivers from that cell using the Find Driver button and select a driver from the list provided. Likewise, you can switch to a list of all cells, nets, or ports, and select one of those instead.

# Zooming In and Out of a View

The schematic view window provides three tools that allow you to quickly size the logic in the window: zoom in, zoom out, and zoom full.

Formality tracks each schematic view window's display history beginning with creation of the window. This lets you use the Back to previous view toolbar button to step back through views, and the Forward to next view button to return.

To display the entire design, use the zoom full tool. There are four ways to invoke this tool:

- Choose View > Zoom Full.
- Right-click in the schematic window, and choose Zoom Full.
- Click the Zoom Full toolbar window.
- Press the letter f on the keyboard.

Similarly, to zoom in or zoom out, choose View > Zoom In Tool or Zoom Out Tool, and click where you want the new view to be centered.

To repeatedly zoom into a design, do the following:

- 1. Place the pointer in the schematic area.
- 2. Press the equal sign key (=) to activate the zoom in tool. The pointer changes to a magnifying glass icon with a plus symbol as if you had clicked the Zoom In Tool toolbar button.
- 3. Place the pointer where you want zoom in and click.
- 4. Keep clicking as needed, to further zoom in.

Chapter 7: Debugging Failed Design Verifications

To repeatedly zoom out of a design, follow the same steps used to zoom into a design, except press the minus (-) key to activate the zoom out tool.

To quickly zoom in on a small area, invoke the zoom-in tool to display the magnifying glass pointer. Hold down the left mouse button and drag a box around the area of interest.

You can print the schematic from a schematic view window or a report from a report window.

The procedure for printing a report from a report window is the same as for printing a schematic from a schematic window. The corresponding pull-down menu command is File > Print.

#### **Viewing RTL Source Code**

You can select an object from any schematic view (or logic cone view) and view its corresponding RTL source data. Source browsing works with all RTL and netlist source files.

To view RTL source code, do the following:

- In the schematic, select a design object, such as a net.
- Right-click and choose View Source.

A window opens with the RTL source code. The selected object is highlighted in red. The previous and next toolbar arrows allow you to cycle through instances of the selected object.

In addition, in any report window, you can right-click on a design then choose View Reference Source or View Implementation Source.

# **Working With Logic Cones**

As described in step two of section "Debugging Using Logic Cones" on page 7-11, you can open a logic cone view of a failing compare point to help you debug design nonequivalencies.

- 5. Select a design object in a report window (passing points, failing points, aborted points, or verified points).
- 6. Right-click and choose View Logic Cones.

A logic cone window appears, as shown in Figure 7-4





Chapter 7: Debugging Failed Design Verifications

Some of the more important areas are

Toolbar

The toolbar contains tool buttons that act as shortcuts to some menu selections. The schematic viewer supports the following tool buttons:

- Click to select particular sections of the design.
- Click to increase the magnification applied to the schematic area by approximately 2X.
- Click to decease the magnification applied to the schematic area by approximately 2X.
- Click to redraw the displayed schematic sheet so that all logic is viewable.
- Click to view the previous view.
- Click to view the next view.
- Click to find the driver for the selected net.
- Click to find the load on the selected net.
- Click to find all net sources of the selected net with logic value X.
- Click to find and zoom to the compare point in the schematic.

| <b>1</b> 44      | Click to find the corresponding matching point in the opposing window to<br>the point you've selected in a double-cone schematic. |
|------------------|-----------------------------------------------------------------------------------------------------------------------------------|
| ₽ <mark>₩</mark> | Click to display the object finder dialog in order to find an object by name in the schematic.                                    |
| *                | Click to set highlighting on the selected objects.                                                                                |
| J.               | Click to remove highlighting from the selected objects.                                                                           |
| <b>X</b>         | Click to clear highlighting from all objects.                                                                                     |
| S                | Click to display the name visibility dialog with which you can select the visibility of the objects.                              |
| Ţ                | Click to bring up help for the Schematic View window.                                                                             |
|                  | Click to show the next pattern values on the schematic.                                                                           |
| 10110            | Click to show the previous pattern values on the schematic.                                                                       |
| 10110<br>01101   | Click to bring up patterns viewer window to show all patterns for the current compare point.                                      |
| <b>"</b>         | Click to bring up matching analysis tool for this compare point.                                                                  |
| 0 ¥              | Click to find the corresponding matching point in the opposing window to the point you've selected in a double-cone schematic.    |

Chapter 7: Debugging Failed Design Verifications



Reference and implementation logic cone views

The two schematics display the logic cones, one for the reference design and one for the implementation. The logic areas display object symbols, object names, object connections, applied states, and port names. To obtain information on an object in the logic area, place the mouse pointer on it.

Nets and registers highlighted in magenta denote objects set with user-defined constants. The constant value is annotated next to the object.

The following annotations display next to failed registers:

- Failure Cause Data: one register loads a "0" while the other loads a "1".
- Failure Cause Clock: one clock is triggered by a signal change, while the other is not.
- Failure Cause Asynch: one asynchronous reset line is high, while the other is low.

You can view logic cones for unmatched registers from the cone schematics window. To view the cone schematic for the unmatched register, do the following:

- 1. Select the unmatched cone input register you want the schematic for from the cone schematic window.
- 2. Right-click to bring up the Context pop-up menu.
- 3. Select View Logic Cones from this pop-up menu.

Now you will see a single cone schematic window containing the cone of logic feeding the unmatched register.

# **Pruning Logic**

Logic pruning reduces the complexity of a schematic so that you can better isolate circuitry pertinent to the failure. You generally prune logic toward the end of the debugging process, as noted in step 7 in section "Debugging Using Diagnosis" on page 7-9.

To change the logic cone view to show only the logic that controls the output results, click the Remove Non-Controlling toolbar button. This command prunes away logic that does not have an effect on the output for the current input pattern, thus simplifying the schematic for analysis.

To better find differences in the full schematic, remove the noncontrolling logic from the reference or implementation schematic and keep the full view in the other schematic.

To restore the full logic cone view, click the Undo last cone edit or Revert to original toolbar button, as applicable. The Undo button undoes the last change, while the Revert button restores the original logic cone view. Sometimes it is useful to look at part of a logic cone. Within Formality, a part of a cone is called a subcone. When you view logic in the logic area, you might only be interested in a particular subcone. You can remove and restore individual subcone in the display area.

To remove a subcone, do the following:

- 1. Click on the net from which you want the subcone removed. The selected net is highlighted in yellow.
- 2. Click the Remove Subcone of selected net or pin toolbar button.

Formality redraws the logic without the subcone leading up to the selected net. Click the Undo last cone edit toolbar button to restore the subcone.

To isolate a subcone, do the following:

- 1. Click on the net whose logic cone you want to isolate. The selected net is highlighted in yellow.
- 2. Click the Isolate subcone of selected pin or net toolbar button.

Formality redraws the logic with only the subcone of the selected net visible.

# **Working With Failing Patterns**

Formality keeps track of the set of input patterns, 0's and 1's only, that cause verification and diagnosis operations to fail. From the logic cone view window, you can simulate the logic by applying single vectors from this set. This corresponds to step three in section "Debugging Using Diagnosis" on page 7-9.

By default, Formality uses up to 256 failing patterns to perform diagnosis. When more than one failing compare point exists, Formality selects and uses a set of failing pattern vectors from the patterns of all failing compare points.

A pattern is automatically applied to a displayed logic cone for both the implementation and the reference designs. Formality applies the first pattern to both logic areas and displays the state values associated with the logic cones. When the displayed pattern is not helpful for debugging, you can experiment with other failing patterns.

To show a pattern, follow these steps:

1. In the logic cone view, choose View > Show Patterns, or click the Show Patterns toolbar button.

Inputs are those that normally would not make the compare point fail.



#### Figure 7-5 Failing Pattern View Window

Note:

Names shown in blue indicate a constant 0 has been applied to those inputs. Names shown in orange indicate a constant 1 has been applied to those inputs. You will see the same color indicators in the cone schematic when you set the net coloring mode to view constants.

The toolbar buttons are

Click to sort the failing patterns by most-required inputs to cause failure.

Click to sort the failing patterns by least-required inputs to cause failure.

Glick to set all non-required inputs back to 0.

- $\rightarrow$  1 Click to set all non-required inputs (black 0) to 1.
- $\rightarrow \chi$  Click to set all non-required inputs (black 0) to a dont-care status (X).
- Click to find an input in the reference or implementation list.
- Click to filter the reference or implementation list.
  - Click to display the logic cone view for the selected input pair.
- 2. To move forward through the current set of previously failing patterns, choose the Next Pattern toolbar button. To move backward, use the Previous Pattern toolbar button. Each command updates the display with a new set of logic values.

Applying a pattern to the logic cone causes the logic area to be redrawn with the new states marked on each pin of each instance. The patterns are applied at the inputs.

You can move through patterns only when the failed verification or completed diagnosis operation has identified more than one failing pattern for the displayed logic cone. If only one pattern exists, the Next Pattern and Previous Pattern options in the View menu are inactive (dimmed).

#### **Saving Failing Patterns**

Formality retains the set of failing patterns for the most recently failed verification. You can save these patterns for use in simulation at a later time.

To save the current set of failing patterns, do one of the following:

| fm_shell                                                                                    | GUI                                                                                                                                                                                  |
|---------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Specify:                                                                                    | Choose File > Save Failing Patterns.                                                                                                                                                 |
| write_failing_patterns<br>[ -diagnosis_patterns ]<br>[ -verilog ] [ -replace ]<br>file_name | In the File name text box, enter the file<br>name.<br>Click Save Diagnosis Patterns Only (to save<br>a diagnosis pattern subset) or Save<br>Patterns in Verilog Format.<br>Click OK. |

This command saves failing patterns to an external file (\*.fpt). For more information about this command, see the online man page.

Note:

Be sure that the verification section of the transcript shows that verification failed.

# **Running Previously Saved Failing Patterns**

To simulate the implementation and reference designs with a set of previously saved failing patterns, do one of the following:

| fm_shell               | GUI                               |
|------------------------|-----------------------------------|
| Specify:               | At the Formality prompt, specify: |
| simulate_patterns file | simulate_patterns file.           |

Note:

The file containing previous failing patterns must be readable by Formality, not saved as a text file. If you save the failing patterns in Verilog format, you cannot use the resulting file with the simulate\_patterns command.

You can do two things with previously saved failing patterns:

- Simulate your top-level design by applying the entire set of patterns.
- Apply single patterns from the set to the design while viewing a particular logic cone.

When you run a set of previously failing patterns, Formality performs logic simulation on the implementation and reference designs. Using failing patterns as input vectors can help determine whether changes you have made to the implementation have fixed a problem found during verification.

After applying the patterns, Formality reports the success of the simulation by refreshing the verification section of the information bar. A report created at this point reflects the state of the completed simulation; it does not reflect the state of the most recently failed verification.

Note:

Passing simulation performed with a set of previously failing patterns is not sufficient to prove design equivalence. For functional equivalence to be proved, the implementation must pass verification.

# 8

# **Cell Library Verification**

Formality allows you to verify a reference design with an implementation design in the process described in Chapters 4 through 6. However, you can also compare technology (or cell) libraries, as described in this chapter.

This chapter assumes that you understand Formality concepts and the general process for Formality design verification.

This chapter contains the following sections:

- Overview
- Initializing Library Verification
- Loading the Reference Library
- Loading the Implementation Library
- Listing the Cells

- Specifying a Customized Cell List
- Elaborating Library Cells
- Performing Library Verification
- Reporting and Interpreting Verification Results
- Debugging Failed Library Cells

For additional information on verifying libraries not discussed in this chapter, refer to the *Formality-ESP User Guide* in the ESP documentation suite.

# **Overview**

Figure 8-1 shows the general flow for verifying two cell libraries. This chapter describes all the steps in the library verification process.

Figure 8-1 Library Verification Process Flow Overview



During cell library verification, Formality compares all the cells in a reference library to all the cells in an implementation library. The process allows you to compare Verilog simulation and Synopsys (.db) synthesis libraries.

Library verification is similar to design verification in that you must load both a reference library and an implementation library. The principle difference is that since the specified libraries contain multiple designs (cells), Formality must first match the cells to be

Overview

verified from each library. This occurs when you load the reference and implementation designs. Formality then performs compare point matching and verification one cell-pair at a time.

The Formality add-on tool, Formality-ESP extends Formality's functional equivalence checking. For detailed information on functional-equivalence for full-custom transistor-level memory macros, datapath macros and library cells, refer to the *Formality-ESP User Guide*.

# **Initializing Library Verification**

To verify two libraries, you must first switch to the "library verification" mode (as opposed to "setup", "match", or "verify"). The GUI closes if it is running. Library verification is a command-line driven process. Each time you enter (or leave) library verification mode, Formality empties the contents of the "r" and "i" containers in readiness for a new library (or design) verification session.

To enter library verification mode, specify the library\_verification command, as follows:

fm\_shell (setup)> library\_verification argument

The fm\_shell prompt changes to:

fm\_shell (library\_setup)>

You can specify one of the following options for argument:

- verilog\_verilog
- db\_db

- verilog\_db
- db\_verilog
- none

The first design type in the preceding examples defines the reference library and the second, the implementation. If you specify none, Formality returns to the "setup" mode.

When you set this mode, Formality sets the following variable:

set verification\_passing\_mode "equality"

When you exit "library verification" mode, Formality sets the variable back to its default values, "consistency".

Note:

Unsupported synthesis library formats must be translated by Library Compiler before reading into Formality.

# Loading the Reference Library

As with the design verification process described in Chapter 4, you must specify the reference library prior to the implementation library.

To specify the reference library, use one of the following "read" commands, depending on the library format:

```
fm_shell (library_setup)> read_db -r file_list
fm_shell (library_setup)> read_verilog -r [-tech] file_list
```

As described in the online man pages, the <code>read\_db</code> and <code>read\_verilog</code> commands have several options that do not apply to library verification. Use the <code>read\_verilog -tech</code> option if you have a UDP file.

Formality loads the reference library into the "r" container. You cannot rename this container.

In the Formality shell, you represent the design hierarchy by using a designID argument. The designID argument is a path name whose elements indicate the container ("r" or "i"), library, and design name.

Unlike the design verification process, you do not specify the set\_top command because there are multiple top cells available.

# Loading the Implementation Library

Specify the implementation library in the same manner as described in the previous section, with the exception of the -r argument. Instead, use the -i argument as shown here:

```
fm_shell (library_setup)> read_db -i file_list
fm_shell (library_setup)> read_verilog -i [-tech] file_list
```

Formality loads the reference library into the "i" container. You cannot rename this container.

After you read in the implementation library, Formality performs cell matching to generate the list of cells that will be verified. Cells and ports must match by name. The cell list is a single cell name and each cell on it is expected to be found in the reference library. If not, it is a non-matching cell and remains unverified.

# **Listing the Cells**

By default, Formality verifies all library cells that match by name. You can query the default cell list prior to verification to confirm the matched and unmatched cells.

Specify the following command to return a list of library cells:

```
fm_shell (library_setup)> report_cell_list -reference | \
    -implementation | -verify | -matched | -unmatched | \
    -filter wildcard
```

You must specify one of the following options:

- -reference: Returns the cells contained in the reference library.
- -implementation: Returns the cells contained in the implementation library.
- -verify: Returns the current list of cells to be verified, which could differ from the default cell list if you specified the select\_cell\_list command; refer to section "Specifying a Customized Cell List" on page 8-8 for details.
- -matched: Returns a list of reference and implementation cells that match by name.
- -unmatched: Returns the names of cells that did not match in the reference and implementation containers. This option is dynamic depending on the select\_cell\_list command specification.
- -filter *wildcard*: Filters the report to include cells that match the specified wildcard. Always specify this option in conjunction with one of the preceding options.

In the rare case that the libraries contain no matching cells, do the following:

- 1. Return to "setup" mode by specifying library\_verification none.
- 2. Edit the cell names so they match.
- 3. Return to "library verification" mode.
- 4. Reload the updated library using the applicable "read" command.

# **Specifying a Customized Cell List**

When you load the libraries with the read\_ commands, Formality elaborates all matched cells in preparation for verification. After reporting the matched cells with the report\_cell\_list command, you can refine the default cell list as necessary.

To customize the default cell list, specify the following command:

```
fm_shell (library_setup)> select_cell_list [-file
filename]\
     [-add cell_names] [-clear] [-remove cell_names]
cell_names
```

You can use the following options as needed:

- -file *filename*: Specifies a file that contains a list of cells to be verified.
- -add *cell\_names*: Adds the specified cells to the cell list.
- -clear: Clears the cell list.

-remove cell\_names: Removes the specified cells from the cell list.

This command supports wildcards for cell names. Enclose lists of cells in "curly" brackets. For example:

```
fm_shell (library_setup)> select_cell_list {AND5 OR2 JFKLP}
fm_shell (library_setup)> select_cell_list ra*
```

As part of the debugging process, use this command to specify only those cells that previously failed verification.

# **Elaborating Library Cells**

Formality automatically elaborates your library cells when running the verify command. You might want to elaborate your library cells prior to verification to apply constraints to specific cells. To elaborate these library cells, run the elaborate\_library\_cells command.

If you do not want to apply constraints to individual library cells, proceed directly to verification. For more information on using the elaborate\_library\_cells command, see the online man page.

# **Performing Library Verification**

Proceed to verification after optionally refining your cell list. As with the design verification process, specify the <code>verify</code> command:

```
fm_shell (library_setup)> verify
```

Formality performs compare point matching and verification for each cell-pair as described in Chapter 6, "Compare Point Matching and Verification." However, because Formality assumes that all cell and ports match by name, compare point matching errors do not occur; for this reason, the optional match command does not apply to library verification.

As described in the online man pages, the verify command has additional options that do not apply to library verification.

After verification, Formality outputs a transcripted summary of the passing, failing, and aborted cell counts.

The following script performs library verification. This script sets hdlin\_unresolved\_modules to "black box" as a precaution; generally cell libraries shouldn't contain unresolved modules. These are not required settings. Remember that

verification\_passing\_mode and inversion\_push are set automatically.

Chapter 8: Cell Library Verification

```
UDP_mux2.v
UDP_mux2_1.v
UDP_mux2_1_I.v
UDP_mux2_2.v
}
# Read library cells
read_verilog -r {
and2A.v
and2B.v
and2C.v
ao11A.v
ao11C.v
ao12A.v
bufferA.v
bufferAE.v
bufferAF.v
delay1.v
encode3A.v
xor1A.v
xor1B.v
xor1C.v
full_add1AA.v
half_add1A.v
mux21HA.v
mux31HA.v
mux41HA.v
mux61HA.v
mux81HA.v
mux21LA.v
notA.v
notAD.v
notAE.v
nand2A.v
nand2B.v
nand2C.v
nor2A.v
nor2B.v
nor2C.v
nxor3A.v
or_and21A.v
or2A.v
```

}

```
#______
# read into container 'i'
#-----
read_db -i synth_lib.db
#
# Report which library cells will be verified
#
report_cell_list -v
report_cell_list -m
report_cell_list -u
#______
# verify libraries
#______
verify
#______
# report on passing and full_addiling cells
#______
report_status -p
report_status -f
report_status -a
#______
# exit
#______
```

exit

#### **Reporting and Interpreting Verification Results**

After verification, use the following command to report the verification results:

```
fm_shell (library_setup)> report_status [-passing]
[-failing] \
     [-aborting]
```

If you specify no arguments, Formality reports the passing, failing, and aborted cell counts. Use the options as follows:

- -passing: Returns a list of all passing cells.
- -failing: Returns a list of all failing cells.
- -aborting: Returns a list of all aborted cells.

During verification, Formality assigns one of three types of status messages for each library cell-pair it identifies:

Passing

A passing library cell-pair is one in which all its compare points are functionally equivalent.

#### Failing

A failing library cell-pair is one in which at least one compare point is not functionally equivalent.

#### Aborted

Verification stops. This most often occurs when Formality reaches a user-defined failing limit. For example, Formality halts verification on a cell after 20 failing points have been found in the cell.

In addition, any cells that fail elaboration are aborted, and a cell can be aborted if Formality cannot determine whether one of its compare points passes or fails. Aborted points can occur when Formality is interrupted during the verification process.

#### **Debugging Failed Library Cells**

Use the following procedure to debug failed library cells:

1. Choose a failing cell from the status report and specify the following command:

```
fm_shell (library_setup)> debug_library_cell cell_name
```

Formality reports the failing cells, but only retains the electrical data from the last cell verified (which could be a passing cell). This command repopulates Formality with the verification data for the specified cell, which then enables you to debug the cell from within the same session. You can specify the name of only one unique cell.

2. Specify the following command to view the failed cell's logic:

```
fm_shell (library_setup)> report_truth_table signal \
      [-fanin signal_list] [-constraint signal_list=[0|1]
] \
      [-display_fanin] [-nb_lines number] \
      [-max_line length]
```

This command generates a Boolean logic truth table that you can use to check the failed cell's output signals. Often, this is sufficient information to fix the failed cell. Use the arguments as follows:

- *signal*: Specifies the signal you want to check. For example, specify the path name as follows: r:/lib/NAND/z

- - fanin signal\_list: Filters the truth table for the specified
  fanin signals, where the list is enclosed in "curly" brackets.
- constraint *signal\_list*=[0|1]: Applies the specified constraint value (0 or 1) at the input and displays the output values on the truth table.
- - display\_fanin: Returns the fanin signals for the specified
   signal.
- -nb\_lines *number*: Specifies the maximum number of lines allowed for the truth table.
- -max\_line length: Specifies the maximum length for each
  table line.

After fixing the cell, you can reverify it by customizing the cell list to include only the fixed cell and then specifying the verify command.

3. If further investigation is required to fix a failed cell, specify the following command:

```
fm_shell (library_setup)> write_library_debug_scripts \
    [-dir filename]
```

This command generates individual Tcl scripts for each failed cell and places them in the DEBUG directory unless you specify the -dir option. The DEBUG directory is located in the current working directory.

If you attempt to view library cells in the Formality GUI, you see only a black box. As shown in the following example, the Tcl scripts direct Formality to treat the library cells as designs and perform traditional verification. You can then investigate the failure results with the Formality GUI.

```
## --This is run script generated by FM-Library
Verification Mode --
set verification_passing_mode Equality
set verification_inversion_push true
set search_path "DEBUG"
read_container -r lib_ref.fsc
read_container -i lib_impl.fsc
set_ref r:/*/mux21
set_impl i:/*/mux21
verify
```

4. Run one of the Tcl scripts and then specify start\_gui to view the results. When you have fixed the cell, go on to the next script, and so on, until you are done.

Refer to the following sections for information about how to use the GUI for debugging:

- "Debugging Using Diagnosis" on page 9
- "Working With Schematics" on page 28
- "Working With Logic Cones" on page 36
- "Working With Failing Patterns" on page 41
- 5. Reverify cells that you fixed from within the GUI. You must begin a new session by reinitializing the "library verification" mode and then reloading the reference and implementation libraries.

# A

### Tcl Syntax As Applied to Formality Shell Commands

This appendix describes detailed characteristics of tool command language (Tcl) syntax as applied to Formality shell (fm\_shell) commands. For basic instruction on using the fm\_shell, see section "The Formality Shell Environment" on page 3-5.

Tcl has a straightforward language syntax. Every Tcl script is a series of commands separated by a new-line character or semicolon. Each command consists of a command name and a series of arguments.

This appendix includes the following sections:

- Using Application Commands
- Quoting Values
- Using Built-In Commands

- Using Procedures
- Using Lists
- Using Other Tcl Utilities
- Using Environment Variables
- Nesting Commands
- Evaluating Expressions
- Using Control Flow Commands
- Using the if Command
- Using while and for Loops
- Iterating Over a List: foreach
- Terminating a Loop: break and continue
- Using the switch Command
- Creating Procedures
- Programming Default Values for Arguments
- Specifying a Varying Number of Arguments

#### **Using Application Commands**

Application commands are specific to Formality. You can abbreviate all application command names, but you cannot abbreviate most built-in commands or procedures. Formality commands have the following syntax:

command\_name -option1 arg1 -option2 arg2 parg1 parg2

command\_name

Names the application command.

-option1 arg1 -option2 arg2

Specifies options and their respective arguments.

parg1 parg2

Specifies positional arguments.

#### **Understanding the Command Syntax**

Table A-1 summarizes the components of the syntax.

#### Table A-1 Command Components

| Component            | Description                                                                                                                                                                                                 |
|----------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Command name         | If you enter an ambiguous command, Formality attempts to find the correct command.                                                                                                                          |
|                      | <pre>fm_shell&gt; report_p Error: ambiguous command "report_p" matched two commands: (report_parameters, report_passing_points) (CMD-006)</pre>                                                             |
|                      | Formality lists as many as three of the ambiguous commands in its warning. To list the commands that match the ambiguous abbreviation, use the help function with a wildcard pattern.                       |
|                      | <pre>fm_shell&gt; help report_p*</pre>                                                                                                                                                                      |
| Options              | Many Formality commands use options. A hyphen (-) precedes an option. Some options require a value argument. For example, in the following command "my_lib" is a value argument of the -libname option.     |
|                      | fm_shell> read_db -libname my_lib                                                                                                                                                                           |
|                      | Other options, such as -help, are Boolean options without arguments.<br>You can abbreviate an option name to the shortest unambiguous<br>(unique) string. For example, you can abbreviate -libname to -lib. |
| Positional arguments | Some Formality commands have positional (or unswitched) arguments.<br>For example, in the set_equivalence command, the object1 and<br>object2 arguments are positional.                                     |
|                      | fm_shell> set_equivalence object1 object2                                                                                                                                                                   |

Appendix A: Tcl Syntax As Applied to Formality Shell Commands: Using Application Commands

#### **Using Special Characters**

The characters in Table A-2 have special meaning for Tcl in certain contexts.

#### Table A-2 Special Characters

| Character | Meaning                                                                       |
|-----------|-------------------------------------------------------------------------------|
| \$        | De references a Tcl variable.                                                 |
| ()        | Groups expressions.                                                           |
| []        | Denotes a nested command.                                                     |
| ١         | Indicates escape quoting.                                                     |
| " "       | Denotes weak quoting. Nested commands and variable substitutions still occur. |
| { }       | Denotes rigid quoting. There are no substitutions.                            |
| ;         | Ends a command.                                                               |
| #         | Begins a comment.                                                             |

#### **Using Return Types**

Formality commands have a single return type, which is a string. Commands return a result. With nested commands, the result can be used as any of the following:

- A conditional statement in a control structure
- An argument to a procedure
- A value to which a variable is set

Here is an example of a return type:

```
if {[verify -nolink]!=1} {
    diagnose
    report_failing_points
    save_session ./failed_run
}
```

#### **Quoting Values**

You can surround values in quotation marks several ways.

- You can escape individual special characters by using the backslash character (\) so that the characters are interpreted literally.
- You can group a set of words separated by spaces by using double quotation marks (""). This syntax is referred to as weak quoting because variable, command, and backslash substitutions can still occur.
- You can enclose a set of words that are separated by spaces by using braces ({ }). This technique is called rigid quoting. Variable, command, and backslash substitutions do not occur within rigid quoting.

The following commands are valid but yield different results. Assuming that variable a is set to 5, Formality yields the following:

```
fm_shell> set s "temp = data[$a]"
temp = data[5]
fm_shell> set s {temp = data[$a]}
temp = data[$a]
```

#### **Using Built-In Commands**

Most built-in commands are intrinsic to Tcl. Their arguments do not necessarily conform to the Formality argument syntax. For example, many Tcl commands have options that do not begin with a hyphen, yet the commands use a value argument. Formality adds semantics to certain Tcl built-in commands and imposes restrictions on some elements of the language. Generally, Formality implements all of the Tcl intrinsic commands and is compatible with them.

The Tcl string command has a compare option that is used like this:

string compare string1 string2

#### **Using Procedures**

Formality comes with several procedures that are created through the /usr/synopsys/admin/setup/.synopsys\_fm.setup file during installation. You can see what procedures are included with Formality by entering the following command:

#### help

The help command returns a list of procedures, built-in commands, and application commands.

Procedures are user-defined commands that work like built-in commands. You can create your own procedures for Formality by following the instructions in "Creating Procedures" on page A-16.

Procedures follow the same general syntax as application commands:

command\_name -option1 arg1 -option2 arg2 parg1 parg2

For a description of the syntax, see "Using Application Commands" on page A-3.

#### **Using Lists**

Lists are an important part of Tcl. Lists represent collections of items and provide a convenient way to distribute the collections. Tcl list elements can consist of strings or other lists.

The Tcl commands you can use with lists are

- list
- concat
- join
- lappend
- lindex
- linsert
- llength
- lrange
- lreplace
- lsearch
- lsort
- split

While most publications about Tcl contain extensive discussions about lists and the commands that operate on lists, these Tcl command highlight two important concepts:

- Because command arguments and results are represented as strings, lists are also represented as strings, but with a specific structure.
- Lists are typically entered by enclosing a string in braces, as follows:

 $\{a b c d\}$ 

In this example, however, the string inside the curly braces is equivalent to the command [list a b c d].

Note:

Do not use commas to separate list items, as you do in Design Compiler.

If you are attempting to perform command or variable substitution, the form with braces will not work. For example, this command sets the variable a to 5.

```
fm_shell> set a 5
5
```

These next two commands yield different results because the command surrounded by curly braces does not expand the variable, whereas the command surrounded by square brackets does.

```
fm_shell> set b {c d $a [list $a z]}
c d $a [list $a z]
fm_shell> set b [list c d $a [list $a z]]
c d 5 {5 z}
```

Lists can be nested, as shown in the previous example. You can use the concat command (or other Tcl commands) to concatenate lists.

#### **Using Other Tcl Utilities**

Tcl contains several other commands that handle the following:

- Strings and regular expressions (such as format, regexp, regsub, scan, and string)
- File operations (such as file, open, and close)
- Launching system subprocesses (such as exec)

#### **Using Environment Variables**

Formality supports any number of user-defined variables. Variables are either scalar or arrays. The syntax of an array reference is

array\_name (element\_name)

Table A-3 summarizes several ways for using variables.

#### Table A-3 Examples of Using Variables

| Task                     | Description                                                                                                                                                                                                                               |
|--------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Setting variables        | Use the set command to set variables. For<br>compatibility with dc_shell and pt_shell, fm_shell<br>also supports a limited version of the a = b syntax.<br>For example,                                                                   |
|                          | set x 27 or x = 27<br>set y \$x or y = \$x                                                                                                                                                                                                |
| Removing variables       | Use the unset command to remove variables.                                                                                                                                                                                                |
| Referencing<br>variables | Substitute the value of a variable into a command<br>by dereferencing it with the dollar sign (\$), as in<br>echo \$flag. In some cases, however, you must use<br>the name of a value, such as unset flag, instead<br>of the dollar sign. |

The following commands show how variables are set and referenced:

```
fm_shell> set search_path ". /usr/synopsys/libraries"
. /usr/synopsys/libraries
fm_shell> adir = "/usr/local/lib"
/usr/local/lib
fm_shell> set my_path "$adir $search_path"
/usr/local/lib . /usr/synopsys/libraries
fm_shell> unset adir
fm_shell> unset my_path
```

Note:

You can also set and unset environment variables in the GUI by entering them into the command bar or selecting File > Environment from the console window.

#### **Nesting Commands**

You can nest commands within other commands (also known as command substitution) by enclosing the nested commands within braces ([]). Tcl imposes a depth limit of 1,000 for command nesting.

The following examples show different ways of nesting a command.

fm\_shell> set index [lsearch [set aSort \
[lsort \$11]] \$aValue]
fm\_shell> set title "Gone With The Wind"
Gone With The Wind
fm\_shell> set lc\_title [string tolower \$title]
gone with the wind

Nesting Commands

Formality makes one exception to the use of command nesting with braces so it can recognize netlist objects with bus references. Formality accepts a string, such as data[63], as a name rather than as the word *data* followed by the result of command *63*. Without this exception, data[63] must either be rigidly quoted, as {data[63]}, or the square braces have to be escaped, as in data\[63\].

#### **Evaluating Expressions**

Tcl supports expressions; however, the base Tcl language syntax does not support arithmetic operators. Instead, the expr command evaluates expressions.

The following examples show the right and wrong ways to use expressions:

set a (12 \* \$p) ;# Wrong.
set a [expr (12\*\$p)] ;# Right!

The  $\operatorname{expr}$  command can also evaluate logical and relational expressions.

#### **Using Control Flow Commands**

Control flow commands—if, while, for, foreach, break, continue, and switch—determine the order of other commands. You can use fm\_shell commands in a control flow command, including other control flow commands.

The following sections briefly describe the use of the control flow commands.

#### Using the if Command

An if command has a minimum of two arguments:

- An expression to evaluate
- A script to conditionally start based on the result of the expression

You can extend the if command to contain an unlimited number of elseif clauses and one else clause. An elseif argument to the if command requires two additional arguments: an expression and a script. An else argument requires only a script.

The following example shows the correct way to specify <code>elseif</code> and <code>else</code> clauses:

```
if {$x == 0} {
    echo "Equal"
} elseif {$x > 0} {
    echo "Greater"
} else {
    echo "Less"
}
```

In the previous example, notice that the else and elseif clauses appear on the same line with the closing brace (}). This syntax is required because a new line indicates a new command. Thus, if the elseif clause is on a separate line, it will be treated as a command, which it is not.

#### Using while and for Loops

The while and for commands are similar to the same constructs in the C language.

#### Using while Loops

The while command has two arguments:

- An expression
- A script

The following while command prints squared values from 0 to 10:

```
set p 0
while {$p <= 10} {
    echo "$p squared is: [expr $p * $p]"
    incr p
}</pre>
```

#### **Using for Loops**

The for command uses four arguments:

- An initialization script
- A loop-termination expression
- An iterator script
- An actual working script

The following example shows how the while loop in the previous section is rewritten as a for loop:

```
for {set p 0} {$p <= 10} {incr p} {
    echo "$p squared is: [expr $p * $p]"
}</pre>
```

#### **Iterating Over a List: foreach**

The foreach command is similar to the same construct in the C language. This command iterates over the elements in a list. The foreach command has three arguments:

- An iterator variable
- A list
- A script to start (the script references the iterator's variable)

To print an array, enter

```
foreach el [lsort [array names a]] {
    echo "a\($el\) = $a($el)"
}
```

To search in the search\_path for several files then report whether or not the files are directories, enter

```
foreach f [which {t1 t2 t3}] {
  echo -n "File $f is "
  if { [file isdirectory $f] == 0 } {
    echo -n "NOT "
  }
  echo "a directory"
}
```

#### Terminating a Loop: break and continue

The break and continue commands terminate a loop before the termination condition has been reached. The break command causes the innermost loop to terminate. The continue command causes the current iteration of the innermost loop to terminate.

#### **Using the switch Command**

The switch command is equivalent to an if tree that compares a variable with a number of values. One of a number of scripts is run, based on the value of the variable.

```
switch $x {
  a {incr t1}
  b {incr t2}
  c {incr t3}
}
```

The switch command has other forms and several complex options. Consult your Tcl documentation for more examples of the switch command.

#### **Creating Procedures**

One powerful Formality function is the capability to write reusable Tcl procedures. With this function, you can extend the command language. You can write new commands that can use an unlimited number of arguments. The arguments can contain default values, and you can also use a varying number of arguments.

For example, the following procedure prints the contents of an array:

```
proc array_print {arr} {
  upvar $arr a
  foreach el [lsort [array names a]] {
    echo "$arr\($el) = $a($el)"
  }
}
```

Appendix A: Tcl Syntax As Applied to Formality Shell Commands: Using the switch Command A-16

Procedures can use any of the commands supported by Formality or other procedures that you have defined. Procedures can even be recursive. Procedures can contain local variables and reference variables outside of their scope. Arguments to procedures can be passed by value or by reference.

The following sections provide some examples of procedures. Books on the Tcl language offer additional information about writing procedures.

#### **Programming Default Values for Arguments**

To set up a default value for an argument, you must locate the argument in a sublist that contains two elements: the name of the argument and the default value.

For example, the following procedure reads a favorite library by default, but reads a specific library if given:

```
proc read_lib { {lname favorite.db} } {
  read_db $lname
}
```

#### **Specifying a Varying Number of Arguments**

You can specify a varying number of arguments by using the args argument. You can enforce that at least some arguments are passed into a procedure, then handle the remaining arguments as you see fit. For example, to report the square of at least one number, use the following procedure:

```
proc squares {num args} {
  set nlist $num
  append nlist " "
  append nlist $args
  foreach n $nlist {
    echo "Square of $n is [expr $n*$n]"
  }
```

## B

### Formality Library Support

This appendix provides information on how to verify and modify cell libraries to make them suitable for Formality to perform equivalence checking.

This appendix includes the following sections:

- Overview
- Supported Library Formats
- Updating Synthesis Libraries
- Library Enhancement/Generation Process
- Library Loading Order

#### **Overview**

Formality compares two versions of a design for functional equivalence. For this process to succeed, both versions of the design must have functional descriptions for all blocks of logic to be verified. These basic functions are defined by a library. The design libraries must describe the functions of all cells that are used in a design during the synthesis, test, and layout stages of the design flow.

If you are an ASIC vendor, you need to create cell libraries and provide different representations of these libraries to enable your customers to use Synopsys tools. At a minimum, you must provide a library in Synopsys database (.db) format so that customers can synthesize designs, and a Verilog library so that customers can simulate designs with VCS.

There are some important library implementation issues to consider that affect the usability, performance, and capacity of Formality for the end user. This appendix provides guidelines to ensure that the basic requirements of functional modeling are met. It describes the various library formats that Formality supports and tells you how to determine whether any enhancements are required for the library and format you choose. It also provides suggestions to help you enhance your library, guidelines on verifying these enhancements, and information on packaging your library for proper use by the customer.

#### **Supported Library Formats**

Formality works with the same libraries and design databases as Design Compiler. Users of synthesis-based design flows can adopt Formality with little or no effort. Formality can also accept library information in the form of Verilog simulation libraries, synthesizable RTL, and gate-level netlists.

#### **Synopsys Synthesis Libraries**

To read cell definition information contained in Synopsys synthesis libraries (in .db format), use the read\_db command. Reading information in this format is the fastest way to adopt Formality into your flow. Formality can use the same synthesis libraries that you deliver to customers. However, some enhancements might be required, as determined on a case-by-case basis. For information about such enhancements, see "Updating Synthesis Libraries" on page B-4.

#### **Verilog Simulation Libraries**

To read cell definition information contained in Verilog simulation library files, use the read\_simulation\_library or read\_verilog -vcs -y command, also known as the Verilog library reader. The library reader extracts the pertinent information from the Verilog library to determine the gate-level behavior of the design, and generates a netlist that represents the functionality of the Verilog library cells.

#### Synthesizable RTL

To read cell definition information from library cells modeled with a synthesizable subset Verilog or VHDL, use the <code>read\_verilog</code> or <code>read\_vhdl</code> command. Reading information in this form is typically done for an incremental library. You can model cells using RTL-level descriptions of the functional behavior and deliver such a collection of cells to customers either as RTL source code or as .db output from Design Compiler.

Cells modeled with RTL can be inefficient for Formality to process, possibly causing a performance or capacity penalty. To avoid these effects, you can map the RTL to the GTECH technology and save the optimized .db description.

#### **Gate-Level Netlists**

As an ASIC vendor, you have the option to provide the functional information in the form of one or more gate-level netlists. You can provide such netlists in .db, .v, .vhd, or .edif format.

#### **Updating Synthesis Libraries**

If you choose to use a synthesis library, this section will help you determine whether any enhancements are required to support Formality.

Typically, all vendor libraries have some black boxes in their synthesis libraries. There are two reasons for these black boxes:

• The current modeling capabilities of Library Compiler are insufficient to capture the functional information.

• The modeling capability exists, but the library provider did not model some cells because some Synopsys tools do not use these models and treat them as black boxes anyway.

These black boxes usually need to be updated for Formality because Formality needs functional models to perform verification of any cells or modules that undergo any change in a design flow. However, there might be some cells for which black box descriptions are acceptable.

To determine whether any additional work is required to support Formality, use the flowchart shown in Figure B-1. If you determine that cells need to be updated, use the flowchart shown in Figure B-2 to identify the required enhancements.



Figure B-1 Library Verification Flow



Figure B-2 Synthesis Library Update Flowchart

Updating Synthesis Libraries

In Figure B-2, these are the basic steps to take to update a synthesis library:

- Identify cells that do not need to be modeled to support Formality. A cell that is added by the user during the design flow and remains unchanged for the duration of the flow does not need a functional model. Examples of this type of cell include analog cells such as phase-locked loops, analog I/O port drivers/ receivers, hard macros or cores such as controllers and other intellectual property, and highly regular structures such as RAMs and ROMs. Formality can successfully handle these cells as black boxes.
- 2. Identify black box cells that need to be modeled. Most existing .db libraries have all the important cells modeled already. Important cells to model include registers, latches, scannable versions of registers and latches, all combinational cells, and I/O pad cells. The cells most likely to lack the necessary functional description are the scan elements and I/O pads. Note that Formality handles soft macro cells like any other piece of the design.
- 3. Cells that are missing in the synthesis (.db) library. If there are cells that the tool requires and they are not present in your synthesis .db library, you must go through your regular library development flow to add these cells.

#### **Library Enhancement/Generation Process**

The library enhancement and verification process depends on whether you choose to use a synthesis (.db) library or Verilog simulation libraries. Using a synthesis library is the preferred method. In that case, see the section "Using Synthesis Libraries that follows. If you choose to use Verilog simulation libraries instead, see the section "Using Verilog Libraries" on page B-9.

After you generate or update the libraries, you need to verify them for functional accuracy as described in Chapter 8, "Cell Library Verification."

#### **Using Synthesis Libraries**

If you use a synthesis library with Formality, it is necessary to define the functionality for some cells. Most of the missing cells in a typical synthesis library can be modeled by using Library Compiler, a Synopsys tool that reads an ASCII description of the cell timing and functional characteristics, and generates a .db file that can be read into Design Compiler.

The "statetable" format in Library Compiler is useful for modeling many kinds of sequential cells because it provides an intuitive way to describe complex sequential behavior. You can use this format to convert a state table in a databook into a library cell description. The Library Compiler tools reads the truth table for a cell and translates it into a netlist. For more information, see the Library Compiler documentation.

#### **Using Verilog Libraries**

The read\_simulation\_library and read\_verilog -vcs -y commands in Formality, also known as the Verilog library reader, provides a way to directly read in Verilog simulation libraries to support equivalence checking. It supports both gate-level and userdefined primitive (UDP) Verilog models, but not RTL constructs. To learn more about the read\_simulation\_library and read\_verilog -vcs -y commands, use the man command in Formality. For additional information, see "Verilog Simulation Data" on page 4-15.

The read\_simulation\_library command has an option, -write\_verilog, that is useful to silicon vendors and others who create cell libraries. As part of the library qualification process, the silicon vendor should verify that Formality can translate the models correctly. The -write\_verilog option provides a way to check the translation process.

Using the read\_simulation\_library command with the -write\_verilog option reads in the Verilog simulation library and writes out a Verilog file containing all the models that were read in. The ordering of I/O ports in the Verilog output file is compatible with the original simulation model for all processed modules, allowing the silicon vendor to use this file in the silicon vendor's existing test bench to verify its correctness.

Note is that Verilog written out is not the same as the Verilog read in. The command reads in the Verilog simulation models and converts this information into the internal Formality database. Then it converts this database information into Verilog and writes the results to a file called *lib\_name\_*fm\_verilog\_out.v, where *lib\_name* is the technology library name specified in the command (or the default name, TECH\_WORK). Silicon vendor testing of the Verilog output file is the most complete way to verify that Formality can translate the Verilog simulation libraries correctly. If you are a silicon vendor using this technique, be aware that the simulation models generated by Formality are not complete for simulation purposes. In particular, note the following points:

- The simulation models contain no timing information. Therefore, the results from simulation test benches should not depend upon details of the timing in the original, golden Verilog model. For example, be careful about changing two asynchronous control pins at the same time.
- The simulation models accurately model the response of the cell to input conditions of logic 1, logic 0, and logic Z (where appropriate). This meets the requirements of Formality for functional static verification. However, the models are not intended to exactly reproduce the handling of Xs on inputs or bidirectionals. In some cases, the models can be more pessimistic that the original, golden Verilog model in handling such Xs. ASIC Vendors should consider this when selecting a QA test bench.

These points do not mean that Formality builds incorrect models. Formality builds models that are accurate for functional static verification, not necessarily for simulation.

If you are a silicon vendor and you want to provide the customer with an encrypted version of the Verilog library, use the <code>-save\_binary</code> option in conjunction with the <code>-write\_verilog</code> option. Then the command writes the Verilog information in binary format, using the file name *lib\_name\_*fm\_verilog\_out.bin. The customer can read in Verilog files saved in this format using the <code>read\_simulation\_library command</code>. However, the <code>-write\_verilog</code> option is disabled for this format.

#### Library Loading Order

Formality has the ability to load and manage multiple definitions of a cell, such as synthesis .db files, simulation .db files, and Verilog/VHDL netlists. The order in which the library files are loaded determines which library model is used by Formality. If the libraries are not loaded in the correct sequence, it can lead to inconsistent or incorrect verification results.

If you are a library provider, it is recommended that you deliver explicit Formality loading instructions for multiple libraries. One way to do this is to provide a Formality script that loads the library files (such as .lib, .db, .v, .vhd, and so on) in the proper order.

#### Single-Source Packaging

It is better to provide all the required functionality in a single source, either synthesis (.lib based .db) or simulation (.v based .db). Using a single source reduces support costs and maintenance requirements. However, you might choose to use multiple sources of functional information.

#### **Multiple-Source Packaging**

If you are a silicon vendor who wants to use multiple library sources or augment your synthesis libraries with simulation and/or RTL descriptions, it is recommended that you specify the order in which the libraries are to be loaded.

#### Augmenting a Synthesis (.db) Library

If you want to use your current synthesis .db database and you do not want to update your .lib database, you can use Verilog simulation libraries to augment the .db library. The recommended flow in this case is

- 1. Load the existing synthesis .db files
- 2. Optionally load the Verilog simulation library .v files to describe the black boxes after step number 1.
- 3. Optionally load the netlist or RTL descriptions for the black boxes after step number 2.

#### Augmenting a Simulation (.v) Library

If you want to use your Verilog simulation libraries and you do not want to use your .lib-based .db database, you first need to verify that the Verilog library reader reads all the cells and Formality interprets them correctly. You then need to decide whether you want to ship the translated .db or ship the Verilog simulation libraries. The recommended flow in this case is

- 1. Load the Verilog-based .v files.
- 2. Optionally load synthesis-based .db files to describe the black boxes after step number 1.
- 3. Optionally load the netlist or RTL descriptions for black boxes after step number 2.

Appendix B: Formality Library Support: Library Loading Order B-14

# С

## **Reference Lists**

This appendix provides reference tables that describe Formality shell variables and commands.

This appendix includes the following sections:

- Shell Variables
- Shell Commands

#### **Shell Variables**

Table C-1 lists the Tcl variables you can use to condition the environment from the Formality shell.

#### Table C-1 Shell Variables

| Variable                                                      | Description                                                                                                                    |
|---------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------|
| architecture_selection_precedence string                      | Informs the arithmetic generator which architecture selection method takes precedence.                                         |
| bus_dimension_separator_style value                           | Sets the VHDL/Verilog read option that controls the bus dimension separator style used with multidimensional buses.            |
| bus_extraction_style value                                    | Sets the VHDL/Verilog read option that controls the bus extraction style.                                                      |
| bus_naming_style value                                        | Change the characters Formality recognizes as the enclosing characters.                                                        |
| bus_range_separator_style value                               | Sets the EDIF/VHDL/Verilog read option that controls the bus range separator style.                                            |
| diagnosis_enable_error_isolation<br>true   false              | Enables the precise diagnosis engine in Formality, requiring you to manually instruct Formality to run diagnosis.              |
| diagnosis_enable_find<br>_matching_candidates<br>true   false | Determines if the diagnose command identifies matching candidates in the other design                                          |
| diagnosis_pattern_limit value                                 | Sets the maximum number of failing patterns that Formality uses during diagnosis.                                              |
| distributed_64bit_mode true   false                           | Determines which type of server executable to use on 64-bit capable machines.                                                  |
| distributed_processor_start_timeout integer                   | Defines the time allowed for the master to start a<br>Formality server process and receive<br>acknowledgement from the server. |
| distributed_verification_mode string                          | Allows Formality to perform distributed verification when using the verify command.                                            |
| distributed_work_directory string                             | Sets the directory that will be used for the comunication between the master and the servers.                                  |
|                                                               |                                                                                                                                |

| Table C-1 | Shell Variables | (Continued) |
|-----------|-----------------|-------------|
|-----------|-----------------|-------------|

| Variable                                          | Description                                                                                                                                        |
|---------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------|
| dw_foundation_threshold value                     | Helps select the architecture to build for the multiplier architecture based on the value of the dw_foundation.                                    |
| edifin_blackbox_library_cell true   false         | Enables Formality to create black boxes for EDIF library cells that do not contain contents.                                                       |
| edifin_ground_cell_name name                      | Specifies the name of the ground cell.                                                                                                             |
| edifin_ground_net_name name                       | Specifies the name of the ground net.                                                                                                              |
| edifin_power_and_ground_representation cell   net | Specifies the power and ground representation as either "cell" or "net."                                                                           |
| edifin_power_cell_name name                       | Specifies the name of the power cell.                                                                                                              |
| edifin_power_net_name name                        | Specifies the name of the power net.                                                                                                               |
| enable_multiplier_generation true   false         | Enables Forality to generate multiplier architectures based on user directives.                                                                    |
| gui_report_length_limit integer                   | Specifies the gui report size limit.                                                                                                               |
| hdlin_auto_netlist true   false                   | Specifies whether to automatically use a netlist reader when reading in verilog designs.                                                           |
| hdlin_auto_top true   false                       | Specifies whether to automatically set and link the top-level design when reading in designs. (Only when using one Verilog design.)                |
| hdlin_disable_tetramax_define true   false        | Controls whether the Verilog TetraMAX macro is automatically defined for all read_simulation_library commands.                                     |
| hdlin_do_inout_port_fixup true   false            | Controls whether DDX-7 error messages will be generated at link time.                                                                              |
| hdlin_dwroot value                                | Lets Formality know where the SYNOPSYS tree is<br>that contains the DesignWare components<br>instantiated in any of the hierarchies read in.       |
| hdlin_dyn_array_bnd_check                         | Controls whether logic is added to check the validity of array indices                                                                             |
| hdlin_enable_verilog_assert true   false          | Controls whether SystemVerilog ASSERT (and related) statements in Verilog 95 and 2001 source files are treated as errors (the default) or ignored. |

| Variable                                        | Description                                                                                                                                                       |
|-------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| hdlin_error_on_mismatch_message<br>true   false | Works with the hdlin_warn_on_mismatch variable<br>to control the severity of messages alerting you to<br>possible mismatches between simulation and<br>synthesis. |
| hdlin_ignore_builtin true   false               | Controls whether to ignore or not ignore the built_in pragma in VHDL files.                                                                                       |
| hdlin_ignore_dc_script true   false             | Controls whether to ignore or not ignore the dc_script_begin and dc_script_end pragmas in Verilog/VHDL files.                                                     |
| hdlin_ignore_full_case true   false             | Controls whether to ignore or not ignore the full_case pragma in Verilog files.                                                                                   |
| hdlin_ignore_label true   false                 | Controls whether to ignore or not ignore the label pragma in VHDL files.                                                                                          |
| hdlin_ignore_label_applies_to true   false      | Controls whether to ignore or not ignore the label_applies_to pregame in Verilog/VHDL files.                                                                      |
| hdlin_ignore_map_to_entity true   false         | Controls whether to ignore or not ignore the map_to_entity pragma in VHDL files.                                                                                  |
| hdlin_ignore_map_to_module true   false         | Controls whether to ignore or not ignore the map_to_module pragma/attribute in Verilog/VHDL files.                                                                |
| hdlin_ignore_map_to_operator<br>true   false    | Controls whether to ignore or not ignore the map_to_operator pragma in Verilog/VHDL files.                                                                        |
| hdlin_ignore_parallel_case true   false         | Controls whether to ignore or not ignore the parallel_case pragma in Verilog files.                                                                               |
| hdlin_ignore_resolution_method<br>true   false  | Controls whether to ignore or not ignore the resolution_method pragma in VHDL files.                                                                              |
| hdlin_ignore_synthesis true   false             | Controls whether to ignore or not ignore the synthesis_off pragma in VHDL files.                                                                                  |
| hdlin_ignore_translate true   false             | Controls whether to ignore or not ignore the translate_off and translate_on pragmas in Verilog files.                                                             |
| hdlin_infer_mux_default   none   all            | Controls MUX_OP inference for your Verilog description.                                                                                                           |
| hdlin_interface_only design                     | Loads the specified designs as black boxes (pin names and directions only).                                                                                       |

| Variable                                                                 | Description                                                                                                                                                     |
|--------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|
| hdlin_library_directory string                                           | Designates all designs contained within the specified directories as TECHNOLOGY designs.                                                                        |
| hdlin_library_ enhanced_analysis<br>true   false                         | Controls the analysis of Verilog switch primitives.                                                                                                             |
| hdlin_library_ file string                                               | Designates all designs contained within the specified files as TECHNOLOGY files.                                                                                |
| hdlin_multiplier_architecture none   csa  <br>nbw   wall   dw_foundation | Elaborates all multipliers using the multiplier<br>architecture in the file specified when one of the<br>read command is run.                                   |
| hdlin_normalize_blackbox_busses<br>true   false                          | Controls how Formality names black box buses during link operation.                                                                                             |
| hdlin_synroot name                                                       | Points to the top-level directory in Design Compiler version you used to generate a MDB or DDC database.                                                        |
| hdlin_unresolved_modules<br>black_box   error                            | Controls whether Formality errors and stops during the elaboration/linking process when there are unresolved references.                                        |
| hdlin_verilog_95 true   false                                            | Controls the default Verilog language interpretation of the Formality RTL reader.                                                                               |
| hdlin_verilog_wired_net_interpretation string                            | Specifies whether non-wire nets are resolved using a simulation or a synthesis interpretation.                                                                  |
| hdlin_vhdl_87 true   false                                               | Controls the default VHDL language interpretation of the Formality RTL reader.                                                                                  |
| hdlin_vhdl_auto_file_order true   false                                  | Enables read_vhdl to automatically order the specified files.                                                                                                   |
| hdlin_vhdl_forgen_inst_naming string                                     | Specifies the scheme that should be used to name component instances within VHDL for -generate statements.                                                      |
| hdlin_vhdl_fsm_encoding binary   1hot                                    | Specifies the FSM encoding for your VHDL description.                                                                                                           |
| hdlin_vhdl_integer_range_constraint<br>true   false                      | Controls whether Formalilty adds logic to constrain<br>the value of integer ports and registers to match<br>the integer range constraint specified in the VHDL. |
| hdlin_vhdl_others_covers_extra_states<br>true   false                    | Controls if Formality uses others clauses to determine how unreachable states are handled                                                                       |

| Variable                                                    | Description                                                                                                                                                        |
|-------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| hdlin_vhdl_presto_naming true   false                       | Controls the generation of operator names inferred from VHDL.                                                                                                      |
| hdlin_vhdl_presto_shift_div                                 | Controls the implementation of a divide by a constant power of two.                                                                                                |
| hdlin_vhdl_strict_libs true   false                         | Controls whether a strict mapping of VHDL libraries will be used during synthesis.                                                                                 |
| hdlin_vhdl_use_87_concat true   false                       | Controls whether the IEEE Std 1076-1987 style concantenations are used in the IEEE Std 1076-1993 VHDL code.                                                        |
| hdlin_warn_on_mismatch_message<br>message_id_list           | Works with the hdlin_error_on_mismatch variable<br>to control the severity of messages alerting you to<br>possible mismatches between simulation and<br>synthesis. |
| impl                                                        | Indicates the current implementation design.                                                                                                                       |
| message_level_mode<br>error   warning   info                | Sets the message severity threshold that<br>Formality uses during verification.                                                                                    |
| mw_logic0_net                                               | Specifies the name of the Milkyway ground net.                                                                                                                     |
| mw_logic1_net                                               | Specifies the name of the Milkyway power net.                                                                                                                      |
| name_match all   none   port   cell                         | Controls whether compare matching uses object names or relies solely on function and topology to match compare points.                                             |
| name_match_allow_subset_match<br>strict   any   none        | Specifies whether to use subset (token)-based name matching, and if so, what method to use.                                                                        |
| name_match_based_on_nets true   false                       | Controls whether compare point matching will be based on net names or not where appropriate.                                                                       |
| name_match_filter_chars char_list                           | Specifies the characters that should be ignored when the name matching filter is used.                                                                             |
| name_match_flattened_hierarchy_<br>separator_style char     | Specifies the separator used in path names<br>Formality creates when it flattens a design during<br>hierarchical verification.                                     |
| name_match_multibit_register_<br>reverse_order true   false | Specifies to reverse the bit order of the bits of a multibit register.                                                                                             |
| name_match_net                                              | Specifies whether name matching attempts to reference nets to implementation nets.                                                                                 |

| Table C-1 | Shell Variables | (Continued) |
|-----------|-----------------|-------------|
|-----------|-----------------|-------------|

| Variable                                                  | Description                                                                                                                        |
|-----------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------|
| name_match_pin_net                                        | Specifices whether name matching attempts to match hierarchical pins to nets                                                       |
| name_match_use_filter true   false                        | Specifies whether the built-in name matching filter should be used.                                                                |
| ref                                                       | Indicates the current reference design.                                                                                            |
| schematic_expand_logic_cone<br>true   auto   false        | Specifies the schematic view of the logic cone display the internals of techlib cells and DesignWare components.                   |
| search_path dirlist                                       | Specifies directories searched for design and library files specified without directory names.                                     |
| sh_arch                                                   | Indicates the current system architecture of the machine you are using.                                                            |
| sh_continue_on_error true   false                         | Controls whether processing continues when errors occur.                                                                           |
| sh_enable_page_mode true   false                          | Specifies to display long reports one screen at a time.                                                                            |
| sh_product_version value                                  | Specifies the version of the application.                                                                                          |
| sh_source_uses_search_path<br>true   false                | Causes the source command to use the<br>search_path variable to search for files.                                                  |
| signature_analysis_allow_net_match                        | Specifies whether signature analysis utilizes net-<br>based matching methods.                                                      |
| signature_analysis_allow_subset_match                     | Specifies whether signature analysis uses subset matching methods.                                                                 |
| signature_analysis_match_<br>blackbox_input_true   false  | Specifies whether signature analysis attempts to match previously unmatched black box inputs.                                      |
| signature_analysis_match_<br>blackbox_output true   false | Specifies whether signature analysis attempts to match previously unmatched black box outputs.                                     |
| signature_analysis_match_<br>compare_points_true   false  | Specifies whether signature analysis attempts to match compare points.                                                             |
| signature_analysis_match_datapath<br>true   false         | Controls whether to automatically attempt to match previously unmatched datapath blocks and their pins during signature analysis.  |
| signature_analysis_match_hierarchy<br>true   false        | Controls whether to automatically attempt to match previously unmatched hierarchy blocks and their pins during signature analysis. |

| Table C-1 | Shell Variables | (Continued) |
|-----------|-----------------|-------------|
|-----------|-----------------|-------------|

| Variable                                                                               | Description                                                                                                                                                                                                                                       |
|----------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| signature_analysis_match_net<br>true   false                                           | Controls whether signature analysis will attempt to match reference nets to implementation nets.                                                                                                                                                  |
| signature_analysis_match_pin_net<br>true   false                                       | Controls whether signature analysis will attempt to match hierarchical pins to nets.                                                                                                                                                              |
| signature_analysis_match_primary_input<br>true   false                                 | Controls whether signature analysis will attempt to match previously unmatched primary inputs or not.                                                                                                                                             |
| signature_analysis_match_primary_<br>output true   false                               | Controls whether signature analysis will attempt to match previously unmatched primary outputs or not.                                                                                                                                            |
| signature_analysis_matching<br>true   false                                            | Controls whether signature analysis will be used to help match compare points.                                                                                                                                                                    |
| svf_datapath true   false                                                              | Controls whether Formality processes the transformations found in the SVF file.                                                                                                                                                                   |
| synopsys_root pathname                                                                 | Sets the value of the \$SYNOPSYS environment variable.                                                                                                                                                                                            |
| verification_assume_constant_reg_init<br>true   false                                  | Controls how Formality propagates constants through possible constant registers.                                                                                                                                                                  |
| verification_assume_reg_init<br>none   conservative   liberal   liberal0  <br>liberal1 | Controls the assumptions that Formality makes about the initial state of registers.                                                                                                                                                               |
| verification_asynch_bypass true   false                                                | Controls the verification of registers with<br>asynchronous controls that operate by creating a<br>combinational "bypass" around the register<br>against registers with asynchronous controls that<br>operate only by setting the register state. |
| verification_auto_loop_break<br>true   false                                           | Performs simple loop breaking by cutting the nets.                                                                                                                                                                                                |
| verification_blackbox_match_mode<br>any   identity                                     | Defines how Formality matches comparable black boxes during verification.                                                                                                                                                                         |
| verification_clock_gate_hold_mode<br>none   low   high   any                           | Specifies whether Formality should allow the next<br>state of a flip-flop whose clock is gated to be<br>considered equivalent to that of a flip-flop whose<br>clock is not gated.                                                                 |
| verification_constant_prop_mode<br>all   user   none                                   | Specifies how Formality propagates constants<br>during linking from the top level to a lower level<br>when verifying a lower-level block.                                                                                                         |

| Variable                                                                             | Description                                                                                                                                                        |
|--------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| verification_datapath_effort_level<br>low   medium   high   unlimited  <br>automatic | Defines the effort level Formality applies during datapath block verification.                                                                                     |
| Verification_effort_level                                                            | Sepcifies the effort level to use when verifying two designs.                                                                                                      |
| verification_failing_point_limit value                                               | Specifies the number of failing compare points identified before Formality halts the verification process.                                                         |
| verification_ignore_unmatched_<br>implementation_blackbox_input<br>true   false      | Defines whether Formality allows unmatched<br>implementation blackbox input pins in a<br>succeeding verification.                                                  |
| verification_incremental_mode<br>true   false                                        | Controls whether the verify command runs verification incrementally.                                                                                               |
| verification_inversion_push true   false                                             | Defines whether Formality attempts to correct<br>failing verifications by checking for cases where<br>data inversion has been moved across register<br>boundaries. |
| verification_match_undriven_signals<br>true   false                                  | Specifies whether Formality should identify and match undriven signals.                                                                                            |
| verification_merge_duplicated_registers<br>true   false                              | Specifies whether Formality should identify and merge duplicated registers.                                                                                        |
| verification_parameter_checking<br>true   false                                      | Enables parameter checking for technology library register cells and black box cells.                                                                              |
| verification_partition_timeout_limit                                                 | Causes Formality to terminate processing of any partition after the timeout limit is reached.                                                                      |
| verification_passing_mode<br>consistency   equality                                  | Sets the verification mode.                                                                                                                                        |
| verification_progress_report_interval integer                                        | Specifies the interval between progress reports during verification, in minutes.                                                                                   |
| verification_propagate_const_reg_x<br>true   false                                   | Specifies how Formality propagates don't-care states through reconvergent-fanout-dependent constant-disabled registers.                                            |
| verification_set_undriven_signals<br>X   Z   0   1   PI                              | Specifies how Formality treats undriven nets and pins during verification.                                                                                         |
| verification_status                                                                  | Returns the status of the most recent verification, if any.                                                                                                        |

| Table C-1 | Shell Variables | (Continued) |
|-----------|-----------------|-------------|
|-----------|-----------------|-------------|

| Variable                                                   | Description                                                                                                                                                                                    |
|------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| verification_super_low_effort_first_pass<br>true   false   | Controls wheter Formality makes a preliminary super-low-effort verification attempt on all compare points.                                                                                     |
| verification_timeout_limit value                           | Specifies a wall-clock time limit for how long Formality spends in verification.                                                                                                               |
| verification_use_partial_modeled_cells<br>true   false     | Directs Formality to use the partial modeled cells<br>behavior as the function of test cells, if no other<br>function is present.                                                              |
| verification_verify_unread_<br>compare_points true   false | Controls whether or not Formality verifies unread compare points.                                                                                                                              |
| verification_verify_unread_tech_cell_pins<br>true   false  | Allows individual unread input pins of tech library<br>cells in the ref. to be matched with the<br>corresponding cells in the impl design. and treated<br>as primary outputs for verification. |

#### **Shell Commands**

Table C-2 lists the shell commands that you can invoke from within Formality.

| Table C-2 | Shell Commands |
|-----------|----------------|
|-----------|----------------|

| Command                                                                          | Description                                                                                            |
|----------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| add_distributed_processors<br>[ machine machine ] [ -lsf ]<br>-nservers -options | Sets up a distributed processing environment and allows distributed equivalence checking verification. |
| alias [name] [def]                                                               | Creates a pseudo-command that expands to one or more words, or lists current alias definitions.        |
| cputime                                                                          | Returns the CPU time used by the Formality shell.                                                      |
| create_constraint_type<br>type_name designID                                     | Creates a named user-defined (arbitrary) constraint type.                                              |
| create_container containerID                                                     | Creates a new container.                                                                               |
| create_cutpoint_blackbox                                                         | This command is obsolete with the 2004.06 release.<br>Use set_cutpoint instead.                        |

| current_container [ containerID ]Establishes or reports the current container.current_design [ designID ]Establishes or reports the current design.debug_library_cellRuns a diagnosis on the most recent verificat[ cell_name ]Runs a diagnosis on the most recent verificatdiagnose [ -all   failing_points_list ]Runs a diagnosis on the most recent verificat[ -effort_level low medium high ][ -pattern_limit limit ] [ -r ]echo [-n] [largument]Echoes arguments to standard output.elaborate_library_cellsResolves cell references before verifying theerror_infoPrints extended information on errors from las<br>command.exitExits the Formality shell.find_cells [ -of_object objectID ]Lists cells in the current design.[ -library_cells   -nolibrary_cells ]Lists cells in the current design.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | ion.<br>ibrary. |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------|
| debug_library_cell       Runs a diagnosis on the most recent verificat         [cell_name]       Runs a diagnosis on the most recent verificat         diagnose [-all   failing_points_list ]       Runs a diagnosis on the most recent verificat         [-effort_level low medium high ]       [-pattern_limit limit ] [-r ]         echo [-n] [largument]       Echoes arguments to standard output.         elaborate_library_cells       Resolves cell references before verifying the lefter on the most recent from las command.         exit       Exits the Formality shell.         find_cells [-of_object objectID ]       Lists cells in the current design.         [-type ID_type ]       [-type ID_type ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | ion.<br>ibrary. |
| [ cell_name ]         diagnose [ -all   failing_points_list ]         [ -effort_level low medium high ]         [ -pattern_limit limit ] [ -r ]         echo [-n] [largument]         echos arguments to standard output.         elaborate_library_cells         error_info         exit         find_cells [ -of_object objectID ]         [ -library_cells   -nolibrary_cells ]         [ -type ID_type ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | ion.<br>ibrary. |
| [ -effort_level low medium high ]         [ -pattern_limit limit ] [ -r ]         echo [-n] [largument]         Echoes arguments to standard output.         elaborate_library_cells       Resolves cell references before verifying the lefter on the standard output.         error_info       Prints extended information on errors from last command.         exit       Exits the Formality shell.         find_cells [ -of_object objectID ]       Lists cells in the current design.         [ -type ID_type ]       [ -type ID_type ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | ibrary.         |
| elaborate_library_cells       Resolves cell references before verifying the lefter on the second secon | -               |
| error_info       Prints extended information on errors from las command.         exit       Exits the Formality shell.         find_cells [ -of_object objectID ]       Lists cells in the current design.         [ -library_cells   -nolibrary_cells ]       [ -type ID_type ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       | -               |
| command.         exit       Exits the Formality shell.         find_cells [ -of_object objectID ]       Lists cells in the current design.         [ -library_cells   -nolibrary_cells ]       -nolibrary_cells   -nolibrary_cells ]         [ -type ID_type ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | st              |
| find_cells [ -of_object objectID ] Lists cells in the current design.<br>[ -library_cells   -nolibrary_cells ]<br>[ -type ID_type ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |                 |
| [ -library_cells   -nolibrary_cells ]<br>[ -type ID_type ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |                 |
| [ cellID_list ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |                 |
| find_designs [ object_list ]       Returns a list of designs.         [ -passing ] [ -failing ] [ -aborted ]       [ -not_verified ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |                 |
| find_nets [ object_list ] [ -hierarchy ]       Returns a list of nets.         find_nets [ -of_object objectID ]       [ -type ID_type ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |                 |
| <pre>find_pins [ object_list ] [ -in ] [ -out ] Returns a list of pins. [ -inout ] find_pins [ -of_object objectID ] [ -in ] [ -out ] [ -inout ] [ -hierarchy ] [ -type ID_type ]</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                 |
| <pre>find_ports [ object_list ] [ -in ] [ -out ] Returns a list of ports. [ -inout ] find_ports [ -of_object objectID ] [ -in ] [ -out ] [ -inout ] [ -type ID_type ]</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |                 |
| find_references [ design_list ]Returns a list of designs instantiated within th<br>specified design(s).[ -black_box ] [ -hierarchy ]specified design(s).find_references [ -of_object objectID ]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | e               |
| get_unix_variable variable_name Returns the value of a UNIX environment var                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | able.           |

| Table C-2 | Shell Commands | (Continued) |
|-----------|----------------|-------------|
|-----------|----------------|-------------|

| Command                                                                                                                                                              | Description                                                                                 |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------|
| group cell_list -design_name name<br>[ -cell_name name ]                                                                                                             | Creates a new level of hierarchy.                                                           |
| guide                                                                                                                                                                | Puts Formality into guide mode, supporting guidance for all the SVF features.               |
| guide_architecture_db<br>[ -file file_name ] [ libraries ]                                                                                                           | Guides Formality on the association of a db file with an architectural implementation.      |
| guide_architecture_netlist [ -file file_name ] [ libraries ]                                                                                                         | Guides Formality on the association of a netlist file with an architectural implementation. |
| guide_change_names<br>-design designName<br>[ -instance instanceName ]<br>[ changeBlock ]                                                                            | Guides Formality on changes in the naming of design objects.                                |
| guide_datapath<br>-design designName<br>[ -instance instanceName ]<br>[ changeBlock ]                                                                                | Guides Formality in identifying a datapath subdesign.                                       |
| guide_fsm_reencoding<br>-design <design_name><br/>-previous_state_vector prevList<br/>-current_state_vector currList<br/>-state_reencoding stateList</design_name>   | Guides Formality on the changes in the encoding of the finite-state machine.                |
| guide_group<br>-design designName<br>[-instance instanceName]<br>[ -cells cellList ]<br>-new_design newDesignName<br>-new_instance newInstanceName<br>[ groupBlock ] | Guides Formality on the hierarchy created around design objects.                            |
| guide_multiplier<br>-design designName<br>[ -instance instanceName ]<br>-arch arch<br>-body fileName                                                                 | Guides Formality in identifying a subdesign as a multiplier with a specific architecture.   |
| guide_reg_constant<br>[ -design designName ]<br>instanceName<br>constantVal                                                                                          | Guides Formality on the architecture of the SVF file's constant register information.       |

| Table C-2 | Shell Commands (Continued) |
|-----------|----------------------------|
|-----------|----------------------------|

| Command                                                                                                                                                                                                                                                                                                                     | Description                                                                                      |
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------|
| guide_reg_duplication<br>[ -design designName ]<br>-from fromReg<br>-to toList                                                                                                                                                                                                                                              | Guides Formality on the architecture of the SVF file's duplicate register information.           |
| guide_reg_merging<br>[ -design designName ]<br>-from fromReg<br>-to toList                                                                                                                                                                                                                                                  | Guides Formality on the architecture of the SVF file's merged register information.              |
| guide_transformation<br>-design designName<br>-type type<br>-input inputList<br>-output outputList<br>[-control controlList]<br>[-virtual virtualList]<br>[-pre_resource preResourceList]<br>[-pre-assign preAssignList]<br>[-post_resource post_ResourceList]<br>[-post_assign postAssignList]<br>[-datapath datapathList] | Guides Formality on the nature of datapath transformations.                                      |
| guide_ungroup<br>-design designName<br>[ -instance instanceName ]<br>[ -cells cellList ] [ -all ]<br>[ -small ] [ -flatten ]<br>[ -start_level ] [ ungroupBlock                                                                                                                                                             | Guides Formality on removing hierarchy from design objects.                                      |
| guide_uniquify<br>-design designName<br>[ uniquifyBlock ]                                                                                                                                                                                                                                                                   | Guides Formality creating unique instances for design objects.                                   |
| guide_ununiquify<br>-design designName<br>[ ununiquifyBlock ]                                                                                                                                                                                                                                                               | Integrates uniquified instances back to their original designs                                   |
| help [ command ]                                                                                                                                                                                                                                                                                                            | Returns information about Formality shell commands.                                              |
| history [-h] [-r] [args]                                                                                                                                                                                                                                                                                                    | Displays or modifies the commands recorded in the history list.                                  |
| library_verification mode                                                                                                                                                                                                                                                                                                   | Transfers Formality from one of the design verification modes to cell library verification mode. |

| Command                                                                                                                                                                  | Description                                                               |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------|
| list_libraries                                                                                                                                                           | Lists technology libraries currently loaded.                              |
| list_key_bindings                                                                                                                                                        | Displays all the key bindings and edit mode of the current shell session. |
| man [ command ]                                                                                                                                                          | Displays man pages for Formality shell commands.                          |
| match [ -datapath ] [ -hierarchy ]                                                                                                                                       | Matches compare points.                                                   |
| memory                                                                                                                                                                   | Reports memory used by the Formality shell.                               |
| printenv variable_name                                                                                                                                                   | Prints the values of environment variables.                               |
| printvar pattern                                                                                                                                                         | Prints the values of one or more variables.                               |
| proc_args proc_name                                                                                                                                                      | Displays the formal parameters of a procedure.                            |
| proc_body proc_name                                                                                                                                                      | Displays the body of a procedure.                                         |
| quit                                                                                                                                                                     | Exits the Formality shell.                                                |
| read_container<br>[ -r   -i   -container containerID ]<br>[ -replace ]<br>file                                                                                           | Reads a previously written container into the Formality environment.      |
| read_db<br>[-r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -technology_library ] [ -merge ]<br>[ -replace_black_box ] file_list                    | Reads Synopsys .db designs or technology (cell) libraries.                |
| read_ddc<br>[ -r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -technology_library ] file_list                                                       | Reads designs from a .ddc database.                                       |
| read_edif<br>[ -r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -work_library library_name ]<br>[ -technology_library ] file_list                    | Reads one or more EDIF files into the Formality environment.              |
| read_fsm_states file [ designID ]                                                                                                                                        | Reads finite state machine (FSM) states.                                  |
| read_mdb<br>[-r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -technology_library ]<br>-cell_name cell_name<br>[ -design design_name ] mdb_path_name | Reads designs from a Milkyway database.                                   |

Table C-2 Shell Commands (Continued)

Appendix C: Reference Lists: Shell Commands

| Command                                                                                                                                                                                                                                                            | Description                                                                                                 |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------|
| read_simulation_library<br>[-r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -work_library library_name ]<br>[ -skip_unused_udps ] [ -write_verilog ]<br>[ -save_binary ] [ -merge ]<br>[ -replace_black_box ]<br>[ -halt_on_error ] file_list | Reads a Verilog simulation library into the Formality environment.                                          |
| read_verilog<br>[ -r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -work_library library_name ]<br>[ -netlist ] [ -technology_library ]<br>[ -f vcs_option_file ] [ -define ]<br>[ -vcs "VCS options" ]<br>[ -01   -95 ] file_list             | Reads one or more Verilog design files or<br>technology (cell) libraries into the Formality<br>environment. |
| read_vhdl<br>[ -r   -i   -container containerID ]<br>[ -libname library_name ]<br>[ -work_library library_name ]<br>[ -technology_library ] [ -87   -93 ] file_list                                                                                                | Reads one or more VHDL files into the Formality environment.                                                |
| redirect<br>[ -append ] file_name { command }<br>string file_name<br>string command                                                                                                                                                                                | Redirects the output of a command to a file.                                                                |
| remove_black_box<br>[ design_list ] -all                                                                                                                                                                                                                           | Undoes the set_black_box command.                                                                           |
| remove_compare_rules<br>[ designID ]                                                                                                                                                                                                                               | Removes all user-defined compare rules.                                                                     |
| remove_constant<br>-all [ -type ID_type ] instance_path                                                                                                                                                                                                            | Removes specified or all user-defined constants.                                                            |
| remove_constraint<br>constraint_name                                                                                                                                                                                                                               | Removes external constraints from the control points of a design.                                           |
| remove_constraint_type<br>type_name                                                                                                                                                                                                                                | Removes named user-defined external constraint types created using the create_constraint_type command.      |
| remove_container<br>container_list -all                                                                                                                                                                                                                            | Removes one or more containers from the Formality environment.                                              |

| Command                                                                                                                                       | Description                                                                                                             |
|-----------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------|
| remove_cutpoint<br>object_list [ -type objectID_type ] -all                                                                                   | Removes the specified or all user-defined cutpoints.<br>Formality accepts this command only in setup<br>mode.           |
| remove_cutpoint_blackbox                                                                                                                      | This command is obsolete with the 2004.06 release.<br>Use remove_cutpoints instead.                                     |
| remove_design<br>[ -hierarchy ] [ -shared_lib ] design_list                                                                                   | Removes designs from the Formality environment and replaces them with a black box.                                      |
| remove_design_library<br>library_list -all                                                                                                    | Removes one or more design libraries from the Formality environment.                                                    |
| remove_distributed_processors machine machine   -all                                                                                          | Removes servers for the distributed processing,<br>which were added using<br>add_distributed_processors.                |
| remove_dont_verify_point<br>[ -type ID_type ]<br>[ object_1 [ object_2 ]] [ -all ]                                                            | Undoes the set_dont_verify_point command for the specified objects.                                                     |
| remove_equivalence [ -type ID_type ]<br>item1 item2 -all                                                                                      | Removes one or all user-defined equivalences.                                                                           |
| remove_guidance<br>[-id <name>] -design <design_name><br/>{ <cell_name>:<new_design_name>}</new_design_name></cell_name></design_name></name> | Removes all SVF information that was previously<br>entered through guidance commands or through the<br>set_svf command. |
| remove_inv_push [ -shared_lib ]<br>objectIDlist -all                                                                                          | Removes user-defined inversion push.                                                                                    |
| remove_library library_list -all                                                                                                              | Removes one or more technology libraries from the Formality environment.                                                |
| remove_object objectID<br>[ -shared_lib ] [ -type ID_type ]                                                                                   | Removes one or more technology libraries from the Formality environment.                                                |
| remove_parameters parameter_list<br>[ designID_list ]<br>-all_designs                                                                         | Removes user-defined, design-specific parameters.                                                                       |
| remove_resisitive_drivers                                                                                                                     | Removes pull-ups, pulldowns, bus holders, and so on.                                                                    |
| remove_user_match [ -all ] [ -type type]<br>[ instance_path ]                                                                                 | Un-matches objects previously matched by the set_user_match command.                                                    |

| Command                                                                                                                                                     | Description                                                                                                               |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|
| rename_object objectID -file filename<br>[ new_name ]<br>[ -type ID_type ] [-shared_lib]<br>[-reverse ]<br>[ -container containerID ]                       | Renames one or more design objects.                                                                                       |
| report_aborted_points<br>[ -compare_rule ] [ -loop ] [ -hard ]<br>[ -unverified ] [ -substring string ]<br>[ -point_type point_type ]<br>[ -status status ] | Produces information about compare points not verified.                                                                   |
| report_architecture<br>[ -set_architecture  <br>[ -hdlin_multiplier_architecture  <br>-fm_pragma   -all   instance_path ]                                   | Displays the architecture used to implement the specified instance as well as what caused the selection of that instance. |
| report_black_boxes<br>[ design_list   -r   -i   -con containerID ]<br>[ -all   -unresolved   -interface_only   -empty<br>  -set_black_box ]                 | Lists all the black boxes in a design.                                                                                    |
| report_cell_list [ -r   -i ] [ -matched ]<br>[ -unmatched ] [ -verify ]<br>[ -passing ] [ -failing ] [ -aborting ]<br>[ -filter wildcard_pattern ]          | Reports library cells depending on the option specified. This command is available only in the library verification mode. |
| report_compare_points                                                                                                                                       | This command is obsolete. Use<br>report_user_matches and<br>report_dont_verify_points commands instead.                   |
| report_compare_rules [ designID ]                                                                                                                           | Produces information about user-defined compare rules.                                                                    |
| report_constants [ objectID ]                                                                                                                               | Produces information about user-defined constants.                                                                        |
| report_constraint [constraint_name]<br>[-long]                                                                                                              | Provides information about constraints.                                                                                   |
| report_constraint_type [type_name]<br>[ -long ]                                                                                                             | Provides information about constraint types.                                                                              |
| report_containers                                                                                                                                           | Produces a list of containers.                                                                                            |
| report_cutpoints                                                                                                                                            | Reports all user-specified cutpoints.                                                                                     |
| report_design_libraries [ item_list ]                                                                                                                       | Produces information about design libraries.                                                                              |
| report_designs [ item_list ]                                                                                                                                | Produces information about designs.                                                                                       |

| Command                                                                                                                                           | Description                                                                                                                                                                                                                                                          |
|---------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| report_distributed_processors                                                                                                                     | Reports all servers currently in the list of distributed servers and identifies the distributed working directory.                                                                                                                                                   |
| report_dont_verify_points                                                                                                                         | Reports compare points disabled by the<br>set_dont_verify_points command.                                                                                                                                                                                            |
| report_environment                                                                                                                                | Produces information about user-defined<br>parameters that affect the verification and simulation<br>environment. This command will be obsolete in a<br>future release. It is recommended that you use the<br>printvar Tcl command instead of using this<br>command. |
| report_equivalences                                                                                                                               | Produces information about user-defined equivalences.                                                                                                                                                                                                                |
| report_error_candidates<br>[ -match ] [ -expand ]                                                                                                 | Produces information about error candidates for the most recent verification.                                                                                                                                                                                        |
| report_failing_points [-compare_rule]<br>[ -matched ] [ -unmatched ]<br>[ -substring string ]<br>[ -point_type point_type ]<br>[ -status status ] | Produces information about compare points that fail verification.                                                                                                                                                                                                    |
| report_fsm [ designID   -name FSM_name]                                                                                                           | Produces information about state encoding.                                                                                                                                                                                                                           |
| report_guidance<br>[ -datapath [ -long ] ] [ -to <filename>]</filename>                                                                           | Reports to the transcript, or optionally to a file, all SVF information that was previously entered through guidance commands or through the SVF command.                                                                                                            |
| report_hdlin_mismatches<br>[ -summary   -verbose ] [ -reference ]<br>[ -implementation ]<br>[ -container container_name ]                         | Reports and summarizes the RTL simulation/<br>synthesis mismatches encountered during design<br>linking.                                                                                                                                                             |
| report_hierarchy [ designID ]                                                                                                                     | Produces information about the hierarchy of a design.                                                                                                                                                                                                                |
| report_inv_push [ designID ]                                                                                                                      | Produces information about user-defined inversion push.                                                                                                                                                                                                              |
| report_libraries [ -short ] [ library_list ]                                                                                                      | Produces information about technology libraries.                                                                                                                                                                                                                     |
| report_loops [ -ref   -impl ] [-limit N ]<br>[ -unfold ]                                                                                          | Reports loops or portions of loops in either the reference or implementation designs from the last verification run.                                                                                                                                                 |
|                                                                                                                                                   | verification run.                                                                                                                                                                                                                                                    |

| Command                                                                                                                                                                                                                                   | Description                                                                                                        |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------|
| report_matched_points<br>[ -compare_rule ] [ -datapath ]<br>[ -substring string ]<br>[ -point_type point_type ]<br>[ -status status ] [ -except_status status ]<br>[ -method matching_method ] [ -last ]<br>[ [ -type ID_type ] objectID] | Reports all design objects (including compare points) matched by the match command.                                |
| report_parameters [ design_list ]                                                                                                                                                                                                         | Produces information about user-defined<br>parameters.                                                             |
| report_passing_points<br>[ -compare_rule ]<br>[ -substring string ]<br>[ -point_type point_type ]<br>[ -status status ]                                                                                                                   | Produces information about compare points that passed the most recent verification.                                |
| report_status [ -pass ] [ -fail ] [ -abort ]                                                                                                                                                                                              | Reports the current status of verification.                                                                        |
| report_svf                                                                                                                                                                                                                                | This command has been replaced with report_guidance.                                                               |
| report_truth_table<br>[ -display fanin ]<br>[ -fanin {list of signals} ]<br>[ -constraints {signal=[0/1] }+ ]<br>[ -nb_lins int ]<br>[ -max_line int ]<br>[ -max_fanin int ]                                                              | Generates and prints a truth table for a given signal.                                                             |
| report_unmatched_points<br>[ -compare_rule ] [ -datapath ]<br>[ -substring string ]<br>[ -point_type point_type ] [ -reference ]<br>[ -implementation ] [-status status ]<br>[ -except_status status ]<br>[ [ -type ID_type ] objectID]   | Reports points that have not been matched.                                                                         |
| report_user_matches [ -inverted   -unknown ]                                                                                                                                                                                              | Generates a list of points matched by the set_user_match command.                                                  |
| report_vhdl<br>[ -switches ] [ -name ] [ configuration ]<br>[ -entity ] [ -package ]                                                                                                                                                      | Produces a list of VHDL configurations, entities, architectures, and associated generics and their default values. |
| restore_session file                                                                                                                                                                                                                      | Restores a previously saved Formality session.                                                                     |

Table C-2 Shell Commands (Continued)

| Command                                                                                                                                        | Description                                                                                                                                                                                 |
|------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| save_session [ -replace ] filename                                                                                                             | Saves the current Formality session, including a design matched state.                                                                                                                      |
| select_cell_list<br>[ -cellNames/wildcards ]<br>[ -filename ]<br>[ -add cellNames/wildcards ]<br>[ -remove cellNames/wildcards ]<br>[ -clear ] | Selects library cells depending on the option specified.                                                                                                                                    |
| set_architecture [ InstanceName ]<br>[ csa   nbw   wall ]                                                                                      | Instructs Formality to replace the multiplier<br>architecture of the specified instance with the<br>architecture defined in the command.                                                    |
| set_black_box [ designID_list ]                                                                                                                | Specifies to treat the specified design object as a black box for verification.                                                                                                             |
| set_compare_rule [ designID ]<br>-from search_pattern<br>-to replace_pattern [ -type ID_type ]<br>-file filename                               | Adds a name-matching rule that Formality applies to a design before creating compare points.                                                                                                |
| set_constant [ -type ID_type ]<br>instance_path state                                                                                          | Creates a user-defined constant by setting the logic state of a design object to 0 or 1.                                                                                                    |
| set_constraint type_name<br>control_point_list [ designID ]<br>[ -name constraint_name ]<br>[ -map mapping_list ]                              | Creates an external constraint on a design.                                                                                                                                                 |
| set_cutpoint [ -type ID_type ]<br>objectID                                                                                                     | Specifies that the given hierarchical pin or net is a hard cutpoint that should be verified independently and can be used as a free variable for verification of downstream compare points. |
| set_direction [ -type ID_type ]<br>objectID direction [ -shared_lib ]                                                                          | Defines port or pin directions.                                                                                                                                                             |
| set_dont_verify_point<br>[ -type ID_type ]<br>[ object_1 [ object_2 ]]                                                                         | Prevents Formality from checking for design<br>equivalence between two objects that constitute a<br>compare point.                                                                          |
| set_equivalence [ -type ID_type ]<br>[ -propagate ] [ -inverted ]<br>objectID_1 objectID_2                                                     | Declares that two nets or ports have equivalent functions.                                                                                                                                  |
| set_fsm_encoding encoding_list<br>[ designID ]                                                                                                 | Enumerates FSM state names and their encodings.                                                                                                                                             |

Appendix C: Reference Lists: Shell Commands

| Table C-2 | Shell Commands | (Continued) |
|-----------|----------------|-------------|
|-----------|----------------|-------------|

| Command                                                                                  | Description                                                                                                               |
|------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|
| set_fsm_state_vector flip-flop_list [ designID ]                                         | Names state vector flip-flops in an FSM.                                                                                  |
| set_implementation_design [ designID ]                                                   | Establishes the implementation design.                                                                                    |
| set_inv_push [ -shared_lib ] objectIDlist                                                | Adds a sequential object to the list of objects through which Formality transports inverters for verification.            |
| set_parameters [ -flatten ]<br>[ -resolution function ] [ -retimed ]<br>[ designID ]     | Establishes verification parameters for a specific design.                                                                |
| set_power_gating_style<br>[ -hld_blocks name ] -type type                                | Sets the power_gating_style attribute on designs or HDL blocks, specifying the kind of retention register cells expected. |
| set_reference_design [ designID ]                                                        | Establishes the reference design.                                                                                         |
| set_svf [ -append ] [ -ordered ]<br>[ -extenstion name ] [ filedirnames ]                | Specifies the name of the SVF (setup verification for Formality).                                                         |
| set_top<br>[ -vhdl_arch architecture_name ]<br>[ designID   -auto ] [ -parameter value ] | Sets and links the top-level reference or implementation design.                                                          |
| set_unix_variable variable_name<br>new_value                                             | Sets the value of a UNIX environment variable.                                                                            |
| set_user_match [ -type ID_type ]<br>[ -inverted ] [ -noninverted ]<br>object_1 object_2  | Forces an object in the reference to match an object in the implementation for compare point matching.                    |
| setup                                                                                    | Reverts a design from a MATCHED to a SETUP state.                                                                         |
| sh [ args ]                                                                              | Executes a command in a child process.                                                                                    |
| simulate_patterns [ -no_link ] file                                                      | Simulates the implementation and reference designs by using previously failing patterns as input vectors.                 |
| source [-echo] [-verbose] file                                                           | Reads a file and evaluates it as a Tcl script.                                                                            |
| start_gui                                                                                | Invokes the Formality GUI.                                                                                                |
| stop_gui                                                                                 | Exits the Formality GUI.                                                                                                  |

| Table C-2 | Shell Commands | (Continued) |
|-----------|----------------|-------------|
|-----------|----------------|-------------|

| Command                                                                                                                                                                                                                  | Description                                                                                                            |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|
| test_compare_rule<br>[ -designID   -r   -i ] -from search_pattern<br>-to search_pattern<br>-name name []<br>[-substring string]                                                                                          | Tests a name matching rule on current unmatched points or user-specified names.                                        |
| translate_instance_pathname<br>[ -type ID_type ] pathname                                                                                                                                                                | Translates an instance-based path name to a<br>Formality designID or objectID.                                         |
| unalias pattern                                                                                                                                                                                                          | Removes one or more aliases.                                                                                           |
| undo_match [ -all ]                                                                                                                                                                                                      | Undoes the results of the match command.                                                                               |
| ungroup cell_list   -all<br>[ -prefix prefix_name ] [ -flatten ]<br>[ -simple_names ]                                                                                                                                    | Removes a level of hierarchy.                                                                                          |
| uniquify [ designID ]                                                                                                                                                                                                    | Creates unique design names for multiply instantiated designs in hierarchical designs.                                 |
| verify<br>[ designID_1 designID_2 ]<br>[ [-inverted]  <br>[ -type ID_type ] objectID_1 objectID_2 ]<br>[[ -constant0   constant1 ]<br>[ -type ID_type ] objectID ]<br>[ -restart   -incremental ]<br>[ -level integer ]] | Causes Formality to prove or disprove functional<br>equivalence given two designs or two comparable<br>design objects. |
| which filename_list                                                                                                                                                                                                      | Locates a file and displays its path name.                                                                             |
| write_container<br>[ -r   -i   -container container_name ]<br>[ -replace ] [ -quiet ] filename                                                                                                                           | Saves the information in the current or specified container to a file.                                                 |
| write_failing_patterns<br>[ -diagnosis_patterns ] [ -verilog ]<br>[ -replace ] filename                                                                                                                                  | Saves failing patterns from the most recent diagnosis.                                                                 |

| Command                                                                                                                                                                                                                   | Description                                                                                  |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------|
| write_hierarchical_verification_script<br>[-replace][-noconstant]<br>[-noequivalence][-match type]<br>[-save_directory pathname]<br>[-save_file_limit integer]<br>[-save_time_limit integer]<br>[-level integer] filename | Runs traditional hierarchical verification and outputs a script.                             |
| write_library_debug_scripts<br>[ -dir directory_name ]                                                                                                                                                                    | Debugs failing cells from library verification mode in the standard Formality design format. |

Appendix C: Reference Lists: Shell Commands C-24

## Index

#### Symbols

\*.ddc files 1-17, 4-5 << operator> 6-30 > operator 3-13 >> operator 3-13

#### A

aborted compare points definition of 6-34 during verification 6-35 add\_distributed\_processors command 6-23 add\_distributed\_processorscommand C-10 alias command 3-15, C-10 aliases 3-14 AND resolution function 5-6, 5-7 application commands A-3 architecture\_selection\_precedence variable C-2 arguments positional A-4 programming default values A-17 varying the number of A-17 arithmetic blocks 5-66 **ASIC libraries 1-15** ASIC verification flow diagram 1-6

asynchronous bypass logic 5-43 asynchronous state-holding loops 5-10 attributes, black box 5-19 automated setup file 5-67 automated setup files 1-15 automatically creating compare points 1-25 creating containers 1-29

#### В

batch mode controlling verification 6-31 interrupting 6-32 overview 6-30 preparing for 6-30 running 6-30 scripts 6-30 batch script 1-15, 3-3 black boxes 7-14 attributes 5-19 controlling 5-16 creating cutpoints 5-13 identity check 3-26, 5-16, 5-20 loading design interfaces only 5-17 locating 7-8 marking a design as black box 5-18 overview 5-14

port and pin direction 5-21 redefining port or pin direction 5-21 reporting 5-19 resolution function 5-6, 5-8 verifying 5-14, 7-8 boundary scan 5-39 built-in commands A-6 bus holders 5-15 bus naming changing the style 4-6 mapping 1-28 VHDL and Verilog design styles 4-6 bus\_dimension\_separator\_style variable 4-7, C-2 bus\_extraction\_style variable C-2 bus\_naming\_style variable 4-6, C-2 bus\_range\_separator\_style variable C-2

## С

cells definition 1-28 listing 3-16 change\_names command 7-26 clock gating 5-45 clock tree buffering 5-41 codes for messages 3-24 color-coding error candidates 7-31 schematic area 7-31 combinational design changes 5-38 boundary scan 5-39 clock tree buffering 5-41 internal scan insertion 5-38 command aliases 3-14 command bar using 3-18 command log file 3-28 command names, syntax A-4 command results, returning A-5

command shortcuts 3-12 command-line editing 3-9 command-line interface, <Emphasis>see fm\_shell commands 1-28 add\_distributed\_processors 6-23, C-10 alias 3-15, C-10 application, using A-3 built-in A-6 case-sensitivity 3-6 change\_names 7-26 commenting A-5 cputime 3-22, C-10 create\_constraint\_type 5-33, C-10 create container 3-26, 4-28, 5-6, 5-20, 5-21, C-10 create\_cutpoint\_blackbox 7-45, C-10 current container C-11 current\_design C-11 debug\_library\_cell 8-14, C-11 diagnose C-11 echo 3-14, 3-29, C-11 elaborate\_library\_cells 8-9, C-11 entering commands 3-6 error\_info C-11 exit C-10, C-11 find\_cells 3-16, C-10, C-11 find\_designs C-11 find\_nets 3-16, C-11 find\_pins 3-16, C-11 find\_port 3-16 find ports 3-16, C-11 find\_references 3-16, C-11 flow control, Tcl A-13 fm\_shell 1-22, 3-3 formality 3-5 get\_unix\_variable C-11 getting syntax information 3-21, 3-22 group C-12 guide C-10, C-12 guide\_architecture\_db C-12 guide\_architecture\_netlist C-10, C-12

guide\_change\_names C-10, C-12 guide datapath C-10, C-12 guide\_fsm\_reencoding C-12 guide group C-12 guide\_multiplier C-12 guide\_reg\_constant C-12 guide\_reg\_duplication C-13 guide\_reg\_merging C-13 guide\_transformation C-13 guide\_ungroup C-13 guide\_uniquify C-13 guide ununiquify C-13 help 3-21, A-7, C-13 -help option 3-21, 3-22 history 3-10, C-13 interrupting 3-23 library\_verification 8-4, C-13 line breaks 3-6 list\_key\_bindings C-14 list\_libraries C-14 man 3-22, C-14 match 6-5, C-14 memory C-14 multiline shell commands 3-6 name\_match 6-12 name match use filter 6-13 nesting of A-5 positional arguments A-4 printenv C-14 printvar C-14 proc\_args C-14 proc body C-14 procedures A-7 puts 3-14 quit C-14 read container 5-87, C-14 read\_db 4-12, 4-18, 4-26, 8-5, 8-6, B-3, C-14 read ddc 4-21, C-14 read\_edif 4-18, 4-26, C-14 read\_fsm\_states 5-55, C-14 read\_mdb 4-20, C-14

read\_simulation\_library 4-16, B-3, C-15 read verilog 4-14, 4-18, 4-26, 8-5, 8-6, C-15 read\_VHDL 4-18, 4-26 read vhdl 4-14, C-15 readt\_vhdl 4-26 recalling 3-12 redirect 3-13, C-15 remove black box C-15 remove\_compare\_rules 6-6, 7-23, C-15 remove constant 5-24, C-15 remove\_constraint 5-34, C-15 remove constraint type 5-34, C-15 remove container 5-83, C-15 remove\_cutpoint 5-14 remove\_cutpoint\_blackbox C-16 remove design 5-81, C-16 remove\_design\_library 5-82, C-16 remove distributed processes C-16 remove\_distributed\_processors 6-25 remove\_dont\_verify\_point 6-21 remove\_dont\_verify\_points C-16 remove equivalence 5-26, 5-27, C-16 remove\_guidance C-16 remove\_inv\_push C-16 remove\_library 5-82, 5-83, C-16 remove parameters C-16 remove\_resisitive\_drivers C-16 remove\_user\_match 6-6, 7-17, C-16 rename\_object 7-25, 7-26, C-17 report\_aborted\_points 6-33, C-17 report\_architecture 5-65, C-17 report black box 5-19 report\_black\_boxes C-17 report cell list 8-7, C-17 report\_compare\_points C-17 report\_compare\_rules 7-23, C-17 report\_constants C-17 report\_constraint 5-35, C-17 report\_constraint\_type 5-35, C-17 report containers C-17 report\_cutpoint C-17 report\_cutpoints 5-13

report\_design\_libraries C-17 report designs C-17 report\_distributed\_processors 6-24, C-18 report dont verify points 6-21, C-18 report\_environment C-18 report\_equivalences C-18 report\_error\_candidates C-18 report\_failing\_points 6-33, C-18 report\_fsm 5-58, C-18 report guidance 5-70, 5-75, C-18 report\_hdlin\_mismatches C-18 report hierarchy C-18 report\_inv\_push C-18 report\_libraries C-18 report\_loops 5-11, C-18 report matched points 6-7 report\_parameters C-19 report passing points C-19 report\_power\_gating 5-54 report\_status 8-13, C-19 report\_svf C-19 report truth table 8-14, C-19 report unmatched inputs 7-7 report\_unmatched\_points 6-6, C-19 report\_user\_matches 7-18, C-19 restore session 5-88, C-19 returning results 3-6 save\_session 5-86, C-20 select\_cell\_list 8-8, C-20 set 3-28 set\_architecture 5-64, C-20 set black box 5-18, C-20 set\_compare\_rule 7-19, C-20 set constant 5-23, C-20 set\_constraint 5-32, C-20 set\_cutpoint 5-13, C-20 set direction C-20 set\_dont\_verify\_point 6-21, C-20 set\_equivalence 5-25, 5-26, C-20 set fsm encoding 5-56, C-20 set\_fsm\_state\_vector 5-56, C-21 set\_implementation\_design C-21

set\_inv\_push 5-51, C-21 set parameters 5-60, C-21 set\_power\_gate\_style 5-53 set power gating style C-21 set\_reference\_design C-21 set\_svf 5-68, 5-74, C-21 set\_svf\_datapath 5-68 set top 4-21, 4-26, C-21 set\_unix\_variable C-21 set user match 5-13, 5-41, 7-15, C-21 setup 6-5, C-21 sh C-21 simulate patterns C-21 source 3-26, 6-30, C-21 special characters A-5 start gui C-21 stop\_gui C-21 Tcl syntax A-1 test\_compare\_rule 7-22 translate\_instance\_pathname C-22 unalias 3-15, C-22 undo match 6-7, C-22 ungroup C-22 uniquify C-22 verification\_inversion\_push 5-52 verify 6-17, 6-19, 6-33, 8-9, C-22 which C-22 write container 5-85, C-22 write\_failing\_patterns 7-45, C-22 write\_hierarchical\_verification\_script 6-28, C-23 write\_library\_debug\_scripts 8-15, C-23 commenting commands A-5 compare point matching techniques 1-26 compare points aborted 6-34, 6-35 automatic creation of 1-25 debugging 7-14 defining your own 1-26 exact-name matching 6-11 example 1-26 failing 6-34

listing user-matched points 7-18 mapping names between 1-24, 1-26 MATCHED state 6-4 matching 6-5 matching flow 6-3 matching techniques 6-9 matching, related variables 6-11 name filtering 6-13 name-based matching 6-10 net-name matching 6-16 non-name-based matching 6-10 objects used to create 1-24 overview of 1-24 passing 6-34 removing 7-17 removing from verification set 6-20 restart matching 6-7 signature analysis 6-14 status messages 6-34 topological equivalence 6-14 undoing match command 6-7 unmatched, reporting 6-6 unverified 6-34 verifying single 6-17 verifying single 6-19 compare rule testing 7-22 compare rules 7-18 checking syntax with the sed command 1-28 defining 7-19 listing 7-23 mapping object names 1-27 overview of 1-27 removing 7-23 compare\_points debugging unmatched points 6-8 revert to NOT RUN state 6-7 unmatched, debugging techniques 6-8 complete verification 1-25 concepts black boxes 5-14

compare points 1-24 compare rules 1-27 constants 5-22 containers 1-28 current container 4-29 cutpoints 5-11 design equivalence 1-30 design libraries 1-18 design objects 1-28 designs 4-5 don't care information 5-3 external constraints 5-30 FSMs 5-54 implementation design 1-33 libraries 1-18 logic cones 1-32 LSSD cell 5-60 reference design 1-33 resolution functions 5-6 retimed designs 5-59 signature analysis 6-14 verification 6-17 consensus resolution function 5-7 consensus, resolution function 5-6 consistency defined 1-11 console window command bar 3-18, 3-20 tool bar 7-30, 7-37 transcript area 3-19 constants defining 5-22 listing 5-24 overview of 5-22 propagating 5-22, 5-37 removing 5-24 types 5-22 user-defined 5-22 constraint module 5-33 containers automatic creation of 1-29

contents 1-28 creating 1-29, 4-28 current 1-30, 4-28 listing 4-28 managing 4-27 naming 4-28 overview 1-28 reading data into 1-30 removing 5-83 restoring 5-87 saving 1-16, 1-21, 5-85 setting up 4-27 control flow commands, Tcl A-13 control statements 6-31 Control-c interrupt 3-23, 6-27, 6-32 controlling black boxes 5-16 controlling verification runtimes 6-22 copying text from shell window 3-20 from the transcript area 3-19 coverage percentage 7-31 cputime command 3-22, C-10 create\_constraint\_type command 5-33, C-10 create container command 3-26, 4-28, 5-6, 5-20, 5-21, C-10 create\_cutpoint\_blackbox command 7-45, C-10 creating containers 1-29, 4-28 .cshrc 2-2 current container 1-30, 4-28 design 4-28 current\_container command C-11 current\_design command C-11 cutpoint black boxes 5-13 removing 5-14 reporting 5-13

#### D

data ASIC libraries 1-15 containers 1-16, 1-21, 1-28 failing patterns 1-15, 1-20, 7-45, 7-46 .fpt files 1-15, 1-20, 7-45 .fsc files 1-16, 1-21, 5-85 .fss files 1-16, 1-22, 5-86 input file types 1-14 output file types 1-20 reading Synopsys database files (\*.db) 4-5 Verilog files 4-5 VHDL files 4-5 removing 5-81 restoring 5-87, 5-88 saving 1-16, 1-21, 1-22, 5-84 SVF files 1-15 Synopsys database files (\*.db) 1-17, 4-5 Verilog files 1-15, 1-17, 4-5 Verilog simulation library files 1-17 VHDL files 1-17, 4-5 datapath support 5-67 datapath transformation 5-66 \*.db files 1-17 DDC databases, designs from 4-19 DDC design database, reading 4-21 debug\_library\_cell command 8-14, C-11 debugging black boxes 7-14 determing failure causes 7-7 eliminating setup possibilities 7-13 gathering information 7-4 library cells 8-14 matching with compare rules 7-18 renaming objects 7-25 schematics, viewing 7-28 setting compare points to match 7-14 subset matching 7-23 unmatched compare points 6-8 using diagnosis 7-9

using logic cones 7-11 working with subcones 7-40 debugging compare points 7-14 debugging strategies debugging, SVF 5-79 defining compare points 1-26 constants 5-22 FSM states 5-54 deleting containers 5-83 design libraries 5-82 designs 5-81 technology libraries 5-82 dereferencing variables A-5 design equivalence 5-25 overview 1-30 design flow methodology 1-3, 1-4 design libraries default name 4-19 libraryID 1-19 reading 1-19 removing 5-82 restoring 1-16, 5-87, 5-88 saving 5-85 viewing 1-19 design management 1-11 design objects finding 7-28, 7-32 generating lists 7-33 overview 1-28 renaming 7-25 unmatched 1-26 used in compare point creation 1-24 design read flow 4-3 designID overview 4-18 designs black box 5-84 bus naming, VHDL and Verilog 4-6

constants 5-22 current 4-28 designID 4-18 **EDIF 4-5** failing patterns, simulating 7-46 flattened 5-36 hierarchy separator style 5-36 implementation 1-33, 1-34 locating problem areas 7-4 overview 4-5 propagating constants 5-22 reading in process 4-3 reference 1-33, 1-34 removing 5-81 restoring 5-87 retimed 5-59 saving 5-85, 5-86 setting the top-level design 4-24 setting up 5-1 Synopsys database (\*.db) 1-17, 4-5 Verilog 1-15, 1-17, 4-5 VHDL 1-17, 4-5 **DesignWare 4-7** DesignWare component support 4-7 diagnose 7-9 diagnose command C-11 diagnosis interrupting 3-23 overview 1-12 diagnosis\_enable\_error\_isolation variable C-2 diagnosis enable find matching candidates variable C-2 diagnosis\_pattern\_limit variable C-2 diagnostic messages, SVF 5-79 dimension separator styles 4-6 directives in VHDL and Verilog ignored/used 4-8 directory, work 1-21 distributed verification process 6-23 setting up environment 6-23 verifying environment 6-26

distributed\_64bit\_mode variable C-2 distributed\_processor\_start\_timeout variable C-2 distributed\_verificaiton\_mode variable C-2 distributed\_work\_directory variable C-2 don't care information overview 5-3 verification modes 1-30 dw\_foundation\_threshold variable C-3

#### E

echo command 3-14, 3-29, C-11 **EDIF** netlists 4-5 EDIF variables 4-10 edif\_ground\_cell\_name 4-10 edif ground net name 4-10 edif\_power\_cell\_name 4-10 edif\_power\_net\_name 4-10 edifin\_power\_ground\_representation 4-10 edifin\_blackbox\_library\_cells variable C-3 edifin\_ground\_cell\_name variable C-3 edifin ground net name variable 4-10, C-3 edifin\_power\_and\_ground\_representation variable 4-10, C-3 edifin\_power\_cell\_name variable 4-11, C-3 edifin power net name variable 4-10, 4-11, C-3 editing, from the command line 3-9 elaborate\_library\_cells command 8-9, C-11 enable\_dw\_multiplier\_in\_svf variable 5-79 enable\_mulitplier\_generation variable C-3 enable\_multiplier\_generation variable 5-64 enable\_power\_gating variable 5-53 equality defined 1-11 equivalences 5-25 defining 5-26 listing user-defined 5-27 removing 5-26

error candidates color-coding 7-31 coverage percentage 7-31 error messages 3-24, 3-25 error\_info command C-11 escape quoting A-5 escaping special characters A-6 exact-name compare point matching 6-11 examples bus holder 5-15 compare point, creation 1-26 logic cone 1-33 multiply-driven nets 5-8 resolution function 5-8 schematic view window 7-29 exit command C-10, C-11 expressions evaluation, Tcl A-12 grouping A-5 external constraint user-defined 5-33 external constraints creating a constraint type 5-33 overview 5-30 removing 5-34 removing constraint type 5-34 reporting 5-35 reporting constraint types 5-35 setting 5-32 types 5-31

#### F

failed verification 6-35 failing compare points definition 6-34 failing patterns applying in the logic cone view window 7-36 coverage percentage 7-31 default number 7-42 file 1-15, 1-20

limiting 7-42 saving 7-44 simulating 7-46 features, Formality 1-3 file search path 3-28 files \*.ddc 4-5 ASIC libraries 1-15 batch script 1-15, 6-30 black boxing 5-84 command log 3-28 failing patterns 1-15, 1-20, 7-45 fm\_shell\_command log 1-22 format types supported 1-14 .fpt type 1-15, 1-20, 7-45 .fsc type 1-16, 1-21, 5-85 .fss type 1-16, 1-22, 5-86 input 1-14 log 1-22 name mapping 1-16 output 1-20 removing 5-81 session log 3-28 state files for FSMs 1-16, 5-55 SVF 5-69, 5-79 SVF files 1-15 SVF, producing with DC 5-68 Synopsys database (\*.db) 1-17, 4-5 .synopsys\_fm.setup 1-23 Verilog 1-15, 1-17, 4-5 VHDL 1-17, 4-5 find\_cells command 3-16, C-10, C-11 find\_designs command C-11 find\_nets command 3-16, C-11 find\_pins command 3-16, C-11 find\_port command 3-16 find ports command 3-16, C-11 find\_references command 3-16, C-11 finding cells 3-16 design objects 7-32

design problems 7-28 design references 3-16 lists of design objects 7-33 nets 3-16 pins 3-16 ports 3-16 unmatched black boxes 7-8 finite state machines (FSMs) defining states individually 5-55, 5-56 listing state encoding information 5-58 overview 5-54 preparing for verification 5-54 state files 1-16, 5-55 verification 5-54 flattening designs constant propagation 5-37 during verification 5-36 separator style 5-36 fm shell 1-11 getting help 3-21 listing commands 3-21 starting 3-3 fm shell command 1-22, 3-3 -f option 3-3, 3-4, 6-31 -gui option 3-4 -no init option 3-4 syntax A-3 -version option 3-4 within GUI 3-18 fm\_shell\_command.log file 1-20 for loops, Tcl flow control A-14 foreach command, Tcl flow control A-15 Formality library support B-1 supported library formats B-3 formality command 3-5 Formality introduction 1-2 Formality-generated file names, controlling 1-22 formality log file 1-20, 7-4 formats, files 1-14

.fpt files 1-15, 1-20, 7-45 .fsc files 1-16, 1-21, 5-85 FSM re-encoding 5-55 .fss files 1-16, 1-22, 5-86

#### G

gate-level netlists B-4 gate-to-gate verification 1-9 get unix variable command C-11 golden design 1-2, 1-33 graphical user interface (GUI) current container 4-29 logic cone view window 7-36 overview 1-10, 3-17 starting 3-5 group command C-12 grouping expressions A-5 grouping words, Tcl commands A-6 gui, displaying during startup 3-4 gui\_report\_lentgh\_limit variable C-3 guide command C-10, C-12 guide architecture db command C-12 guide architecture netlist command C-10, C-12 guide\_change\_names command C-10, C-12 guide datapath command C-10, C-12 guide\_fsm\_reencoding command C-12 guide\_group command C-12 guide\_multiplier command C-12 guide reg constant command C-12 guide\_reg\_duplication command C-13 guide\_reg\_merging command C-13 guide transformation command C-13 guide ungroup command C-13 guide\_uniquify command C-13 guide\_ununiquify command C-13

## Η

hdlin\_auto\_netlist variable 4-19, C-3 hdlin auto top variable 4-24, C-3 hdlin disable tetramax define variable C-3 hdlin\_do\_inout\_port\_fixup variable C-3 hdlin\_dwroot variable 4-8, C-3 hdlin\_dyn\_array\_bnd\_check variable C-3 hdlin\_enable\_presto\_for\_vhdl variable 5-68 hdlin\_enable\_verilog\_assert variable C-3 hdlin\_error\_on\_mismatch\_message variable C-2, C-4 hdlin\_ignore\_builtin variable C-2, C-4 hdlin ignore dc script variable C-4 hdlin ignore full case variable 4-9, C-4 hdlin\_ignore\_label variable C-4 hdlin\_ignore\_label\_applies\_to variable C-4 hdlin\_ignore\_map\_to\_entity variable C-4 hdlin ignore map to module variable C-4 hdlin\_ignore\_map\_to\_operator variable C-2, C-4 hdlin ignore parallel case variable 4-9, C-4 hdlin ignore resolution method variable C-4 hdlin\_ignore\_synthesis variable 4-9, C-4 hdlin\_ignore\_translate variable 4-9, C-4 hdlin infer multibit variable 5-5 hdlin infer mux variable C-4 hdlin\_interface\_only variable C-4 hdlin\_interface\_only variables 5-17 hdlin library directory variable 4-14, C-5 hdlin library enhanced analysis variable C-5 hdlin\_library\_file variable 4-14, C-5 hdlin\_multiplier\_architecture variable 5-63, C-5 hdlin\_normalize\_blackbox\_busses variable C-2, C-5 hdlin\_synroot variable C-5 hdlin unresolved modules variable C-5 hdlin\_verilog\_95 variable C-5

hdlin verilog wired net interpretation variable C-5 hdlin vhdl 87 variable C-5 hdlin\_vhdl\_auto\_file\_order variable C-5 hdlin\_vhdl\_forgen\_inst\_naming variable C-5 hdlin\_vhdl\_fsm\_encoding variable C-5 hdlin\_vhdl\_integer\_range\_constraint variable C-5 hdlin\_vhdl\_others\_covers\_extra\_states variable C-5 hdlin vhdl presto naming variable 5-67, 5-69, C-6 hdlin\_vhdl\_presto\_shift\_div variable 5-67, C-6 hdlin\_vhdl\_strict\_libs variable 4-18, C-6 hdlin vhdl use 87 concat variable C-6 hdlin\_warn\_on\_mismatch\_message variable C-6 help command 3-21 fm shell commands 3-21 help command A-7, C-13 hierarchical designs 5-35 **GUI** representation 4-18 hierarchy separator style 5-36 propagating constants 5-37 storage of 1-29 traversing 3-16, 7-29, 7-32 hierarchical separator character, defining 5-36 hierarchical verification 6-27 history command 3-10, C-13

### I

identity check, black boxes 3-26, 5-16, 5-20 if command, Tcl flow control A-13 impl variable C-6 implementation design 1-2 establishing 1-34 overview 1-33 restoring 5-88 implementation libraries 8-6 inconclusive verification status 6-35 input file types 1-14 redirecting during batch jobs 6-30 install directory 2-2 installation 2-2 interfaces GUI 3-17 internal scan insertion 5-38 interpreting verification results 6-31 interrupting batch mode verification 6-32 diagnosis 3-23 fm shell commands 3-23 verification 6-27 introduction to Formality 1-1 inversion push 5-49 environmental 5-52 instance-based 5-51 invoking fm\_shell 2-3, 3-1 isolating design problems 7-1, 7-28 subcones 7-41

#### L

libraries DesignWare 4-7 enhancing B-8 generating B-8 loading order B-12 synthesis, updating B-4 synthesis, using B-9 Verilog, using B-9 libraries, see technology libraries and design libraries library support B-1 library verification 8-1 debugging process 8-9, 8-14

implementation library 8-6 initializing 8-4 process flow 8-3 reference library 8-5 reporting library cells 8-7 reporting status 8-13 sample Tcl script 8-10 specifying the cells to verify 8-8 status messages 8-13 supported formats 8-3 truth tables 8-14 verifying the libraries 8-9 vs. design verification 8-3, 8-6, 8-10 library\_verification command 8-4, C-13 libraryID 1-19 limiting failing patterns 7-42 messages 3-26 linking designs, designs linking (with set\_top) 4-11 list\_key\_bindings command C-14 list\_key\_bindings variable 3-9 list\_libraries command C-14 listing constants 5-24 fm shell commands 3-21 previously entered commands 3-10 lists in Tcl A-8 loading design interfaces, black boxes 5-17 locating cells 3-16 design references 3-16 nets 3-16 pins 3-16 ports 3-16 unmatched black boxes 7-8 log file 1-20, 3-28 logic cone view window applying failed patterns 7-36 overview 7-36 removing non-controlling logic 7-40

subcones 7-40 logic cone, diagnose 7-11 logic cones 7-42 originating point 1-32 overview 1-32 termination points 1-32 viewing 7-36 loops, Tcl A-13 LSSD cell, defined 5-60

### Μ

man command 3-22, C-14 man page overview 3-22 managing black boxes 5-16 mapping names buses 1-28, 4-6 compare points 1-24, 1-26 compare rules 1-27 design objects 7-25 file used for 1-16 marking a design as black box 5-18 match command 6-5, C-14 MATCHED verification status 6-4 matching compare points 6-5 memory command C-14 message thresholds, setting 3-25 message\_level\_mode variable C-6 messages codes 3-24 error 3-24 limiting 3-26 severity 3-24 syntax 3-24 types 3-26 methodology, design flow 1-3, 1-4 Milkyway databases, designs from 4-19 Milkyway design database, reading 4-20 multibit support 5-5

mw\_logic0\_net variable 4-20, C-6 mw\_logic1\_net variable 4-20, C-6

# Ν

name filtering compare point matching 6-13 name mapping (< Emphasis>see mapping names name\_match command 6-12 name\_match variable 6-11, 6-12, C-6 name\_match\_allow\_subset\_match variable 6-11, 7-24, C-6 name\_match\_based\_on\_nets variable 6-11, 6-16, C-6 name\_match\_filter\_chars variable 6-11, 6-13, 7-23, C-6 name match flattend hierarchy separator st yle variable C-6 name\_match\_flattened\_hierarchy\_separator\_ style variable 6-11 name match multibit register reverse order variable 6-11, 6-12, C-6 name match net variable C-6 name\_match\_pin\_net variable C-7 name\_match\_use\_filter command 6-13 name match use filter variable 6-11, 6-13, 7-24, C-7 name\_matched\_flattened\_hierarchy\_separato r\_style variables 5-36 naming rules, register-bit grouping 5-5 nesting commands A-5, A-11 net-name compare point matching 6-16 nets constant value 5-22 listing 3-16 setting to a constant 5-23 nets with multiple drivers 5-6

#### 0

options, syntax A-4

OR resolution function 5-6, 5-7 output file types 1-20 redirecting 3-13 overview black boxes 5-14 compare points 1-24 compare rules 1-27 constants 5-22 containers 1-28 design equivalence 1-30 design libraries 1-18 design objects 1-28 designs 4-5 don't care information 5-3 external constraints 5-30 finite state machines (FSMs) 5-54 Formality 1-2 implementation design 1-33 libraries 1-18 library support B-2 library verification 8-3 logic cones 1-32 man pages 3-22 reference design 1-33 reports 1-21 resolution functions 5-6 retimed designs 5-59 technology libraries 1-18 verification 6-17 overwriting file names 1-22

#### Ρ

parameters automatic flattening of designs 5-36 bus naming 1-28, 4-6 constant propagation 5-37 design 5-1 hierarchical separator style 5-36 identity check, black boxes 3-26, 5-20 message threshold 3-26

multiply-driven net resolution 5-8 restoring 5-88 retimed designs 5-59 saving 5-85, 5-86 passing compare points 6-34 path, setting 2-2 pins defining direction 5-21 listing 3-16 pins, defining direction 5-21 ports constant value 5-22 defining direction 5-21 direction, black boxes 5-15, 5-21 listing 3-16 setting to a constant 5-23 ports, defining direction 5-21 positional arguments, commands A-4 power and ground settings 4-10 previous session, sourcing 3-28 printenv command C-14 printing schematics 7-35 transcript area 3-19 printvar command C-14 problem areas, see troubleshooting proc\_args command C-14 proc body command C-14 procedures creating A-16 default A-7 process flow, general 1-12 propagating constants 5-22, 5-37 puts built-in command 3-14

## Q

quick-start tutorial 2-1 quit command C-14 quotes, using A-6

# R

read\_container command 5-87, C-14 read db command 4-12, 4-18, 4-26, 8-5, 8-6, B-3, C-14 read\_ddc command 4-21, C-14 read edif command 4-18, 4-26, C-14 read fsm states command 5-55, C-14 read\_mdb command 4-20, C-14 read\_simulation\_library command 4-16, B-3, C-15 read verilog command 4-14, 4-18, 4-26, 8-5, 8-6, C-15 read\_VHDL command 4-18, 4-26 read vhdl command 4-14, 4-26, C-15 reading containers 5-87 FSM states 5-55 session data 5-88 reading in designs, process 4-3 redirect command 3-13, C-15 redirecting input 6-30 output 3-13 ref variable C-7 reference design 1-2 establishing 1-34 overview 1-33 reference libraries 8-5 references, design 3-16 regression testing 1-34 remove\_black\_box command C-15 remove compare rules command 6-6, C-15 remove\_constant command 5-24, C-15 -type option 5-24 remove constraint command 5-34, C-15 remove\_constraint\_type command 5-34, C-15 remove\_container command 5-83, C-15 remove cutpoint command 5-14 remove cutpoint blackbox command C-16

remove\_design command 5-81, C-16 remove design library command 5-82, C-16 remove distributed processes command C-16 remove distributed processors command 6-25 remove dont verify point command 6-21 remove\_dont\_verify\_points command C-16 remove\_equivalence command 5-26, 5-27, C-16 remove\_guidance command C-16 remove inv push command C-16 remove library command 5-82, 5-83, C-16 remove\_parameters command C-16 remove resisitive drivers command C-16 remove\_user\_match command 6-6, 7-17, C-16 removet\_compare\_rules command 7-23 removing containers 5-83 design libraries 5-82 designs 5-81 subcones 7-41 technology libraries 5-82 rename object command 7-25, 7-26, C-17 renaming design objects 7-25 report\_aborted\_points command 6-33, C-17 report\_architecture command 5-65, C-17 report black box command 5-19 report black boxes command C-17 report\_cell\_list command 8-7, C-17 report\_compare\_points command C-17 report compare rules command 7-23, C-17 report\_constants command C-17 report\_constraint command 5-35, C-17 report\_constraint\_type command 5-35, C-17 report containers command C-17 report\_cutpoint command C-17 report cutpoints command 5-13

report\_design\_libraries command C-17 report designs command C-17 report distributed processors command 6-24, C-18 report\_dont\_verify\_points command 6-21, C-18 report environment command C-18 report\_equivalences command C-18 report\_error\_candidates command C-18 report failing points command 6-33, C-18 report fsm command 5-58, C-18 report\_guidance command 5-75 report\_guidance commands 5-70 report guidancee command C-18 report\_hdlin\_mismatches command C-18 report\_hierarchy command C-18 report\_inv\_push command C-18 report libraries command C-18 report\_loops command 5-11, C-18 report\_parameters command C-19 report\_passing\_points command C-19 report\_power\_gating command 5-54 report\_status command 8-13, C-19 report svf command C-19 report\_truth\_table command 8-14, C-19 report\_unmatched\_inputs command 7-7 report\_unmatched\_points command 6-6, 6-7, C-19 report user matches command 7-18, C-19 reporting black boxes 5-19 reports 7-4 compare rules 7-23 constants, user-defined 5-24 containers 4-28 equivalences, user-defined 5-27 finite state machine (FSMs) information 5-58 library cells 8-7 library verification results 8-13 overview 1-12, 1-21

truth tables 8-14 requirements, Formality 1-7 resolution functions multiply-driven nets 5-6 overview 5-6 resolving multiply-driven nets 5-6 nets with multiple drivers 5-6 restore\_session command 5-88, C-19 restoring data 1-16, 5-87, 5-88 parameters 5-88 session 1-16, 5-88 results 6-35 retimed designs causes for 5-59 marking as 5-59 returning shell command results A-5 rigid quoting A-5 root directory 1-23 RTL B-4 RTL designs 1-8 RTL-to-gates verification 1-8 RTL-to-RTL verification 1-8

# S

save\_session command 5-86, C-20 saving containers 1-16, 1-21, 5-85 failing patterns 7-44 parameters 5-85, 5-86 session 1-22, 5-86 saving data 5-84 schematic view window example 7-29 using to locate problems 7-28 zooming 7-34 schematic\_expand\_logic\_cone variable C-7 schematics

printing 7-35 schematics, viewing 7-28 script file tasks 3-27 script files batch jobs 6-30 sourcing 3-26, 6-30 search path examining 3-29 search path, files 3-28 search path variable 3-28, C-7 cell library verification 8-1 select\_cell\_list command 8-8, C-20 separating list items, Tcl commands A-9 separator character, bus names 4-7, 4-8 sequential design changes 5-42 asynchronous bypass logic 5-43 clock gating 5-45 inversion push 5-49 session data, restoring 5-88 set command 3-28 set\_architecture command 5-64, C-20 set\_black\_box command 5-18, C-20 set\_compare\_rule command 7-19, C-20 set constant command 5-23, C-20 -type option 5-23 set\_constraint command 5-32, C-20 set\_cutpoint command 5-13, C-20 set\_direction command C-20 set\_dont\_verify\_point command 6-21, C-20 set\_equivalence command 5-25, 5-26, C-20 set\_fsm\_encoding command 5-56, C-20 set\_fsm\_state\_vector command 5-56, C-21 set\_implementation\_design command C-21 set\_inv\_push command 5-51, C-21 set\_parameters command 5-60, C-21 set\_power\_gate\_style command 5-53 set\_power\_gating\_style command C-21 set\_reference\_design command C-21 set\_svf command 5-68, 5-74, C-21

set\_svf\_datapath command 5-68 set top command 4-21, 4-26, C-21 conditions 4-22 set\_unix\_variable command C-21 set user match command 5-13, 5-41, 7-15, C-21 setting implementation design 1-34 message thresholds 3-26 reference design 1-34 setting EDIF variables 4-10 setting the top-level design 4-24 setup command 6-5, C-21 setup files 1-23 setup verification in Formality (SVF) 5-73 severity rating for messages 3-24, 3-26 sh command C-21 sh\_arch variable C-7 sh\_continue\_on\_error variable C-7 sh enable line editing variable 3-9 sh enable page mode variable C-7 sh\_line\_editing\_mode variable 3-9 sh\_product\_version variable C-7 sh source uses search path variable 3-29, C-7 shell interface, starting 3-3 shell window copying text 3-20 signature analysis 6-14 signature\_analysis\_allow\_net\_match variable C-2, C-7 signature analysis allow subset match variable C-7 signature\_analysis\_match\_blackbox\_input variable C-7 signature analysis match blackbox output variable C-7 signature\_analysis\_match\_compare\_point variable C-7

signature\_analysis\_match\_datapath variable C-7 signature\_analysis\_match\_hierarchy variable C-7 signature\_analysis\_match\_net variable C-8 signature analysis match primary input variable 6-11, C-2, C-8 signature analysis match primary output variable 6-11, 6-16, C-8 signature\_analysis\_matching variable 6-11, 6-15, C-8 simulate patterns command C-21 simulating previously failing patterns 7-46 single-state holding elements 5-60 source command 6-30, C-21 batch jobs 6-30 -echo option 3-26 file search exception 3-29 syntax 3-26 -verbose option 3-26 sourcing previous sessions 3-28 script files 3-26, 6-30 special characters escaping A-6 Tcl A-5 start\_gui command C-21 starting fm shell 2-3, 3-1 state files for FSMs 1-16, 5-55 stop\_gui command C-21 subcones 7-40, 7-41 succeeded verification 6-35 supported library formats B-3 SVF 5-73 creating 5-73 reading an SVF 5-74 reading multiple SVFs 5-76 unencrypted text file 5-79 verifying multipliers 5-78 writing a text file for 5-75

SVF file 5-67 SVF file, diagnostic messages 5-79 SVF file, producing with DC 5-68 SVF files 1-15 SVF, transformation messages 5-69 svf\_datapath variable 5-66, C-8 svf datapath, example 5-71 svf\_ignore\_unqualified\_fsm\_information variable 5-55 switch command, Tcl flow control A-16 Synopsys database files (\*.db) 1-17, 4-5 Synopsys synthesis libraries B-3 .synopsys\_fm.setup file 1-23 synopsys root variable C-8 syntax fm shell commands A-4 procedures A-7

## Т

Tcl arguments, varying the number of A-17 break command A-15 commands that support lists A-8 continue command A-15 control flow commands A-13 expression evaluation A-12 for loops A-14 foreach command A-15 grouping words A-6 lists A-8 nesting commands A-11 overview A-1 quoting values A-6 separating list items 3-7, A-9 special characters A-5 special characters, escaping A-6 switch command A-16 user-defined variables A-10 while command A-13 Tcl variables

distributed 64bit mode 6-25 distributed verification mode 6-25 distributed\_work\_directory 6-23 sh source uses search path 3-29 TECH\_WORK library 4-12 technology libraries default name 4-12 libraryID 1-19 nonshared 1-18 reading 1-19, 4-4 removing 5-82 restoring 1-16, 5-87, 5-88 saving 5-85, 5-86 shared 1-18, 4-29 shared and nonshared 4-28 viewing 1-19 terminating loops, Tcl A-15 test compare rule command 7-22 test\_compare\_rules 1-28 test\_compare\_rules command 1-28 thresholds message level 3-26 tool bar, console window 7-30, 7-37 top-level design 4-11 topological equivalence 6-14 transcript area copying text 3-19 printing 3-19 transcript window 7-4 transformation messages 5-69 translate\_instance\_pathname command C-22 traversing hierarchical designs 7-29, 7-32 troubleshooting asynchronous state-holding loops 5-10 black boxes 7-8, 7-14 determining failure cause 7-4 determining failure causes 7-7 eliminating setup possibilities 7-13 extraneous bus drivers 5-15 failed verifications 7-1

failing patterns, simulating 7-46 gathering information 7-4 locating problems 5-22, 7-28 logic cones, viewing 1-32 natching with compare rules 7-18 problem areas, locating 7-4, 7-28 renaming objects 7-25 retiming issues 5-60 schematics, viewing 7-28 setting compare points to match 7-14 subset matching 7-23 unmatched compare points 6-8 using diagnosis 7-9 using logic cones 7-11 verifications that won't finish 7-4 working with subcones 7-40 truth table 8-14 tutorial 2-1 directory 2-3

# U

unalias command 3-15, C-22 undo\_match command 6-7, C-22 ungroup command C-22 uniquify command C-22 unmatched compare points 6-6 unverified compare points definition 6-34 usage model diagram 1-5 used for A-5 user\_defined constants 5-22 user-constants removing 5-24 user-defined compare points 1-26 constants 5-22 equivalences 5-25 variables, Tcl A-10 user-defined constants reporting 5-24

user-defined equivalences removing 5-26 user-specified file names 1-22 /usr/synopsys root directory 1-23

#### V

values, quoting A-6 variables architecture\_selection\_precedence C-2 bus dimension separator style 4-7, C-2 bus\_extraction\_style C-2 bus\_naming\_style 4-6, C-2 bus\_range\_separator\_style C-2 dereferencing A-5 diagnosis enable error isolation C-2 diagnosis\_enable\_find\_matching\_candidate s C-2 diagnosis\_pattern\_limit C-2 distributed 64bit mode C-2 distributed\_processor\_start\_timeout C-2 distributed verification mode C-2 distributed work directory C-2 dw\_foundation\_threshold C-3 edif ground cell name 4-10 edif\_ground\_net\_name 4-10 edif\_power\_cell\_name 4-10 edif power net name 4-10 edifin blackbox library cells C-3 edifin\_ground\_cell\_name C-3 edifin ground net name C-3 edifin\_power\_and\_ground\_representation 4-10, C-3 edifin power cell name C-3 edifin\_power\_ground\_representation 4-10 edifin\_power\_net\_name C-3 enable dw multiplier in svf 5-79 enable\_multiplier\_generation 5-64, C-3 enable power gating 5-53 gui\_report\_length\_limit C-3 hdlin\_auto\_netlist 4-19, C-3 hdlin\_auto\_top 4-24, C-3

hdlin\_disable\_tetramax\_define C-3 hdlin do inout port fixup C-3 hdlin\_dwroot 4-8, C-3 hdlin dyn array bnd check C-3 hdlin\_enable\_presto\_for\_vhdl 5-68 hdlin\_enable\_verilog\_assert C-3 hdlin\_error\_on\_mismatch\_message C-2, C-4 hdlin\_ignore\_builtin C-2, C-4 hdlin\_ignore\_dc\_script C-4 hdlin ignore full case 4-9, C-4 hdlin\_ignore\_label C-4 hdlin ignore label applies to C-4 hdlin\_ignore\_map\_to\_entity C-4 hdlin\_ignore\_map\_to\_module C-4 hdlin\_ignore\_map\_to\_operator C-2, C-4 hdlin\_ignore\_parallel\_case 4-9, C-4 hdlin\_ignore\_resolution\_method C-4 hdlin ignore synthesis 4-9, C-4 hdlin\_ignore\_translate 4-9, C-4 hdlin\_infer\_multibit 5-5 hdlin\_infer\_mux C-4 hdlin\_interface\_only 5-17, C-4 hdlin library directory 4-14, C-5 hdlin library enhanced analysis C-5 hdlin\_library\_file 4-14, C-5 hdlin multiplier architecture 5-63 hdlin multiplier architecture C-5 hdlin\_normalize\_blackbox\_busses C-2, C-5 hdlin synroot C-5 hdlin\_unresolved\_modules C-5 hdlin\_verilog\_95 C-5 hdlin\_verilog\_wired\_net\_interpretation C-5 hdlin\_vhdl\_87 C-5 hdlin vhdl auto file order C-5 hdlin vhdl forgen inst naming C-5 hdlin\_vhdl\_fsm\_encoding C-5 hdlin vhdl integer range constraint C-5 hdlin vhdl others covers extra states C-5 hdlin\_vhdl\_presto\_naming 5-67, 5-69, C-6 hdlin\_vhdl\_presto\_shift\_div 5-67, C-6 hdlin\_vhdl\_strict\_libs 4-18, C-6

hdlin\_vhdl\_use\_87\_concat C-6 hdlin warn on mismatch message C-6 impl C-6 list key bindings 3-9 message\_level\_mode C-6 mw\_logic0\_net 4-20, C-6 mw logic1 net 4-20, C-6 name match 6-11, 6-12, C-6 name\_match\_allow\_subset\_match 6-11, 7-24, C-6 name\_match\_based\_on\_nets 6-11, 6-16, C-6 name match filter chars 6-11, 6-13, 7-23, C-6 name\_match\_flattened\_hierarchy\_separator \_style 6-11, C-6 name\_match\_multibit\_register\_reverse\_ord er 6-11, 6-12, C-6 name\_match\_net C-6 name\_match\_pin\_net C-7 name match use filter 6-13, 7-24, C-7 name\_match\_user\_filter 6-11 name\_matched\_flattened\_hierarchy\_separa tor\_style 5-36 ref C-7 schematic\_expand\_logic\_cone C-7 search path 3-28, C-7 sh arch C-7 sh continue on error C-7 sh\_enable\_line\_editing 3-9 sh\_enable\_page\_mode C-7 sh\_line\_editing\_mode 3-9 sh product version C-7 sh\_source\_uses\_search\_path 3-29, C-7 signature\_analysis\_allow\_net\_match C-2, C-7 signature\_analysis\_allow\_subset\_match C-7 signature\_analysis\_match\_blackbox\_input C-7 signature analysis match blackbox output C-7

signature\_analysis\_match\_compare\_point C-7 signature analysis match datapath C-7 signature\_analysis\_match\_hierarchy C-7 signature analysis match net C-8 signature\_analysis\_match\_primary\_input 6-11, C-2, C-8 signature\_analysis\_match\_primary\_output 6-11, 6-16, C-8 signature\_analysis\_matching 6-11, 6-15, C-8 svf datapath 5-66, C-8 svf\_ignore\_unqualified\_fsm\_information 5-55 synopsys root C-8 verification assume constant register init C-8 verification assume reg init C-8 verification asynch bypass 5-44, C-8 verification\_auto\_loop\_break C-8 verification blackbox match mode 6-11, C-8 verification\_clock\_gate\_hold\_mode 5-47, 5-49, C-8 verification\_constant\_prop\_mode 5-37, C-8 verification\_datapath\_effort\_level C-9 verification effort level C-9 verification\_failing\_point\_limit C-9 verification\_ignore\_unmatched\_implementat ion\_blackbox\_input C-9 verification\_incremental\_mode 6-18, C-9 verification\_inversion\_push C-9 verification match undriven signals C-9 verification merge duplicated registers C-9 verification\_parameter\_checking C-9 verification partition timeout limit C-9 verification\_passing\_mode C-9 verification\_progress\_report\_interval C-9 verification propagate const reg x C-9 verification set undriven signals C-9 verification\_status C-9 verification super low effort first pass 6-18, C-10

verification timeout limit 6-22, C-10 verification use partial modeled cells C-10 verification\_verify\_unread\_compare\_points C-10 verification verify unread tech cells C-10 verification batch mode 6-30 black box behavior 5-14 boundary scan 5-39 cell libraries 8-1 clock tree buffering 5-41 compare point matching 6-9 complete 1-25 consistency 1-11, 1-30 constant propagation 5-22, 5-37 controlling 6-31 controlling runtimes 6-22 CPU time 1-34 debugging failed 7-1 design equality 1-11, 1-30, 5-4 establishing environment 5-1 failed 7-7 failed status 6-35 finite state machines 5-54 finite state machines (FSMs) 5-54 flattened designs 5-36 gates-to-gates 1-9 getting ready 4-1 hierarchical 6-27 hierarchical designs 5-35, 5-36 inconclusive status 6-35 inserting cutpoints 5-11 internal scan insertion 5-38 interrupting 6-27 LSSD cells 5-60 mode 1-31 overview 1-11, 6-17 performing 6-1 problem areas, locating 7-4 problems 7-4 removing matched compare points 6-20 reporting progress 6-32

reporting results 6-33 restoring the state of 5-88 results 6-31 retimed designs 5-59 RTL-to-gate 1-8 RTL-to-RTL 1-8 sequential design changes 5-42 setting external constraints 5-30 single compare point 6-17, 6-19 starting 6-17 status messages 6-34, 6-35 succeeded status 6-35 transformed designs 5-38 using diagnose 7-9 using logic cones 7-11 viewing results 6-34 verification\_assume\_constant\_register\_init variable C-8 verification assume reg init variable C-8 verification\_asynch\_bypass variable 5-44, C-8 verification\_auto\_loop\_break variable C-8 verification blackbox match mode variable 6-11, C-8 verification\_clock\_gate\_hold\_mode variable 5-47, 5-49, C-8 verification\_constant\_prop\_mode variable C-8 verification\_constant\_prop\_mode variables 5-37 verification\_datapath\_effort\_level variable C-9 verification effort level variable C-9 verification\_failing\_point\_limit variable C-9 verification\_ignore\_unmatched\_implementatio n\_blackbox\_input variable C-9 verification incremental mode variable 6-18, C-9 verification\_inversion\_push command 5-52 verification\_inversion\_push variable C-9 verification match undriven signals variable C-9 verification\_merge\_duplicated\_registers variable C-9

verification\_parameter\_checking variable C-9 verification partition timeout limit variable C-9 verification\_passing\_mode variable C-9 verification\_progress\_report\_interval variable C-9 verification propagate const reg x variable C-9 verification set undriven signals variable C-9 verification\_status variable C-9 verification super low effort first pass variable 6-18, C-10 verification\_timeout\_limit variable 6-22, C-10 verification use partial modeled cells variable C-10 verification verify unread compare points variable C-10 verification\_verify\_unread\_tech\_cells variable C-10 verify command 6-17, 6-19, 6-33, 8-9, C-22 verifying a design 6-17 verifying a single compare point 6-19 verifying multipliers with SVF 5-78 Verilog files 1-15, 1-17, 4-5 naming buses 4-6 Verilog simulation libraries B-3 Verilog simulation library 4-16 Verilog simulation library files 1-17 version, displaying during startup 3-4 VHDL files 1-17, 4-5 naming buses 4-6 viewing libraries 1-19 design 1-19 technology 1-19 schematics 7-28

#### W

weak quoting A-5

which command C-22 wildcard characters 3-21 windows, managing 3-17 WORK design library 4-19 work directory 1-21 write\_container command 5-85, C-22 write\_failing\_patterns command 7-45, C-22 write\_hierarchical\_verification\_script command 6-28, C-23 write\_library\_debug\_scripts command 8-15, C-23 writing a container to disk 5-85

#### Ζ

zooming in and out 7-34