Ordering for Efficient HDL Debugging
4.3 Probabilistic Confidence Score for Accurate Debugging Priority
Observing the disadvantage of confidence score (CS), we intend to estimate of the Likelihood Of Error Masking (LOEM) for a Sensitized Statement (SS) to assess the score the SS can receive. If the LOEM of an arbitrary SS SSi is quite low, error masking is almost impossible to occur on the paths from SSi way to POs. It should be comparatively safe to consider SSi as a correct statement and give SSi a high score. On the contrary, if the LOEM of SSi is high,it should be given a low score.
In the following introduction, the input faulty HDL design is modeled as a modified Control/Data Flow Graph (CDFG) G = (V, E), where V is the set of vertices and E is the set of edges connecting the vertices. Let v be a vertex in V. Each vertex v corresponds to an operation in the HDL code. Function fv and variable yv are also associated with vertex v. Function fv is the function of the operation to which v corresponds. Variable yv is the output variable of fv or the left-hand variable of the operation. The Verilog HDL code fragment in Figure 4-3(a) is used as an example and
its CDFG is constructed as shown in Figure 4-5. Vertex “1:*” corresponds to operation “a=PI1*4” in the statement at line 1 (S1). Function f1:* is multiplication “*”
and y1:* is signal a. Vertex “2:if(…)….else….” corresponds to the operation “if(…) … else ...” at lines 2 to 4. The functionality of vertex “2:if(…)….else….” is quite similar to that of a multiplexer. Vertex PO1 is a special vertex representing the only PO, PO1, of the circuit.
Edge (v, u) ∈E indicates that the input of vertex u is data dependent on the output of v. As shown in Figure 4-5, an edge (1:*, 4:=) exists since the operation
“4:=” takes the output of vertex “1:*” as its input. The fanout of v is a set of vertices u such that there is an edge from v to u. The fanin of v is a set of vertices k such that there is an edge from k to v. A path P from vertex u to vertex u’ is a sequence <v0, v1, v2,…, vk> of vertices such that u = v0, u’ = vk, and (vi-1, vi) ∈ E.
Figure 4-5: The CDFG of the HDL code in Figure 4-1
Suppose that verification finds incorrect circuit behavior at the nth positive edge
of the clock signal t=cn4. This special positive edge of the clock is called Error-Occurring Edge (EOE). Assume that the faulty DUV has m POs {PO1, PO2, …, POm} and n-1 clock cycles pass before the EOE (t=cn).
To introduce how we model error masking and estimate LOEM, we first consider that a design error hides within an arbitrary statement v. If the erroneous statement v caused an incorrect value w on its left-hand variable yv at time instance t=ti, this incorrect value w would not cause any incorrect behaviors at any POs at all the rising edges of clock before t=cn. Otherwise, EOE is not t=cn, but another earlier rising edge of the clock. More specifically, for an arbitrary POj at an arbitrary rising edge of clock t=ck before EOE, the incorrect value w is masked by some vertices on the paths from statement v at t=ti (denoted as v@t=ti) to POj at t=ck (denoted as POj@t=ck), causing the simulation value of POj to be the same as the correct value at t=ck.
)
@ (
)
@
(
@t t PO t c j k
v
w CV PO t c
f
=i→ j = k= =
(4.3)where fv@t=ti→POj@t=ck is the function of the paths from v in time frame t=ti to POj
in time frame t=ck and CV(POj@t=ck) is the correct value of POj at t=ck.
For all the other POs of the DUV, the incorrect value w would also be masked on the way to them at all the rising edges before the EOE so that it could remain uncovered before EOE. That is, for each PO POj at each rising edge of clock t=ck
4 We assume that the simulation values of all the POs are compared with the correct values only on the rising edges of the clock signal. If DUV is a falling-edge triggered or double-edge triggered design, the modeling and the computation algorithm can be easily changed to fit to it.
before EOE, the function of the path(s) from vertex v at t=ti that goes to POj at t=ck
must generate the correct value of POj at t=ck with w, even if w is an incorrect value.
The above description can be modeled in (4.4).
II
jm=1kn=−10f
v@t=ti→POj@t=ck( w ) = CV ( PO
j@ t = c
k)
(4.4)We now consider the likelihood that the incorrect value w truly exists on yv but is masked from causing any incorrect values on POs at any time instances before EOE.
We first notice that all the possible values of yv that can satisfy (4.4) forms a special set of values. We call it the Masked Value Set (MVS) of vertex v at time instance t=ti
(denoted as MVS(v@t=ti)). Its formula is given in (4.5).
}
Each element in MVS(v@t=ti) retains the correct values of all POs at all the rising edges of clock before the EOE, no matter it is a correct value or not. The correct value of the output of vertex v at t=ti is of course contained in MVS(v@t=ti). This justifies the existence of MVS(v@t=ti). If MVS(v@t=ti) contains only one element, obviously it will be the correct value of yv at t=ti. In this case, no incorrect values ever exist in MVS(v@t=ti) and error masking can never occur. Statement v at t=ti is given a high score. On the other hand, if the set contains many elements, an incorrect value
is very likely to exist in the set and to become an incorrect value that remains unrevealed at all the rising edges of the clock before EOE. The correctness of statement v is less obvious. In other words, the more elements MVS(v@t=ti) contains;
the more likely that the simulated value of v at t=ti is a masked incorrect value. Hence, we define the Likelihood Of Error Masking (LOEM) of statement v at time instance t=ti as (4.6). Its complement is the likelihood that an erroneous value of v at t=ti is propagated to at least one PO before EOE and observed (the Likelihood Of Error Propagating (LOEP) of v at t=ti). We show its formula in (4.7)
where BW is the bit width of the output of variable v.
In the given input value change dump file, the output variable yv of an arbitrary statement v can have many times of value changes, say l times, at different time instances before EOE {t=t1, t=t2,…, t=tl}. Each time the value of yv changes at time instance t=ti, there will be one particular value of LOEP(v@t=ti). The Probabilistic Confidence Score of v (PCS(v)) is defined as the maximum among these LOEP values, as described in (4.8).
A low LOEP (high LOEM) means that any erroneous effects caused by v at t=ti
are very possible to be masked. The correctness of v at t=ti may become doubtful even if the simulation values of all the POs are correct before EOE. It is reasonable to give v less PCS due to its small LOEP value. On the other hand, if the LOEP value is high, it is equally reasonable to give it more PCS. Therefore, we define PCS as (6). It can be seen that PCS computation now turns into the problem of how to efficiently compute the Masked Value Sets of each error candidate at different time instances before an EOE.