skip to main content

Formal verification of high-level synthesis

Published:15 October 2021Publication History
Related Artifact: Vericert software https://doi.org/10.5281/zenodo.5093839
Skip Abstract Section

Abstract

High-level synthesis (HLS), which refers to the automatic compilation of software into hardware, is rapidly gaining popularity. In a world increasingly reliant on application-specific hardware accelerators, HLS promises hardware designs of comparable performance and energy efficiency to those coded by hand in a hardware description language such as Verilog, while maintaining the convenience and the rich ecosystem of software development. However, current HLS tools cannot always guarantee that the hardware designs they produce are equivalent to the software they were given, thus undermining any reasoning conducted at the software level. Furthermore, there is mounting evidence that existing HLS tools are quite unreliable, sometimes generating wrong hardware or crashing when given valid inputs.

To address this problem, we present the first HLS tool that is mechanically verified to preserve the behaviour of its input software. Our tool, called Vericert, extends the CompCert verified C compiler with a new hardware-oriented intermediate language and a Verilog back end, and has been proven correct in Coq. Vericert supports most C constructs, including all integer operations, function calls, local arrays, structs, unions, and general control-flow statements. An evaluation on the PolyBench/C benchmark suite indicates that Vericert generates hardware that is around an order of magnitude slower (only around 2× slower in the absence of division) and about the same size as hardware generated by an existing, optimising (but unverified) HLS tool.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

High-level synthesis (HLS), which refers to the automatic compilation of software into hardware, is rapidly gaining popularity. Current HLS tools cannot always guarantee that the hardware designs they produce are equivalent to the software they were given, thus undermining any reasoning conducted at the software level. There is mounting evidence that existing HLS tools are quite unreliable, sometimes generating wrong hardware or crashing when given valid inputs. We present the first HLS tool that is mechanically verified to preserve the behaviour of its input software. Our tool, called Vericert, extends CompCert with a new hardware intermediate language and a Verilog back end, and has been proven correct in Coq. An evaluation on the PolyBench/C benchmark suite indicates that Vericert generates hardware that is around an order of magnitude slower (only around 2× slower without division) and about the same size as hardware generated by an existing, optimising HLS tool.

References

  1. Matthew Aubury, Ian Page, Geoff Randall, Jonathan Saul, and Robin Watts. 1996. Handel-C language reference guide. Computing Laboratory. Oxford University, UK.Google ScholarGoogle Scholar
  2. Jonathan Bachrach, Huy Vo, Brian Richards, Yunsup Lee, Andrew Waterman, Rimas Avižienis, John Wawrzynek, and Krste Asanović. 2012. Chisel: Constructing hardware in a Scala embedded language. In DAC Design Automation Conference 2012. 1212–1221. https://doi.org/10.1145/2228360.2228584 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. K. Banerjee, C. Karfa, D. Sarkar, and C. Mandal. 2014. Verification of Code Motion Techniques Using Value Propagation. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 33, 8 (2014), Aug, 1180–1193. issn:1937-4151 https://doi.org/10.1109/TCAD.2014.2314392 Google ScholarGoogle ScholarCross RefCross Ref
  4. Frédéric Besson, Sandrine Blazy, and Pierre Wilke. 2018. CompCertS: A Memory-Aware Verified C Compiler Using a Pointer as Integer Semantics. Journal of Automated Reasoning, 63, 2 (2018), Nov., 369–392. https://doi.org/10.1007/s10817-018-9496-y Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Sandrine Blazy and Xavier Leroy. 2005. Formal Verification of a Memory Model for C-Like Imperative Languages. In Formal Methods and Software Engineering, Kung-Kiu Lau and Richard Banach (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 280–299. isbn:978-3-540-32250-4 https://doi.org/0.1007/11576280_20Google ScholarGoogle Scholar
  6. Thomas Bourgeat, Clément Pit-Claudel, Adam Chlipala, and Arvind. 2020. The Essence of Bluespec: A Core Language for Rule-Based Hardware Design. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2020). ACM, New York, NY, USA. 243–257. isbn:9781450376136 https://doi.org/10.1145/3385412.3385965 Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Andrew Canis, Jongsok Choi, Mark Aldham, Victor Zhang, Ahmed Kammoona, Jason Helge Anderson, Stephen Dean Brown, and Tomasz S. Czajkowski. 2011. LegUp: high-level synthesis for FPGA-based processor/accelerator systems. In FPGA. ACM, 33–36. https://doi.org/10.1145/1950413.1950423 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. R. Chapman, G. Brown, and M. Leeser. 1992. Verified high-level synthesis in BEDROC. In [1992] Proceedings The European Conference on Design Automation. IEEE Computer Society, 59–63. https://doi.org/10.1109/EDAC.1992.205894 Google ScholarGoogle ScholarCross RefCross Ref
  9. Pankaj Chauhan. 2020. Formally Ensuring Equivalence between C++ and RTL designs. https://bit.ly/2KbT0kiGoogle ScholarGoogle Scholar
  10. Y. Choi and J. Cong. 2018. HLS-Based Optimization and Design Space Exploration for Applications with Variable Loop Bounds. In 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). 1–8. https://doi.org/10.1145/3240765.3240815 Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. R. Chouksey and C. Karfa. 2020. Verification of Scheduling of Conditional Behaviors in High-Level Synthesis. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 1–14. issn:1557-9999 https://doi.org/10.1109/TVLSI.2020.2978242 Google ScholarGoogle ScholarCross RefCross Ref
  12. R. Chouksey, C. Karfa, and P. Bhaduri. 2019. Translation Validation of Code Motion Transformations Involving Loops. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 38, 7 (2019), July, 1378–1382. issn:1937-4151 https://doi.org/10.1109/TCAD.2018.2846654 Google ScholarGoogle ScholarCross RefCross Ref
  13. E. Clarke, D. Kroening, and K. Yorav. 2003. Behavioral consistency of C and Verilog programs using bounded model checking. In Proceedings 2003. Design Automation Conference (IEEE Cat. No.03CH37451). 368–371. https://doi.org/10.1145/775832.775928 Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Jason Cong, Bin Liu, Stephen Neuendorffer, Juanjo Noguera, Kees A. Vissers, and Zhiru Zhang. 2011. High-Level Synthesis for FPGAs: From Prototyping to Deployment. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst., 30, 4 (2011), 473–491. https://doi.org/10.1109/TCAD.2011.2110592 Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Martin Ellis. 2008. Correct synthesis and integration of compiler-generated function units. Ph.D. Dissertation. Newcastle University. https://theses.ncl.ac.uk/jspui/handle/10443/828Google ScholarGoogle Scholar
  16. Dan Gajski, Todd Austin, and Steve Svoboda. 2010. What input-language is the best choice for high level synthesis (HLS)? In Design Automation Conference. 857–858. https://doi.org/10.1145/1837274.1837489 Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Stephane Gauthier and Zubair Wadood. 2020. High-Level Synthesis: Can it outperform hand-coded HDL? https://info.silexica.com/high-level-synthesis/1 White paper.Google ScholarGoogle Scholar
  18. David J. Greaves. 2019. Research Note: An Open Source Bluespec Compiler. arxiv:1905.03746.Google ScholarGoogle Scholar
  19. David J. Greaves and Satnam Singh. 2008. Kiwi: Synthesis of FPGA Circuits from Parallel Programs. In FCCM. IEEE Computer Society, 3–12. https://doi.org/10.1109/FCCM.2008.46 Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Yann Herklotz, Zewei Du, Nadesh Ramanathan, and John Wickerson. 2021. An Empirical Study of the Reliability of High-Level Synthesis Tools. In 2021 IEEE 29th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM). 219–223. https://doi.org/10.1109/FCCM51124.2021.00034 Google ScholarGoogle ScholarCross RefCross Ref
  21. Yann Herklotz, James D. Pollard, Nadesh Ramanathan, and John Wickerson. 2021. ymherklotz/vericert: Vericert v1.2.1. https://doi.org/10.5281/zenodo.5093839 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Ekawat Homsirikamol and Kris Gaj. 2014. Can high-level synthesis compete against a hand-written code in the cryptographic domain? A case study. In ReConFig. IEEE, 1–8. https://doi.org/10.1109/ReConFig.2014.7032504 Google ScholarGoogle ScholarCross RefCross Ref
  23. Enoch Hwang, Frank Vahid, and Yu-Chin Hsu. 1999. FSMD functional partitioning for low power. In Proceedings of the conference on Design, automation and test in Europe. 7–es. https://doi.org/10.1109/DATE.1999.761092 Google ScholarGoogle ScholarCross RefCross Ref
  24. 2006. IEEE Standard for Verilog Hardware Description Language. IEEE Std 1364-2005 (Revision of IEEE Std 1364-2001), April, 1–590. https://doi.org/10.1109/IEEESTD.2006.99495 Google ScholarGoogle ScholarCross RefCross Ref
  25. 2005. IEEE Standard for Verilog Register Transfer Level Synthesis. IEC 62142-2005 First edition 2005-06 IEEE Std 1364.1, 1–116. https://doi.org/10.1109/IEEESTD.2005.339572 Google ScholarGoogle ScholarCross RefCross Ref
  26. Intel. 2020. High-level Synthesis Compiler. https://intel.ly/2UDiWr5Google ScholarGoogle Scholar
  27. Intel. 2020. SDK for OpenCL Applications. https://intel.ly/30sYHz0Google ScholarGoogle Scholar
  28. Jacques-Henri Jourdan, François Pottier, and Xavier Leroy. 2012. Validating LR(1) Parsers. In Programming Languages and Systems, Helmut Seidl (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 397–416. isbn:978-3-642-28869-2 https://doi.org/10.1007/978-3-642-28869-2_20 Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. C Karfa, C Mandal, D Sarkar, S R. Pentakota, and Chris Reade. 2006. A Formal Verification Method of Scheduling in High-level Synthesis. In Proceedings of the 7th International Symposium on Quality Electronic Design (ISQED ’06). IEEE Computer Society, Washington, DC, USA. 71–78. isbn:0-7695-2523-7 https://doi.org/10.1109/ISQED.2006.10 Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. David Koeplinger, Matthew Feldman, Raghu Prabhakar, Yaqi Zhang, Stefan Hadjis, Ruben Fiszel, Tian Zhao, Luigi Nardi, Ardavan Pedram, Christos Kozyrakis, and Kunle Olukotun. 2018. Spatial: A Language and Compiler for Application Accelerators. In PLDI. ACM, 296–311. https://doi.org/10.1145/3192366.3192379 Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Sudipta Kundu, Sorin Lerner, and Rajesh Gupta. 2008. Validating High-Level Synthesis. In Computer Aided Verification, Aarti Gupta and Sharad Malik (Eds.). Springer, Berlin, Heidelberg. 459–472. isbn:978-3-540-70545-1 https://doi.org/10.1007/978-3-540-70545-1_44 Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Xavier Leroy. 2009. Formal Verification of a Realistic Compiler. Commun. ACM, 52, 7 (2009), July, 107–115. issn:0001-0782 https://doi.org/10.1145/1538788.1538814 Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Christopher Lidbury, Andrei Lascu, Nathan Chong, and Alastair F. Donaldson. 2015. Many-Core Compiler Fuzzing. In Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’15). ACM, New York, NY, USA. 65–76. isbn:9781450334686 https://doi.org/10.1145/2737924.2737986 Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Andreas Lööw. 2021. Lutsig: A Verified Verilog Compiler for Verified Circuit Development. In Proceedings of the 10th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP 2021). ACM, New York, NY, USA. 46–60. isbn:9781450382991 https://doi.org/10.1145/3437992.3439916 Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Andreas Lööw, Ramana Kumar, Yong Kiam Tan, Magnus O. Myreen, Michael Norrish, Oskar Abrahamsson, and Anthony Fox. 2019. Verified Compilation on a Verified Processor. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2019). ACM, New York, NY, USA. 1041–1053. isbn:978-1-4503-6712-7 https://doi.org/10.1145/3314221.3314622 Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Andreas Lööw and Magnus O. Myreen. 2019. A Proof-producing Translator for Verilog Development in HOL. In Proceedings of the 7th International Workshop on Formal Methods in Software Engineering (FormaliSE ’19). IEEE Press, Piscataway, NJ, USA. 99–108. https://doi.org/10.1109/FormaliSE.2019.00020 Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Mentor. 2020. Catapult High-Level Synthesis. https://www.mentor.com/hls-lp/catapult-high-level-synthesis/c-systemc-hlsGoogle ScholarGoogle Scholar
  38. P. Meredith, M. Katelman, J. Meseguer, and G. Roşu. 2010. A formal executable semantics of Verilog. In Eighth ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMOCODE 2010). 179–188. https://doi.org/10.1109/MEMCOD.2010.5558634 Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Rachit Nigam, Sachille Atapattu, Samuel Thomas, Zhijing Li, Theodore Bauer, Yuwei Ye, Apurva Koti, Adrian Sampson, and Zhiru Zhang. 2020. Predictable Accelerator Design with Time-Sensitive Affine Types. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2020). ACM, New York, NY, USA. 393–407. isbn:9781450376136 https://doi.org/10.1145/3385412.3385974 Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. R. Nikhil. 2004. Bluespec System Verilog: efficient, correct RTL from high level specifications. In Proceedings. Second ACM and IEEE International Conference on Formal Methods and Models for Co-Design, 2004. MEMOCODE ’04.. 69–70. https://doi.org/10.1109/MEMCOD.2004.1459818 Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. D. H. Noronha, J. P. Pinilla, and S. J. E. Wilton. 2017. Rapid circuit-specific inlining tuning for FPGA high-level synthesis. In 2017 International Conference on ReConFigurable Computing and FPGAs (ReConFig). 1–6. https://doi.org/10.1109/RECONFIG.2017.8279807 Google ScholarGoogle ScholarCross RefCross Ref
  42. Ian Page and Wayne Luk. 1991. Compiling Occam into field-programmable gate arrays. In FPGAs, Oxford Workshop on Field Programmable Logic and Applications. 15, 271–283.Google ScholarGoogle Scholar
  43. P. G. Paulin and J. P. Knight. 1989. Scheduling and Binding Algorithms for High-Level Synthesis. In Proceedings of the 26th ACM/IEEE Design Automation Conference (DAC ’89). ACM, New York, NY, USA. 1–6. isbn:0897913108 https://doi.org/10.1145/74382.74383 Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Maxime Pelcat, Cédric Bourrasset, Luca Maggiani, and François Berry. 2016. Design productivity of a high level synthesis compiler versus HDL. In 2016 International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation (SAMOS). 140–147. https://doi.org/10.1109/SAMOS.2016.7818341 Google ScholarGoogle ScholarCross RefCross Ref
  45. Juan Perna and Jim Woodcock. 2012. Mechanised Wire-Wise Verification of Handel-C Synthesis. Science of Computer Programming, 77, 4 (2012), 424 – 443. issn:0167-6423 https://doi.org/10.1016/j.scico.2010.02.007 Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Juan Perna, Jim Woodcock, Augusto Sampaio, and Juliano Iyoda. 2011. Correct Hardware Synthesis. Acta Informatica, 48, 7 (2011), 01 Dec, 363–396. issn:1432-0525 https://doi.org/10.1007/s00236-011-0142-y Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Christian Pilato and Fabrizio Ferrandi. 2013. Bambu: A modular framework for the high level synthesis of memory-intensive applications. In FPL. IEEE, 1–4. https://doi.org/10.1109/FPL.2013.6645550 Google ScholarGoogle Scholar
  48. A. Pnueli, M. Siegel, and E. Singerman. 1998. Translation validation. In Tools and Algorithms for the Construction and Analysis of Systems, Bernhard Steffen (Ed.). Springer, Berlin, Heidelberg. 151–166. isbn:978-3-540-69753-4 https://doi.org/10.1007/BFb0054170 Google ScholarGoogle ScholarCross RefCross Ref
  49. Louis-Noël Pouchet. 2020. PolyBench/C: the Polyhedral Benchmark suite. http://web.cse.ohio-state.edu/~pouchet.2/software/polybench/Google ScholarGoogle Scholar
  50. Louis-Noel Pouchet, Peng Zhang, Ponnuswamy Sadayappan, and Jason Cong. 2013. Polyhedral-based data reuse optimization for configurable computing. In Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays. 29–38. https://doi.org/10.1145/2435264.2435273 Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Fabian Schuiki, Andreas Kurth, Tobias Grosser, and Luca Benini. 2020. LLHD: A Multi-Level Intermediate Representation for Hardware Description Languages. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2020). ACM, New York, NY, USA. 258–271. isbn:9781450376136 https://doi.org/10.1145/3385412.3386024 Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Cyril Six, Sylvain Boulmé, and David Monniaux. 2020. Certified and efficient instruction scheduling: Application to interlocked VLIW processors. Proc. ACM Program. Lang..Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. David B. Thomas. 2016. Synthesisable recursion for C++ HLS tools. In ASAP. IEEE Computer Society, 91–98. https://doi.org/10.1109/ASAP.2016.7760777 Google ScholarGoogle ScholarCross RefCross Ref
  54. Jean-Baptiste Tristan and Xavier Leroy. 2008. Formal Verification of Translation Validators: A Case Study on Instruction Scheduling Optimizations. In Proceedings of the 35th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’08). ACM, New York, NY, USA. 17–27. isbn:9781595936899 https://doi.org/10.1145/1328438.1328444 Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Girish Venkataramani and Seth C. Goldstein. 2007. Operation chaining asynchronous pipelined circuits. In 2007 IEEE/ACM International Conference on Computer-Aided Design. 442–449. https://doi.org/10.1109/ICCAD.2007.4397305 Google ScholarGoogle ScholarCross RefCross Ref
  56. Jaroslav Ševčík, Viktor Vafeiadis, Francesco Zappa Nardelli, Suresh Jagannathan, and Peter Sewell. 2013. CompCertTSO: A Verified Compiler for Relaxed-Memory Concurrency. J. ACM, 60, 3 (2013), Article 22, June, 50 pages. issn:0004-5411 https://doi.org/10.1145/2487241.2487248 Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. Yuting Wang, Xiangzhe Xu, Pierre Wilke, and Zhong Shao. 2020. CompCertELF: Verified Separate Compilation of C Programs into ELF Object Files. Proc. ACM Program. Lang., 4, OOPSLA (2020), Article 197, Nov., 28 pages. https://doi.org/10.1145/3428265 Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. Xilinx. 2019. Vivado Design Suite. https://bit.ly/2wZAmldGoogle ScholarGoogle Scholar
  59. Xilinx. 2020. Vivado High-level Synthesis. https://bit.ly/39ereMxGoogle ScholarGoogle Scholar
  60. Xuejun Yang, Yang Chen, Eric Eide, and John Regehr. 2011. Finding and Understanding Bugs in C Compilers. In Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’11). ACM, New York, NY, USA. 283–294. isbn:9781450306638 https://doi.org/10.1145/1993498.1993532 Google ScholarGoogle ScholarDigital LibraryDigital Library
  61. Youngsik Kim, S. Kopuri, and N. Mansouri. 2004. Automated formal verification of scheduling process using finite state machines with datapath (FSMD). In International Symposium on Signals, Circuits and Systems. Proceedings, SCS 2003. (Cat. No.03EX720). 110–115. https://doi.org/10.1109/ISQED.2004.1283659 Google ScholarGoogle ScholarCross RefCross Ref
  62. Jieru Zhao, Liang Feng, Sharad Sinha, Wei Zhang, Yun Liang, and Bingsheng He. 2017. COMBA: A comprehensive model-based analysis framework for high level synthesis of real applications. In 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). 430–437. https://doi.org/10.1109/ICCAD.2017.8203809 Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. Jianzhou Zhao, Santosh Nagarakatte, Milo M. K. Martin, and Steve Zdancewic. 2012. Formalizing the LLVM intermediate representation for verified program transformations. In Proceedings of the 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2012, Philadelphia, Pennsylvania, USA, January 22-28, 2012, John Field and Michael Hicks (Eds.). ACM, 427–440. https://doi.org/10.1145/2103656.2103709 Google ScholarGoogle ScholarDigital LibraryDigital Library
  64. Wei Zuo, Peng Li, Deming Chen, Louis-Noël Pouchet, Shunan Zhong, and Jason Cong. 2013. Improving polyhedral code generation for high-level synthesis. In 2013 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ ISSS). 1–10. https://doi.org/10.1109/CODES-ISSS.2013.6659002 Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Formal verification of high-level synthesis

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!