consistency of rtl designs
play

Consistency of RTL Designs Yatin A. Manerkar , Daniel Lustig*, - PowerPoint PPT Presentation

Apr 04, 2024 •362 likes •1.11k views

RTLCheck: Verifying the Memory Consistency of RTL Designs Yatin A. Manerkar , Daniel Lustig*, Margaret Martonosi, and Michael Pellauer* Princeton University *NVIDIA MICRO-50 http:/ ://check.cs.p .princeton.edu/ Memory Consistency Models

  1. RTLCheck: Verifying the Memory Consistency of RTL Designs Yatin A. Manerkar , Daniel Lustig*, Margaret Martonosi, and Michael Pellauer* Princeton University *NVIDIA MICRO-50 http:/ ://check.cs.p .princeton.edu/

  2. Memory Consistency Models (MCMs) are Complex Core 0 Core 1 Data = 100; While (Flag != 1) {} Flag = 1; int r1 = Data; (All locations initially have a value of 0) ▪ MCMs specify ordering requirements of memory operations in parallel programs • Essential to correct parallel systems ▪ Difficult to specify and verify!

  3. Memory Consistency Models (MCMs) are Complex Core 0 Core 1 Data = 100; While (Flag != 1) {} Flag = 1; int r1 = Data; (All locations initially have a value of 0) ▪ MCMs specify ordering requirements of memory operations in parallel programs • Essential to correct parallel systems ▪ Difficult to specify and verify!

  4. Memory Consistency Models (MCMs) are Complex Core 0 Core 1 Flag = 1; While (Flag != 1) {} Data = 100; int r1 = Data; (All locations initially have a value of 0) ▪ MCMs specify ordering requirements of memory operations in parallel programs • Essential to correct parallel systems ▪ Difficult to specify and verify!

  5. How to Verify Hardware MCM Behaviour? ▪ Hardware enforces consistency model using smaller localized orderings • In-order fetch/WB • Coherence protocol orderings • …and many more Fetch Fetch Lds. Dec. Dec. SB SB Exec. Exec. L1 L1 Mem. Mem. WB WB L2 Coh oherence Protocol l (S (SWMR, DVI, etc.)

  6. How to Verify Hardware MCM Behaviour? ▪ Hardware enforces consistency model using smaller localized orderings • In-order fetch/WB • Coherence protocol orderings • …and many more Fetch Fetch Lds. Dec. Dec. SB SB Exec. Exec. L1 L1 Mem. Mem. WB WB L2 Coh oherence Protocol l (S (SWMR, DVI, etc.)

  7. How to Verify Hardware MCM Behaviour? ▪ Hardware enforces consistency model using smaller localized orderings • In-order fetch/WB • Coherence protocol orderings • …and many more Fetch Fetch Lds. Dec. Dec. SB SB Exec. Exec. FIFO store buffers L1 L1 Mem. Mem. help ensure Total WB WB Store Order (TSO) L2 Coh oherence Protocol l (S (SWMR, DVI, etc.)

  8. How to Verify Hardware MCM Behaviour? ▪ Hardware enforces consistency model using smaller localized orderings • In-order fetch/WB • Coherence protocol orderings • …and many more Do individual orderings correctly work together Fetch Fetch Lds. Dec. Dec. to satisfy consistency model? SB SB Exec. Exec. FIFO store buffers L1 L1 Mem. Mem. help ensure Total WB WB Store Order (TSO) L2 Coh oherence Protocol l (S (SWMR, DVI, etc.)

  9. Our Prior Work: Microarchitectural Consistency Verification Mic icroarchit itecture in in µspec ec DS DSL Axiom “ StoreBuffer_is_in_order": ... EdgeExists ((i1, SB_Enter), (i2, SB_Enter)) => AddEdge ((i1, SB_Exit), (i2, SB_Exit)). Axiom "PO_Fetch": ... SameCore i1 i2 /\ ProgramOrder i1 i2 => AddEdge ((i1, Fetch), (i2, Fetch)). Litm Litmus Tes est

  10. Our Prior Work: Microarchitectural Consistency Verification Mic icroarchit itecture in µspec in ec DS DSL Axiom “ StoreBuffer_is_in_order": ... EdgeExists ((i1, SB_Enter), (i2, SB_Enter)) => AddEdge ((i1, SB_Exit), (i2, SB_Exit)). Axiom "PO_Fetch": ... SameCore i1 i2 /\ ProgramOrder i1 i2 => AddEdge ((i1, Fetch), (i2, Fetch)). Each axiom specifies an ordering that µarch should respect Litm Litmus Tes est

  11. Our Prior Work: Microarchitectural Consistency Verification Mic icroarchit itecture in in µspec ec DS DSL Axiom “ StoreBuffer_is_in_order": ... EdgeExists ((i1, SB_Enter), (i2, SB_Enter)) => AddEdge ((i1, SB_Exit), (i2, SB_Exit)). Axiom "PO_Fetch": ... SameCore i1 i2 /\ ProgramOrder i1 i2 => AddEdge ((i1, Fetch), (i2, Fetch)). Litm Litmus Tes est

  12. Our Prior Work: Microarchitectural Consistency Verification Mic icroarchit itecture in µspec in ec DS DSL Axiom “ StoreBuffer_is_in_order": ... EdgeExists ((i1, SB_Enter), (i2, SB_Enter)) => AddEdge ((i1, SB_Exit), (i2, SB_Exit)). Axiom "PO_Fetch": ... SameCore i1 i2 /\ ProgramOrder i1 i2 => AddEdge ((i1, Fetch), (i2, Fetch)). Litm Litmus Tes est Mic icroarchit itectural happen ens-before (µ (µhb hb) gr graphs

  13. Our Prior Work: Microarchitectural Consistency Verification [h [http tp://check.cs.prin inceton.ed edu] Mic icroarchit itecture in in µspec ec DS DSL Axiom “ StoreBuffer_is_in_order": ... EdgeExists ((i1, SB_Enter), (i2, SB_Enter)) => AddEdge ((i1, SB_Exit), (i2, SB_Exit)). Axiom "PO_Fetch": ... SameCore i1 i2 /\ ProgramOrder i1 i2 => AddEdge ((i1, Fetch), (i2, Fetch)). Litmus Tes Litm est Microarch. verification checks that combination of axioms satisfies MCM Mic icroarchit itectural happen ens-before (µ (µhb hb) gr graphs

  14. Our Prior Work: Microarchitectural Consistency Verification [http [h tp://check.cs.prin inceton.ed edu] Mic icroarchit itecture in µspec in ec DS DSL Axiom “ StoreBuffer_is_in_order": ... EdgeExists ((i1, SB_Enter), (i2, SB_Enter)) => AddEdge ((i1, SB_Exit), (i2, SB_Exit)). Axiom "PO_Fetch": Higher-level verif. requires maintaining ordering axioms ... SameCore i1 i2 /\ ProgramOrder i1 i2 => AddEdge ((i1, Fetch), (i2, Fetch)). Does RTL maintain microarchitectural orderings? Litm Litmus Tes est Microarch. verification checks that combination of axioms satisfies MCM Mic icroarchit itectural happen ens-before (µ (µhb hb) gr graphs

  15. RTL Verification is Maturing… ▪ …but usually ignores memory consistency! ▪ Often use SystemVerilog Assertions (SVA)

  16. RTL Verification is Maturing… ▪ …but usually ignores memory consistency! ▪ Often use SystemVerilog Assertions (SVA) ISA-Formal [Reid et al. CAV 2016] -Instr. Operational Semantics No MCM verification!

  17. RTL Verification is Maturing… ▪ …but usually ignores memory consistency! ▪ Often use SystemVerilog Assertions (SVA) ISA-Formal [Reid et al. CAV 2016] DOGReL [Stewart et al. DIFTS 2014] -Instr. Operational Semantics -Memory subsystem transactions No MCM verification! No multicore MCM verification!

  18. RTL Verification is Maturing… ▪ …but usually ignores memory consistency! ▪ Often use SystemVerilog Assertions (SVA) ISA-Formal [Reid et al. CAV 2016] DOGReL [Stewart et al. DIFTS 2014] -Instr. Operational Semantics -Memory subsystem transactions No MCM verification! No multicore MCM verification! Kami [Vijayaraghavan et al. CAV 2015] [Choi et al. ICFP 2017] - MCM correctness for all programs, but… Needs Bluespec design and manual proofs!

  19. RTL Verification is Maturing… ▪ …but usually ignores memory consistency! ▪ Often use SystemVerilog Assertions (SVA) ISA-Formal [Reid et al. CAV 2016] DOGReL [Stewart et al. DIFTS 2014] Lack of automated memory -Instr. Operational Semantics -Memory subsystem transactions No MCM verification! No multicore MCM verification! consistency verification at RTL! Kami [Vijayaraghavan et al. CAV 2015] [Choi et al. ICFP 2017] - MCM correctness for all programs, but… Needs Bluespec design and manual proofs!

  20. RTLCheck: Verifying Consistency Orderings at RTL µspec RTL Litmus Mapping Microarch. Design Test Functions Axioms RTLCheck Temporal SystemVerilog Assertions (SVA) JasperGold Proven? (RTL Verifier)

  21. RTLCheck: Verifying Consistency Orderings at RTL µspec User-provided RTL Litmus Mapping Microarch. mapping functions Design Test Functions Axioms translate microarch. primitives to RTL RTLCheck equivalents Temporal SystemVerilog Assertions (SVA) JasperGold Proven? (RTL Verifier)

  22. RTLCheck: Verifying Consistency Orderings at RTL µspec RTL Litmus Mapping Microarch. Design Test Functions Axioms RTLCheck automatically RTLCheck translates µarch. ordering axioms to temporal properties Temporal SystemVerilog Assertions (SVA) JasperGold Proven? (RTL Verifier)

  23. RTLCheck: Verifying Consistency Orderings at RTL µspec RTL Litmus Mapping Microarch. Design Test Functions Axioms RTLCheck Temporal SystemVerilog Assertions (SVA) Properties may be proven or counterexample found JasperGold Proven? (RTL Verifier)

  24. Meaning can be Lost in Translation! 小心地滑

  25. Meaning can be Lost in Translation! 小心地滑 (Caution: Slippery Floor)

  26. Meaning can be Lost in Translation! 小心地滑 (Caution: Slippery Floor) [Image: Barbara Younger] [Inspiration: Tae Jun Ham]

  27. RTLCheck: Verifying Consistency at RTL Axiomatic Microarch. Verification

  28. RTLCheck: Verifying Consistency at RTL Axiomatic Microarch. Verification 6 7 2 3 4 5 clk St x St y Core[0].DX Temporal St y St x Core[0].WB RTL Verification 0x1 0x1 Core[0].SData (SVA, etc) Ld y Ld x Core[1].DX Ld y Ld x Core[1].WB 0x1 0x1 Core[1].LData

  29. RTLCheck: Verifying Consistency at RTL Axiomatic Abstract nodes Microarch. and happens- Verification before edges 6 7 2 3 4 5 clk St x St y Core[0].DX Temporal St y St x Core[0].WB RTL Verification 0x1 0x1 Core[0].SData (SVA, etc) Ld y Ld x Core[1].DX Ld y Ld x Core[1].WB 0x1 0x1 Core[1].LData

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency

Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency

Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency Requirements of performance, availability, and disconnected operation require us to relax the goal of semantic transparency. - HTTP 1.1 specification

598 views • 13 slides
Consistency - Chapter 5 Introduce several notions of Local Consistency: arc consistency,

Consistency - Chapter 5 Introduce several notions of Local Consistency: arc consistency,

Constraints Course - Justin Pearson - Consistency 1 Consistency - Chapter 5 Introduce several notions of Local Consistency: arc consistency, hyper-arc consistency, k-consistency and strong k-consistency. Local

728 views • 37 slides
Constraint Programming - An overview Node-consistency Arc-consistency Path-consistency

Constraint Programming - An overview Node-consistency Arc-consistency Path-consistency

Constraint Programming - An overview Node-consistency Arc-consistency Path-consistency I-consistency Generalised Arc-consistency Bounds-Consistency Propagators: The COMET example 7 November 2011 Constraint Propagation

615 views • 60 slides
Consistent Storage or Scalable Storage Why Not Both? CONSISTENCY Strong Consistency

Consistent Storage or Scalable Storage Why Not Both? CONSISTENCY Strong Consistency

Consistent Storage or Scalable Storage Why Not Both? CONSISTENCY Strong Consistency Eventual Consistency "Consistency in database systems refers to the requirement that any given database transaction must change affected data only in

668 views • 54 slides
Just-Right As available as possible, consistent when necessary Consistency The CAP theorem

Just-Right As available as possible, consistent when necessary Consistency The CAP theorem

Just-Right Consistency: Just-Right As available as possible, consistent when necessary Consistency The CAP theorem forces a choice In contrast, checking a data between strong consistency (CP) precondition on partitioned state is and

567 views • 10 slides
iii Designs: Mockup #1 ANGELLA QIAN Initial Wireframe Goals/Objectives Going for a more

iii Designs: Mockup #1 ANGELLA QIAN Initial Wireframe Goals/Objectives Going for a more

iii Designs: Mockup #1 ANGELLA QIAN Initial Wireframe Goals/Objectives Going for a more cohesive, clean layout Modernize the website Lends to a more professional impression Font consistency Maybe only 1-2 fonts

531 views • 8 slides
Eventual Consistency In the real world or Why You Already Know Eventual Consistency or

Eventual Consistency In the real world or Why You Already Know Eventual Consistency or

Eventual Consistency In the real world or Why You Already Know Eventual Consistency or Eventual Consistency is better* than Eventual Availability *depending on the use case @roder Matt Heitzenroder We <3 Distributed Systems Basho

423 views • 38 slides
BRAND CONSISTENCY presented by Index Introduction What is Brand Consistency? Why is Brand

BRAND CONSISTENCY presented by Index Introduction What is Brand Consistency? Why is Brand

BRAND CONSISTENCY presented by Index Introduction What is Brand Consistency? Why is Brand Consistency Important? Easy Ways to Keep You Consistent Case Study: Concordia University of Edmonton Summary Contact Information Introduction Who

513 views • 17 slides
This talk is about Data consistency in 3D Understanding consistency (Its the invariants,

This talk is about Data consistency in 3D Understanding consistency (Its the invariants,

This talk is about Data consistency in 3D Understanding consistency (Its the invariants, stupid) Primitive consistency mechanisms How primitives compose models How models relate / differ What they cost Understanding

365 views • 13 slides
Weak Consistency Dan Ports, CSEP 552 CAP Theorem Cant have all three of consistency,

Weak Consistency Dan Ports, CSEP 552 CAP Theorem Cant have all three of consistency,

Weak Consistency Dan Ports, CSEP 552 CAP Theorem Cant have all three of consistency, availability, and tolerance to partitions (but the devil is in the details!) CAP Eric Brewer, 2000: conjecture on reliable

418 views • 20 slides
Consistency The syntactic counterpart of satisfiability is consistency. Definition 1 is

Consistency The syntactic counterpart of satisfiability is consistency. Definition 1 is

Computational Logic, Spring 2006 Pete Manolios Consistency The syntactic counterpart of satisfiability is consistency. Definition 1 is consistent, written Con , iff there is no formula such that and . is

199 views • 8 slides
Replication and Consistency Setting: Concurrent threads accessing shared data Roland Meyer (TU

Replication and Consistency Setting: Concurrent threads accessing shared data Roland Meyer (TU

Replication and Consistency in and hardware general memory consistency models in particular Roland Meyer Technische Universit at Kaiserslautern Roland Meyer (TU KL) Replication and Consistency IFIP WG 2.2 09/2016 1 / 32

1.76k views • 150 slides
CSE 140 Lecture 14 System Designs CK Cheng CSE Dept. UC San Diego 1 System Designs

CSE 140 Lecture 14 System Designs CK Cheng CSE Dept. UC San Diego 1 System Designs

CSE 140 Lecture 14 System Designs CK Cheng CSE Dept. UC San Diego 1 System Designs Introduction Components Spec Implementation 2 Digital Designs vs Computer Architectures Instruction Set (H.Chapter 6, CSE141)

503 views • 18 slides
The many faces of consistency Marcos K. Aguilera, Douglas B. Terry Presented by Ji Wang Outline

The many faces of consistency Marcos K. Aguilera, Douglas B. Terry Presented by Ji Wang Outline

The many faces of consistency Marcos K. Aguilera, Douglas B. Terry Presented by Ji Wang Outline Introduction: What is consistency and why important Abstract model and terminology Two types of consistency State consistency Operation

390 views • 15 slides
Go 2 Draft Designs Hello everyone, Im here to talk about the draft designs that the Go team

Go 2 Draft Designs Hello everyone, Im here to talk about the draft designs that the Go team

Go 2 Draft Designs Hello everyone, Im here to talk about the draft designs that the Go team recently released for possible future additions to Go, specifically about two areas: improved error handling and parametric polymorphism (AKA generics),

411 views • 29 slides
Consistency in key- value stores Monika Moser Consistency guarantees explain a system's

Consistency in key- value stores Monika Moser Consistency guarantees explain a system's

Consistency in key- value stores Monika Moser Consistency guarantees explain a system's behavior Where is my data I just updated? The consistency guarantees of a system influence the behavior perceived by a client. An ideal world The result

591 views • 31 slides
Synthesizing Memory Models from Framework Sketches and Litmus Tests James Bornholt Emina

Synthesizing Memory Models from Framework Sketches and Litmus Tests James Bornholt Emina

Synthesizing Memory Models from Framework Sketches and Litmus Tests James Bornholt Emina Torlak University of Washington Memory consistency models define memory reordering behaviors on mul>processors Memory consistency models define

1.06k views • 86 slides
LITMUSRT: A Hands-On Primer Manohar Vanga, Mahircan Gl, Bjrn Brandenburg MPI-SWS,

LITMUSRT: A Hands-On Primer Manohar Vanga, Mahircan Gl, Bjrn Brandenburg MPI-SWS,

LITMUSRT: A Hands-On Primer Manohar Vanga, Mahircan Gl, Bjrn Brandenburg MPI-SWS, Kaiserslautern, Germany Goals A whirlwind tour of LITMUSRT Working with scheduler plugins. Running real-time tasks under global & partitioned

1.01k views • 84 slides
Surgical Problems in Primary Care Stories from My Life Ronald H. Labuguen, MD Ronald H.

Surgical Problems in Primary Care Stories from My Life Ronald H. Labuguen, MD Ronald H.

3/26/2013 Surgical Problems in Primary Care: Surgical Problems in Primary Care Stories from My Life Ronald H. Labuguen, MD Ronald H. Labuguen, MD Associate Clinical Professor Associate Clinical Professor UCSF Department of Family and

635 views • 42 slides
Surgical Considerations for Obstetrical Hemorrhage Lee-may Chen, MD Division of Gynecologic

Surgical Considerations for Obstetrical Hemorrhage Lee-may Chen, MD Division of Gynecologic

I have no financial disclosures Surgical Considerations for Obstetrical Hemorrhage Lee-may Chen, MD Division of Gynecologic Oncology UCSF Helen Diller Family Comprehensive Cancer Center Department of Obstetrics, Gynecology and Reproductive

315 views • 8 slides
Verification, and Counterexamples Yatin Manerkar Princeton University manerkar@princeton.edu

Verification, and Counterexamples Yatin Manerkar Princeton University manerkar@princeton.edu

C11 Compiler Mappings: Exploration, Verification, and Counterexamples Yatin Manerkar Princeton University manerkar@princeton.edu http://check.cs.princeton.edu November 22 nd , 2016 1 Compilers Must Uphold HLL Guarantees High-Level Assembly

591 views • 48 slides
Litmus Testing at Rack Scale We're Going to Build a Large Program Collider ad Collide instructions

Litmus Testing at Rack Scale We're Going to Build a Large Program Collider ad Collide instructions

Litmus Testing at Rack Scale We're Going to Build a Large Program Collider ad Collide instructions at 0.99 c , and observe the decay products. Images: CERN; Chaix & Morel et associs David Cock | 19. September 20 | 2 16 Programmers

539 views • 24 slides
Tests and Testing p. 1 Empirical Science of the Artificial Treating these human-made

Tests and Testing p. 1 Empirical Science of the Artificial Treating these human-made

Tests and Testing p. 1 Empirical Science of the Artificial Treating these human-made artifacts as objects of empirical science In principle (modulo manufacturing defects): their structure and behaviour are completely known. In

372 views • 23 slides
An integrated concurrency and core- ISA architectural envelope definition, and test oracle, for

An integrated concurrency and core- ISA architectural envelope definition, and test oracle, for

An integrated concurrency and core- ISA architectural envelope definition, and test oracle, for IBM POWER multiprocessors Kathryn E. Gray 1 Gabriel Kerneis 1+ Dominic Mulligan 1 Christopher Pulte 1 Susmit Sarkar 2 Peter Sewell 1 1 University of

745 views • 45 slides

More recommend