Verification of Hierarchical Cache Coherence Protocols for Future Processors Student: Xiaofang Chen Advisor: Ganesh Gopalakrishnan.

Slides:



Advertisements
Similar presentations
Functional Decompositions for Hardware Verification With a few speculations on formal methods for embedded systems Ken McMillan.
Advertisements

Implementation and Verification of a Cache Coherence protocol using Spin Steven Farago.
Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.
Translation-Based Compositional Reasoning for Software Systems Fei Xie and James C. Browne Robert P. Kurshan Cadence Design Systems.
Promising Directions in Hardware Design Verification Shaz Qadeer Serdar Tasiran Compaq Systems Research Center.
Multi-core systems System Architecture COMP25212 Daniel Goodman Advanced Processor Technologies Group.
Hierarchical Cache Coherence Protocol Verification One Level at a Time through Assume Guarantee Xiaofang Chen, Yu Yang, Michael Delisi, Ganesh Gopalakrishnan.
Department of Computer Sciences Revisiting the Complexity of Hardware Cache Coherence and Some Implications Rakesh Komuravelli Sarita Adve, Ching-Tsun.
Using Formal Specifications to Monitor and Guide Simulation: Verifying the Cache Coherence Engine of the Alpha Microprocessor Serdar Tasiran Systems.
1 Lecture 4: Directory Protocols Topics: directory-based cache coherence implementations.
Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by SRC Contract.
Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by Intel.
Compositional reasoning for Parameterized Verification Murali Talupur Joint work with Sava Krstic, John O’leary, Mark Tuttle.
6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
CS 258 Parallel Computer Architecture Lecture 15.1 DASH: Directory Architecture for Shared memory Implementation, cost, performance Daniel Lenoski, et.
Ashish Kundu CS590F Purdue 02/12/07 Language-Based Information Flow Security Andrei Sabelfield, Andrew C. Myers Presentation: Ashish Kundu
An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.
1 Scaling Formal Methods toward Hierarchical Protocols in Shared Memory Processors: Annual Review Presentation – April 2007 Presenters: Ganesh Gopalakrishnan.
STARI: A Case Study in Compositional and Hierarchical Timing Verification Serdar Tasiran, Prof. Robert K. Brayton Department of Electrical Engineering.
Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Presenters: Ganesh Gopalakrishnan and Xiaofang Chen School of Computing,
1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.
ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
Modular Verification of Multithreaded Software Shaz Qadeer Compaq Systems Research Center Shaz Qadeer Compaq Systems Research Center Joint work with Cormac.
1 Lecture 2: Snooping and Directory Protocols Topics: Snooping wrap-up and directory implementations.
Transaction Ordering Verification using Trace Inclusion Refinement Mike Jones 11 January 2000.
1 Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Joint work with Xiaofang Chen (PhD student) Ching-Tsun Chou (Intel Corporation,
Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.
Transaction Ordering Verification using Trace Inclusion Refinement Mike Jones 11 January 2000.
Fundamentals of Simulation-Based Verification 1.Structure of a Testbench - stimulus, checkers, etc. 2.Observation and Assertions - automatic checking of.
Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Presenters: Ganesh Gopalakrishnan and Xiaofang Chen School of Computing,
Utah Verifier Group Research Overview Robert Palmer.
Counterexample Guided Invariant Discovery for Parameterized Cache Coherence Verification Sudhindra Pandav Konrad Slind Ganesh Gopalakrishnan.
1 Reducing Verification Complexity of a Multicore Coherence Protocol Using Assume/Guarantee Xiaofang Chen 1, Yu Yang 1, Ganesh Gopalakrishnan 1, Ching-Tsun.
Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by SRC Contract.
Formal verification Marco A. Peña Universitat Politècnica de Catalunya.
Formal Verification of SpecC Programs using Predicate Abstraction Himanshu Jain Daniel Kroening Edmund Clarke Carnegie Mellon University.
1 Shared-memory Architectures Adapted from a lecture by Ian Watson, University of Machester.
Spring 2003CSE P5481 Cache Coherency Cache coherent processors reading processor must get the most current value most current value is the last write Cache.
Memory Consistency Models Some material borrowed from Sarita Adve’s (UIUC) tutorial on memory consistency models.
Advances in Language Design
© 2009 Matthew J. Sottile, Timothy G. Mattson, and Craig E Rasmussen 1 Concurrency in Programming Languages Matthew J. Sottile Timothy G. Mattson Craig.
Using Mathematica for modeling, simulation and property checking of hardware systems Ghiath AL SAMMANE VDS group : Verification & Modeling of Digital systems.
A Simple Method for Extracting Models from Protocol Code David Lie, Andy Chou, Dawson Engler and David Dill Computer Systems Laboratory Stanford University.
Extreme Makeover for EDA Industry
Joseph Cordina 1/11 The Use of Model-Checking for the Verification of Concurrent Algorithms Joseph Cordina Department of C.S.&A.I.
TEMPLATE DESIGN © Hardware Design, Synthesis, and Verification of a Multicore Communication API Ben Meakin, Ganesh Gopalakrishnan.
(C) 2003 Daniel SorinDuke Architecture Dynamic Verification of End-to-End Multiprocessor Invariants Daniel J. Sorin 1, Mark D. Hill 2, David A. Wood 2.
Page 1 Advanced Technology Center HCSS 03 – April 2003 vFaat: von Neumann Formal Analysis and Annotation Tool David Greve Dr. Matthew Wilding Rockwell.
Writing Systems Software in a Functional Language An Experience Report Iavor Diatchki, Thomas Hallgren, Mark Jones, Rebekah Leslie, Andrew Tolmach.
1 Predicate Abstraction and Refinement for Verifying Hardware Designs Himanshu Jain Joint work with Daniel Kroening, Natasha Sharygina, Edmund M. Clarke.
Ronny Krashinsky Erik Machnicki Software Cache Coherent Shared Memory under Split-C.
Formal Verification. Background Information Formal verification methods based on theorem proving techniques and model­checking –To prove the absence of.
Gauss Students’ Views on Multicore Processors Group members: Yu Yang (presenter), Xiaofang Chen, Subodh Sharma, Sarvani Vakkalanka, Anh Vo, Michael DeLisi,
11th International Conference on Web-Age Information Management July 15-17, 2010 Jiuzhaigou, China V Locking Protocol for Materialized Aggregate Join Views.
Symbolic Model Checking of Software Nishant Sinha with Edmund Clarke, Flavio Lerda, Michael Theobald Carnegie Mellon University.
1 Lecture 8: Snooping and Directory Protocols Topics: 4/5-state snooping protocols, split-transaction implementation details, directory implementations.
Maurice Herlihy and J. Eliot B. Moss,  ISCA '93
Xiaofang Chen1 Yu Yang1 Ganesh Gopalakrishnan1 Ching-Tsun Chou2
Opeoluwa Matthews, Jesse Bingham, Daniel Sorin
Synthesis from scenarios and requirements
Michael D. Jones, Ganesh Gopalakrishnan
Multiprocessor Cache Coherency
IP – Based Design Methodology
CMSC 611: Advanced Computer Architecture
Logical architecture refinement
The DASH Prototype: Implementation and Performance
CS 213 Lecture 11: Multiprocessor 3: Directory Organization
High Performance Computing
Coherent caches Adapted from a lecture by Ian Watson, University of Machester.
Presentation transcript:

Verification of Hierarchical Cache Coherence Protocols for Future Processors Student: Xiaofang Chen Advisor: Ganesh Gopalakrishnan

2 Outline  Background  Proposed solutions –High level hierarchical coherence protocol verification –Refinement check: specifications vs. RTL implementations  Conclusion

3 Hierarchical Cache Coherence Protocols Chip-level protocols Inter-cluster protocols Intra-cluster protocols dir mem dir mem …

4 Modeling and Verification of Coherence Protocols  High-level modeling approaches –Model checking  Low-level modeling: RTL or VHDL –Simulation

5 Problems with Hierarchical Coherence Protocols  For high level modeling –Handle the complexity of hierarchical protocols  For RTL implementations –Verify a RTL correctly implements the specification

6 Example: Verification Complexity (I) RAC L2 Cache+Local Dir L1 Cache Main Mem Home ClusterRemote Cluster 1Remote Cluster 2 L1 Cache Global Dir RAC L2 Cache+Local Dir L1 Cache RAC L2 Cache+Local Dir L1 Cache

7 Example: Verification Complexity (II)  Tool: Murphi  Verification –IA-64 machine –18GB memory –40-bit hash compaction –Non-conclusive after >30 hours of state enumeration

8 Differences in Modeling: Specs vs. Impls home client buf local cache One step in high-level Multiple steps in low-level

9 Differences in Execution: Specs vs. Impls Interleaving in HL Concurrency in LL

10 Proposed Mechanisms  For high level modeling, develop –A few M-CMP coherence protocols –A compositional approach  For specifications vs. implementations, develop –A formal theory –A compositional approach –A practical tool

11

12 Outline Background  Proposed solutions –High level hierarchical coherence protocol verification –Refinement check: specifications vs. RTL implementations  Conclusion

13 An M-CMP Benchmark Protocol RAC L2 Cache+Local Dir L1 Cache Main Mem Home ClusterRemote Cluster 1Remote Cluster 2 L1 Cache Global Dir RAC L2 Cache+Local Dir L1 Cache RAC L2 Cache+Local Dir L1 Cache Inter-cluster Intra-cluster

14 Protocol Features  Both levels use MESI protocols –Intra-cluster: FLASH –Inter-cluster: DASH  Silent drop on non-Modified cache lines  Network channels are non-FIFO  Inclusive caches

15 Another Benchmark: Non-inclusive Caches RAC L2 Cache+Local Dir L1 Cache Main Mem Home ClusterRemote Cluster 1Remote Cluster 2 L1 Cache Global Dir RAC L2 Cache+Local Dir L1 Cache RAC L2 Cache+Local Dir L1 Cache

16 Our Compositional Approach Original protocol

17 Our Compositional Approach

18 One Way to Decompose Protocols  Create three abstract protocols  Each with 1 detailed cluster + 2 abstracted clusters

19 Abstract Protocol #1 RAC L2 Cache+Local Dir’ Main Mem Home Cluster Remote Cluster 1 Global Dir RAC L2 Cache+Local Dir L1 Cache RAC L2 Cache+Local Dir’ Remote Cluster 2

20 Abstract Protocol #2 RAC L2 Cache+Local Dir’ Main Mem Home Cluster Remote Cluster 1 Global Dir RAC L2 Cache+Local Dir L1 Cache RAC L2 Cache+Local Dir’ Remote Cluster 2

21 Problems with This Approach  Every abstract protocol contains 2 protocols  Duplicated behaviors in abstract protocols  State space still large ,613,051M2M ,088,425M1M1 Mem (GB)Time (hour)# of states

22 Second Way to Decompose Protocols RAC L2 Cache+Local Dir’ Main Mem Home ClusterRemote Cluster 1Remote Cluster 2 RAC L2 Cache+Local Dir’ Global Dir RAC L2 Cache+Local Dir’ Home Cluster Remote Cluster 1 ABS #1 ABS #2 ABS #3 L2 Cache+Local Dir L1 Cache L2 Cache+Local Dir L1 Cache

23 Model Checking Results

24 Details of Our Approach  Abstraction –States –Transitions, properties  Constraining –Assume guarantee reasoning

25 Abstraction on States Intra-cluster Inter-cluster

26 State Representation L2 Cache+Local Dir L1 Cache L2 Cache+Local Dir’ L1sNetwork L2 Local Dir Original cluster RAC L2 Cache+Local Dir L1 Cache L1sNetwork L2 Local Dir L2 Local Dir’ RAC Abstract clusters

27  Rule: guard action  guard –Become more permissive  action –Allow more behaviors Abstracting Transitions and Properties

28 An Example of Abstraction RAC L2 Cache+Local Dir L1 Cache RAC L2 Cache+Local Dir’ WB Clusters[c].WbMsg.Cmd = WB Clusters[c].L2.Data := Clusters[c].WbMsg.Data; Clusters[c].L2.HeadPtr := L2; … True Clusters[c].L2.Data := nondet ; … Abstract inter-cluster protocol Abstract intra-cluster protocol

29 Abstraction, Now Constraining

30 An Example of Constraining RAC L2 Cache+Local Dir L1 Cache RAC L2 Cache+Local Dir’ WB Clusters[c].WbMsg.Cmd = WB Clusters[c].L2.State = Excl True & Clusters[c].L2.State = Excl Clusters[c].L2.Data := nondet; …

31 Non-inclusive Protocols: History Variables RAC L2 Cache+Local Dir’ Main Mem Home ClusterRemote Cluster 1Remote Cluster 2 RAC L2 Cache+Local Dir’ Global Dir RAC L2 Cache+Local Dir’ Home Cluster Remote Cluster 1 L2 Cache+Local Dir L1 Cache L2 Cache+Local Dir L1 Cache

32 Experimental Results

33 Outline Background Proposed solutions High level hierarchical coherence protocol verification –Refinement check: specifications vs. RTL implementations  Conclusion

34 Our Approach  Use a hardware language –Hardware Murphi  Develop a formal theory of refinement check  Develop a compositional approach –Abstraction –Assume guarantee  Develop a practical tool

35 Hardware Murphi  Murphi extension by S. German and G. Janssen  A concurrent shared variable language –On each cycle Multiple transitions execute concurrently Exclusive write to a variable Shared reads to variables Write immediately visible within the same transition Write visible to other transitions on the next cycle  Support transactions, signals, etc

36 Transaction  Group multiple steps in impl Transaction Rule-1 …. … Rule-6 … End;

37 Workflow of Our Refinement Check Hardware Murphi Impl model Product model in Hardware Murphi Product model in VHDL Murphi Spec model Property check Muv Check low-level correctly implements high-level

38 Full List of Assertions for Refinement Check 1.Serializability for specifications 2.No write-write conflicts 3.Initial states containment 4.Write set variables containment 5.Enableness for specifications 6.Joint variables match at the end of transactions

39 An Example Transaction Rule-1 guard1 action1; Rule-2 guard2 action2; Rule-3 guard3 action3; End; Rule spec_guard spec_action; Impl transaction Spec rule

40 An Example (Cont’d) Transaction Rule-1 guard1 action1; assert spec_guard; spec_action; Rule-2 guard2 action2; Rule-3 guard3 action3; End; assert impl_var1 = spec_var1; assert impl_var2 = spec_var2; …

41 Driving Benchmark Buf Remote DirCache Mem Router Buf Local Home Remote DirCache Mem S. German and G. Janssen, IBM Research Tech Report 2006 Local Home

42 Bugs Found with Refinement Check  Benchmark satisfies cache coherence already  Bugs still found –Bug 1: router unit loses messages –Bug 2: home unit replies twice for one request –Bug 3: cache unit gets updated twice from one reply  Refinement check is an automatic way of constructing checks

43 Model Checking Approaches  Monolithic –Straightforward property check  Compositional –Divide and conquer Product model in VHDL Monolithic Compositional

44 Compositional Refinement Check  Reduce the verification complexity  Basic Techniques –Abstraction Removing details to make verification easier –Assume guarantee A simple form of induction which introduces assumptions and justifies them

45 In More Detail  Abstraction –Change variables to free input variables –E.g. change a latch to free input signal  Assume guarantee (spec.Var = impl.Var) holds Assume for reads of a transaction

46 Experimental Results Verification Time 1-bit 10-bit 1-day Datapath  Configurations –2 nodes, 2 addresses, SixthSense 30 min Monolithic approach Compositional approach

47 Outline Background Proposed solutions High level hierarchical coherence protocol verification Refinement check: specifications vs. RTL implementations  Conclusion

48

49 Thank you.

50 Related Work  Parameterized verification –Chou et al.  Bluespec –Arvind et al.  Aggregation of distributed actions –Park and Dill  Compositional verification –Many previous works including McMillan, Jones, etc.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.