Post on 17-Jan-2016
transcript
Using Cycle-Accurate Contract Specifications for Testing Hardware Models
Alexander KamkinInstitute for System Programming of RAS
kamkin@ispras.ru
Microsoft Research & Institute for System Programming of RAS Joint Workshop 2 of 2420 June, 2009
Problem Domain
Hardware is designed using special-purpose languages, like Verilog and VHDL
Testing of hardware models (simulation-based verification) is the main approach to hardware verification
To automate simulation-based verification, formal specifications are needed
What kind of specifications are good for testing of hardware models?
Microsoft Research & Institute for System Programming of RAS Joint Workshop 3 of 2420 June, 2009
Levels of Testing
lui s1, 0x2779
ori s1, s1, 0xc8b9
lui s3, 0x4ee
ori s3, s3, 0xf798
add v0, a0, a2
sub t1, t3, t5
add t7, s1, s3
Core-Level TestingUnit-Level Testing
Model of a microprocessor is tested as a whole
with the help of test programs
Model of a particular unit is tested
via inputs and outputs signals
Microsoft Research & Institute for System Programming of RAS Joint Workshop 4 of 2420 June, 2009
Synchronous Designs
Time
Clock Pulse
Other Signals
…
… Cyc
le 1
Cyc
le 2
Cyc
le 3
Microsoft Research & Institute for System Programming of RAS Joint Workshop 5 of 2420 June, 2009
Pipelined Designs Overlapping
Operation A
Time
Clock Pulse
Execution of A Stage A1 Stage A2
Operation B
Execution of B Stage B2 Stage B1
…
Microsoft Research & Institute for System Programming of RAS Joint Workshop 6 of 2420 June, 2009
Classical Contract Specifications
pre(input)
output = operation(input)
post(intput, output)
If an environment meets the precondition, then the component must guarantee the postcondition
Microsoft Research & Institute for System Programming of RAS Joint Workshop 7 of 2420 June, 2009
Cycle-Accurate Contract Specifications Operations Contracts of stages Contracts of
operations
A1
…
AN
…
A1
…
AN
…
Operation Contracts of stages Contract of
operation
A1
…
AN
pre(A, 1)post(A, 1)
pre(A, N)post(A, N)
…
pre(A)
Microsoft Research & Institute for System Programming of RAS Joint Workshop 8 of 2420 June, 2009
Idea of the Method
post(A, 2) post(B, 1)
Operation A
Operation B
A1 A2 … AN
B1 B2 … BN
Time
Test Oracle
1 2 3 …
Microsoft Research & Institute for System Programming of RAS Joint Workshop 9 of 2420 June, 2009
FSM Model of Pipeline
{(x, 1)} (1)
State’ = {(xi, si) | pre(xi, si) = false} (2)
{(xi, si + 1) | pre(xi, si) = true si < L(xi)} (3)
State
{(xi, si)}State’
?
Stimulus
x
Microsoft Research & Institute for System Programming of RAS Joint Workshop 10 of 2420 June, 2009
FSM Transition
A1 A2 … AL(A)
B1 B2 … BL(B)
C1 C2 … CL(C)
……D
D1 D2 … DL(D)
E
Stimulus
State
Microsoft Research & Institute for System Programming of RAS Joint Workshop 11 of 2420 June, 2009
Checking Correctness
Test Oracle = { post(xi, si) | pre(xi, si) = true }
✕
Passed or failed?
State
{(xi, si)}State’
?
Stimulus
Microsoft Research & Institute for System Programming of RAS Joint Workshop 12 of 2420 June, 2009
Test Oracle
A1 A2 … AL(A)
B1 B2 … BL(B)
C1 C2 … CL(C)
……D
D1 D2 … DL(D)
E
Stimulus
State
Test Oracle
Microsoft Research & Institute for System Programming of RAS Joint Workshop 13 of 2420 June, 2009
A
B
C
Branching and Other Features
— stage
— branch
— fork
— join
Microsoft Research & Institute for System Programming of RAS Joint Workshop 14 of 2420 June, 2009
Test Coverage Definition
Test situations Interesting situations for individual operations
Branches of functionalityExceptions
Dependencies Usage of shared resources
Register dependencies Address dependencies
Microsoft Research & Institute for System Programming of RAS Joint Workshop 15 of 2420 June, 2009
FSM with Coverage Information
x [Situation, Dependencies]
Test situation
Set of dependencies
State{(xi[Si, Di], si)}
State’{…}
Microsoft Research & Institute for System Programming of RAS Joint Workshop 16 of 2420 June, 2009
Test Sequence Generation
Irredundant algorithms of FSM traversal
FSM is deterministic Dependencies determine pipeline interlocks
FSM has strongly connected state graph There are no deadlocks between operations
Microsoft Research & Institute for System Programming of RAS Joint Workshop 17 of 2420 June, 2009
Irredundant Algorithms
PreState
B
C
D
?CurrentState
Known sub-FSM
Known sub-FSM
A
E
F
?G
H
Microsoft Research & Institute for System Programming of RAS Joint Workshop 18 of 2420 June, 2009
Tool Support
The approach is integrated into the CTESK tool from the UniTESK toolkit
To simplify creation of specifications and tests for pipelined units using CTESK, library PIPE is developed
http://www.unitesk.com
Microsoft Research & Institute for System Programming of RAS Joint Workshop 19 of 2420 June, 2009
Case Studies
MIPS64-compatible microprocessor
TLB (translation lookaside buffer)L2 cache (directed-mapped memory cache)
Microsoft Research & Institute for System Programming of RAS Joint Workshop 20 of 2420 June, 2009
Case Studies Summary
Characteristic TLB L2
Size of implementation,
lines of code3500 3000
Number of operations 5 6
Labor costs, man-months 2.5 4
Size of specifications and tests, lines of code 3500 4700
Number of found bugs 10 4
Microsoft Research & Institute for System Programming of RAS Joint Workshop 21 of 2420 June, 2009
Future Directions
SystemC and SystemVerilog languages
OVM (Open Verification Methodology)
http://www.ovmworld.org
Microsoft Research & Institute for System Programming of RAS Joint Workshop 22 of 2420 June, 2009
Conclusion
The contract-based approach to testing of hardware designs is introduced
The approach allows to describe complex digital hardware with pipelining, interlocks, branching, etc.
The approach has been successfully applied to several units of MIPS64-compatible microprocessor
Microsoft Research & Institute for System Programming of RAS Joint Workshop 23 of 2420 June, 2009
Contacts
Institute for System Programming of RAS (ISPRAS)http://www.ispras.ru
Hardware Verification R&D @ ISPRAShttp://hardware.ispras.ru
Alexander Kamkinkamkin@ispras.ru
Microsoft Research & Institute for System Programming of RAS Joint Workshop 24 of 2420 June, 2009
Thank You!Questions?