Simulation-Based Verification of Microprocessor Units Based on Cycle-Accurate Contract Specifications

1
Simulation-Based Verification of Microprocessor
Units Based on Cycle-Accurate Contract
Specifications

• Mikhail Chupilko, Alexander Kamkin, and Dmitry
  Vorobyev
• Institute for System Programming of RAS

2
Cost of microprocessor error

• Pentium FDIV Bug (Intel, 1994)
• The cost is 475 000 000
• Phenom (9x00 Stepping B2) L3 Caches TLB Errata
  (AMD, 2007)
• Implicit negative profit
• Design new microprocessor
• The cost is about 100 000 000

3
Levels of verification

• System-level verification
• Unit-level verification

Target system
Test action
Target system
Test action
Target unit
4
Operation execution
Clock
Operation
Operands
Executing
1st stage
2nd stage
Time
5
Pipelined operations execution
Clock
Operation A
Operation B
Operands
Operands
Executing
Executing
Time
6
Contract specifications

• pre(input) // obligation for client
• output operation(input)
• post(intput, output) // benefit for client

• If a client meets the precondition, then the
  component must fulfill the postcondition

7
Specification of operations
Operation A Contracts of As stages Contract
of A
pre(A)
guard(A1) post(A1)
A1


guard(AN) post(AN)
AN
8
Idea of the approach
Operation A
Operation B

• post(A2) ? post(B1)

Test Oracle
Time

1
2
3
9
Requirements

• Requirement is a formal atomic predicate
  constructed on the defined functions. Types
• Pre req. on microoperation precondition
• Guard req. on microoperation guard condition
• Update implicit requirements on microoperation
  functionality
• Post explicit requirements on microoperation
  functionality

10
Tool support

• The approach is integrated into the CTESK tool
  from the UniTESK toolkit
• Special library is developed to simplify the
  creation of specifications and tests for Verilog
  designs using CTESK
• http//www.unitesk.com

11
Specification example
Floating-point adder Stage 0 alignment of
exponent Stage 1 addition of fractions Stage 2
normalization of result
12
Catalogue example
Operation ADD Operation ADD Operation ADD Operation ADD
Stage 0 Stage 1 Stage 2 Stage 3
pre next cycle next cycle next cycle
alignment of exponent addition of fractions normalization of result

13
Precondition

• pre
• return (isZero(op1) isNormalized(op1))
• (isZero(op2) isNormalized(op2))

14
Postcondition (for stage 3)

• post
• return result op1 op2

15
Case study

• The approach was applied to several units of
  MIPS64-compatible microprocessor
• TLB (Translation Lookaside Buffer)
• L2 Cache

16
TLB requirements

• Pre Guard Update Post Total
• Read 5 0 0 2 7
• Write 5 0 2 2 9
• Probe 5 0 0 3 8
• Translate
• (Data) 5 0 3 30 38
• Translate
• (Instruction) 5 3 2 27 37
• Total 25 3 7 64 99

17
TLB verification results

• Specification consists 2.5 KLOC
• Labor-costs of testbench development is about 2.5
  man-months
• We have found 9 errors

18
L2 cache requirements

• Pre Guard Update Post Total
• Load 4 10 7 4 24
• Loadi 2 5 0 2 9
• Store 6 13 77 15 111
• Cache 5 3 20 6 34
• Load (DSP) 1 0 0 1 2
• Store (DSP) 1 0 1 0 2
• Total 18 31 27 105 181

19
L2 cache verification results

• Specifications consists 3 KLOC
• Labor-costs of testbench development is about 4
  man-months
• We have found 6 errors

20
Future work

• Generalization for branching pipelines, pipelines
  with cycles, etc.
• Improvement of tool support for specification and
  tests development

21
Contacts

• Institute for System Programming of
  RAShttp//www.ispras.ru
• UniTESK Technologyhttp//www.unitesk.com
• Alexander Kamkin, Dmitry Vorobyev, Mikhail
  Chupilkokamkin, vorobyev, chupilko_at_ispras.ru

22
Thank You!Questions?