ibm haifa research lab © 2006 ibm corporation © 2007 ibm corporation a framework for the...
TRANSCRIPT
IBM Haifa Research Lab
© 2006 IBM Corporation© 2007 IBM Corporation
A Framework for the Validation of Processor Architecture Compliance
Allon Adir, Sigal Asaf, Laurent Fournier, Itai Jaeger(*), Ofer Peled
2
Processor architecture licensing
Commercial processor architecture licensing drives the need for compliance validation
– Architecture owners must prevent fragmentation of the architecture
– Licensees would like to make sure their design is compatible with existing facilities and software
IBM Labs in Haifa
3
Implementation=~?
Designer’s intent=~?
Architecture compliance validation
Architecture
Functional verificationCompliance validation
Verify that:Designers have interpreted the architecture correctlyArchitecture prescriptions have been followed in a consistent manner
3
4
Human interaction based processes
– Error prone
– Expert effort needed
Legacy architecture compliance test suite
– Not systematic
– Maintenance issuesWhen does ‘add’ instruction set the CR bit to zero ?
The problem – cont’
Developing an Architecture Validation Suite Application to the PowerPC Architecture (Fournier et al., DAC ’99)
• Based on a static set of testcases
• Covering several ad-hoc coverage models
Methods for architecture compliance validation
5
Provide a comprehensive set of test cases
– Covering each and every aspect of the architecture
Make deviation from the architecture observable
– Create tests that distinguish wrong behavior from right behavior
Enable easy maintenance
– Support different implementations of the same architecture
– Effectively cope with architecture evolution
Compliance validation challenges
6
Back-up pages: The detailed solution ACS – an automatic compliance suite generator
-
Generator
Test Specification
Test Specification Generator
PowerPCReference Model
PowerPCKnowledge Base
Design Specificknowledge Base Architectural
Design SpecificReference Model
Architectural
Design Specific Coverage Models
Model-basedTest Generator
Test Specification
Test Specification
Test Specification Generator
PowerPCReference Model
PowerPCKnowledge Base
ArchitecturalKnowledge Base
ArchitecturalReference Model
Architectural Coverage Models
Compliance Test Cases
7
ACS coverage models Misinterpretation based coverage models
– Ambiguity in the text
– Oversight of specification portions
– Subconscious confusion with a similar, yet different, specification
• Internal or external association
Automatically derived from description of
– Single instruction behavior
– Architectural mechanisms (e.g., translation, interrupts)
– Synchronization and multi-processor requirements
8
Implementation decisions It is common for processor architecture to allow several alternative
legal behaviors
– Implement vectored instructions?
– Take an interrupt on overflow?
A single test may be legal for one implementation of the architecture but illegal for another…
Not all coverage models are applicable to every implementation of the architecture
9
The complete ACS system
Compliance Test Cases
Generator
TestSpecification
ACS Defs Generator
Architecture Decisions
ArchitecturalCoverage Models
Architectural Reference Model
ArchitecturalKnowledge Base
1) fsel implemented yes
2) External control facility yes
3) Memory size 2^52…
Model-based Test Generator
10
Summary
The need for architecture compliance validation is growing
– Architecture licensing business models
Complex and evolving architectures pose significant challenges
– Current methods are not complete and robust enough
ACS – a system for automatically generating compliance test suites
– Comprehensive coverage of misinterpretation models
– Automatic generation according to specific implementation choices
– Model-based approach addresses architecture evolution
IBM Haifa Research Lab
© 2006 IBM Corporation© 2007 IBM Corporation
Thank you
12
Backup
13
OE=1
setOverflow = False setOverflow = True
Mode = 64-bit Mode = 32-bit
64_overflow_occurred = true
Misinterpretation flowchart coverage models
prec=64 prec=32
OE = 0 OE = 1
OE=0 OE=1
OE=0
64_overflow_occurred = false
OE=0
32_overflow_occurred = false
OE=1
32_overflow_occurred = true
Misinterpretation task: The process goes down a false edge instead of the right edge coming out of the same node
14
Misinterpretations
The concept of misinterpretation constitutes the backbone of the ACS coverage models
Causes for misinterpretations
– Ambiguity in the text
– Oversight of specification portions
– Subconscious confusion with a similar, yet different, specification
• Internal association• External association
5/0=
Arch. Overflow interrupt
Divide by zero interrupt
15
ACS coverage models The coverage models target misinterpretations of
– Single instruction behavior
– Architectural mechanisms (e.g., translation, interrupts)
– Synchronization and multi-processor requirements
Two types of coverage models are supported:
– Flowchart based models
– Cross product models
CR[0:2] = unchanged
CR[0:2] = 0b001 CR[0:2] = 0b010 CR[0:2] = 0b100
Inst.isRecord=falseInst.isRecord=true
MSR[SF] = 0MSR[SF] = 1
faddfdivfmul
Instruction
+Zero-Zero
+Number-Number
+Inf-InfNan
Operand1 Operand2
+Zero-Zero
+Number-Number
+Inf-Infnan