1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu...
-
date post
19-Dec-2015 -
Category
Documents
-
view
213 -
download
0
Transcript of 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu...
![Page 1: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/1.jpg)
1
A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols
Xiaofang Chen1
Yu Yang1
Ganesh Gopalakrishnan1
Ching-Tsun Chou2
1University of Utah2Intel Corporation
* Supported in part by Intel SRC Customization Award 2005-TJ-1318
![Page 2: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/2.jpg)
2FMCAD 2006
Hierarchical Cache Coherence Protocols
Chip-level protocols
Inter-cluster protocols
Intra-cluster protocols
dirmem dirmem
…
![Page 3: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/3.jpg)
3FMCAD 2006
Verification Challenges
No public domain benchmarks
More complicated with more Corner cases
State space
![Page 4: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/4.jpg)
4FMCAD 2006
Outline
Two hierarchical protocols Inclusive
Non-inclusive
A compositional approach Abstraction
Counter-example guided refinement
Soundness
![Page 5: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/5.jpg)
5FMCAD 2006
A Multicore Coherence Protocol
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
Global Dir
MainMemory
Home ClusterRemote Cluster 1
Remote Cluster 2
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
![Page 6: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/6.jpg)
6FMCAD 2006
Protocol Features
Both levels use MESI protocols Level-1: FLASH
Level-2: DASH
Silent drop on non-Modified cache lines
Network channels are non-FIFO
![Page 7: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/7.jpg)
7FMCAD 2006
Livelock Problem
DirAgent1 Agent2
1. Req_E
2. Grant_E
4. Req_S
3. Silent-drop
5. Fwd_Req6. NACK
Invld InvldExcl
![Page 8: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/8.jpg)
8FMCAD 2006
Blocking WB + NACK_SD
DirA1 A2Req_E
Gnt_EReq_S
Modify
WB
Fwd_S
WB_Ack
NAck_SD
NAck
(I) (I)
(E)
(M)
(I)
![Page 9: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/9.jpg)
9FMCAD 2006
Complexity of the Protocol
Multiplicative effect of four protocols running
concurrently
Model check failed after 161,876,000 of
states
![Page 10: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/10.jpg)
10FMCAD 2006
Outline
Two hierarchical protocols Inclusive
Non-inclusive
A compositional approach Abstraction
Counter-example guided refinement
Soundness
![Page 11: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/11.jpg)
11FMCAD 2006
A Compositional Approach
Constraining
Original protocol
Abstraction
…
Abstracted protocol
![Page 12: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/12.jpg)
12FMCAD 2006
Non-Circular Assume/Guarantee
We can’t Verify: h ║ r1 ║ r2 ╞ Coh
Instead Check-1: h ║ R1 ║ R2 ╞ Coh1 Λ Constrains1
Check-2: H ║ r1 ║ R2 ╞ Coh2 Λ Constrains2
![Page 13: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/13.jpg)
13FMCAD 2006
Verification Methodology
Abstraction Two abstracted protocols
Fixing real bugs in M
Refinement
![Page 14: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/14.jpg)
14FMCAD 2006
Abstracted Protocol #1
RAC
L2 Cache+Local Dir’
Global Dir
MainMemory
Home Cluster
Remote Cluster 1
Remote Cluster 2
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
RAC
L2 Cache+Local Dir’
![Page 15: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/15.jpg)
15FMCAD 2006
Abstracted Protocol #2
RAC
L2 Cache+Local Dir’
Global Dir
MainMemory
Home Cluster
Remote Cluster 1
Remote Cluster 2
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
RAC
L2 Cache+Local Dir’
![Page 16: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/16.jpg)
16FMCAD 2006
Abstraction
States Projection
Transitions Overapproximation
![Page 17: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/17.jpg)
17FMCAD 2006
Abstraction on States
Intra-cluster details
Inter-cluster details
![Page 18: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/18.jpg)
18FMCAD 2006
Abstracting Transitions
Rule-based system: guard action; Relaxing guards
Relaxing expr values
Remove stmt
Procs[p].WbMsg.Cmd = WB_Wb
→
Procs[p].L2.Data := Procs[p].WbMsg.Data;
Procs[p].L2.HeadPtr := L2; …
true→Procs[p].L2.Data := d; …
![Page 19: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/19.jpg)
19FMCAD 2006
Detecting Bugs in M
When a real error is found in Mi
Fix bug in M
Regenerate Mi’s
Iterate the process
![Page 20: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/20.jpg)
20FMCAD 2006
Refinement
When a bogus error found in Mi
Analyze and find out problematic rule
g → a
Locate original rule in M
G → A
Add a new lemma in one abstracted protocol
G => P
Strengthen rule into
g Λ P → a
![Page 21: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/21.jpg)
21FMCAD 2006
1
M1
1. False alarm found Remote cluster-1 can
modify its L2 line arbitrarily
Details of Refinement (I)
true → …
![Page 22: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/22.jpg)
22FMCAD 2006
2. Locate the original rule in M
before abstraction Guard: when the local dir receives
a WB from an L1 cache
Details of Refinement (II)
1
M1
Procs[p].WbMsg.Cmd = WB
→ …
![Page 23: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/23.jpg)
23FMCAD 2006
3. Strengthen problematic rule in 1. Only when local dir is exclusive,
could L2 modify its line
Details of Refinement (III)
1
M1
3
true &
Procs[p].L2.State = Excl
→ …
![Page 24: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/24.jpg)
24FMCAD 2006
4. Why strengthening is sound?
Details of Refinement (IV)
1
M1
3
![Page 25: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/25.jpg)
25FMCAD 2006
4. We can add a new lemma in M2
Details of Refinement (V)
M1
1 3
M2
4
Procs[p].WbMsg.Cmd = WB
=>
Procs[p].L2.State = Excl
![Page 26: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/26.jpg)
26FMCAD 2006
One Detail
Excl: 1
Home Cluster
Remote Cluster 1
Remote Cluster 2
Excl
Excl
Invld
Invld
1
23
45
1 Req_E 2 Req_E 3 Fwd_ReqE
4 Fwd_ReqE 5 Gnt_E
![Page 27: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/27.jpg)
27FMCAD 2006
Original Transitions (I)
GUniMsg[src].Cmd = RDX_RAC &
GUniMsg[src].Cluster = r &
Procs[r].L2.Gblock_WB = false &
Procs[r].L2.State = Excl &
Procs[r].L2.HeadPtr != L2
…
undefine GUniMsg[src];
GUniMsg[src].Cmd := GUNI_None;
![Page 28: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/28.jpg)
28FMCAD 2006
Original Transitions (II)
Procs[r].ShWbMsg.Cmd = SHWB_FAck &
src_node = L2
…
true &
ABSProcs[r].L2.State = Excl &
ABSProcs[r].RAC.State = Inval &
ABSProcs[r].L2.Gblock_WB = false &
GUniMsg[src].Cmd = RDX_RAC &
GUniMsg[src].Cluster = p
…
![Page 29: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/29.jpg)
29FMCAD 2006
Adding A Variable
Excl: 1
Home Cluster
Remote Cluster 1
Remote Cluster 2
Excl
Excl
Invld
Invld
1
23
45
ifKeepMsg: boolean
![Page 30: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/30.jpg)
30FMCAD 2006
Soundness of the Approach
Goal If M1 and M2 can be model checked correct
w.r.t. the coherence property Ф in M, M must
also be correct w.r.t Ф
![Page 31: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/31.jpg)
31FMCAD 2006
Soundness Proof
Temporal Induction Initial states
Each var has the same value in M, M1 and M2
Each newly added lemma is checked in M1 and M2
Each property is checked
Suppose soundness in state s
![Page 32: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/32.jpg)
32FMCAD 2006
Soundness Proof (II)
h1, h2, r11, r12, r21, r22
h1, h2, r12, r22
h1, r11, r12, r22
h1’, h2’, r11’, r12’, r21’, r22’g a
g1 & p1 a1
h1’, h2’, r12’, r22’
g2 & p2 a2
h2’, r11’, r12’, r22’
M
M1
M2
![Page 33: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/33.jpg)
33FMCAD 2006
Experiment Results
A real bug found
10 iterations of refinements The size of each error trace is < 12
One person-day of work
![Page 34: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/34.jpg)
34FMCAD 2006
Protocol Number of states
M > 161,876,000
M1 31,919,219
M2 78,689,678
Reduction
64-bit Murphi
IA-64 with 20GB of memory
![Page 35: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/35.jpg)
35FMCAD 2006
Outline
Two hierarchical protocols Inclusive
Non-inclusive
A compositional approach Abstraction
Counter-example guided refinement
Soundness
![Page 36: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/36.jpg)
36FMCAD 2006
Caching Hierarchy
Inclusive
Exclusive
Non-inclusive
![Page 37: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/37.jpg)
37FMCAD 2006
A Non-Inclusive Hierarchical Protocol
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
Global Dir
MainMemory
Home ClusterRemote Cluster 1
Remote Cluster 2
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
![Page 38: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/38.jpg)
38FMCAD 2006
Protocol Differences
Broadcasting channels
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
SnoopMsg[]
![Page 39: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/39.jpg)
39FMCAD 2006
Imprecise Local Directory
LDirL1-1 GDir
Req_S
(S) S: L1-1
L1-2
(I)Swap
Broadcast
NAckFwd_Req
Gnt_S
Gnt_S
S: L1-2Imprecision!
![Page 40: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/40.jpg)
40FMCAD 2006
Verification Difficulty
Coherence properties Can involve multiple L1 caches
Refinement Noninterference lemmas cannot infer L2 cache
line states, from local behaviors
![Page 41: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/41.jpg)
41FMCAD 2006
An Example
Excl
Excl Invld
Invld
Excl Invld
WB WB
L2:
(Excl, data1) (Excl, data2)
L2:
(Invld, *) (Excl, data2)
![Page 42: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/42.jpg)
42FMCAD 2006
Two Approaches of Refinement
Inferring “exclusive” from Outside the cluster
Inside the cluster
![Page 43: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/43.jpg)
43FMCAD 2006
Infer exclusive From Outside
Invld
Excl Invld
WB
L2:
(Invld, *) (Excl, data2)
IsExcl(p) Ξ
Dir.State = Excl &
GUniMsg[p].Cmd != (ACK || IACK || ImACK) &
GUniMsg[h].Cmd != (ACK || IACK || ImACK) &
GWbMsg.Cmd = GWB_None &
( (GShWbMsg.Cmd = GSHWB_None &
Dir.Headptr = p) ||
(GShWbMsg.Cmd = DXFER &
GShWbMsg.Cluster = p))
Cluster p
![Page 44: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/44.jpg)
44FMCAD 2006
Refinement Example
Invld
Excl Invld
WB
L2:
(Invld, *) (Excl, data2)
Cluster p p.WbMsg.Cmd = WB
=>
IsExcl(p)
(Invld & IsExcl(p), *)
(Excl, data2)
![Page 45: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/45.jpg)
45FMCAD 2006
Infer exclusive From Inside
M1 M2
![Page 46: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/46.jpg)
46FMCAD 2006
Definition of IE
IE(p):
exists i: L1_caches
(p.L1(i).state = Excl or
p.SnoopMsg(i).Cmd = (Put or PutX) or
p.UniMsg(i).Cmd = PutX) or
p.WbMsg.Cmd = WB or
p.ShWbMsg.Cmd = ShWb or
p.ShWbMsg.Cmd = FAck
![Page 47: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/47.jpg)
47FMCAD 2006
Refinement
Invld
Excl Invld
WB
L2:
(Invld, *) (Excl, data2)
Cluster p Procs[p].WbMsg.Cmd = WB &
Procs[p].L2.Stae = Invld
=>
IE(p)
(Invld & IE(p), *)
(Excl, data2)
![Page 48: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/48.jpg)
48FMCAD 2006
Soundness
Still holds by adding the extra bits “IE”
![Page 49: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/49.jpg)
49FMCAD 2006
Experiment Results
17 iterations of refinements
Size of each error trace is < 8
Protocol Number of states
M > 1,521,900,000
M1 234,478,105
M2 283,124,383
![Page 50: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/50.jpg)
50FMCAD 2006
Outline
Two hierarchical protocols Inclusive
Non-inclusive
A compositional approach Abstraction
Counter-example guided refinement
Soundness
![Page 51: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/51.jpg)
51FMCAD 2006
Conclusion
Developed 2-level hierarchical protocols
Proposed a compositional approach Abstraction
Bug fixing
Refinement
Proved the soundness
![Page 52: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/52.jpg)
52FMCAD 2006
Related Work
FMCAD’04 Chou et. al., A simple method for
parameterized verification of cache coherence
protocols
CHARME’99 McMillan, Verification of infinite state systems
by compositional model checking
![Page 53: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/53.jpg)
53FMCAD 2006
For Details
http://www.cs.utah.edu/formal_verification/
![Page 54: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/54.jpg)
54FMCAD 2006
A Multicore Coherence Protocol
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
Global Dir
MainMemory
Home ClusterRemote Cluster 1
Remote Cluster 2
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
![Page 55: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/55.jpg)
55FMCAD 2006
About the Bug
IACK
![Page 56: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/56.jpg)
56FMCAD 2006
Another Decomposing Approach
Split protocols hierarchically Intra-cluster protocol
Inter-cluster protocol
![Page 57: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/57.jpg)
57FMCAD 2006
Intra-cluster Protocol
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
Cluster
Environment
![Page 58: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/58.jpg)
58FMCAD 2006
Inter-cluster Protocol
RAC
L2 Cache+Local Dir’
Global Dir
MainMemory
Home ClusterRemote Cluster 1
Remote Cluster 2
RAC
L2 Cache+Local Dir’
RAC
L2 Cache+Local Dir’
![Page 59: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/59.jpg)
59FMCAD 2006
Verification Difficulty
Environment
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
Global Dir
MainMemory
Home ClusterRemote Cluster 1
Remote Cluster 2
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
RAC
L2 Cache+Local Dir
L1 Cach
e
L1 Cach
e
![Page 60: 1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.](https://reader030.fdocuments.us/reader030/viewer/2022032800/56649d3e5503460f94a16ba3/html5/thumbnails/60.jpg)
60FMCAD 2006
An Example Scenario
Excl: 1
Home Cluster
Remote Cluster 1
Remote Cluster 2
Excl
Excl
Invld
Invld
1
23
6
4
5
7 NACK
1 Req_E 2 Req_E 3 Fwd_ReqE
4 Swap 5 Req_E 6 Fwd_ReqE
7