TriCheck: Memory Model Verification at the Trisection of Software, Hardware, and ISA

by   Caroline Trippel, et al.

Memory consistency models (MCMs) which govern inter-module interactions in a shared memory system, are a significant, yet often under-appreciated, aspect of system design. MCMs are defined at the various layers of the hardware-software stack, requiring thoroughly verified specifications, compilers, and implementations at the interfaces between layers. Current verification techniques evaluate segments of the system stack in isolation, such as proving compiler mappings from a high-level language (HLL) to an ISA or proving validity of a microarchitectural implementation of an ISA. This paper makes a case for full-stack MCM verification and provides a toolflow, TriCheck, capable of verifying that the HLL, compiler, ISA, and implementation collectively uphold MCM requirements. The work showcases TriCheck's ability to evaluate a proposed ISA MCM in order to ensure that each layer and each mapping is correct and complete. Specifically, we apply TriCheck to the open source RISC-V ISA, seeking to verify accurate, efficient, and legal compilations from C11. We uncover under-specifications and potential inefficiencies in the current RISC-V ISA documentation and identify possible solutions for each. As an example, we find that a RISC-V-compliant microarchitecture allows 144 outcomes forbidden by C11 to be observed out of 1,701 litmus tests examined. Overall, this paper demonstrates the necessity of full-stack verification for detecting MCM-related bugs in the hardware-software stack.


Contract-based verification of a realistic quantum compiler

In this paper, we present CertiQ, a mostly-automated verification framew...

Open-Source Memory Compiler for Automatic RRAM Generation and Verification

The lack of open-source memory compilers in academia typically causes si...

Bring Your Own Codegen to Deep Learning Compiler

Deep neural networks (DNNs) have been ubiquitously applied in many appli...

AutoSVA: Democratizing Formal Verification of RTL Module Interactions

Modern SoC design relies on the ability to separately verify IP blocks r...

2L-3W: 2-Level 3-Way Hardware-Software Co-Verification for the Mapping of Deep Learning Architecture (DLA) onto FPGA Boards

FPGAs have become a popular choice for deploying deep learning architect...

Security Properties for Stack Safety

What exactly does "stack safety" mean? The phrase is associated with a v...

Please sign up or login with your details

Forgot password? Click here to reset