20 Resources for Finding Processor Verification Internships

Subscribe  contactContact
July 30, 2010

Finding an internship in processor design and verification can be difficult if you don’t know where to look. In addition to our own internship program, Obsidian has compiled a list of 20 processor designers who operate internship / co-op programs. We believe that co-ops are the future of our industry and that supporting their efforts in finding employment is beneficial to the industry as a whole.

  1. Apple – Jobs for Student and New Grads
  2. AMD – Co-op / Intern Program
  3. ARM – Student Internships and Engineering Placements
  4. Broadcom – Internship / Co-op Program
  5. Centaur Technology – Internships
  6. Cisco Systems – Graduate Careers & Internships / Co-ops
  7. Freescale Semiconductor – Student Intern / Co-op Program
  8. Fujitsu Labs America – Internship and Job Opportunities
  9. IBM – Intern / Co-op Opportunities
  10. Intel – Internships
  11. LSI – College Recruiting and Internships
  12. Marvell – College Recruiting Programs
  13. NEC Labs – Internships
  14. NVIDIA – Intern and Co-op Programs
  15. Oracle – Internships at Sun Microsystems Labs
  16. Qualcomm – Internship Programs
  17. Samsung – Internships
  18. ST Ericsson – Student Opportunities
  19. Texas Instruments – Opportunities for Students & New College Grads
  20. Xilinx – Internship and Co-op Programs

Posted in Microprocessor Verification | No Comments »

Obsidian Software Announces Microprocessor Test and Verification Scholarship

Subscribe  contactContact
July 6, 2010

Obsidian Software, an electronic design automation company, announced today the offering of several scholarships for students to attend the 11th annual Microprocessor Test and Verification workshop ( MTVCon.org) in Austin, Texas.

The scholarships will be made available to graduate students performing research in the field of processor verification and to recent graduates with less than three years experience.

“We believe MTV is an important event that defines Austin as a worldwide hub for processor verification”, said Eric Hennenhoefer, CEO of Obsidian Software. “Obsidian is proud to sponsor and collaborate on this world-class event.”  2010 will mark the fifth year of sponsorship for Obsidian.

The deadline for scholarship applications is October 1, 2010. Potential applicants are encouraged to apply online at: http://www.obsidiansoft.com/community/mtvcon-scholarship/

About MTVCon

The purpose of MTV is to bring together researchers and practitioners to exchange innovative ideas and to develop new methodologies for solving difficult challenges facing the processor design community.

About Obsidian Software

Obsidian Software, a privately held company, has been providing processor verification products, verification consulting and training services to processor designers and semiconductor fabs since 1997. Obsidian’s RAVEN software has been used to successfully verify dozens of processor implementations by many of the world’s leading semiconductor companies. Obsidian has been recognized as part of the INC500, Austin Heavy Hitters, and Austin Fast 50.

Contacts:

Obsidian Software
Saturday Schroder
Marketing Coordinator
(512) 330-9818 x 113
saturday@obsidiansoft.com

http://www.obsidiansoft.com

 Microprocessor Test and Verification Workshop
Magdy S. Abadir
General Chair

M.Abadir@freescale.com

http://www.mtvcon.org

###



Posted in Obsidian News | No Comments »

Obsidian Software Expands Worldwide, Allies With EDAcon Partners

Subscribe  contactContact
June 16, 2010

Persistent Link to this Article

Obsidian Software, Inc., a growing processor verification company, and EDAcon Partners Ltd., a sales and marketing outsourcing company, announced today the expansion of Obsidian’s sales internationally. Both companies stand to benefit from the rising strength in the semiconductor industry, which has outperformed the broader technology sector thus far this year.

“EDA firms like Obsidian Software are positioned to grow in this economy and can take advantage of our global network of representatives, knowing that an experienced manager is driving their sales in the specified territories,” said Coby Hanoch, President and CEO of EDAcon Partners. Hanoch founded EDAcon Partners in 2007. Prior to this, Hanoch established sales offices in North America, Europe and Asia while serving as VP of Worldwide Sales for Verisity Design, Inc. and VP of Verification Sales at Cadence Design Systems, Inc.

Obsidian’s engineering team specializes in processor design testing through creation of functional test suites and random test generators. Austin and Silicon Valley have always been profitable for Obsidian, but with chip sales up worldwide, Obsidian is positioned to grow internationally.

EDAcon offers a sales outsourcing model for EDA vendors, saving companies like Obsidian significant resources by providing a worldwide network of experienced sales representatives. EDAcon sales representatives are local to each country and have a proven track record of selling EDA products.

“Through this investment in sales, Obsidian will continue to expand its reach in the semiconductor industry and advance our reputation as a leader in processor verification. We have demonstrated a strong track record across a variety of architectures such as ARM, MIPS, X86, Power ISAs, and proprietary RISC/CISC implementations for SoC core designs,” said Mark Glenewinkel, COO of Obsidian Software.

About Obsidian Software

Obsidian Software, a privately held company, has been providing processor verification products, verification consulting and training services to processor designers and semiconductor fabs since 1997. Obsidian’s RAVEN software has been used to successfully verify dozens of processor implementations by many of the world’s leading semiconductor companies. Obsidian has been recognized as part of the INC500, Austin Heavy Hitters, and Austin Fast 50.

About EDAcon Partners

EDAcon Partners enables EDA and IP vendors to outsource their sales activities, including definition of sales strategy and development of marketing materials. With its worldwide network of representatives, EDAcon Partners provides an instant sales channel with proven abilities, saving EDA and IP vendors the enormous investment in time and money needed to find and ramp up representatives in every country.

Contacts:

Obsidian Software
Saturday Schroder, Marketing
(512) 330-9818 x 113
saturday@obsidiansoft.com

http://www.obsidiansoft.com

EDAcon Partners
Coby Hanoch
+972-545-421-321
coby@edacon-partners.com

http://www.edacon-partners.com

Tags:
Posted in Obsidian News | No Comments »

Top 20 DVClub Processor Presentations

Subscribe  contactContact
June 8, 2010

We thought that it might make for interesting reading to compile a list of the best processor presentations from past DVClub events.

For those of you unfamiliar with DVClub, membership is free and is open to all non-service provider semiconductor professionals. Most members work in verification, but there are also plenty of entrepreneurs, professors, students, managers, investors, and even design engineers who attend. If you’re interested and would like to learn more, why not join the club?

Chuck Alley, IBM
Using PSL and FoCs for Functional Coverage Verification

Bob Colwell, Intel (Retired)
The Validation Attitude

Raj Dayal, Qualcomm
Managing Deployment of SVAs in Your Project

Ish Kumar Dham, Texas Instruments
Design Verification to Application Validation of a Multiprocessor SoC

Sanjay Gupta, IBM
Cell Verification Metrics

Narasimha Karunakar, AMD
Low-Power Verification Challenges

Mark A Firstenberg, IBM
Experience with Formal Methods, Especially Sequential Equivalence Checking

Jai Kumar, Sun
Leveraging Low-Cost FPGA Prototyping for Validation of Highly Threaded Server-on-Chip

John Ludden, IBM
Mainline Functional Verification of IBM’s POWER7 Processor Core

Milind Padhye, Freescale
Wireless Low Power and Verification Challenges

Somdipta Basu Roy, Texas Instruments
OMAP Verification

Scott Runner, Qualcomm
Verification of Wireless SoCs: No Longer in the Dark Ages

Sakar Jain, Freescale
Verification of the QorIQ Communication Platform’s CoreNet Fabric with SystemVerilog

Shahram Salamian, Intel
Intel Atom Processor Pre-Silicon Verification Experience
CPU Verification Metrics

Jason Stinson, Intel
Pre-Si Verification for Post-Si Validation

Paul Tobin, AMD
Verification in a Global Design Community

Durgam Vahia, Sun
Mapping Server-Class Multi-Threaded OpenSPARC T1 Processor Core on FPGAs

David Williamson, ARM
Verification Metrics

Paul Zehr, Intel
Intel Xeon Pre-Silicon Validation

Tags: , , , , ,
Posted in Microprocessor Verification | No Comments »

Power7 Verification: It’s Not Rocket Science (It’s More Advanced)

Subscribe  contactContact
May 26, 2010

By Hemendra Talesara

Complexity

In his recent presentation discussing verification of the Power7 processor, John Ludden of IBM opened with a quote from an IBM exec more than a decade ago. “it’s not rocket science”- a perception held by some members of the management and design communities at that time.

However, designs have become a whole lot more complex over time. The Power7 processor at 45nm has 1.2B transistors on a 567 sq. mm die, supporting 8 cores with 4 threads each, an on-chip eDRAM, 3 levels of caches and 2 DDR memory controllers. Yet as verification complexity multiplies in this multi-threaded design, it’s very helpful to have some of the more advanced tools and methodology at your disposal.

Tools and Methodology

Fortunately for Ludden and the Power7 team, IBM has invested in verification technology for years (in spite the quote from the exec). The company continues to develop and rely on in-house tools for many of the advanced verification technologies for processor-specific testing. These include the test-bench, multi-thread test generators, hardware accelerators, formal and semi-formal tools, micro-architecture checkers (API based), cache coherency checkers and coverage tools. Exercisers
originally developed for post-silicon validation were used to exploit the hardware acceleration platform. Forty-five thousand coverage points were organized to assist with big picture and were used to re-direct the test generator and exercisers for accelerators.

To support corner case testing for events that occur rarely, especially in multi-threaded scenarios, software irritator threads were used. These irritators are capable of creating the worst possible contentions. Through their application, twenty-three high quality bugs were revealed hiding in the corners.

A methodical application of these tools and technology clearly captured and advanced the industry best practices.

Designing for Verification

Designing for Verification was an important element in managing the overall risk to verification time line. IBM minimized the risks by maintaining a tight interaction between the specification and verification teams during the design phase and allowing the verification team to maintain architectural changes. “Chicken switches” were placed in silicon that allowed verification team to back-off an area considered risky or possible of otherwise compromising the verification effort. These switches provide workarounds, with some small impact on performance but no functional change, for accessing difficult to verify micro architectural features. Hardware irritators were also used to enable stress testing of corner cases in both pre-silicon and post-silicon testing.

Conclusion

The Power7 draws many architectural features from the Power5 and 6 designs, although it is a much more complex and powerful processor with a much shorter verification cycle. Ludden and the Power7 team accomplished this remarkable feat with a lot of foresight in planning, metrics collection and careful execution. Tight interlocking between metrics collected and verification plan was key part of tracking mechanism and functional closure. This project should serve as an example of how to plan for and manage risks in a complex verification project.

Kudos to John and the IBM team. His full presentation can be downloaded here.

Tags: , , ,
Posted in Verification Planning | No Comments »

Apple’s Intrinsity Acquisition

Subscribe  contactContact
May 24, 2010

Obsidian Software congratulates both Apple and Intrinsity on their acquisition deal that closed late last month. Obviously, the need for faster chips in mobile devices has Apple seeking to secure an advantage over competitors with this purchase. According to the New York Times, industry analysts speculate it’s Intrinsity’s technology that gives the iPad’s A4 chip its beefed up 1 GHz processing power. Intrisity’s patented technology provides more speed with lower power requirements, giving a significant edge over other ARM-compatible models. The NYT quoted Tom R. Halfhill, a well-known chip analyst for Microprocessor Report, saying Intrinsity’s price was in the neighborhood of $121 million. Certainly, this is an easy price for Apple to pay given that the iPad’s sales have outpaced the iPhone in the first month after launch by more than two to one.

As we rely on our mobile devices more as mini computers and less as simple phones, processing power becomes increasingly vital for companies like Apple. Nearly 90% of US households have a cell phone, yet voice minutes use has flat lined while more households increasingly give up their landlines. We’re still using our phones, but using them more and more for data and less for talking.

When Steve Jobs introduced the iPad, he referred to the A4 as the best and most complicated chip Apple ever designed. Intrisity worked closely with a division of Samsung Austin Semiconductor, said to be the largest chip manufacturing plant in North America that builds the A4 chips for Apple. Intrinsity CEO, Bob Russo, credited the partnership with Samsung for bringing visibility to the relatively small, 100-employee company based in Austin, Texas.

What does this mean for Austin?

This acquisition brings focus once again to Austin, Texas, a city increasingly important in the microprocessor field. Before this acquisition, Intrinsity was a David competing with Goliaths such as Texas Instruments and Freescale Semiconductor, both based in Austin. They were also going head to head with Intel Corp.’s Austin-designed Atom processor. Clearly when it comes to fast chips, there’s quite a lot going on in Austin, Texas.

Naturally, Austin is also becoming a hub for processor verification. Game-changing advances in chip performance call for equally nimble and innovative advances in processor verification. Obsidian Software and Intrinsity share a common passion for excellence and innovation, they were both founded in 1997 in Austin, and Mark McDermott, former VP of Engineering for Intrinsity sits on Obsidian’s Advisory Board.

Has the processor business turned?

The Intrinsity deal is the second chip acquisition for Apple in two years. Recall Apple’s purchase of PA Semi in 2008. Companies who design cutting edge mobile devices are increasingly choosing to do processor design and to some extent verification. Are these purchases by Apple part of a defensive strategy to stay ahead of emerging technologies funded by increasingly scarce venture capital? Or will we see a new generation of innovation come from the Intrinsity team that is now a part of Apple?

Companies such as Qualcomm, NVIDIA, and Marvell build their own unique ARM chips for their devices. Perhaps the line between device makers and chip makers will become increasingly blurred as both camps work to gain market advantage through increased vertical integration.

Further Reading:

IEEE Spectrum – Forecasting Apple’s Intrinsity Acquisition

Mac Daily News – Apple’s Intrinsity Deal is a Snapdragon Slayer

Austin Business Journal – Apple Inc. Acquires Intrinsity

Anandtech – Apple’s Intrinsity Acquisition: Winners and Losers

NY Times – Intel and Qualcomm Eye Each Other’s Terrain

Tags: ,
Posted in Microprocessor Verification | No Comments »

Intelligent Testbench vs. Random Test Generator

Subscribe  contactContact
March 11, 2010

By Melanie Typaldos

The idea of an intelligent testbench has long been of interest in functional processor verification, although it has always seemed to fall short of expectations when it comes down to just what degree of “intelligence” is really involved. Throughout this document, we will present the argument that a sophisticated, well-evolved, dynamic random test generator, when used as part of a complete verification plan, can be of more value than marketing-driven intelligent verification products.

Defining Intelligent Testbench

An accurate definition of “intelligent testbench” is difficult to find, so let’s begin with that offered by Wikipedia. The intelligent testbench is described as something that “uses information derived from the design and existing test description to automatically update the test description to target design functionality not verified, or covered by the existing tests”[1]. This implies that a feedback loop exists which is capable of creating new test sequences based on what has and has not yet been tested. Other than this closed loop system, the concept is very similar to that of a random test generator.

Not all Test Generators are Created Equally

I remember at one time, we were speaking with a potential client who said something along the lines of “I don’t know why you people want so much money for this RAVEN thing. I can just get a co-op to write one in a week.” He wasn’t wrong in his assumption that a relatively unskilled engineer could conceivably write a generator in a short amount of time. However, the old adage remains that you get what you pay for. A generator of this sort would be incapable of effectively verifying a design of any complexity whatsoever. This is analogous to running every instruction followed by every other instruction and calling verification complete. There are no standard methodologies for constructing test generators, and each one will have different methods for achieving randomness, different capabilities in pipeline exploration, varying abilities in multi-processor testing, etc.

Functional Coverage

Many intelligent testbench products claim to automatically create test sequences based on pre-designated coverage points. However, the belief that hitting every coverage point means that your design is verified is a big mistake. By the very fact that coverage points are singular points in a vast space, they cannot cover the entire design. Engineers can work hundreds of hours writing more coverage points, but it will never be enough to completely verify the design. Because of this, our test generator uses templates (created by engineers) that automatically create sequences to hit not only the coverage point, but also other behaviors around that point.

Figure 1. Abbreviated Flow of Randomness

Random Stimulus Compared to Feedback Looping

RAVEN is very good at what it does; it is designed to hit both simple and complex behaviors randomly with little direction from human users. For instance, if we’re looking at instruction A followed by instruction B with operands X, Y and Z, then we’re going to hit that randomly with ease. Constrained-random templates can replace 95-98% of all directed test sequences. It’s only a matter of time and simulation power applied before we randomly hit all of these simple scenarios and many of the complex ones as well.

The whole point here is that coverage points that are easy to direct (i.e. via feedback), will have already been covered by virtue of random testing. Highly complex behaviors and difficult-to-reach corner cases require a significant degree of architectural knowledge, and they are too difficult and too architecturally dependent to effectively be covered by a piece of software. If an effective feedback loop could be done with good logic or programming skills, we would have already done it.

“At a recent ASIC verification panel discussion at DesignCon, a question was asked about intelligent testbenches — something promised for a long time but not really delivered by the EDA companies. One of the panel members from a design company responded, and said that if you ever tell his engineers that his testbenches are not intelligent then he would be very upset. I am sorry but I have to break the news to him. Testbenches are dumb!” – Brian Bailey [2]

The Promise of Eliminating Redundant Testing

Eliminating “redundant testing” via software is a dangerous thing to do. Suppose that we have two similar sequences of 20 instructions, but the second test has one instruction that is different. Are those tests redundant? They seem like it, and they have a lot in common. But depending on what those instructions are, what registers they use, what the pipeline looks like and whether they took exceptions, that one instruction can be the one that makes the difference. So it’s dangerous for a piece of software to make the supposition that this test is redundant. It could very well be that this next instruction could be the one that reveals an error.

When I was working at a major processor company several years ago, we found a case in silicon where the processor would hang for seemingly no reason. What we found was that an illegal access to a register was causing the error approximately 1000 instructions before the hang would occur. This taught me that sometimes even the designer is not aware of the conditions that can lead to a bug. Designers may know their own block, but the interactions between the blocks can be very complex, and oftentimes this can be confusing even for experienced engineers. So I think that it’s really dangerous to assume that you can get rid of redundant tests in this manner.

But this is not to say that ineffective tests should be continually simulated. Test templates should remain in the suite only as long as they continue to uncover errors. When it no longer seems like it’s finding bugs, that template should be archived and replaced by another. But having a piece of software decide that for you is not a good thing.

[1] Wikipedia: Intelligent Verification
[2] Brian Bailey: Constrained Random Test Struggles to Live Up to Promises

Tags: , , , ,
Posted in Verification Planning | No Comments »

Is There Hope for the US Fab Industry?

Subscribe  contactContact
March 5, 2010

For the past two quarters analysts have been telling us that we’re on the upswing of the crash. In their World Fab Forecast, published in May, San Jose industry research firm Semi predicted that the outlook for fabs in 2010 was fair with “signs of increasing investment.” The firm projected that global market leaders with access to significant capital would be responsible for leading much of the market recovery. One major factor in this equation is Intel, who Semi predicted will make significant investments in US based fab construction. This is interesting news considering that fab investment in China, Europe and Japan are now at a 10 year low.

Whether Intel can pull the US market out of the red has yet to be seen however. The company recently announced that their manufacturing deal with TSMC is now on hiatus due to a lack of demand among consumers for more Atom based devices. In addition, Intel seems to be favoring overseas locations to US based sites for new fab construction.

Intel is set to begin production of chipsets in a new China based facility later this year, and it seems likely that Haifa will be selected as the site of the next 22nm fab considering their gains in 2009 and the closing of the Ireland facility. Two of Intel’s six US based facilities are scheduled to be closed this year according to Semi’s map of closing/closed frontend fabs, shown below. Other major players include Toshiba, who is currently contemplating the creation of a new $8.9B fab in Japan and giant TSMC, who is holding strong despite recent challenges with wafer costs and 11 straight quarterly losses.

Although it is unclear if Intel intends to make additional investments into the remaining US fabs, hopefully the current race among NAND flash manufacturers can bolster the US market. Electronics manufacturer Samsung is pushing hard to open a new Austin facility in 2010 that will be the largest chip fab in North America. Additionally, Texas Instruments is set to begin production at its new analog fab in Richardson, TX later this year, and GlobalFoundries is planning the creation of a new facility in Saratoga, NY.

Map of Closed and Closing Fabs

View Closed/Will be Closed Frontend Semiconductor Fabs in a larger map

Tags: ,
Posted in Microprocessor Verification | No Comments »

Multicore Verification of an ARM Processor

Subscribe  contactContact
November 10, 2009

The goal of multi-processor verification, simply put, is to find errors that emerge when individual CPUs interact with each other. This typically involves behaviors encountered when sharing various resources such as caches, registers and main memory. Multi-processor (MP) errors are among the most difficult to debug in all of functional verification, especially given the complexity modern MP systems. This document serves to outline Obsidian’s random testing methodology for verifying caches. Although written specifically for the ARM architecture, the underlying methodology of this paper may be applied generally to encompass other designs as well.

Don’t Begin Multi-Processor Testing Before You’re Ready

One of the core principles of Obsidian’s verification methodology is to catch every possible bug in the simplest possible configuration. That stands to reason that the single processor configuration needs to be thoroughly verified with a high degree of confidence before MP verification begins. The reason for this is simple – if the same bugs can be found in a simpler processor configuration, much less time will go to waste. Multiplied hundreds of times over, this savings in time can result in a time-to-market improvement of weeks or even months.

Beginning Multi-Processor Verification with Non-Sharing Tests

The first stage of MP testing that we implement is non-sharing. The goal at this stage is to find and correct errors that occur with the least amount of sharing as possible to simplify debugging and save time troubleshooting complex scenarios.

In the initial stages of MP verification, it’s best to divide the memory up into large partitions that are each allocated to a single processor core. Some sharing will always exist between the CPUs in spite of restrictions. This is due to the way that multiple CPUs behave upon reset (i.e. beginning the execution stream at the same reset address) and because complex MP systems typically require each CPU to be aware of their own CPU number (i.e. CPU0, CPU1, etc.).

Ideally, sharing should be minimized as much as possible at this stage of verification, although it is impossible to eliminate it altogether. If the architecture permits, it’s also beneficial to start with paging disabled to simplify debugging. This eliminates the possibility of errors where one physical address is mapped to multiple pages by more than one CPU.

With these restrictions imposed, large numbers of random test sequences are generated and debugged as needed. Once errors become extremely sparse in this mode of testing, the memory is divided up into cache lines which are each assigned to allow accesses by only a particular CPU. A more complex environment is then created in which more complex bugs can be found, such as paging errors. As before, copious amounts of random test sequences are generated and more errors will be found.

Some verification teams will completely forgo the large partition phase of false-sharing and start by immediately dividing the memory into cache lines. While this does work, it also tends to complicate debugging and forces the verification team being to prematurely deal with paging issues while debugging simple errors.

False-Sharing Multi-Processor Tests

The false-sharing arrangement is similar to the second stage of non-sharing in that the memory is divided up into cache lines. In this mode, multiple CPUs are allowed to hit the same cache lines, but not the exact same physical addresses. What this does is allow the cache accesses to come very close to each other without hitting the same spots. Several cache problems can be found and corrected using this method.

Debugging caches in this way greatly simplifies the process of testing actual shared memory and better limits the occurrence of simple errors in complex scenarios. At every stage of the process, it is important to perform cacheable and non-cacheable testing as there may be bugs lurking in both of these areas.

True-Sharing Multi-Processor Tests

True-sharing tests are more complex as they allow multiple CPUs to access the same physical memory addresses. In both deterministic and in non-deterministic modes, tests generated by RAVEN are guaranteed to execute correctly regardless of timing issues including fast or slow memory or insertion of external interrupts.

Deterministic True-Sharing

As a simplified example of deterministic true-sharing, let us assume that we are verifying a dual CPU configuration. We begin by dividing up the execution stream using semaphores. Each divided zone may contain different numbers of instructions for each CPU with varying amounts of memory accesses, exceptions, etc. Because of this, some CPUs may complete their zones more quickly than others. During the same semaphore, the CPUs are unaware of values written by the other. Not until the semaphore has been completed will the CPUs sync up again and be aware of the other’s transactions. Once this happens, CPU0 can determine that it is legal to write to a line that CPU1 completed in the last semaphore. Upon completion of all zones, final values are compared, checking for consistency and errors. Although our rules are much more complicated than this, the example should elaborate on the kind of errors that can occur in MP verification. Because our tool implements complex rules, the test generated can determine if memory location will be deterministic or non-deterministic based on execution divided by semaphores. This is how we do deterministic sharing and actual reads and writes to the same physical memory addresses. This can find a lot of bugs.

Non-Deterministic True-Sharing

Non-deterministic true-sharing is the most complex mode of sharing and should always be conducted as the final stage of MP verification. In this method, we don’t use semaphores to divide up the execution stream, but instead allow CPUs to read addresses that are being written by other CPUs. If two CPUs write to the same address, then a read of this address will result in an unknown value. If this value was intended for use in address generation or arithmetic calculation, then the result of these tasks will be unknown, and verification becomes much more difficult. Non-deterministic registers then cannot be used as sources, but only destinations until they take on deterministic values.

If non-deterministic transactions set flags, then the flag register must immediately be re-written. This is especially important in ARM processors where every instruction is conditionally executed. If something is done that results in a flag, the next instruction must be set to always execute regardless of flag values and perform the additional step of re-writing the flags. We have settings and rules that determine what percentage of registers are allowed to become non-deterministic based on their type (i.e FPR, GPR, etc.). So we do have some pretty complicated algorithms for handling determinism and non-determinism and determining legality of actions.

Non-deterministic tests become much more difficult to debug because you will have a list of possible values for each access and the errors can be timing dependent. These areas are important to cover, but they should be done last as the difficulty in debugging errors of this type is extremely high.

Verifying the Snooping Mechanism

One of the most critical areas in MP verification is cache coherence. Errors of this type can be detrimental to practical operation of the design. For example, it is possible to have errors in which data integrity is compromised due to multiple CPUs accessing shared memory.

To further illustrate an error of this type, let us assume that we are verifying two CPUs that both share a single L1 cache. At some point the L1 cache will have an image of data that resides in the main memory. If both CPUs write to the same cache line of the L1, then it is necessary to verify that the correct values get written back to main memory.

Adding an L2 memory to a situation such as this makes matters even more complicated. In this case, cache lines in the L1 will be an image taken the L2, which itself contains portions of data in the main memory. However, there is now the additional problem of L1 data being written back to main memory without crossing the L2. This creates a corresponding line of L2 cache that must now be invalidated to avoid errors.

Further conflicts can occur if a CPU flushes a cache line in the L1 that another CPU has written to, was going to write to, or is in the process of writing to. Fox example, suppose that we have a four CPU situation with two L1 caches, each being shared by a pair of CPUs and an L2 that is shared by all four CPUs. This is a common paradigm in MP designs. In this situation, it is physically possible for CPUs 0 /1 to write to the same line of memory as CPUs 2/3, creating another situation that has to be resolved. Each cluster of CPUs must then ask the other if for permission to read/write to main memory to avoid conflicts.

Verification of Shared Registers

One of the great things about having a random test generator is that it can effectively deal with obscure cases and propagate them across multiple CPUs. In the case of shared registers, we can divide them up into an arrangement similar to our true sharing example or allow only one CPU to handle all the shared registers. We can also use semaphores to do time/execution division of accesses and do non-deterministic testing, although this depends on the type of register. Although shared registers present some unique challenges, they also allow for some different opportunities to take advantage of.

These are all complicated issues which may be further compounded by timing issues. Errors such as these are what MP verification is really about and where the bulk of the errors can be found.

Tags: , , , ,
Posted in RTL Verification | No Comments »

Verification Planning for ARM Architectures

Subscribe  contactContact
October 8, 2009

By Melanie Typaldos and Tim Short

The early stages of functional verification present several unique challenges that must be overcome to achieve first silicon on schedule. This article identifies several common problems that Obsidian recently encountered in the verification of a new ARM based processor design and discusses how the RAVEN random test generator was used in overcoming these obstacles.

Eliminating Bottlenecks

Many organization want to begin verification as soon as the first logical unit of RTL becomes available. However, the tool-chain (i.e. assembler, linker, compiler, etc.) often lags behind RTL development and architectural changes, creating a bottleneck in verification. RAVEN allows verification teams to completely bypass this problem and begin identifying functional errors before the tool-chain is implemented. Customers using RAVEN can have reported large productivity gains over directed testing, especially in the beginning and intermediate stages of verification – hitting 95-98% of all required coverage points using random tests.

Verifying Intermediate RTL

Let’s assume that the ALU unit of your design is ready for testing at an early stage, but the MMU, floating-point and load/store units are not. Some teams might begin by testing each instruction in order, varying only one or two operands for the sake of expedience. However, this creates a problem. Following this methodology, only a small portion of the RTL will be tested and the entire design will be exposed to errors that should have been corrected early on. With the same investment in time, RAVEN can produce significantly better results with only slight modifications to the default template.

Start Test
Random Instruction (ALU)………………..min=10     max=20
End Test

RAVEN template files are used to designate which behaviors should be tested. At the most basic level, these templates provide the ability to interchange instruction groups, instruction quantity, and selection of operands. More advanced configurations allow for the biasing of certain exceptions and addressing/operand modes. This ability is important in the sense that it allows additional behaviors to be added incrementally as bugs are discovered and new areas of the RTL become available in emerging designs.

In the case of our ALU example, the Random Instruction control can be directed to use only instructions in the ALU group and can even disable the selection of individual instructions within that group. Available instructions can then be tested with an almost infinite number of parameter configurations. As further instruction groups and processor features become available (e.g. integer divide, MMU, load/store) RAVEN templates can be automatically updated to include these new behaviors. Simply re-generating the same templates then allows for the creation of thousands of new tests.

Planning for Bugs in Your Testing Methodology

As you’re creating your first tests, it’s important to think about how long they’ll take to simulate and debug. Smart design teams take into account where they are in the development cycle and the amount of processing power available for simulation when creating tests. This way tests can be run and completed within a targeted amount of time.

When a generated test hits a bug, it’s also much easier to isolate and identify the error if it is detected in a test with ten instructions rather than one with a thousand instructions. Even if you hit a bug in only one out of every thousand tests of ten instructions, this is still beneficial when compared to the time required to debug large tests.

Once you’re able to generate 10-20K short tests without finding errors, then it’s time to move up to tests of a hundred instructions and eventually on to tests of a thousand instructions. The reasoning here is that the more rare your bugs then become, the more dependent they will be on processor state, and longer tests will be more useful in this respect. Changing the quantity of instructions in a RAVEN template is as easy as adding extra zeros and regenerating.

Once bugs are found, RAVEN can be configured to continue testing around the error by disabling access to problematic behaviors in the RTL. Most internally developed generators don’t have this fine-grained level of control. It’s far easier for RAVEN to hit new behaviors while avoiding others that aren’t yet ready to be tested than for most other EDA tools on the market.

Tags: , , , , ,
Posted in Verification Planning | No Comments »

This website uses a Hackadelic PlugIn, Hackadelic SEO Table Of Contents 1.7.3.