FPGA Towards Verified Hardware Compilation · Performance Extreme Computing (HPEC), 2013. oughput 0...

John WickersonImperial College London

FMATS Workshop, Microsoft Research Cambridge, 24 Sep 2018

Towards Verified Hardware Compilation

John Wickerson Towards Verified Hardware Compilation

Collaborators 2

Nadesh Ramanathan George Constantinides

Hardware Compilation? 3

Hardware Compilation?• Also called "high-level synthesis".

• Basic idea: translate C (or OpenCL, or …) to Verilog.

• Custom hardware can be 10x faster and 10x more power-efficient than running software on a processor.

(1) S.O. Settle, "High-performance Dynamic Programming on FPGAs with OpenCL", in High Performance Extreme Computing (HPEC), 2013.

150022503000

CPU GPU FPGA

0255075

CPU GPU FPGA

Hardware Compilation? 4

Hardware Compilation?• Use of hardware compilers has grown ~20x since 2011.(2)

(2) S. Raje, "Extending the power of FPGAs to software developers", in Field-Programmable Logic and Applications (FPL), 2015. Keynote.

• There are ~19x more software engineers than hardware engineers.(3)

(3) United States Bureau of Labor Statistics, "Occupational Outlook Handbook, 2016–17 Edition", 2015.

• There are ~19x more software engineers than hardware engineers.(3)

• A user survey found "Lack of C-to-RTL formal verification" to be the biggest problem with hardware compilation.(4)

(3) United States Bureau of Labor Statistics, "Occupational Outlook Handbook, 2016–17 Edition", 2015.(4) Deep Chip, “Survey on HLS verification issues and power reduction”, 2014.

http://www.deepchip.com/items/0544-03.html

Hardware Compilation of Concurrency

Atomic operations 6

Atomic operations• Atomics must appear to execute instantaneously to

other threads

• Atomics provide a variety of ordering guarantees

other threads

r = atomic_load(&y, memory_order_acquire);if (r==1) { print(x); }

x = 1;atomic_store(&y, 1, memory_order_release);

other threads

r = atomic_load(&y, memory_order_acquire);if (r==1) { print(x); }

x = 1;atomic_store(&y, 1, memory_order_release);

atomic_store(&x, 1, memory_order_relaxed);

r1 = atomic_load(&x, memory_order_relaxed);r2 = atomic_load(&x, memory_order_relaxed);

Weak-memory concurrency is tricky!

• x86 proved tricky to formalise correctly.(5,6)

(5) Sarkar et al., POPL, 2009.(6) Owens et al., TPHOLs, 2009.

• Bug found in deployed "IBM Power 5" processors.(7)

(5) Sarkar et al., POPL, 2009.(6) Owens et al., TPHOLs, 2009.(7) Alglave et al., CAV, 2010.

• C++ specification did not guarantee its own key property.(8)

(5) Sarkar et al., POPL, 2009.(6) Owens et al., TPHOLs, 2009.(7) Alglave et al., CAV, 2010.(8) Batty et al., POPL, 2011.

• C++ specification did not guarantee its own key property.(8)

• Behaviour of NVIDIA's graphics processors contradicted their own programming guide.(9)

(5) Sarkar et al., POPL, 2009.(6) Owens et al., TPHOLs, 2009.(7) Alglave et al., CAV, 2010.(8) Batty et al., POPL, 2011.(9) Alglave et al., ASPLOS, 2015.

Compiling atomics 8

r = atomic_load(&y, memory_order_acquire);

Compiling atomics 8

**not supported**

Compiling atomics 9

lock();r = y;unlock();

Compiling atomics 10

r = y;

John Wickerson Towards Verified Hardware Compilation 11

Thread 1

Thread 3

Memory

MemoryMemory

Thread 2

other threads

x = 1;

r1 = x;r2 = x;

1 2 3 4r1 = x; load xr2 = x; load x

x = 1;

r1 = x;r2 = x;

1 2 3 4r1 = x; load xr2 = x; load x

1x = 1; store x

x = 1;

r1 = x;r2 = x;

x = 1;

r1 = x;r2 = x;

1x = 1; store x

1 2r1 = x; load xr2 = x; load x

x = 1;

r1 = x;r2 = x;

1x = 1; store x

x = 1;

r1 = x;r2 = x/a;

1x = 1; store x

x = 1;

r0 = y+y+y+y+y+y;r1 = x;r2 = x/a;

1x = 1; store x

1 2 3 4 5 … 36

r0 = y+y+y+ y+y+y;

load yload yload y

load yload y

load yr1 = x; load x

r2 = x/a;load x

divide

x = 1;

r0 = y+y+y+y+y+y;r1 = x;r2 = x/a;

1x = 1; store x

Constraints on scheduling 17

Constraints on scheduling• Two atomic accesses to the same location cannot be reordered.

• An atomic acquire load cannot be reordered with accesses that come later in program order

• An atomic release store cannot be reordered with accesses that come earlier in program order

• An atomic SC access cannot be reordered with any other access.

Results 18

(10)Ramanathan et al., "Hardware Synthesis of Weakly Consistent C Concurrency", FPGA, 2017

Checking correctness 19

Checking correctness• Ask Memalloy(11) for an execution that is forbidden

according to the C++ standard but is allowed by our scheduling constraints.

(11)Wickerson et al., "Automatically Comparing Memory Consistency Models", POPL, 2017

• Memalloy uses the Alloy model checker, which in turn uses a SAT-solving backend.

Can we do better?

1x = 1; store x

Sync-aware scheduling 23

s = atomic_load(&yr, memory_order_acquire);

if (s==1) { print(y); }

r = atomic_load(&xr, memory_order_acquire); if (r==1) { print(x); }

x = 1;

atomic_store(&xr, 1, memory_order_release);

y = 1;

atomic_store(&yr, 1, memory_order_release);

if (s==1) { print(y); }

x = 1;

y = 1;

if (s==1) { print(y); }

x = 1;

y = 1;

if (s==1) { print(y); }

x = 1;

y = 1;

if (s==1) { print(y); }

x = 1;

y = 1;

if (s==1) { print(y); }

x = 1;

y = 1;

if (s==1) { print(y); }

x = 1;

y = 1;

Longer paths too 30

x = 1;

atomic_store(&y, 1, memory_order_release);

r = atomic_load(&y, memory_order_acquire); if (r==1) { atomic_store(&z, 1, memory_order_release);}

s = atomic_load(&z, memory_order_acquire);

if (s==1) { print(x); }

Results 31

(12)Ramanathan et al., "Concurrency-Aware Thread Scheduling for High-Level Synthesis", FCCM, 2018

Poorly scaling analysis 32

x = 1;

atomic_store(&y, 1, memory_order_release);

r = atomic_load(&y, memory_order_acquire); if (r==1) { atomic_store(&z, 1, memory_order_release);}

s = atomic_load(&z, memory_order_acquire);

if (s==1) { print(x); }

r = atomic_load(&y, memory_order_acquire); r = atomic_load(&y, memory_order_acquire); if (r==1) { atomic_store(&z, 1, memory_order_release); atomic_store(&z, 1, memory_order_release); }

s = atomic_load(&z, memory_order_acquire);s = atomic_load(&z, memory_order_acquire);

if (s==1) { print(x); }

x = 1;

atomic_store(&y, 1, memory_order_release);atomic_store(&y, 1, memory_order_release);

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

• Our solution: enumerate only the "primary" paths.

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

if (s==1) { print(x); }

x = 1;

Checking correctness• As before, we use Memalloy to check that our constraints are

strong enough to guarantee C++ semantics.

Where next? 58

• Heavyweight: a fully verified hardware compiler (e.g. a Verilog backend for CompCert).

Where next? 58

• Heavyweight: a fully verified hardware compiler (e.g. a Verilog backend for CompCert).

• Lightweight: automatically generate and verify SystemVerilog assertions, à la RTLCheck.(13)

(13)Manerkar et al., "RTLCheck: Verifying the Memory Consistency of RTL Designs", MICRO, 2017.

John WickersonImperial College London

FMATS Workshop, Microsoft Research Cambridge, 24 Sep 2018

Towards Verified Hardware Compilation

FPGA Towards Verified Hardware Compilation · Performance Extreme Computing (HPEC), 2013. oughput 0...

Documents

FPGA Pinout - how to define pins for FPGA

VERSATILE FPGA PLATFORM Easy-access to FPGA technology

Cygnus: GPU meets FPGA for HPC - RIKEN R-CCS · 2020. 2. 27. · FPGA-GPU DMA (FPGA ← GPU) FPGA-GPU DMA (FPGA → GPU) direction via CPU FPGA-GPU DMA GPU→FPGA 17 1.44 FPGA→GPU

Development of Virtual FPGA lab and FPGA-based web browser

Building Multi-Processor FPGA Systems - eLinux.org · Building Multi-Processor FPGA Systems ... SoC/FPGA Hardware Architecture Overview ARM-to-FPGA ... Nios II SBT for Eclipse key

DS0128 Datasheet IGLOO2 FPGA and SmartFusion2 SoC FPGA

How FPGAs Have Evolved to Address Compute Acceleration and ... · FPGA Evolution: From FPGA to SoC to ACAP >> 5 First FPGA Introduced First Virtex FPGA Virtex-2 Pro First 3D FPGA

FPGA basedSystemDesign+ - Politecnico di Milanohome.deib.polimi.it/.../dida/phd/fpga/...VHDL_V0.pdf · FPGA basedSystemDesign+ VHDL Design Example Behavioral Speciﬁcation • A

FPGA computing @ SISSApeople.sissa.it/~inno/pubs/FPGA-computing.pdf · 2016-12-06 · FPGA Computing project ... FPGA (acronym of Field Programmable Gate Array ) is a misnomer

Nominal Prolog - John Wickerson · PDF fileProforma Name: John Wickerson College: Churchill College Project Title: Nominal Prolog Examination: Part II Computer Science Tripos Year:

FPGA Overview Die Photos: Virtex FPGA vs. Pentium IV

FPGA and CPLD Solutions - Subscribe | EE Catalogeproductalert.com/digitaledition/fpga/2010/FPGA and CPLD Solutions... · FPGA and CPLD Solutions ... (FMC VITA57) specification that

H‑oughput confocal imaging of˜di˚erentiat3D‑e spheroid …...H‑oughput confocal imaging of˜di˚erentiat3D‑e spheroid cellular stress response reporters for˜identi˛cation

1 FPGA Boards and FPGA-based Supercomputers. 2 ECE 448 FPGA and ASIC Design with VHDL Resources PCI

FPGA Prototyping: HDL migration and FPGA Debug · FPGA Prototyping: HDL migration and FPGA Debug The main difficulty in FPGA prototyping is the short development cycle for complete

A Very Rough Introduction to Linear Logic Very Rough Introduction to Linear Logic John Wickerson, Imperial College London Multicore Group Seminar January 7, 2014 John Wickerson, Imperial

ACT CIVIL & ADMINISTRATIVE TRIBUNALacat.act.gov.au/__data/assets/pdf_file/0005/1189094/...ACT CIVIL & ADMINISTRATIVE TRIBUNAL WICKERSON v CONSERVATOR OF FLORA AND FAUNA (Administrative

ESS | FPGA for Dummies | 2015-12-08 | Maurizio Donna FPGA for Dummies Basic FPGA architecture

CNES feedback on the ATF280E FPGA and Space FPGA Designer

FPGA based system design Programmable logic. FPGA Introduction FPGA Architecture Advantages & History of FPGA FPGA-Based System Design Goals