Exploiting Positive Equality in a Logic of Equality with Uninterpreted Functions
In using the logic of equality with unininterpreted functions to verify hardware systems, specific characteristics of the formula describing the correctness condition can be exploited when deciding its validity.We distinguish a class of terms we call “p-terms” for which equality comparisons can appear only in monotonically positive formulas. By applying suitable abstractions to the hardware model, we can express the functionality of data values and instruction addresses flowing through an instruction pipeline with p-terms. Adecision procedure can exploit the restricted uses of p-terms by considering only “maximally diverse” interpretations of the associated function symbols, where every function application yields a different value except when constrained by functional consistency.We present a procedure that translates the original formula into one in propositional logic by interpreting the formula over a domain of fixedlength bit vectors and using vectors of propositional variables to encode domain variables. By exploiting maximal diversity, this procedure can greatly reduce the number of propositional variables that must be introduced.
We present experimental results demonstrating the efficiency of this approach when verifying pipelined processors using the method proposed by Burch and Dill. Exploiting positive equality allows us to overcome the exponential blow-up experienced previously [VB98] when verifying microprocessors with load, store, and branch instructions.
KeywordsDecision Procedure Propositional Logic Positive Equality Function Symbol Domain Variable
- [Ack54]W. Ackermann, Solvable Cases of the Decision Problem, North-Holland, Amsterdam, 1954.Google Scholar
- [BBCZ98]S. Berezin, A. Biere, E. M. Clarke, and Y. Zhu, “Combining symbolic model checking with uninterpreted functions for out of order processor verification,” Formal Methods in Computer-Aided Design FMCAD’ 98, G. Gopalakrishnan and P. Windley, eds., LNCS 1522, Springer-Verlag, November, 1998, pp. 187–201.CrossRefGoogle Scholar
- [BGV99]R. E. Bryant, S. German, and M. N. Velev, “Processor verification using efficient reductions of the logic of uninterpreted functions to propositional logic,” Technical report CMU-CS-99-115, Carnegie Mellon University, 1999. Available as: http://www.cs.cmu.edu/~bryant/pubdir/cmu-cs-99-115.ps.
- [BD94]J. R. Burch, and D. L. Dill, “Automated verification of pipelined microprocessor control,” Computer-Aided Verification CAV’ 94, D. L. Dill, ed., LNCS 818, Springer-Verlag, June, 1994, pp. 68–80.Google Scholar
- [DPR98]W. Damm, A. Pnueli, and S. Ruah, “Herbrand automata for hardware verification,” 9th International Conference on Concurrency Theory CONCUR’ 98, Springer-Verlag, September, 1998.Google Scholar
- [HKGB97]R. Hojati, A. Kuehlmann, S. German, and R. K. Brayton, “Validity checking in the theory of equality with uinterpreted functions using finite instantiations,” Unpublished paper presented at the International Workshop on Logic Synthesis, 1997.Google Scholar
- [PRSS99]A. Pnueli, Y. Rodeh, O. Shtrichman, and M. Siegel, “Deciding equality formulas by small-domain instantiations,” Computer-Aided Verification CAV’ 99, this proceedings, 1999.Google Scholar