Advertisement

Proof of Correctness of a Processor with Reorder Buffer Using the Completion Functions Approach

  • Ravi Hosabettu
  • Mandayam Srivas
  • Ganesh Gopalakrishnan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1633)

Abstract

The Completion Functions Approach was proposed in [HSG98] as a systematic way to decompose the proof of correctness of pipelined microprocessors. The central idea is to construct the abstraction function using completion functions, one per unfinished instruction, each of which specifies the effect (on the observables) of completing the instruction. In this paper, we show that this “instruction-centric” view of the completion functions approach leads to an elegant decomposition of the proof for an out-of-order execution processor with a reorder buffer. The proof does not involve the construction of an explicit intermediate abstraction, makes heavy use of strategies based on decision procedures and rewriting, and addresses both safety and liveness issues with a clean separation between them.

Keywords

Model Check Decision Procedure Proof Obligation Program Counter Instruction Memory 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. BDL96.
    Clark Barrett, David Dill, and Jeremy Levitt. Validity checking for combinations of theories with equality. In Mandayam Srivas and Albert Camilleri, editors, Formal Methods in Computer-Aided Design, FMCAD’ 96, volume 1166 of LNCS, pages 187–201. Springer-Verlag, November 1996. 47CrossRefGoogle Scholar
  2. CRSS94.
    D. Cyrluk, S. Rajan, N. Shankar, and M. K. Srivas. Effective theorem proving for hardware verification. In Ramayya Kumar and Thomas Kropf, editors, Theorem Provers in Circuit Design, TPCD’ 94, volume 910 of LNCS, pages 203–222. Springer-Verlag, September 1994. 47Google Scholar
  3. GW98.
    Ganesh Gopalakrishnan and Phillip Windley, editors. Formal Methods in Computer-Aided Design, FMCAD’ 98, volume 1522 of LNCS, Palo Alto, CA, USA, November 1998. Springer-Verlag. 59, 59Google Scholar
  4. HGS99.
    Ravi Hosabettu, Ganesh Gopalakrishnan, and Mandayam Srivas. A proof of correctness of a processor implementing Tomasulo’s algorithm without a reorder buffer. 1999. Submitted for publication. 58Google Scholar
  5. Hos99.
    Ravi Hosabettu. PVS specification and proofs of all the examples verified with the completion functions approach, 1999. Available at http://www.cs.utah.edu/~hosabett/pvs/processor.html. 53
  6. HP90.
    John L. Hennessy and David A. Patterson. Computer Architecture: A Quantitative Approach. Morgan Kaufmann, San Mateo, CA, 1990. 48Google Scholar
  7. HSG98.
    Ravi Hosabettu, Mandayam Srivas, and Ganesh Gopalakrishnan. Decomposing the proof of correctness of pipelined microprocessors. In Hu and Vardi [HV98], pages 122–134. 47, 48, 48, 50, 52, 57, 59Google Scholar
  8. HV98.
    Alan J. Hu and Moshe Y. Vardi, editors. Computer-Aided Verification, CAV’ 98, volume 1427 of LNCS, Vancouver, BC, Canada, June/July 1998. Springer-Verlag. 59, 59, 59Google Scholar
  9. JSD98.
    Robert Jones, Jens Skakkebaek, and David Dill. Reducing manual abstraction in formal verification of out-of-order execution. In Gopalakrishnan and Windley [GW98], pages 2–17. 49, 49Google Scholar
  10. McM98.
    Ken McMillan. Verification of an implementation of Tomasulo’s algorithm by compositional model checking. In Hu and Vardi [HV98], pages 110–121. 49Google Scholar
  11. ORSvH95.
    Sam Owre, John Rushby, Natarajan Shankar, and Friedrich von Henke. Formal verification for fault-tolerant architectures: Prolegomena to the design of PVS. IEEE Transactions on Software Engineering, 21(2):107–125, February 1995. 48CrossRefGoogle Scholar
  12. PA98.
    Amir Pnueli and Tamarah Arons. Verification of data-insensitive circuits: An in-order-retirement case study. In Gopalakrishnan and Windley [GW98], pages 351–368. 49, 49Google Scholar
  13. SH98.
    J. Sawada and W. A. Hunt, Jr. Processor verification with precise exceptions and speculative execution. In Hu and Vardi [HV98], pages 135–146.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Ravi Hosabettu
    • 1
  • Mandayam Srivas
    • 2
  • Ganesh Gopalakrishnan
    • 1
  1. 1.Department of Computer ScienceUniversity of UtahSalt Lake City
  2. 2.Computer Science LaboratorySRI InternationalMenlo Park

Personalised recommendations