Deductive Verification of Pipelined Machines Using First-Order Quantification

  • Sandip Ray
  • Warren A. HuntJr.
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3114)

Abstract

We outline a theorem-proving approach to verify pipelined machines. Pipelined machines are complicated to reason about since they involve simultaneous overlapped execution of different instructions. Nevertheless, we show that if the logic used is sufficiently expressive, then it is possible to relate the executions of the pipelined machine with the corresponding Instruction Set Architecture using (stuttering) simulation. Our methodology uses first-order quantification to define a predicate that relates pipeline states with ISA states and uses its Skolem witness for correspondence proofs. Our methodology can be used to reason about generic pipelines with interrupts, stalls, and exceptions, and we demonstrate its use in verifying pipelines mechanically in the ACL2 theorem prover.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Hunt Jr., W.A.: FM8501: A Verified Microprocessor. LNCS (LNAI), vol. 795. Springer, Heidelberg (1994)MATHGoogle Scholar
  2. 2.
    Manolios, P.: Mechanical Verification of Reactive Systems. PhD thesis, Department of Computer Sciences, The University of Texas at Austin (2001)Google Scholar
  3. 3.
    Aagaard, M.D., Cook, B., Day, N., Jones, R.B.: A Framework for Microprocessor Correctness Statements. In: Margaria, T., Melham, T.F. (eds.) CHARME 2001. LNCS, vol. 2144, pp. 443–448. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Burch, J.R., Dill, D.L.: Automatic Verification of Pipelined Microprocessor Control. In: Dill, D.L. (ed.) CAV 1994. LNCS, vol. 818, pp. 68–80. Springer, Heidelberg (1994)Google Scholar
  5. 5.
    Srivas, M., Bickford, M.: Formal Verification of a Pipelined Microprocessor. IEEE Software, 52–64 (1990)Google Scholar
  6. 6.
    Bronstein, A., Talcott, T.L.: Formal Verification of Pipelines based on Stringfunctional Semantics. In: Claesen, L.J.M. (ed.) Formal VLSI Correctness Verification, VLSI Design Methods II, pp. 349–366 (1990)Google Scholar
  7. 7.
    Sawada, J., Hunt Jr, W.A.: Trace Table Based Approach for Pipelined Microprocessor Verification. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 364–375. Springer, Heidelberg (1997)Google Scholar
  8. 8.
    Sawada, J., Hunt Jr, W.A.: Processor Verification with Precise Exceptions and Speculative Execution. In: Hu, A.J., Vardi, M.Y. (eds.) CAV 1998. LNCS, vol. 1427, pp. 135–146. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Hosabettu, R., Gopalakrishnan, G., Srivas, M.: Verifying Advanced Microarchitectures that Support Speculation and Exceptions. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, Springer, Heidelberg (2000)CrossRefGoogle Scholar
  10. 10.
    Jhala, R., McMillan, K.: Microarchitecture verification by compositional model checking. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, p. 396. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Bryant, R.E., German, S., Velev, M.N.: Exploiting positive equality in a logic of equality with uninterpreted functions. In: Halbwachs, N., Peled, D.A. (eds.) CAV 1999. LNCS, vol. 1633, pp. 470–482. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  12. 12.
    Lahiri, S.K., Bryant, R.E.: Deductive Verification of Advanced Out-of-Order Microprocessors. In: Hunt Jr, W.A., Somenzi, F. (eds.) Computer-Aided Verification (CAV), pp. 341–354. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. 13.
    Manolios, P.: Correctness of pipelined machines. In: Johnson, S.D., Hunt Jr., W.A. (eds.) FMCAD 2000. LNCS, vol. 1954, pp. 161–178. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Manolios, P., Namjoshi, K.S., Sumners, R.: Linking theorem proving and model-checking with well-founded bisimulation. In: Halbwachs, N., Peled, D.A. (eds.) CAV 1999. LNCS, vol. 1633, pp. 369–379. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  15. 15.
    Sumners, R.: An Incremental Stuttering Refinement Proof of a Concurrent Program in ACL2. In: Kaufmann, M., Moore, J.S. (eds.) Second InternationalWorkshop on ACL2 Theorem Prover and Its Applications, Austin, TX (2000)Google Scholar
  16. 16.
    Kaufmann, M., Manolios, P., Moore, J.S.: Computer-Aided Reasoning: An Approach. Kluwer Academic Publishers, Dordrecht (2000)Google Scholar
  17. 17.
    Kaufmann, M., Manolios, P., Moore, J.S. (eds.): Computer-Aided Reasoning: ACL2 Case Studies. Kluwer Academic Publishers, Dordrecht (2000)Google Scholar
  18. 18.
    Moore, J.S.: Proving Theorems about Java and the JVM with ACL2. Models, Algebras, and Logic of Engineering Software, 227–290 (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Sandip Ray
    • 1
  • Warren A. HuntJr.
    • 1
  1. 1.Department of Computer SciencesUniversity of Texas at Austin 

Personalised recommendations