Abstract
Most industrial-size hardware verification problems are amenable to neither fully automated nor fully manual hardware verification methods. However, combinations of these two extremes, human-constructed proofs with automatically verified lower-level steps, seem to offer great promise. In this paper we discuss a formal verification case study based on such a combination of theorem-proving and model-checking techniques. The case study addresses the correctness of a floating-point divider unit of an Intel IA-32 microprocessor.
The verification was carried out in the Forte framework, which consists of a general-purpose theorem-prover, ThmTac, on top of a symbolic trajectory evaluation based model-checking engine. The correctness of the circuit was formulated and decomposed to smaller, automatically model-checkable, statements in a pre/postcondition framework. The other key steps of the proof involved relating bit vectors to integer arithmetic and general arithmetic reasoning.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. D. Aagaard, R. B. Jones, K. R. Kohatsu, R. Kaivola, and C.-J. H. Seger. Formal verification of iterative algorithms in microprocessors. In DAC, June 2000.
M. D. Aagaard, R. B. Jones, and C.-J. H. Seger. Lifted-fl: A pragmatic implementation of combined model checking and theorem proving. In L. Thery, editor, Theorem Proving in Higher Order Logics. Springer Verlag; New York, Sept. 1999.
M. D. Aagaard, T. F. Melham, and O. J. W. Xs are for trajectory evaluation, Booleans are for theorem proving. In CHARME. Springer Verlag; New York, Oct. 1999.
R. E. Bryant. Bit-level analysis of an SRT divider circuit. In DAC, pages 661–665, New York, June 1996. ACM.
Y.-A. Chen, E. Clarke, P.-H. Ho, Y. Hoskote, T. Kam, M. Khaira, J. O’Leary, and X. Zhao. Verification of all circuits in a floating-point unit using word-level model checking. In M. Srivas and A. Camilleri, editors, Formal Methods in CAD, volume 1166 of LNCS, pages 19–33, Palo Alto, CA, USA, Nov. 1996. Springer Verlag; New York.
C.-T. Chou. The mathematical foundation of symbolic trajectory evaluation. In CAV. Springer Verlag; New York, 1999.
E. M. Clarke, S. M. German, and X. Zhao. Verifying the SRT division algorithm using theorem proving techniques. In Rajeev Alur and Thomas A. Henzinger, editors, CAV, volume 1102 of LNCS, pages 111–122, New Brunswick, NJ, USA, July/Aug. 1996. Springer Verlag; New York.
E. M. Clarke, M. Khaira, and X. Zhao. Word level model checking-avoiding the Pentium FDIV error. In DAC, pages 645–648, New York, June 1996. ACM.
M. D. Ercegovac and T. Lang. Division and Square Root, Digit-Recurrence Algorithms and Implementations. Kluwer Academic, 1994.
M. Gordon. Programming combinations of deduction and BDD-based symbolic calculation. Technical Report 480, Cambridge Comp. Lab, 1999.
D. Gries. The Science of Programming. Springer-Verlag, 1981.
J. Harrison. A machine-checked theory of floating point arithmetic. In Y. Bertot, G. Dowek, A. Hirschowitz, C. Paulin, and L. Theŕy, editors, Theorem Proving in Higher Order Logics, pages 113–130. Springer Verlag; New York, Sept. 1999.
S. Hazelhurst and C.-J. H. Seger. A simple theorem prover based on symbolic trajectory evaluation and BDDs. IEEE Trans. on CAD, Apr. 1995.
S. Hazelhurst and C.-J. H. Seger. Symbolic trajectory evaluation. In T. Kropf, editor, Formal Hardware Verification, chapter 1, pages 3–78. Springer Verlag; New York, 1997.
IEEE. IEEE Standard for binary floating-point arithmetic. ANSI/IEEE Std 754-1985, 1985.
J. Joyce. Generic specification of digital hardware. In G. Jones and M. Sheeran, editors, Designing Correct Circuits, pages 68–91. Springer Verlag; New York, Sept. 1990.
A. Kaldewaij. Programming: The Derivation of Algorithms. Prentice-Hall, 1990.
J. S. Moore, T. W. Lynch, and M. Kaufmann. A mechanically checked proof of the AMD K-5 86 floating point division program. IEEE Trans. on Comp., 47(9):913–926, Sept. 1998.
J. O’Leary, X. Zhao, R. Gerth, and C.-J. H. Seger. Formally verifying IEEE compliance of floating-point hardware. Intel Technology Journal, Q1, Feb. 1999.
L. Paulson. ML for the Working Programmer, Cambridge University Press, 1996.
S. L. Peyton Jones. The Implementation of Functional Programming Languages. International Series in Computer Science. Prentice Hall, New York, 1987.
D. M. Russinoff. A mechanically checked proof of IEEE compliance of the floating point multiplication, division and square root algorithms of the AMD-K7 processor. J. of Comp. Math., 1:148–200, 1998. London Math. Soc.
C.-J. H. Seger and R. E. Bryant. Formal verification by symbolic evaluation of partially-ordered trajectories. Formal Methods in System Design, 6(2): 147–189, Mar. 1995.
P. J. Windley and M. Coe. A correctness model for pipelined microprocessors. In R. Kumar and T. Kropf, editors, Theorem Provers in Circuit Design, pages 32–51. Springer Verlag; New York, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kaivola, R., Aagaard, M.D. (2000). Divider Circuit Verification with Model Checking and Theorem Proving. In: Aagaard, M., Harrison, J. (eds) Theorem Proving in Higher Order Logics. TPHOLs 2000. Lecture Notes in Computer Science, vol 1869. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44659-1_21
Download citation
DOI: https://doi.org/10.1007/3-540-44659-1_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67863-2
Online ISBN: 978-3-540-44659-0
eBook Packages: Springer Book Archive