Abstract
We present a new approach to the verification of hardware systems with data dependencies using temporal logic symbolic model checking. As a benchmark we take Tomasulo’s algorithm [10] for out-of-order instruction scheduling. Our approach is similar to the idea of uninterpreted function symbols [4]. We use symbolic values and instructions instead of concrete ones. This allows us to show the correctness of the machine independently of the actual instruction set architecture and the implementation of the functional units. Instead of using first order terms as in [4], we represent symbolic values with a new compact encoding. In addition, we apply some other reduction techniques to the model. This significantly reduces the state space and allows the use of highly efficient symbolic model checkers like SMV instead of special decision procedures. The correctness of the method has been proven formally with the PVS theorem prover.
This research is sponsored by the Semiconductor Research Corporation (SRC) under Contract No. 97-DJ-294, the National Science Foundation (NSF) under Grant No. CCR-9505472, and the Defense Advanced Research Projects Agency (DARPA) under Contract No. DABT63-96-C-0071. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of SRC, NSF, DARPA, or the United States Government.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
R. E. Bryant. Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers, 35(8):677–691, 1986.
J. R. Burch. Techniques for verifying superscalar microprocessors. In 33rd Design Automation Conference (DAC’96), pages 552–557, 1996.
J. R. Burch, E. M. Clarke, and K. L. McMillan. Symbolic model checking: 1020 states and beyond. Information and Computation, 98:142–170, 1992.
J. R. Burch and D. L. Dill. Automatic verification of pipelined microprocessor control. In D. L. Dill, editor, CAV’94, volume 818 of LNCS. Springer-Verlag, 1994.
E. Clarke and E. A. Emerson. Design and synthesis of synchronization skeletons using branching time temporal logic. In Proceedings of the IBM Workshop on Logics of Programs, volume 131 of LNCS, pages 52–71. Springer-Verlag, 1981.
E. M. Clarke, E. A. Emerson, and A. P. Sistla. Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM Transactions on Programming Languages and Systems, 8(2):244–263, 1986.
E. M. Clarke and S. Jha. Symmetry and induction in model checking. Number 1000 in LNCS. Springer-Verlag, 1995.
W. Damm and A. Pnueli. Verifying out-of-order executions. In D. Probst, editor, CHARME’97. Chapman & Hall, 1997. To appear.
L. Gwennap. Intel’s P6 uses decoupled superscalar design. Microprocessor Report, 9(2):9–15, 1995.
J. Hennessy and D. Patterson. Computer Architecture: A Quantitative Approach. Morgan Kaufmann Publishers, 1996.
R. Hojati and R. K. Brayton. Automatic datapath abstraction of hardware systems. In CAV’95. Springer-Verlag, 1995.
R. Hosabettu, M. Srivas, and G. Gopalakrishnan. Decomposing the proof of correctness of pipelined microprocessors. In Moshe Y. Vardi, editors. CAV’98, number 1427 in LNCS, 1998 Hu and Vardi [13], pages 122–134.
Alan J. Hu and Moshe Y. Vardi, editors. CAV’98, number 1427 in LNCS, 1998.
S. L. Peyton Jones. The Implementation of Functional Programming Languages. Prentice-Hall, 1987.
Peter M. Kogge. The Architecture of Symbolic Computers. McGraw-Hill, 1991.
K. L. McMillan. Symbolic Model Checking: An Approach to the State Explosion Problem. Kluwer Academic Publishers, 1993.
K. L.McMillan. Verification of an implementation of tomasulo’s algorithm by compositional model checking. In Moshe Y. Vardi, editors. CAV’98, number 1427 in LNCS, 1998 Hu and Vardi [13], pages 110–121.
K. Sajid, A. Goel, H. Zhou, A. Aziz, and V. Singhal. BDD based procedures for a theory of equality with uninterpreted functions. In Moshe Y. Vardi, editors. CAV’98, number 1427 in LNCS, 1998 Hu and Vardi [13], pages 244–255.
J. Sawada and W. A. Hunt. Processor verification with precise exceptions and speculative execution. In Moshe Y. Vardi, editors. CAV’98, number 1427 in LNCS, 1998 Hu and Vardi [13], pages 135–146.
N. Shankar, S. Owre, and J. M. Rushby. PVS Tutorial. Computer Science Laboratory, SRI International, 1993.
J. U. SkakkebÆk, R. B. Jones, and D. L. Dill. Formal verification of out-of-order execution using incremental flushing. In Moshe Y. Vardi, editors. CAV’98, number 1427 in LNCS, 1998 Hu and Vardi [13], pages 98–109.
M. N. Velev and R. E. Bryant. Bit-level abstraction in the verification of pipelined microprocessors by correspondence checking. 1998. Submitted for publication.
D. H. D. Warren. An abstract prolog instruction set. Tech. Note 309, SRI, 1983.
P. Wolper. Expressing interesting properties of programs in propositional temporal logic. In Proceedings of the 13th annual ACM Symposium on Principles of Programming Languages (POPL’86), pages 184–193. ACM, 1986.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Berezin, S., Biere, A., Clarke, E., Zhu, Y. (1998). Combining Symbolic Model Checking with Uninterpreted Functions for Out-of-Order Processor Verification. In: Gopalakrishnan, G., Windley, P. (eds) Formal Methods in Computer-Aided Design. FMCAD 1998. Lecture Notes in Computer Science, vol 1522. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49519-3_24
Download citation
DOI: https://doi.org/10.1007/3-540-49519-3_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65191-8
Online ISBN: 978-3-540-49519-2
eBook Packages: Springer Book Archive