Deductive Verification of Pipelined Machines Using First-Order Quantification

We outline a theorem-proving approach to verify pipelined machines. Pipelined machines are complicated to reason about since they involve simultaneous overlapped execution of different instructions. Nevertheless, we show that if the logic used is sufficiently expressive, then it is possible to relate the executions of the pipelined machine with the corresponding Instruction Set Architecture using (stuttering) simulation. Our methodology uses first-order quantification to define a predicate that relates pipeline states with ISA states and uses its Skolem witness for correspondence proofs. Our methodology can be used to reason about generic pipelines with interrupts, stalls, and exceptions, and we demonstrate its use in verifying pipelines mechanically in the ACL2 theorem prover.

[1]  Mark Aagaard,et al.  A Framework for Microprocessor Correctness Statements , 2001, CHARME.

[2]  Kedar S. Namjoshi,et al.  Linking Theorem Proving and Model-Checking with Well-Founded Bisimulation , 1999, CAV.

[3]  Shuvendu K. Lahiri,et al.  Deductive Verification of Advanced Out-of-Order Microprocessors , 2003, CAV.

[4]  Warren A. Hunt FM8501: A Verified Microprocessor , 1994, Lecture Notes in Computer Science.

[5]  Ganesh Gopalakrishnan,et al.  Proof of Correctness of a Processor with Reorder Buffer Using the Completion Functions Approach , 1999, CAV 1999.

[6]  Jun Sawada,et al.  Processor Verification with Precise Exeptions and Speculative Execution , 1998, CAV.

[7]  Ranjit Jhala,et al.  Microarchitecture Verification by Compositional Model Checking , 2001, CAV.

[8]  Mark Bickford,et al.  Formal verification of a pipelined microprocessor , 1990, IEEE Software.

[9]  Jun Sawada,et al.  Trace Table Based Approach for Pipeline Microprocessor Verification , 1997, CAV.

[10]  Ganesh Gopalakrishnan,et al.  Verifying Advanced Microarchitectures that Support Speculation and Exceptions , 2000, CAV.

[11]  David L. Dill,et al.  Automatic verification of Pipelined Microprocessor Control , 1994, CAV.

[12]  Panagiotis Manolios Correctness of Pipelined Machines , 2000, FMCAD.

[13]  Randal E. Bryant,et al.  Exploiting Positive Equality in a Logic of Equality with Uninterpreted Functions , 1999, CAV.

[14]  Panagiotis Manolios Mechanical verification of reactive systems , 2001 .