A method for debugging of pipelined processors in formal verification by Correspondence Checking

Presented is a method for debugging of pipelined processors in their formal verification with the highly automatic and scalable approach of Correspondence Checking, where a pipelined/superscalar/VLIW implementation is compared against a non-pipelined specification via an inductive correctness criterion based on symbolic simulation in a way that guarantees the correctness of the implementation for all possible execution scenarios. The benefit from the proposed method increases with the complexity of the processor under formal verification. For a 12-stage VLIW processor that imitates the Intel Itanium in many features, the method reduced the size of the EUFM correctness formulas from buggy processors by up to an order of magnitude, the number of Boolean variables in the equivalent propositional correctness formulas and the number of 1s in the counterexample traces by up to 2 orders of magnitude, and resulted in an average speedup in detecting the bugs of 2 orders of magnitude, thus increasing the productivity of the processor designers.

[1]  Miroslav N. Velev,et al.  Automatic Abstraction of Memories in the Formal Verification of Superscalar Microprocessors , 2001, TACAS.

[2]  Adnan Darwiche,et al.  A New Clause Learning Scheme for Efficient Unsatisfiability Proofs , 2008, AAAI.

[3]  Harsh Sharangpani,et al.  Itanium Processor Microarchitecture , 2000, IEEE Micro.

[4]  Amir Pnueli,et al.  The small model property: how small can it be? , 2002 .

[5]  Randal E. Bryant,et al.  Processor verification using efficient reductions of the logic of uninterpreted functions to propositional logic , 1999, TOCL.

[6]  Nikil D. Dutt,et al.  Functional verification of programmable embedded architectures - a top-down approach , 2005 .

[7]  Adnan Darwiche,et al.  A Lightweight Component Caching Scheme for Satisfiability Solvers , 2007, SAT.

[8]  Miroslav N. Velev,et al.  Exploiting signal unobservability for efficient translation to CNF in formal verification of microprocessors , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[9]  Miroslav N. Velev,et al.  Integrating formal verification into an advanced computer architecture course , 2003, IEEE Transactions on Education.

[10]  Shuvendu K. Lahiri,et al.  Experience with term level modeling and verification of the M*CORE/sup TM/ microprocessor core , 2001, Sixth IEEE International High-Level Design Validation and Test Workshop.

[11]  Mark Aagaard,et al.  Relating Multi-step and Single-Step Microprocessor Correctness Statements , 2002, FMCAD.

[12]  Randal E. Bryant,et al.  Boolean satisfiability with transitivity constraints , 2000, TOCL.

[13]  Randal E. Bryant,et al.  Formal verification of superscalar microprocessors with multicycle functional units, exceptions, and branch prediction , 2000, Proceedings 37th Design Automation Conference.

[14]  Eugene Goldberg,et al.  BerkMin: A Fast and Robust Sat-Solver , 2002 .

[15]  J. Burch Techniques for verifying superscalar microprocessors , 1996, 33rd Design Automation Conference Proceedings, 1996.

[16]  David A. Patterson,et al.  Computer Architecture: A Quantitative Approach , 1969 .

[17]  Miroslav N. Velev,et al.  Formal Verification of VLIW Microprocessors with Speculative Execution , 2000, CAV.

[18]  Sharad Malik,et al.  Chaff: engineering an efficient SAT solver , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[19]  David L. Dill,et al.  Automatic verification of Pipelined Microprocessor Control , 1994, CAV.

[21]  Randal E. Bryant,et al.  TLSim and EVC: a term-level symbolic simulator and an efficient decision procedure for the logic of equality with uninterpreted functions and memories , 2005, Int. J. Embed. Syst..

[22]  David L. Dill,et al.  Self-Consistency Checking , 1996, FMCAD.

[23]  Füsun Özgüner,et al.  Teaching future verification engineers: the forgotten side of logic design , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[24]  Kavita Ravi,et al.  Minimal Assignments for Bounded Model Checking , 2004, TACAS.

[25]  Miroslav N. Velev,et al.  Using Automatic Case Splits and Efficient CNF Translation to Guide a SAT-solver when Formally Verifying Out-Of-Order Processors , 2004, AI&M.

[26]  Anna Philippou,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2018, Lecture Notes in Computer Science.

[27]  John P. Hayes,et al.  Collection and Analysis of Microprocessor Design Errors , 2000, IEEE Des. Test Comput..

[28]  Alex Groce,et al.  Making the Most of BMC Counterexamples , 2005, BMC@CAV.

[29]  Miroslav N. Velev Using positive equality to prove liveness for pipelined microprocessors , 2004 .

[30]  Mark Aagaard,et al.  A framework for superscalar microprocessor correctness statements , 2003, International Journal on Software Tools for Technology Transfer.

[31]  Miroslav N. Velev,et al.  Automatic Abstraction of Equations in a Logic of Equality , 2003, TABLEAUX.

[32]  Paul Gastin,et al.  Minimization of Counterexamples in SPIN , 2004, SPIN.

[33]  Miroslav N. Velev,et al.  Automatic Formal Verification of Liveness for Pipelined Processors with Multicycle Functional Units , 2005, CHARME.

[34]  G.E. Moore,et al.  Cramming More Components Onto Integrated Circuits , 1998, Proceedings of the IEEE.

[35]  Randal E. Bryant,et al.  Superscalar Processor Verification Using Efficient Reductions of the Logic of Equality with Uninterpreted Functions to Propositional Logic , 1999, CHARME.

[37]  Randal E. Bryant,et al.  Effective use of Boolean satisfiability procedures in the formal verification of superscalar and VLIW microprocessors , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[38]  Randal E. Bryant,et al.  Exploiting positive equality and partial non-consistency in the formal verification of pipelined microprocessors , 1999, DAC '99.

[39]  Hai Zhou,et al.  BDD Based Procedures for a Theory of Equality with Uninterpreted Functions , 2003, Formal Methods Syst. Des..