Results 11 
19 of
19
Deductive verification of advanced outoforder microprocessors
 IN COMPUTERAIDED VERIFICATION (CAV ’03), LNCS 2725
, 2003
"... ..."
Systematic Verification Of Pipelined Microprocessors
, 2000
"... This dissertation addresses the problem of formally verifying the correctness of pipelined microprocessors at the microarchitectural level of abstraction. Contemporary processor designs are highly complex, employing sophisticated performance enhancing techniques such as superscalar pipelining, out ..."
Abstract

Cited by 11 (0 self)
 Add to MetaCart
This dissertation addresses the problem of formally verifying the correctness of pipelined microprocessors at the microarchitectural level of abstraction. Contemporary processor designs are highly complex, employing sophisticated performance enhancing techniques such as superscalar pipelining, outoforder execution, branch prediction and speculative execution. Traditional simulation based validation methods do not guarantee that they uncover all the complex design bugs, and hence there is a need for formally verifying the correctness of these designs. We propose a systematic approach called the Completion Functions Approach to decompose and incrementally build the proof of correctness of pipelined microprocessors. The central idea is to construct the abstraction function using completion functions, one per un nished instruction, each of which specifies the effect on the programmer visible state components of completing the instruction. This construction of the abstraction function le...
Convergence Testing in TermLevel Bounded Model Checking
, 2003
"... We consider the problem of bounded model checking of systems expressed in a decidable fragment of firstorder logic. While model checking is not guaranteed to terminate for an arbitrary system, it converges for many practical examples, including pipelined processors. We give a new formal definition ..."
Abstract

Cited by 11 (3 self)
 Add to MetaCart
We consider the problem of bounded model checking of systems expressed in a decidable fragment of firstorder logic. While model checking is not guaranteed to terminate for an arbitrary system, it converges for many practical examples, including pipelined processors. We give a new formal definition of convergence that generalizes previously stated criteria. We also give a sound semidecision procedure to check this criterion based on a translation to quantified separation logic. Preliminary results on simple pipeline processor models are presented.
Revisiting Positive Equality
 IN TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS, VOLUME 2988 OF LNCS
, 2004
"... This paper provides a stronger result for exploiting positive equality in the logic of Equality with Uninterpreted Functions (EUF). Positive ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
This paper provides a stronger result for exploiting positive equality in the logic of Equality with Uninterpreted Functions (EUF). Positive
Logical Abstractions in Haskell
 In Proceedings of the 1999 Haskell Workshop
, 1999
"... ions in Haskell Nancy A. Day John Launchbury Je Lewis Oregon Graduate Institute of Science & Technology Abstract We describe a generalization of the Haskell Boolean type, which allows us to use existing decision procedures for reasoning about logical expressions. In particular, we have conne ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
ions in Haskell Nancy A. Day John Launchbury Je Lewis Oregon Graduate Institute of Science & Technology Abstract We describe a generalization of the Haskell Boolean type, which allows us to use existing decision procedures for reasoning about logical expressions. In particular, we have connected Haskell with a Binary Decision Diagram (BDD) package for propositional logic, and the Stanford Validity Checker for reasoning in quantierfree, rstorder logic. We have dened referentially transparent interfaces to these packages allowing the user to ignore the details of their imperative implementations. We found that having a tight connection between the provers and Haskell allows Haskell to serve as a metalanguage enhancing the capabilities of the provers. We illustrate the use of these packages for reasoning about a sort algorithm and a simple microprocessor model. In the sort example, the parametric nature of Haskell's polymorphism is used to lift the result of the BDD analysis to...
An Efficient Decision Procedure for the Logic of Counter Arithmetic, Constrained Lambda Expressions, Equality and Ordering with Uninterpreted Functions (CLUF)
, 2001
"... Verifiers for infinitestate systems must trade off between the expressiveness of modeling formalism and the efficiency and automation of the tool. Efficient methods have been devised for specific classes of systems, such as superscalar processors and systems with arbitrary size queues. However, to ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
Verifiers for infinitestate systems must trade off between the expressiveness of modeling formalism and the efficiency and automation of the tool. Efficient methods have been devised for specific classes of systems, such as superscalar processors and systems with arbitrary size queues. However, to model systems that are combinations of these classes, no one method works well enough. In this thesis, we present CLUF...
Verification of Pipelined Machines in ACL2
, 2000
"... We describe the ACL2 techniques used in a new approach to the verification of pipelined machines. Our notion of correctness is based on WEBs (Wellfounded Equivalence Bisimulations) [16, 18] and implies that the pipelined machine and the machine defined by the instruction set architecture have the s ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
We describe the ACL2 techniques used in a new approach to the verification of pipelined machines. Our notion of correctness is based on WEBs (Wellfounded Equivalence Bisimulations) [16, 18] and implies that the pipelined machine and the machine defined by the instruction set architecture have the same computations up to finite stuttering. We verify various variants of Sawada's simple machine [22, 21], including machines with exceptions, interrupts, nondeterminism, and ALUs described in part at the netlist level. Our proofs contain no intermediate abstractions and are almost automatic, e.g., the verification of the base machine does not require any user supplied theorems. To motivate the need for a new notion of correctness we show that the variant of the Burch and Dill notion of correctness [4] used by Sawada can be satisfied by incorrect machines.
A Methodology for Automated Verification of Synthesized RTL Designs and Its Integration with a HighLevel Synthesis Tool
"... Highlevel synthesis tools generate rtl designs from algorithmic behavioral speci cations and consist of well de ned tasks. Widely used algorithms for these tasks retain the overall control ow structure of the behavioral speci cation allowing limited code motion. Further, hls algorithms are o ..."
Abstract
 Add to MetaCart
Highlevel synthesis tools generate rtl designs from algorithmic behavioral speci cations and consist of well de ned tasks. Widely used algorithms for these tasks retain the overall control ow structure of the behavioral speci cation allowing limited code motion. Further, hls algorithms are oblivious to the mathematical properties of arithmetic and logic operators, selecting and sharing rtl library modules solely based on matching uninterpreted function symbols and constants. This paper reports a veri cation methodology that eectively exploits these features to achieve ecient and fully automated veri cation of synthesized designs and its incorporation in a relatively mature hls tool.
Deciding Propositional Combinations of Equalities and Inequalities
"... We address the problem of combining individual decision procedures into a single decision procedure. Our combination approach is based on using the canonizer obtained from Shostak's combination algorithm for equality. We illustrate our approach with a combination algorithm for equality, disequa ..."
Abstract
 Add to MetaCart
We address the problem of combining individual decision procedures into a single decision procedure. Our combination approach is based on using the canonizer obtained from Shostak's combination algorithm for equality. We illustrate our approach with a combination algorithm for equality, disequality, arithmetic inequality, and propositional logic. Unlike the NelsonOppen combination where the processing of equalities is distributed across different closed decision procedures, our combination involves the centralized processing of equalities in a single procedure. The termination argument for the combination is based on that for Shostak's algorithm. We also give soundness and completeness arguments.