Automatic formal verification of multithreaded pipelined microprocessors
Abstract
We present highly automatic techniques for formal verification of pipelined microprocessors with hardware support for multithreading. The processors are modeled at a high level of abstraction, using a subset of Verilog, in a way that allows us to exploit the property of Positive Equality that results in significant simplifications of the solution space, and orders of magnitude speedup relative to previous methods. We propose abstraction techniques that produce at least 3 orders of magnitude speedup, which is increasing with the number of threads implemented in a pipelined processor. To the best of our knowledge, this is the first work on automatic formal verification of pipelined processors with hardware support for multithreading.
References
[1]
M.D. Aagaard, N. A. Day, and M. Lou, "Relating multi-step and singlestep microprocessor correctness statements," Formal Methods in Computer-Aided Design (FMCAD '02), M. D. Aagaard, and J. W. O'Leary, eds., LNCS 2517, Springer-Verlag, November 2002.
[2]
M.D. Aagaard, B. Cook, N. A. Day, and R. B. Jones, "A framework for superscalar microprocessor correctness statements," Software Tools for Technology Transfer (STTT), Vol. 4, No. 3 (May 2003).
[3]
W. Ackermann, Solvable Cases of the Decision Problem, North-Holland, Amsterdam, 1954.
[4]
M.L. Behm, J. M. Ludden, Y. Lichtenstein, M. Rimon, and M. Vinov, "Industrial Experience with Test Generation Languages for Processor Verification," Design Automation Conference (DAC '04), June 2004, pp. 36--40.
[5]
D. Blaauw, and S. Das, "CPU, Heal Thyself: A Fault-Monitoring Microprocessor Design Can Save Power or Allow Overclocking," IEEE Spectrum, August 2009. Available at: http://spectrum.ieee.org/semiconductors/processors/cpu-heal-thyself/0
[6]
R.E. Bryant, S. German, and M. N. Velev, "Processor Verification Using Efficient Reductions of the Logic of Uninterpreted Functions to Propositional Logic," ACM Transactions on Computational Logic, Vol. 2, No. 1 (2001).
[7]
R.E. Bryant, and M. N. Velev, "Boolean Satisfiability with Transitivity Constraints," ACM Transactions on Computational Logic (TOCL), Vol.3, No. 4 (October 2002), pp. 604--627.
[8]
J.R. Burch, and D. L. Dill, "Automated Verification of Pipelined Microprocessor Control," Computer-Aided Verification (CAV '94), LNCS 818, Springer-Verlag, June 1994.
[9]
J.R. Burch, "Techniques for Verifying Superscalar Microprocessors," Design Automation Conference, June 1996.
[10]
E.S. Chung, and J. C. Hoe, "High-Level Design and Validation of the BlueSPARC Multithreaded Processor," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, Vol. 29, No. 10 (October 2010), pp. 1459--1470.
[11]
S. Das, C. Tokunaga, S. Pant, W.-H. Ma, S. Kalaiselvan, K. Lai, D. M. Bull, and D. T. Blaauw, "RazorII: In Situ Error Detection and Correction for PVT and SER Tolerance," IEEE Journal of Solid-State Circuits, Vol. 44, No. 1 (January 2009), pp. 32--48.
[12]
J. de Kleer, "A Comparison of ATMS and CSP Techniques," 11 th IJ-CAI. International Joint Conference on Artificial Intelligence (IJCAI '89), August 1989.
[13]
K. Ekanadham, J. Tseng, and P. Pattnaik, "IBM PowerPC Design in Bluespec," IBM Research Report RC24706, December 2008. http://domino.watson.ibm.com/library/cyberdig.nsf/papers/A70107DCCC6C06308525751B004C1BE5
[14]
A. Goel, K. Sajid, H. Zhou, A. Aziz, and V. Singhal, "BDD Based Procedures for a Theory of Equality with Uninterpreted Functions," Formal Methods in System Design, Vol. 22, No. 3 (May 2003), pp. 205--224.
[15]
E. Goldberg, and Y. Novikov, "BerkMin: A Fast and Robust Sat-Solver," Design, Automation, and Test in Europe (DATE '02), March 2002, pp. 142--149.
[16]
N.A. Harman, "Verifying a Simple Pipelined Microprocessor Using Maude," 15 th International Workshop on Recent Trends in Algebraic Development Techniques (WADT '01), M. Cerioli, and G. Reggio, eds., LNCS 2267, Springer-Verlag, April 2001, pp. 128--151.
[17]
N.A. Harman, "Algebraic Models of Simultaneous Multithreaded and Multi-core Processors," Algebra and Coalgebra in Computer Science (CALCO '07), T. Mossakowski, U. Montanari, and M. Haveraaen, eds., LNCS 4624, Springer, August 2007, pp. 294--311.
[18]
N.A. Harman, "Algebraic models of behaviour and correctness of SMT and CMT processors," Journal of Logic and Algebraic Programming, Volume 74, Issue 1, November-December 2007, Pages 32--56.
[19]
J. L. Hennessy, and D. A. Patterson, Computer Architecture: A Quantitative Approach. 3rd edition, Morgan Kaufmann Publishers, San Francisco, CA, 2002.
[20]
Intel Corporation, IA-64 Application Developer's Architecture Guide. May 1999. http://developer.intel.com/design/ia-64/architecture.htm
[21]
S. Lahiri, C. Pixley, and K. Albin, "Experience with Term Level Modeling and Verification of the M•CORE#8482; Microprocessor Core," High Level Design, Validation and Test (HLDVT '01), 2001.
[22]
D. Le Berre, and L. Simon, "Results from the SAT'04 SAT Solver Competition," 7 th International Conference on Theory and Applications of Satisfiability Testing, May 2004.
[23]
J. Ludden, M. Rimon, B. Hickerson, A. Adir, "Advances in Simultaneous Multithreading Testcase Generation Methods," Haifa Verification Conference, 2010.
[24]
M.W. Moskewicz, C. F. Madigan, Y. Zhao, L. Zhang, and S. Malik, "Chaff: Engineering an Efficient SAT Solver," 38 th Design Automation Conference (DAC '01), June 2001.
[25]
K. Pipatsrisawat, and A. Darwiche, "A New Clause Learning Scheme for Efficient Unsatisfiability Proofs," AAAI Conference on Artificial Intelligence, July 2008, pp. 1481--1484.
[26]
A. Pnueli, Y. Rodeh, O. Strichman, and M. Siegel, "The Small Model Property: How Small Can It Be?", Journal of Information and Computation, Vol. 178, No. 1 (2002).
[27]
L. Ryan, Siege SAT Solver v.4, http://www.cs.sfu.ca/~loryan/personal/.
[28]
L. Sèmèria, R. Mehra, B. Pangrle, A. Ekanayake, A. Seawright, and D. Ng, "RTL C-Based Methodology for Designing and Verifying a Multi-Threaded Processor," 39 th annual Design Automation Conference (DAC'02), June 2002, pp. 123--128.
[29]
H. Sharangpani, and K. Arora, "Itanium processor microarchitecture," IEEE Micro, Vol. 20, No. 5 (September--October 2000), pp. 24--43.
[30]
M.N. Velev, and R. E. Bryant, "Bit-Level Abstraction in the Verification of Pipelined Microprocessors by Correspondence Checking," Formal Methods in Computer-Aided Design (FMCAD '98), LNCS 1522, Springer-Verlag, November 1998, pp. 18--35.
[31]
M.N. Velev, and R. E. Bryant, "Exploiting Positive Equality and Partial Non-Consistency in the Formal Verification of Pipelined Microprocessors," Design Automation Conference (DAC '99), June 1999.
[32]
M.N. Velev, and R. E. Bryant, "Superscalar Processor Verification Using Efficient Reductions of the Logic of Equality with Uninterpreted Functions to Propositional Logic," Correct Hardware Design and Verification Methods (CHARME '99), LNCS 1703, September 1999.
[33]
M.N. Velev, and R. E. Bryant, "Formal Verification of Superscalar Microprocessors with Multicycle Functional Units, Exceptions, and Branch Prediction," Design Automation Conference, June 2000.
[34]
M. N. Velev, "Formal Verification of VLIW Microprocessors with Speculative Execution," Computer-Aided Verification (CAV '00), LNCS 1855, Springer-Verlag, July 2000, pp. 296--311.
[35]
M.N. Velev, "Automatic Abstraction of Memories in the Formal Verification of Superscalar Microprocessors," Tools and Algorithms for the Construction and Analysis of Systems (TACAS '01), Springer-Verlag, April 2001, pp. 252--267.
[36]
M.N. Velev, "Using Rewriting Rules and Positive Equality to Formally Verify Wide-Issue Out-Of-Order Microprocessors with a Reorder Buffer," Design, Automation and Test in Europe, March 2002.
[37]
M.N. Velev, and R. E. Bryant, "Effective Use of Boolean Satisfiability Procedures in the Formal Verification of Superscalar and VLIW Microprocessors," Journal of Symbolic Computation (JSC), Vol. 35, No. 2 (February 2003), pp. 73--106.
[38]
M.N. Velev, "Automatic Abstraction of Equations in a Logic of Equality," Automated Reasoning with Analytic Tableaux and Related Methods (TABLEAUX), LNAI 2796, September 2003, pp. 196--213.
[39]
M.N. Velev, "Using Automatic Case Splits and Efficient CNF Translation to Guide a SAT-Solver When Formally Verifying Out-of-Order Processors," Artificial Intelligence and Mathematics (AI&MATH '04), January 2004, pp. 242--254.
[40]
M.N. Velev, "Efficient Translation of Boolean Formulas to CNF in Formal Verification of Microprocessors," Asia and South Pacific Design Automation Conference (ASP-DAC), January 2004, pp. 310--315.
[41]
M.N. Velev, "Using Positive Equality to Prove Liveness for Pipelined Microprocessors," Asia and South Pacific Design Automation Conference (ASP-DAC), January 2004, pp. 316--321.
[42]
M.N. Velev, "Exploiting Signal Unobservability for Efficient Translation to CNF in Formal Verification of Microprocessors," Design, Automation and Test in Europe (DATE'04), February 2004, pp. 266--271.
[43]
M.N. Velev, "Encoding Global Unobservability for Efficient Translation to SAT," International Conference on Theory and Applications of Satisfiability Testing (SAT '04), May 2004.
[44]
M.N. Velev, "Comparative Study of Strategies for Formal Verification of High-Level Processors," 22 nd International Conference on Computer Design (ICCD '04), October 2004, pp. 119--124.
[45]
M.N. Velev, "Comparison of Schemes for Encoding Unobservability in Translation to SAT," Asia & South Pacific Design Automation Conference (ASP-DAC'05), January 2005, pp. 1056--1059.
[46]
M.N. Velev, "Automatic Formal Verification of Liveness for Pipelined Processors with Multicycle Functional Units," 13 th Advanced Research Working Conference on Correct Hardware Design and Verification Methods (CHARME '05), D. Borrione, and W. J. Paul, eds., LNCS 3725, Springer-Verlag, October 2005, pp. 97--113.
[47]
M.N. Velev, and R. E. Bryant, "TLSim and EVC: A Term-Level Symbolic Simulator and an Efficient Decision Procedure for the Logic of Equality with Uninterpreted Functions and Memories," International Journal of Embedded Systems, Vol. 1, Nos. 1/2 (2005), pp. 134--149.
[48]
M.N. Velev, "Using Abstraction for Efficient Formal Verification of Pipelined Processors with Value Prediction," 7 th International Symposium on Quality Electronic Design (ISQED '06), March 2006.
[49]
M.N. Velev, "Exploiting Hierarchy and Structure to Efficiently Solve Graph Coloring as SAT," International Conference on Computer-Aided Design (ICCAD '07), November 2007, pp. 135--142.
[50]
M.N. Velev, and P. Gao, "Exploiting Hierarchical Encodings of Equality to Design Independent Strategies in Parallel SMT Decision Procedures for a Logic of Equality," IEEE High Level Design Validation and Test Workshop (HLDVT '09), November 2009, pp. 8--13.
[51]
M.N. Velev, and P. Gao, "A Method for Debugging of Pipelined Processors in Formal Verification by Correspondence Checking," 15 th Asia and South Pacific Design Automation Conference (ASP-DAC '10), January 2010, pp. 619--624.
[52]
M.N. Velev, and P. Gao, "Method for Formal Verification of Soft-Error Tolerance Mechanisms in Pipelined Microprocessors," 12 th International Conference on Formal Engineering Methods (ICFEM '10), J. S. Dong and H. Zhu, eds., LNCS 6447, Springer, November 2010, pp. 355--370.
[53]
M.N. Velev, and P. Gao, "Automatic Formal Verification of Reconfigurable DSPs," 16 th Asia and South Pacific Design Automation Conference (ASP-DAC '11), January 2011, pp 293--296.
[54]
M.N. Velev, and P. Gao, "Exploiting Abstraction for Efficient Formal Verification of DSPs with Arrays of Reconfigurable Functional Units," 13 th International Conference on Formal Engineering Methods (ICFEM '11), LNCS 6991, Springer, October 2011.
Recommendations
Improving the efficiency of automated debugging of pipelined microprocessors by symmetry breaking in modular schemes for boolean encoding of cardinality
ICCAD '14: Proceedings of the 2014 IEEE/ACM International Conference on Computer-Aided DesignWe present a method for exploiting symmetry-breaking constraints in modular schemes for constructing equivalent Boolean encodings of cardinality constraints. These techniques result in speedup in automated debugging of complex VLIW processors in formal ...
Automatic Formal Verification of RISC-V Pipelined Microprocessors with Fault Tolerance by Spatial Redundancy at a High Level of Abstraction
iFM 2023AbstractPresented are abstraction techniques for efficient modeling of pipelined microprocessors of the RISC-V architecture, including designs with fault tolerance by spatial redundancy. This is done at a high-level of abstraction, allowing us to formally ...
Integrating formal verification into an advanced computer architecture course
This paper presents a sequence of three projects on design and formal verification of pipelined and superscalar processors: 1) a single-issue, five-stage DLX (an academic processor used widely for teaching pipelined execution and defined by Hennessy and ...
Comments
Information & Contributors
Information
Published In
November 2011
844 pages
ISBN:9781457713989
- General Chair:
- Joel Phillips,
- Program Chairs:
- Alan J. Hu,
- Helmut Graeb
Sponsors
Publisher
IEEE Press
Publication History
Published: 07 November 2011
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ICCAD '11
Sponsor:
ICCAD '11: The International Conference on Computer-Aided Design
November 7 - 10, 2011
California, San Jose
Acceptance Rates
Overall Acceptance Rate 457 of 1,762 submissions, 26%
Upcoming Conference
ICCAD '24
- Sponsor:
- sigda
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 101Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 06 Oct 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in