Modeling and Verifying Systems Using a Logic of Counter Arithmetic with Lambda Expressions and Uninterpreted Functions

In this paper, we present the logic of Counter Arithmetic with Lambda Expressions and Uninterpreted Functions (CLU). CLU generalizes the logic of equality with uninterpreted functions (EUF) with constrained lambda expressions, ordering, and successor and predecessor functions. In addition to modeling pipelined processors that EUF has proved useful for, CLU can be used to model many infinite-state systems including those with infinite memories, finite and infinite queues including lossy channels, and networks of identical processes. Even with this richer expressive power, the validity of a CLU formula can be efficiently decided by translating it to a propositional formula, and then using Boolean methods to check validity. We give theoretical and empirical evidence for the efficiency of our decision procedure. We also describe verification techniques that we have used on a variety of systems, including an out-of-order execution unit and the load-store unit of an industrial microprocessor.

[1]  Wilhelm Ackermann,et al.  Solvable Cases Of The Decision Problem , 1954 .

[2]  M. Fischer,et al.  SUPER-EXPONENTIAL COMPLEXITY OF PRESBURGER ARITHMETIC , 1974 .

[3]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[4]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[5]  David L. Dill,et al.  Automatic verification of Pipelined Microprocessor Control , 1994, CAV.

[6]  David L. Dill,et al.  Validity Checking for Combinations of Theories with Equality , 1996, FMCAD.

[7]  Pierre Wolper,et al.  The Power of QDDs (Extended Abstract) , 1997, SAS.

[8]  Amir Pnueli,et al.  Symbolic Model Checking with Rich ssertional Languages , 1997, CAV.

[9]  Richard Gerber,et al.  Symbolic Model Checking of Infinite State Systems Using Presburger Arithmetic , 1997, CAV.

[10]  Pierre Wolper,et al.  The Power of QDDs , 1997 .

[11]  Parosh Aziz Abdulla,et al.  On-the-Fly Analysis of Systems with Unbounded, Lossy FIFO Channels , 1998, CAV.

[12]  Amir Pnueli,et al.  Deciding Equality Formulas by Small Domains Instantiations , 1999, CAV.

[13]  Randal E. Bryant,et al.  Exploiting Positive Equality in a Logic of Equality with Uninterpreted Functions , 1999, CAV.

[14]  Marcus Nilsson,et al.  Regular Model Checking , 2000, CAV.

[15]  M. Moskewicz,et al.  Chaff: engineering an efficient SAT solver , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[16]  Ranjit Jhala,et al.  Microarchitecture Verification by Compositional Model Checking , 2001, CAV.

[17]  Randal E. Bryant,et al.  Processor verification using efficient reductions of the logic of uninterpreted functions to propositional logic , 1999, TOCL.

[18]  Randal E. Bryant,et al.  Effective use of boolean satisfiability procedures in the formal verification of superscalar and VLIW , 2001, DAC '01.

[19]  Randal E. Bryant,et al.  Effective use of Boolean satisfiability procedures in the formal verification of superscalar and VLIW microprocessors , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[20]  Randal E. Bryant,et al.  Boolean satisfiability with transitivity constraints , 2000, TOCL.

[21]  Ofer Strichman,et al.  Deciding Separation Formulas with SAT , 2002, CAV.

[22]  V. Pratt Two Easy Theories Whose Combination is Hard , 2002 .