Skip to main content
SpringerLink
Log in

Cardinality constraints for arrays (decidability results and applications)

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

Enriching logic formalisms with counting capabilities is an important task in view of the needs of many application areas, ranging from database theory to formal verification. In this paper, we consider a very expressive language obtained by enriching linear integer arithmetic with free function symbols and cardinality constraints for interpreted sets. We obtain positive results for a flat fragment via a reduction to decidability of Presburger arithmetic with unary counting quantifiers (Schweikhart in Arithmetic, first-order logic, and counting quantifiers, ACM TOCL, New York, 2004). We isolate also an easier simple flat subfragment, whose satisfiability is in NP, and we show that this subfragment is adequate to formalize problems arising in the area of the verification of fault-tolerant distributed algorithms. We finally discuss our first implementation, the related experimental results, as well as further algorithmic problems suggested by model-checking applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

Notes

  1. We use obvious abbreviations like ny for \(y+\cdots + y\) (n-times).

  2. Here \(u\le t\) stands for \(u=t\vee u<t\).

  3. In case an inconsistent condition arises according to Lemma 5(i), the constraint atom is replaced by \(y=0\).

  4. The matrix of a prenex formula \(\phi \) is the formula obtained from \(\phi \) by removing quantifiers.

  5. Our arithmetic formulæ are equivalent to quantifier-free ones and the same is true for basic formulæ because they are obtained from arithmetic formulæ by substitutions without capture.

  6. Otherwise said, we have that \(y_j\) and \(y_{j'}\) are in the same class iff for every a the equality \(a(y_j) = a(y_{j'})\) is implied by \(\alpha \).

  7. In addition, we performed linear time replacements of variables by variables or by constants.

  8. We removed the existential quantifiers \(\exists \underline{z}\) from (11), because according to the definitions we recalled in Sect. 2, an existential formula like \(\exists \underline{z}\,\theta \) is satisfiable iff \(\theta \) itself is satisfiable.

  9. When we need to display a column vector, we obviously write it as a transposed row vector.

  10. With the original formula (15), such \(\sigma \) cannot be part of \(\varSigma \); with (15) as modified in point 1 above, such \(\sigma \) produces \(v_{\sigma }=0\) and hence it is simply redundant.

  11. ArCa stands for Array with Cardinalities.

  12. For this auxiliary role, ArCa-Sat exploits the SMT-solver Yices (developed at SRI-Stanford). Final arithmetic formulæ are written in SMT-LIB2 format.

  13. If we drop the requirement of staying inside a fragment for which we have a full decision procedure, the situation may improve (see Sect. 7.2 for more), but we loose the possibility of making satisfiability tests able both to discover bugs and to give verification certificates.

  14. Here the \(\underline{y}\) are the first order variables occurring free already in \(\phi \).

  15. The procedure of Lemma 10 introduces also fresh existential first order variables u to name the terms \(a_s(y_j)\); however, these variables can be eliminated at the end of the procedure by replacing them back with the corresponding term \(a_s(y_j)\).

  16. The situation does not improve if we handle just flat formulæ because in any case the computation of preimages introduces extra first order existential quantifiers. On the other hand, if we limit to flat formulæ of degree 1, we get all we need, but such formulæ seem not to be expressive enough.

  17. We use notations like \( AC'=AC\) as abbreviations for \(\forall x\, (AC'(x)\leftrightarrow AC(x))\).

  18. \(Pre(T1, \upsilon _0)\) is inconsistent because of the program counter mismatch.

References

  1. Abdulla PA, Cerans K, Jonsson B, Tsay YK (1996) General decidability theorems for infinite-state systems. In: Proc. of LICS, pp 313–321

  2. Abdulla PA, Delzanno G, Henda NB, Rezine A (2007) Regular model checking without transducers. TACAS, LNCS vol 4424, pp 721–736

  3. Abdulla PA, Delzanno G, Rezine A (2007) Parameterized verification of infinite-state processes with global conditions. CAV, LNCS, vol 4590, pp 145–157

  4. Abdulla PA, Jonsson B (1996) Verifying programs with unreliable channels. Inf Comput 127(2):91–101

    Article  MathSciNet  MATH  Google Scholar 

  5. Abdulla PA, Jonsson B (2003) Model checking of systems with many identical timed processes. Theor Comput Sci 290:241–264

    Article  MathSciNet  MATH  Google Scholar 

  6. Alberti F, Ghilardi S, Pagani E (2016) Counting constraints in flat array fragments. In: Automated reasoning—8th international joint conference, IJCAR 2016, Coimbra, Portugal, June 27–July 2, 2016, Proceedings, pp 65–81

  7. Alberti F, Ghilardi S, Sharygina N (2015) Decision procedures for flat array properties. J Autom Reason 54(4):327–352. doi:10.1007/s10817-015-9323-7

  8. Bansal K, Reynolds A, Barrett CW, Tinelli C (2016) A new decision procedure for finite sets and cardinality constraints in SMT. In: Automated reasoning—8th international joint conference, IJCAR 2016, Coimbra, Portugal, June 27—July 2, 2016, Proceedings, pp 82–98

  9. Biely M, Charron-Bost B, Gaillard A, Hutle M, Schiper A (2007) Widder, J.: Tolerating corrupted communication. In: Proc. PODC, pp 244–253

  10. Bjørner N, von Gleissenthall K, Rybalchenko A (2016) Cardinalities and universal quantifiers for verifying parameterized systems. In: Proc. of the 37th ACM SIGPLAN conference on programming language design and implementation (PLDI)

  11. Charron-Bost B, Schiper A (2009) The heard-of model: computing in distributed systems with benign faults. Distrib Comput 22:49–71

    Article  MATH  Google Scholar 

  12. Delzanno G, Esparza J, Podelski A (1999) Constraint-based analysis of broadcast protocols. In: Proc. of CSL, LNCS, vol 1683, pp 50–66

  13. de Moura L, Bjørner N (2008) Z3: An efficient SMT solver. In: TACAS, pp 337–340

  14. Dragoi C, Henzinger T, Veith H, Widder J, Zufferey D (2014) A logic-based framework for verifying consensus algorithms. In: Proc. of VMCAI

  15. Dragoi C, Henzinger T, Zufferey D (2015) The need for language support for fault-tolerant distributed systems. In: Proc. of SNAPL

  16. Eisenbrand F, Shmonin G (2006) Carathéodory bounds for integer cones. Oper Res Lett 34(5):564–568

    Article  MathSciNet  MATH  Google Scholar 

  17. Esparza J, Finkel A, Mayr R (1999) On the verification of broadcast protocols. In: Proc. of LICS. IEEE Computer Society, pp 352–359

  18. Ge Y, de Moura LM (2009) Complete instantiation for quantified formulas in satisfiabiliby modulo theories. In: Computer aided verification, 21st international conference, CAV 2009, Grenoble, France, June 26–July 2, 2009. Proceedings, pp 306–320. doi:10.1007/978-3-642-02658-4_25

  19. Ghilardi S, Pagani E (2017) Counter systems simulations: a higher-order logic approach, manuscript

  20. Halpern J (1991) Presburger arithmetic with unary predicates is \(\varPi ^1_1\) complete. J Symbo Log 56(2):637–642

    Article  MathSciNet  MATH  Google Scholar 

  21. Herlihy M, Shavit N (2008) The art of multiprocessor programming. Morgan Kaufmann, Burlington

    Google Scholar 

  22. John A, Konnov I, Schmid U, Veith H, Widder J (2013) Parameterized model checking of fault-tolerant distributed algorithms by abstraction. In: Proc. of FMCAD, pp 201–209

  23. Konnov I, Veith H, Widder J (2015) SMT and POR beat counter abstraction: parameterized model checking of threshold-based distributed algorithms. In: Computer aided verification, 27th international conference, CAV 2015, San Francisco, CA, USA, July 18-24, 2015, Proceedings, Part I, pp 85–102. doi:10.1007/978-3-319-21690-4_6

  24. Konnov IV, Veith H, Widder J (2017) On the completeness of bounded model checking for threshold-based distributed algorithms: Reachability. Inf Comput 252:95–109. doi:10.1016/j.ic.2016.03.006

  25. Konnov IV, Veith H, Widder J (2015) What you always wanted to know about model checking of fault-tolerant distributed algorithms. In: Perspectives of system informatics—10th international Andrei Ershov informatics conference, PSI 2015, in Memory of Helmut Veith, Kazan and Innopolis, Russia, August 24–27, 2015, Revised Selected Papers, pp 6–21

  26. Kuncak V, Nguyen H, Rinard M (2005) An algorithm for deciding BAPA: Boolean Algebra with Presburger Arithmetic. In: Proc. of CADE-20, LNCS, vol 3632

  27. Kuncak V, Nguyen HH, Rinard M (2006) Deciding Boolean algebra with Presburger arithmetic. J Autom Reason 36(3):213–239

    Article  MathSciNet  MATH  Google Scholar 

  28. Kunkak V, Rinard M (2007) Towards efficient satisfiability checking for Boolean Algebras with Presburger arithmetic. In: CADE, vol 21, pp 215–230

  29. Nieuwenhuis R, Oliveras A, Tinelli C (2006) Solving SAT and SAT modulo theories: from an abstract davis-putnam-logemann-loveland procedure to DPLL(T). J ACM 53(6):937–977

    Article  MathSciNet  MATH  Google Scholar 

  30. Papamarcos M, Patel J (1984) A low-overhead coherence solution for multiprocessors with private cache memories. In: Proc. ISCA, p 348

  31. Piskac R, Kuncak V (2008) Decision procedures for multisets with cardinality constraints. In: Proc. of VMCAI, LNCS

  32. Presburger M (1929) Über die Vollständigkeit eines gewissen Systems der Arithmetik ganzer Zahlen, in welchem die Addition als einzige Operation hervortritt. Warszawa

  33. Schweikhart N (2004) Arithmetic, first-order logic, and counting quantifiers. ACM TOCL pp 1–35

  34. Solihin Y (2008) Fundamentals of parallel computer architecture multichip and multicore systems. Solihin Publishing & Consulting LLC, Raleigh

    Google Scholar 

  35. Srikanth T, Toueg S (1987) Optimal clock synchronization. J ACM 34(3):626–645

    Article  MathSciNet  Google Scholar 

  36. Srikanth T, Toueg S (1987) Simulating authenticated broadcasts to derive simple fault-tolerant algorithms. Distrib Comput 2(2):80–94. doi:10.1007/BF01667080

    Article  Google Scholar 

  37. Yessenov K, Piskac R, Kuncak V (2010) Collections, cardinalities, and relations. In: Proc. of VMCAI

  38. Zarba C (2002) Combining sets with integers. In: Frontiers of combining systems, 4th international workshop, FroCoS 2002, Santa Margherita Ligure, Italy, April 8–10, Proceedings, pp 103–116

Download references

Author information

Authors and Affiliations

  1. Network Support System Unit, EOLO SpA, Via Gran San Bernardo, 12, Busto Arsizio, Italy

    F. Alberti

  2. Dipartimento di Matematica, Università degli Studi, Via Saldini 50, 20133, Milano, Italy

    S. Ghilardi

  3. Dipartimento di Informatica, Università degli Studi, Via Comelico 39, 20135, Milano, Italy

    E. Pagani

Authors
  1. F. Alberti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. Ghilardi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. E. Pagani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to S. Ghilardi.

Additional information

This paper extends material previously published in [6].

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alberti, F., Ghilardi, S. & Pagani, E. Cardinality constraints for arrays (decidability results and applications). Form Methods Syst Des 51, 545–574 (2017). https://doi.org/10.1007/s10703-017-0279-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10703-017-0279-6

Keywords

Search

Navigation