Theorem proving guided development of formal assertions in a resource-constrained scheduler for high-level synthesis

A formal specification and a proof of correctness of the widely-used force-directed list scheduling (FDLS) algorithm for resource-constrained scheduling in high-level synthesis systems is presented. The proof effort is conducted using a higher-order logic theorem prover. During the proof effort many interesting properties of the FDLS algorithm are discovered. These properties constitute a detailed set of formal assertions and invariants that should hold at various steps in the FDLS algorithm. They are then inserted as programming assertions in the implementation of the FDLS algorithm in a production-strength high-level synthesis system. When turned on, the programming assertions (1) certify whether a specific run of the FDLS algorithm produced correct schedules and, (2) in the event of failure, help discover and isolate errors in the FDLS implementation