Results 11  20
of
167
Safety and translation of relational calculus queries
 ACM Transactions on Database Systems
, 1991
"... Notallqueries inrelational calculus can beanswered sensibly when disjunction, negation, and universal quantification are allowed, The class of relation calculus queries or formulas that have sensible answers is called the domam independent class which is known to be undecidable. Subsequent research ..."
Abstract

Cited by 58 (0 self)
 Add to MetaCart
Notallqueries inrelational calculus can beanswered sensibly when disjunction, negation, and universal quantification are allowed, The class of relation calculus queries or formulas that have sensible answers is called the domam independent class which is known to be undecidable. Subsequent research has focused on identifying large decidable subclasses of domain independent formulas. In this paper we investigate the properties of two such classes: the et,aluable formulas and the allowed formulas. Although both classes have been defined before, we give simplified definitions, present short proofs of their main properties, and describe a method to incorporate equality. Although evaluable queries have sensible answers, it is not straightforward to compute them efficiently or correctly, We introduce relational algebra normal form for formulas from which form the correct translation into relational algebra istrivlal. We give algorithms to transform anevaluable formula into an equivalent allowed formula and from there into relational algebra normal form, Our algorithms avoid use of the socalled Dom relation, consisting of all constants appearing in the database or the query. Finally, we describe a restriction under which every domain independent formula is evaluable
A Decision Procedure for a Class of Set Constraints
 In Fifth Annual IEEE Symposium on Logic in Computer Science
, 1991
"... A set constraint is of the form exp 1 ' exp 2 where exp 1 and exp 2 are set expressions constructed using variables, function symbols, projection symbols, and the set union, intersection and complement symbols. While the satisfiability problem for such constraints is open, restricted classes ha ..."
Abstract

Cited by 55 (0 self)
 Add to MetaCart
A set constraint is of the form exp 1 ' exp 2 where exp 1 and exp 2 are set expressions constructed using variables, function symbols, projection symbols, and the set union, intersection and complement symbols. While the satisfiability problem for such constraints is open, restricted classes have been useful in program analysis. The main result herein is a decision procedure for definite set constraints which are of the restricted form a ' exp where a contains only constants, variables and function symbols, and exp is a positive set expression (that is, it does not contain the complement symbol). A conjunction of such constraints, whenever satisfiable, has a least model and the algorithm will output an explicit representation of this model. 1 1 Introduction We consider a formalism for elementary set algebra which is useful for describing properties of programs whose underlying domain of computation is a Herbrand universe. The domain of discourse for this formalism is the powerset of...
Formal Verification of Superscalar Microprocessors with Multicycle Functional Units, Exceptions, and Branch Prediction
, 2000
"... . We extend the Burch and Dill flushing technique [9] for formal verification of highlevel microprocessors, based on the logic of Equality with Uninterpreted Functions and Memories (EUFM), to be applicable in an automatic fashion to designs where the functional units and memories have multicycle ..."
Abstract

Cited by 51 (19 self)
 Add to MetaCart
(Show Context)
. We extend the Burch and Dill flushing technique [9] for formal verification of highlevel microprocessors, based on the logic of Equality with Uninterpreted Functions and Memories (EUFM), to be applicable in an automatic fashion to designs where the functional units and memories have multicycle and possibly arbitrary latency. We also show ways to incorporate exceptions and branch prediction by effectively exploiting the properties of Positive Equality [5][6]. We study the modeling of the above features in different versions of dualissue superscalar microprocessors. Keywords. Formal verification, microprocessor verification, uninterpreted functions, logic of equality. 1 Introduction In order for formal methods to scale for verification of modern microprocessors, they need to be applicable easily and with a high degree of automation to designs with multicycle functional units, multicycle memories, exceptions, and branch prediction. Burch and Dill's verification methodology has...
Computing circumscription revisited: A reduction algorithm
 J. AUTOMATED REASONING
, 1997
"... In recent years, a great deal of attention has been devoted to logics of "commonsense" reasoning. Among the candidates proposed, circumscription has been perceived as an elegant mathematical technique for modeling nonmonotonic reasoning, but di cult to apply in practice. The major reason f ..."
Abstract

Cited by 50 (13 self)
 Add to MetaCart
(Show Context)
In recent years, a great deal of attention has been devoted to logics of "commonsense" reasoning. Among the candidates proposed, circumscription has been perceived as an elegant mathematical technique for modeling nonmonotonic reasoning, but di cult to apply in practice. The major reason for this is the 2ndorder nature of circumscription axioms and the di culty in nding proper substitutions of predicate expressions for predicate variables. One solution to this problem is to compile, where possible, 2ndorder formulas into equivalent 1storder formulas. Although some progress has been made using this approach, the results are not as strong as one might desire and they are isolated in nature. In this article, we provide a general method which can be used in an algorithmic manner to reduce circumscription axioms to 1storder formulas. The algorithm takes as input an arbitrary 2ndorder formula and either returns as output an equivalent 1storder formula, or terminates with failure. The class of 2ndorder formulas, and analogously the class of circumscriptive theories which can be reduced, provably subsumes those covered by existing results. We demonstrate the generality of the algorithm using circumscriptive theories with mixed quanti ers (some involving Skolemization), variable constants, nonseparated formulas, and formulas with nary predicate variables. In addition, we analyze the strength of the algorithm and compare it with existing approaches providing formal subsumption results.
A Method for simultaneous Search for Refutations and Models by Equational Constraint Solving
 Journal of Symbolic Computation
, 1995
"... this paper selfcontained, we need to recall some fundamental definitions in [Comon and Lescanne, 1989] (in a slightly different formulation). ..."
Abstract

Cited by 49 (10 self)
 Add to MetaCart
(Show Context)
this paper selfcontained, we need to recall some fundamental definitions in [Comon and Lescanne, 1989] (in a slightly different formulation).
Modular Data Structure Verification
 EECS DEPARTMENT, MASSACHUSETTS INSTITUTE OF TECHNOLOGY
, 2007
"... This dissertation describes an approach for automatically verifying data structures, focusing on techniques for automatically proving formulas that arise in such verification. I have implemented this approach with my colleagues in a verification system called Jahob. Jahob verifies properties of Java ..."
Abstract

Cited by 43 (20 self)
 Add to MetaCart
This dissertation describes an approach for automatically verifying data structures, focusing on techniques for automatically proving formulas that arise in such verification. I have implemented this approach with my colleagues in a verification system called Jahob. Jahob verifies properties of Java programs with dynamically allocated data structures. Developers write Jahob specifications in classical higherorder logic (HOL); Jahob reduces the verification problem to deciding the validity of HOL formulas. I present a new method for proving HOL formulas by combining automated reasoning techniques. My method consists of 1) splitting formulas into individual HOL conjuncts, 2) soundly approximating each HOL conjunct with a formula in a more tractable fragment and 3) proving the resulting approximation using a decision procedure or a theorem prover. I present three concrete logics; for each logic I show how to use it to approximate HOL formulas, and how to decide the validity of formulas in this logic. First, I present an approximation of HOL based on a translation to firstorder logic, which enables the use of existing resolutionbased theorem provers. Second, I present an approximation of HOL based on field constraint analysis, a new technique that enables
Lemmas on Demand for Satisfiability Solvers
, 2002
"... We investigate the combination of propositional SAT checkers with constraint solvers for domainspecific theories such as linear arithmetic, arrays, lists and the combination thereof. Our procedure realizes a lazy approach to satisfiability checking of propositional constraint formulas by iterativel ..."
Abstract

Cited by 42 (5 self)
 Add to MetaCart
We investigate the combination of propositional SAT checkers with constraint solvers for domainspecific theories such as linear arithmetic, arrays, lists and the combination thereof. Our procedure realizes a lazy approach to satisfiability checking of propositional constraint formulas by iteratively refining Boolean formulas based on lemmas generated on demand by constraint solvers.
Sketching Stencils
"... Performance of stencil computations can be significantly improved through smart implementations that improve memory locality, computation reuse, or parallelize the computation. Unfortunately, efficient implementations are hard to obtain because they often involve nontraditional transformations, whi ..."
Abstract

Cited by 41 (6 self)
 Add to MetaCart
(Show Context)
Performance of stencil computations can be significantly improved through smart implementations that improve memory locality, computation reuse, or parallelize the computation. Unfortunately, efficient implementations are hard to obtain because they often involve nontraditional transformations, which means that they cannot be produced by optimizing the reference stencil with a compiler. In fact, many stencils are produced by code generators that were tediously handcrafted. In this paper, we show how stencil implementations can be produced with sketching. Sketching is a software synthesis approach where the programmer develops a partial implementation— a sketch—and a separate specification of the desired functionality given by a reference (unoptimized) stencil. The synthesizer then completes the sketch to behave like the specification, filling in code fragments that are difficult to develop manually. Existing sketching systems work only for small finite programs, i.e., programs that can be represented as small Boolean circuits. In this paper, we develop a sketching synthesizer that works for stencil computations, a large class of programs that, unlike circuits, have unbounded inputs and outputs, as well as an unbounded number of computations. The key contribution is a reduction algorithm that turns a stencil into a circuit, allowing us to synthesize stencils using an existing sketching synthesizer.
Efficient satisfiability modulo theories via delayed theory combination
 IN PROC. CAV 2005, VOLUME 3576 OF LNCS
, 2005
"... The problem of deciding the satisfiability of a quantifierfree formula with respect to a background theory, also known as Satisfiability Modulo Theories (SMT), is gaining increasing relevance in verification: representation capabilities beyond propositional logic allow for a natural modeling of re ..."
Abstract

Cited by 38 (15 self)
 Add to MetaCart
(Show Context)
The problem of deciding the satisfiability of a quantifierfree formula with respect to a background theory, also known as Satisfiability Modulo Theories (SMT), is gaining increasing relevance in verification: representation capabilities beyond propositional logic allow for a natural modeling of realworld problems (e.g., pipeline and RTL circuits verification, proof obligations in software systems). In this paper, we focus on the case where the background theory is the combination T1 £ T2 of two simpler theories. Many SMT procedures combine a boolean model enumeration with a decision procedure for T1 £ T2, where conjunctions of literals can be decided by an integration schema such as NelsonOppen, via a structured exchange of interface formulae (e.g., equalities in the case of convex theories, disjunctions of equalities otherwise). We propose a new approach for SMT¤T1 £ T2¥, called Delayed Theory Combination, which does not require a decision procedure for T1 £ T2, but only individual decision procedures for T1 and T2, which are directly integrated into the boolean model enumerator. This approach is much simpler and natural, allows each of the solvers to be implemented and optimized without taking into account the others, and it nicely encompasses the case of nonconvex theories. We show the effectiveness of the approach by a thorough experimental comparison.