Results 1  10
of
42
Lazy Satisfiability Modulo Theories
 JOURNAL ON SATISFIABILITY, BOOLEAN MODELING AND COMPUTATION 3 (2007) 141Â224
, 2007
"... Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingl ..."
Abstract

Cited by 189 (50 self)
 Add to MetaCart
(Show Context)
Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingly important due to its applications in many domains in different communities, in particular in formal verification. An amount of papers with novel and very efficient techniques for SMT has been published in the last years, and some very efficient SMT tools are now available. Typical SMT (T) problems require testing the satisfiability of formulas which are Boolean combinations of atomic propositions and atomic expressions in T, so that heavy Boolean reasoning must be efficiently combined with expressive theoryspecific reasoning. The dominating approach to SMT (T), called lazy approach, is based on the integration of a SAT solver and of a decision procedure able to handle sets of atomic constraints in T (Tsolver), handling respectively the Boolean and the theoryspecific components of reasoning. Unfortunately, neither the problem of building an efficient SMT solver, nor even that
DPLL(T): Fast Decision Procedures
, 2004
"... The logic of equality with uninterpreted functions (EUF) and its extensions have been widely applied to processor verification, by means of a large variety of progressively more sophisticated (lazy or eager) translations into propositional SAT. Here we propose a new approach, namely a general DP ..."
Abstract

Cited by 141 (14 self)
 Add to MetaCart
The logic of equality with uninterpreted functions (EUF) and its extensions have been widely applied to processor verification, by means of a large variety of progressively more sophisticated (lazy or eager) translations into propositional SAT. Here we propose a new approach, namely a general DPLL(X) engine, whose parameter X can be instantiated with a specialized solver Solver T for a given theory T , thus producing a system DPLL(T ). We describe this DPLL(T ) scheme, the interface between DPLL(X) and Solver T , the architecture of DPLL(X), and our solver for EUF, which includes incremental and backtrackable congruence closure algorithms for dealing with the builtin equality and the integer successor and predecessor symbols. Experiments with a first implementation indicate that our technique already outperforms the previous methods on most benchmarks, and scales up very well.
Effective Use of Boolean Satisfiability Procedures in the Formal Verification of Superscalar and VLIW Microprocessors
 Journal of Symbolic Computation
, 2001
"... We compare SATcheckers and decision diagrams on the evaluation of Boolean formulas produced in the formal verification of both correct and buggy versions of superscalar and VLIW microprocessors. We identify one SATchecker that significantly outperforms the rest. We evaluate ways to enhance its per ..."
Abstract

Cited by 101 (17 self)
 Add to MetaCart
(Show Context)
We compare SATcheckers and decision diagrams on the evaluation of Boolean formulas produced in the formal verification of both correct and buggy versions of superscalar and VLIW microprocessors. We identify one SATchecker that significantly outperforms the rest. We evaluate ways to enhance its performance by variations in the generation of the Boolean correctness formulas. We reassess optimizations previously used to speed up the formal verification and probe future challenges.
DPLL(T) with Exhaustive Theory Propagation and its Application to Difference Logic
 In Proc. CAV’05, volume 3576 of LNCS
, 2005
"... Abstract. At CAV’04 we presented the DPLL(T) approach for satisfiability modulo theories T. It is based on a general DPLL(X) engine whose X can be instantiated with different theory solvers SolverT for conjunctions of literals. Here we go one important step further: we require SolverT to be able to ..."
Abstract

Cited by 51 (6 self)
 Add to MetaCart
(Show Context)
Abstract. At CAV’04 we presented the DPLL(T) approach for satisfiability modulo theories T. It is based on a general DPLL(X) engine whose X can be instantiated with different theory solvers SolverT for conjunctions of literals. Here we go one important step further: we require SolverT to be able to detect all input literals that are Tconsequences of the partial model that is being explored by DPLL(X). Although at first sight this may seem too expensive, we show that for difference logic the benefits compensate by far the costs. Here we describe and discuss this new version of DPLL(T), the DPLL(X) engine, and our SolverT for difference logic. The resulting very simple DPLL(T) system importantly outperforms the existing techniques for this logic. Moreover, it has very good scaling properties: especially on the larger problems it gives improvements of orders of magnitude w.r.t. the existing stateoftheart tools. 1
A Hybrid SATBased Decision Procedure for Separation Logic with Uninterpreted Functions
 In Proc. DAC’03
, 2003
"... SATbased decision procedures for quantifierfree fragments of firstorder logic have proved to be useful in formal verification. These decision procedures are either based on encoding atomic subformulas with Boolean variables, or by encoding integer variables as bitvectors. Based on evaluating the ..."
Abstract

Cited by 45 (4 self)
 Add to MetaCart
(Show Context)
SATbased decision procedures for quantifierfree fragments of firstorder logic have proved to be useful in formal verification. These decision procedures are either based on encoding atomic subformulas with Boolean variables, or by encoding integer variables as bitvectors. Based on evaluating these two encoding methods on a diverse set of hardware and software benchmarks, we conclude that neither method is robust to variations in formula characteristics. We therefore propose a new hybrid technique that combines the two methods. We give experimental results showing that the hybrid method can significantly outperform either approach as well as other decision procedures.
Solving Partial Order Constraints for LPO Termination
 JOURNAL ON SATISFIABILITY, BOOLEAN MODELING AND COMPUTATION 5 (2008) 193–215
, 2008
"... This paper introduces a propositional encoding for lexicographic path orders (LPOs) and the corresponding LPO termination property of term rewrite systems. Given this encoding, termination analysis can be performed using a stateoftheart Boolean satisfiability solver. Experimental results are uneq ..."
Abstract

Cited by 33 (11 self)
 Add to MetaCart
This paper introduces a propositional encoding for lexicographic path orders (LPOs) and the corresponding LPO termination property of term rewrite systems. Given this encoding, termination analysis can be performed using a stateoftheart Boolean satisfiability solver. Experimental results are unequivocal, indicating orders of magnitude speedups in comparison with previous implementations for LPO termination. The results of this paper have already had a direct impact on the design of several major termination analyzers for term rewrite systems. The contribution builds on a symbolbased approach towards reasoning about partial orders. The symbols in an unspecified partial order are viewed as variables that take integer values and are interpreted as indices in the order. For a partial order statement on n symbols, each index is represented in ⌈log 2 n ⌉ propositional variables and partial order constraints between symbols are modeled on the bit representations. The proposed encoding is general and relevant to other applications which involve propositional reasoning about partial orders.
SymmetryBreaking for PseudoBoolean Formulas
, 2003
"... Many important tasks in circuit design and verification can be performed in practice via reductions to Boolean Satisfiability (SAT), making SAT a fundamental EDA problem. However such reductions often leave out applicationspecific structure, thus handicapping EDA tools in their competition with cre ..."
Abstract

Cited by 17 (11 self)
 Add to MetaCart
Many important tasks in circuit design and verification can be performed in practice via reductions to Boolean Satisfiability (SAT), making SAT a fundamental EDA problem. However such reductions often leave out applicationspecific structure, thus handicapping EDA tools in their competition with creative engineers. Successful attempts to represent and utilize additional structure on Boolean variables include recent work on 01 Integer Linear Programming (ILP) and on symmetries in SAT. Those extensions gracefully...
EVC: A Validity Checker for the Logic of Equality with Uninterpreted Functions and Memories, Exploiting Positive Equality, and Conservative Transformations
 AND CONSERVATIVE TRANSFORMATIONS,” 3 COMPUTERAIDED VERIFICATION (CAV ’01
, 2001
"... The property of Positive Equality [2] dramatically speeds up validity checking of formulas in the logic of Equality with Uninterpreted Functions and Memories (EUFM) [4]. The logic expresses correctness of highlevel microprocessors. We present ..."
Abstract

Cited by 17 (12 self)
 Add to MetaCart
The property of Positive Equality [2] dramatically speeds up validity checking of formulas in the logic of Equality with Uninterpreted Functions and Memories (EUFM) [4]. The logic expresses correctness of highlevel microprocessors. We present
Automatic Abstraction of Memories in the Formal Verification of Superscalar Microprocessors
 Proceedings of the 7th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
, 2001
"... A system of conservative transformation rules is presented for abstracting memories whose forwarding logic interacts with stalling conditions for preserving the memory semantics in microprocessors with inorder execution. Microprocessor correctness is expressed in the logic of Equality with Uninterp ..."
Abstract

Cited by 17 (12 self)
 Add to MetaCart
A system of conservative transformation rules is presented for abstracting memories whose forwarding logic interacts with stalling conditions for preserving the memory semantics in microprocessors with inorder execution. Microprocessor correctness is expressed in the logic of Equality with Uninterpreted Functions and Memories (EUFM) [6]. Memory reads and writes are abstracted as arbitrary uninterpreted functions in such a way that the forwarding property of the memory semanticsthat a read returns the data most recently written to an equal write addressis satisfied completely only when exactly the same pair of one read and one write address is compared for equality in the stalling logic. These transformations are applied entirely automatically by a tool for formal verification of microprocessors, based on EUFM, the Burch and Dill flushing technique [6], and the properties of Positive Equality [3]. An order of magnitude reduction is achieved in the number of e ij Boolean variables [9] that encode the equality comparisons of register identifiers in the correctness formulas for singleissue pipelined and dualissue superscalar microprocessors with multicycle functional units, exceptions, and branch prediction. That results in up to 40 reduction in the CPU time for the formal verification of the dualissue superscalar microprocessors.
Exploiting Signal Unobservability for Efficient Translation to CNF in Formal Verification of Microprocessors
, 2004
"... The paper presents a method for translating Boolean circuits to CNF by identifying trees of ITE operators, where each ITE has fanout count of 1, and representing every such tree with a single set of equivalent CNF clauses without intermediate variables for ITE outputs, except for the tree output. Th ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
The paper presents a method for translating Boolean circuits to CNF by identifying trees of ITE operators, where each ITE has fanout count of 1, and representing every such tree with a single set of equivalent CNF clauses without intermediate variables for ITE outputs, except for the tree output. This not only eliminates intermediate variables, but also reduces the number of clauses, compared to conventional translation to CNF, where each ITE is assigned an output variable and is represented with a separate set of clauses. Other gates with fanout count of 1 are similarly merged with their fanout gate to generate a single set of equivalent clauses. This translation to CNF was implemented in a decision procedure for the logic of Equality with Uninterpreted Functions and Memories (EUFM), and was applied to formulas from formal verification of microprocessors. To increase the number of ITEtrees in the Boolean formulas, the decision procedure was optimized to preserve the ITEtree structure of arguments to equality comparisons. In conventional translation to CNF with the unoptimized decision procedure, the benchmark formulas require up to hundreds of thousands of CNF variables and millions of clauses. The best translation strategy reduced the CNF variables by up to 8×; the clauses by up to 17×; the SATsolver decisions by up to 79×; the SATsolver conflicts by up to 96×; and accelerated the SAT solving by up to 420 ×.