Results 1  10
of
42
Lazy Satisfiability Modulo Theories
 JOURNAL ON SATISFIABILITY, BOOLEAN MODELING AND COMPUTATION 3 (2007) 141Â224
, 2007
"... Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingl ..."
Abstract

Cited by 189 (50 self)
 Add to MetaCart
(Show Context)
Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingly important due to its applications in many domains in different communities, in particular in formal verification. An amount of papers with novel and very efficient techniques for SMT has been published in the last years, and some very efficient SMT tools are now available. Typical SMT (T) problems require testing the satisfiability of formulas which are Boolean combinations of atomic propositions and atomic expressions in T, so that heavy Boolean reasoning must be efficiently combined with expressive theoryspecific reasoning. The dominating approach to SMT (T), called lazy approach, is based on the integration of a SAT solver and of a decision procedure able to handle sets of atomic constraints in T (Tsolver), handling respectively the Boolean and the theoryspecific components of reasoning. Unfortunately, neither the problem of building an efficient SMT solver, nor even that
DPLL(T): Fast Decision Procedures
, 2004
"... The logic of equality with uninterpreted functions (EUF) and its extensions have been widely applied to processor verification, by means of a large variety of progressively more sophisticated (lazy or eager) translations into propositional SAT. Here we propose a new approach, namely a general DP ..."
Abstract

Cited by 141 (14 self)
 Add to MetaCart
The logic of equality with uninterpreted functions (EUF) and its extensions have been widely applied to processor verification, by means of a large variety of progressively more sophisticated (lazy or eager) translations into propositional SAT. Here we propose a new approach, namely a general DPLL(X) engine, whose parameter X can be instantiated with a specialized solver Solver T for a given theory T , thus producing a system DPLL(T ). We describe this DPLL(T ) scheme, the interface between DPLL(X) and Solver T , the architecture of DPLL(X), and our solver for EUF, which includes incremental and backtrackable congruence closure algorithms for dealing with the builtin equality and the integer successor and predecessor symbols. Experiments with a first implementation indicate that our technique already outperforms the previous methods on most benchmarks, and scales up very well.
The yices smt solver
, 2006
"... Abstract. SMT stands for Satisfiability Modulo Theories. An SMT solver decides the satisfiability of propositionally complex formulas in theories such as arithmetic and uninterpreted functions with equality. SMT solving has numerous applications in automated theorem proving, in hardware and software ..."
Abstract

Cited by 97 (1 self)
 Add to MetaCart
(Show Context)
Abstract. SMT stands for Satisfiability Modulo Theories. An SMT solver decides the satisfiability of propositionally complex formulas in theories such as arithmetic and uninterpreted functions with equality. SMT solving has numerous applications in automated theorem proving, in hardware and software verification, and in scheduling and planning problems. This paper describes Yices, an efficient SMT solver developed at SRI International. Yices supports a rich combination of firstorder theories that occur frequently in software and hardware modeling: arithmetic, uninterpreted functions, bit vectors, arrays, recursive datatypes, and more. Beyond pure SMT solving, Yices can solve weighted MAXSMT problems, compute unsatisfiable cores, and construct models. Yices is the main decision procedure used by the SAL model checking environment, and it is being integrated to the PVS theorem prover. As a MAXSMT solver, Yices is the main component of the probabilistic consistency engine used in SRI’s CALO system. 1
A.: Boolector: An efficient SMT solver for bitvectors and arrays
 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2009), Lecture Notes in Computer Science
, 2009
"... Abstract. Satisfiability Modulo Theories (SMT) is the problem of deciding satisfiability of a logical formula, expressed in a combination of firstorder theories. We present the architecture and selected features of Boolector, which is an efficient SMT solver for the quantifierfree theories of bit ..."
Abstract

Cited by 97 (9 self)
 Add to MetaCart
(Show Context)
Abstract. Satisfiability Modulo Theories (SMT) is the problem of deciding satisfiability of a logical formula, expressed in a combination of firstorder theories. We present the architecture and selected features of Boolector, which is an efficient SMT solver for the quantifierfree theories of bitvectors and arrays. It uses term rewriting, bitblasting to handle bitvectors, and lemmas on demand for arrays. 1
Bounded model checking and induction: From refutation to verification (extended abstract, category A
 Proceedings of the 15th International Conference on Computer Aided Verification, CAV 2003, volume 2725 of Lecture Notes in Computer Science
"... Abstract. We explore the combination of bounded model checking and induction for proving safety properties of infinitestate systems. In particular, we define a general kinduction scheme and prove completeness thereof. A main characteristic of our methodology is that strengthened invariants are gen ..."
Abstract

Cited by 68 (8 self)
 Add to MetaCart
(Show Context)
Abstract. We explore the combination of bounded model checking and induction for proving safety properties of infinitestate systems. In particular, we define a general kinduction scheme and prove completeness thereof. A main characteristic of our methodology is that strengthened invariants are generated from failed kinduction proofs. This strengthening step requires quantifierelimination, and we propose a lazy quantifierelimination procedure, which delays expensive computations of disjunctive normal forms when possible. The effectiveness of induction based on bounded model checking and invariant strengthening is demonstrated using infinitestate systems ranging from communication protocols to timed automata and (linear) hybrid automata. 1 Introduction Bounded model checking (BMC) [5, 4, 7] is often used for refutation, where one systematically searches for counterexamples whose length is bounded by some integer k. The bound k is increased until a bug is found, or some precomputed completeness threshold is reached. Unfortunately, the computation of completeness thresholds is usually prohibitively expensive and these thresholds may be too large to effectively explore the associated bounded search space. In addition, such completeness thresholds do not exist for many infinitestate systems.
DPLL(T) with Exhaustive Theory Propagation and its Application to Difference Logic
 In Proc. CAV’05, volume 3576 of LNCS
, 2005
"... Abstract. At CAV’04 we presented the DPLL(T) approach for satisfiability modulo theories T. It is based on a general DPLL(X) engine whose X can be instantiated with different theory solvers SolverT for conjunctions of literals. Here we go one important step further: we require SolverT to be able to ..."
Abstract

Cited by 51 (6 self)
 Add to MetaCart
Abstract. At CAV’04 we presented the DPLL(T) approach for satisfiability modulo theories T. It is based on a general DPLL(X) engine whose X can be instantiated with different theory solvers SolverT for conjunctions of literals. Here we go one important step further: we require SolverT to be able to detect all input literals that are Tconsequences of the partial model that is being explored by DPLL(X). Although at first sight this may seem too expensive, we show that for difference logic the benefits compensate by far the costs. Here we describe and discuss this new version of DPLL(T), the DPLL(X) engine, and our SolverT for difference logic. The resulting very simple DPLL(T) system importantly outperforms the existing techniques for this logic. Moreover, it has very good scaling properties: especially on the larger problems it gives improvements of orders of magnitude w.r.t. the existing stateoftheart tools. 1
LightWeight Theorem Proving for Debugging and Verifying Units of Code
, 2003
"... Software bugs are very difficult to detect even in small units of code. Several techniques to debug or prove correct such units are based on the generation of a set of formulae whose unsatisfiability reveals the presence of an error. These techniques assume the availability of a theorem prover capab ..."
Abstract

Cited by 51 (25 self)
 Add to MetaCart
(Show Context)
Software bugs are very difficult to detect even in small units of code. Several techniques to debug or prove correct such units are based on the generation of a set of formulae whose unsatisfiability reveals the presence of an error. These techniques assume the availability of a theorem prover capable of automatically discharging the resulting proof obligations. Building such a tool is a difficult, long, and errorprone activity. In this paper, we describe techniques to build provers which are highly automatic and flexible by combining stateoftheart superposition theorem provers and BDDs. We report experimental results on formulae extracted from the debugging of C functions manipulating pointers showing that an implementation of our techniques can discharge proof obligations which cannot be handled by Simplify (the theorem prover used in the ESC/Java tool) and performs much better on others. 1.
Proofproducing Congruence Closure
 16TH INTERNATIONAL CONFERENCE ON REWRITING TECHNIQUES AND APPLICATIONS
, 2005
"... Many applications of congruence closure nowadays require the ability of recovering, among the thousands of input equations, the small subset that caused the equivalence of a given pair of terms. For this purpose, here we introduce an incremental congruence closure algorithm that has an additional ..."
Abstract

Cited by 37 (2 self)
 Add to MetaCart
(Show Context)
Many applications of congruence closure nowadays require the ability of recovering, among the thousands of input equations, the small subset that caused the equivalence of a given pair of terms. For this purpose, here we introduce an incremental congruence closure algorithm that has an additional Explain operation. First, two variations of unionfind data structures with Explain are introduced. Then, these are applied inside a congruence closure algorithm with Explain, where a kstep proof can be recovered in almost optimal time (quasilinear in k), without increasing the overall O(n log n) runtime of the fastest known congruence closure algorithms. This nontrivial (ground) equational reasoning result has been quite intensively sought after (see, e.g., [SD99, dMRS04, KS04]), and moreover has important applications to verification.
Abstract DPLL and Abstract DPLL Modulo Theories
 In LPAR’04, LNAI 3452
, 2005
"... rulebased formulation of the DavisPutnamLogemannLoveland (DPLL) procedure. Its properties, such as soundness, completeness or termination, immediately carry over to the modern DPLL implementations with features such as nonchronological backtracking or clause learning. This allows one to formall ..."
Abstract

Cited by 37 (9 self)
 Add to MetaCart
rulebased formulation of the DavisPutnamLogemannLoveland (DPLL) procedure. Its properties, such as soundness, completeness or termination, immediately carry over to the modern DPLL implementations with features such as nonchronological backtracking or clause learning. This allows one to formally reason about practical DPLL algorithms in a simple way. In the second part of this paper we extend the framework to Abstract DPLL modulo theories. This allows us to express—and formally reason about—stateoftheart concrete DPLLbased techniques for satisfiability modulo background theories, such as the different lazy approaches, or our DPLL(T) framework. 1
Modeling and Verification of a FaultTolerant Realtime Startup Protocol using Calendar Automata
, 2004
"... We discuss the modeling and verification of realtime systems using the SAL model checker. A new modeling framework based on event calendars enables dense timed systems to be described without relying on continuously varying clocks. We present verification techniques that rely on induction and ab ..."
Abstract

Cited by 32 (2 self)
 Add to MetaCart
(Show Context)
We discuss the modeling and verification of realtime systems using the SAL model checker. A new modeling framework based on event calendars enables dense timed systems to be described without relying on continuously varying clocks. We present verification techniques that rely on induction and abstraction, and show how these techniques are e#ciently supported by the SAL symbolic modelchecking tools. The modeling and verification method is applied to the faulttolerant realtime startup protocol used in the Timed Triggered Architecture.