Results 1 
9 of
9
N.: Z3: An efficient SMT solver. In:
 Proc. of 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems.
, 2008
"... ..."
(Show Context)
Engineering DPLL(T) + saturation
 PROC. 4TH IJCAR
, 2008
"... Satisfiability Modulo Theories (SMT) solvers have proven highly scalable, efficient and suitable for integrated theory reasoning. The most efficient SMT solvers rely on refutationally incomplete methods for incorporating quantifier reasoning. We describe a calculus and a system that tightly integra ..."
Abstract

Cited by 10 (2 self)
 Add to MetaCart
(Show Context)
Satisfiability Modulo Theories (SMT) solvers have proven highly scalable, efficient and suitable for integrated theory reasoning. The most efficient SMT solvers rely on refutationally incomplete methods for incorporating quantifier reasoning. We describe a calculus and a system that tightly integrates Superposition and DPLL(T). In the calculus, all nonunit ground clauses are delegated to the DPLL(T) core. The integration is tight, dependencies on case splits are tracked as hypotheses in the saturation engine. The hypotheses are discharged during backtracking. The combination is refutationally complete for firstorder logic, and its implementation is competitive in performance with Ematching based SMT solvers on problems they are good at.
The Strategy Challenge in SMT Solving
"... Abstract. Highperformance SMT solvers contain many tightly integrated, handcrafted heuristic combinations of algorithmic proof methods. While these heuristic combinations tend to be highly tuned for known classes of problems, they may easily perform badly on classes of problems not anticipated by ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Highperformance SMT solvers contain many tightly integrated, handcrafted heuristic combinations of algorithmic proof methods. While these heuristic combinations tend to be highly tuned for known classes of problems, they may easily perform badly on classes of problems not anticipated by solver developers. This issue is becoming increasingly pressing as SMT solvers begin to gain the attention of practitioners in diverse areas of science and engineering. We present a challenge to the SMT community: to develop methods through which users can exert strategic control over core heuristic aspects of SMT solvers. We present evidence that the adaptation of ideas of strategy prevalent both within the Argonne and LCF theorem proving paradigms can go a long way towards realizing this goal. Prologue. Bill McCune, Kindness and Strategy, by Grant Passmore I would like to tell a short story about Bill, of how I met him, and one way his work and kindness impacted my life.
A Tale Of Two Solvers: Eager and Lazy Approaches to Bitvectors?
"... Abstract. The standard method for deciding bitvector constraints is via eager reduction to propositional logic. This is usually done after first applying powerful rewrite techniques. While often efficient in practice, this method does not scale on problems for which toplevel rewrites cannot reduce ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
Abstract. The standard method for deciding bitvector constraints is via eager reduction to propositional logic. This is usually done after first applying powerful rewrite techniques. While often efficient in practice, this method does not scale on problems for which toplevel rewrites cannot reduce the problem size sufficiently. A lazy solver can target such problems by doing many satisfiability checks, each of which only reasons about a small subset of the problem. In addition, the lazy approach enables a wide range of optimization techniques that are not available to the eager approach. In this paper we describe the architecture and features of our lazy solver (LBV). We provide a comparative analysis of the eager and lazy approaches, and show how they are complementary in terms of the types of problems they can efficiently solve. For this reason, we propose a portfolio approach that runs a lazy and eager solver in parallel. Our empirical evaluation shows that the lazy solver can solve problems none of the eager solvers can and that the portfolio solver outperforms other solvers both in terms of total number of problems solved and the time taken to solve them. 1
An Efficient and Trustworthy Theory Solver for Bitvectors in Satisfiability Modulo Theories
, 2015
"... ..."
(Show Context)
ConflictDirected Graph Coverage
"... Abstract. Many formal method tools for increasing software reliability apply Satisfiability Modulo Theories (SMT) solvers to enumerate feasible paths in a program subject to certain coverage criteria. Examples include inconsistent code detection tools and concolic test case generators. These tools ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. Many formal method tools for increasing software reliability apply Satisfiability Modulo Theories (SMT) solvers to enumerate feasible paths in a program subject to certain coverage criteria. Examples include inconsistent code detection tools and concolic test case generators. These tools have in common that they typically treat the SMT solver as a black box, relying on its ability to efficiently search through large search spaces. However, in practice the performance of SMT solvers often degrades significantly if the search involves reasoning about complex controlflow. In this paper, we open the black box and devise a new algorithm for this problem domain that we call conflictdirected graph coverage. Our algorithm relies on two core components of an SMT solver, namely conflictdirected learning and deduction by propagation, and applies domainspecific modifications for reasoning about controlflow graphs. We implemented conflictdirected coverage and used it for detecting code inconsistencies in several large Java opensource projects with over one million lines of code in total. The new algorithm yields significant performance gains on average compared to previous algorithms and reduces the running times on hard search instances from hours to seconds.
A Proof Slicing Framework for Program Verification
"... Abstract. In the context of program verification, we propose a formal framework for proof slicing that can aggressively reduce the size of proof obligations as a means of performance improvement. In particular, each large proof obligation may be broken down into smaller proofs, for which the overall ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. In the context of program verification, we propose a formal framework for proof slicing that can aggressively reduce the size of proof obligations as a means of performance improvement. In particular, each large proof obligation may be broken down into smaller proofs, for which the overall processing cost can be greatly reduced, and be even more effective under proof caching. Our proposal is built on top of existing automatic provers, including the stateoftheart prover Z3, and can also be viewed as a reengineering effort in proof decomposition that attempts to avoid largesized proofs for which these provers may be particularly inefficient. In our approach, we first develop a calculus that formalizes a complete proof slicing procedure, which is followed by the development of an aggressive proof slicing method. Retaining completeness is important, and thus in our experiments the complete method serves as a backup for the cases when the aggressive procedure fails. The foundations of the aggressive slicing procedure are based on a novel lightweight annotation scheme that captures weak links between subformulas of a proof obligation; the annotations can be inferred automatically in practice, and thus both methods are fully automated. We support our theoretical developments with experimental results, which show significant improvements in the verification of complex programs, where richer specifications are often captured via loosely connected static properties. 1
Satisfiability Modulo Bitprecise Theories for Program Exploration
"... The Satisfiability Modulo Theories solver Z3 [10] is used in several program analysis and verification tools at Microsoft Research. Some of these tools require bitprecise reasoning for accurately modeling machine arithmetic instructions. But this alone is rarely sufficient, and an integration wit ..."
Abstract
 Add to MetaCart
(Show Context)
The Satisfiability Modulo Theories solver Z3 [10] is used in several program analysis and verification tools at Microsoft Research. Some of these tools require bitprecise reasoning for accurately modeling machine arithmetic instructions. But this alone is rarely sufficient, and an integration with other theories is required. The Pex tool [20] performs program exploration of.NET programs by generating and solving path conditions corresponding to paths that get explored during concrete execution. The path conditions reflect directly the executed instructions, including ones involving machine arithmetic supported by the CLR. The path conditions include also operations on heaps and structures. Pex relies on Z3’s ability to produce models for satisfiable path conditions, the models must reflect the combination of the involved theories: bitvectors, arrays, and tuples. This paper describes the features of Z3 that are used by Pex.
TurboCharging Lemmas on Demand with Don’t Care Reasoning
"... Abstract—Lemmas on demand is an abstraction/refinement technique for procedures deciding Satisfiability Modulo Theories (SMT), which iteratively refines full candidate models of the formula abstraction until convergence. In this paper, we introduce a dual propagationbased technique for optimizing l ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract—Lemmas on demand is an abstraction/refinement technique for procedures deciding Satisfiability Modulo Theories (SMT), which iteratively refines full candidate models of the formula abstraction until convergence. In this paper, we introduce a dual propagationbased technique for optimizing lemmas on demand by extracting partial candidate models via don’t care reasoning on full candidate models. Further, we compare our approach to a justificationbased approach similar to techniques employed in the context of model checking. We implemented both optimizations in our SMT solver Boolector and provide an extensive experimental evaluation, which shows that by enhancing lemmas on demand with don’t care reasoning, the number of lemmas generated, and consequently the solver runtime, is reduced considerably. I.