Results 1  10
of
48
Lazy Satisfiability Modulo Theories
 JOURNAL ON SATISFIABILITY, BOOLEAN MODELING AND COMPUTATION 3 (2007) 141Â224
, 2007
"... Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingl ..."
Abstract

Cited by 161 (45 self)
 Add to MetaCart
(Show Context)
Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingly important due to its applications in many domains in different communities, in particular in formal verification. An amount of papers with novel and very efficient techniques for SMT has been published in the last years, and some very efficient SMT tools are now available. Typical SMT (T) problems require testing the satisfiability of formulas which are Boolean combinations of atomic propositions and atomic expressions in T, so that heavy Boolean reasoning must be efficiently combined with expressive theoryspecific reasoning. The dominating approach to SMT (T), called lazy approach, is based on the integration of a SAT solver and of a decision procedure able to handle sets of atomic constraints in T (Tsolver), handling respectively the Boolean and the theoryspecific components of reasoning. Unfortunately, neither the problem of building an efficient SMT solver, nor even that
Efficient satisfiability modulo theories via delayed theory combination
 In Proc. CAV 2005, volume 3576 of LNCS
, 2005
"... Abstract. The problem of deciding the satisfiability of a quantifierfree formula with respect to a background theory, also known as Satisfiability Modulo Theories (SMT), is gaining increasing relevance in verification: representation capabilities beyond propositional logic allow for a natural model ..."
Abstract

Cited by 36 (12 self)
 Add to MetaCart
(Show Context)
Abstract. The problem of deciding the satisfiability of a quantifierfree formula with respect to a background theory, also known as Satisfiability Modulo Theories (SMT), is gaining increasing relevance in verification: representation capabilities beyond propositional logic allow for a natural modeling of realworld problems (e.g., pipeline and RTL circuits verification, proof obligations in software systems). In this paper, we focus on the case where the background theory is the combination T1 £ T2 of two simpler theories. Many SMT procedures combine a boolean model enumeration with a decision procedure for T1 £ T2, where conjunctions of literals can be decided by an integration schema such as NelsonOppen, via a structured exchange of interface formulae (e.g., equalities in the case of convex theories, disjunctions of equalities otherwise). We propose a new approach for SMT¤T1 £ T2¥, called Delayed Theory Combination, which does not require a decision procedure for T1 £ T2, but only individual decision procedures for T1 and T2, which are directly integrated into the boolean model enumerator. This approach is much simpler and natural, allows each of the solvers to be implemented and optimized without taking into account the others, and it nicely encompasses the case of nonconvex theories. We show the effectiveness of the approach by a thorough experimental comparison. 1
On a Rewriting Approach to Satisfiability Procedures: Extension, Combination of Theories and an Experimental Appraisal
, 2005
"... The rewriting approach to Tsatisfiability is based on establishing termination of a rewritebased inference system for firstorder logic on the Tsatisfiability problem. Extending previous such results, including the quantifierfree theory of equality and the theory of arrays with or without exte ..."
Abstract

Cited by 31 (19 self)
 Add to MetaCart
The rewriting approach to Tsatisfiability is based on establishing termination of a rewritebased inference system for firstorder logic on the Tsatisfiability problem. Extending previous such results, including the quantifierfree theory of equality and the theory of arrays with or without extensionality, we prove termination for the theories of records with or without extensionality, integer offsets and integer offsets modulo. A general theorem for termination on combinations of theories, that covers any combination of the theories above, is given next. For empirical evaluation, the rewritebased theorem prover E is compared with the validity checkers CVC and CVC Lite, on both synthetic and realworld benchmarks, including both valid and invalid instances. Parametric synthetic benchmarks test scalability, while realworld benchmarks test ability to handle huge sets of literals. Contrary to the folklore that a generalpurpose prover cannot compete with specialized reasoners, the experiments are overall favorable to the theorem prover, showing that the rewriting approach is both elegant and practical.
Expressiveness + automation + soundness: Towards combining SMT solvers and interactive proof assistants
 IN TOOLS AND ALGORITHMS FOR CONSTRUCTION AND ANALYSIS OF SYSTEMS (TACAS
, 2006
"... Formal system development needs expressive specification languages, but also calls for highly automated tools. These two goals are not easy to reconcile, especially if one also aims at high assurances for correctness. In this paper, we describe a combination of Isabelle/HOL with a proofproducing ..."
Abstract

Cited by 29 (5 self)
 Add to MetaCart
(Show Context)
Formal system development needs expressive specification languages, but also calls for highly automated tools. These two goals are not easy to reconcile, especially if one also aims at high assurances for correctness. In this paper, we describe a combination of Isabelle/HOL with a proofproducing SMT (Satisfiability Modulo Theories) solver that contains a SAT engine and a decision procedure for quantifierfree firstorder logic with equality. As a result, a user benefits from the expressiveness of Isabelle/HOL when modeling a system, but obtains much better automation for those fragments of the proofs that fall within the scope of the (automatic) SMT solver. Soundness is not compromised because all proofs are submitted to the trusted kernel of Isabelle for certification. This architecture is straightforward to extend for other interactive proof assistants and proofproducing reasoners.
Decision Procedures for Extensions of the Theory of Arrays
 Annals of Mathematics and Artificial Intelligence
"... Abstract The theory of arrays, introduced by McCarthy in his seminal paper “Towards a mathematical science of computation”, is central to Computer Science. Unfortunately, the theory alone is not sufficient for many important verification applications such as program analysis. Motivated by this obser ..."
Abstract

Cited by 23 (2 self)
 Add to MetaCart
(Show Context)
Abstract The theory of arrays, introduced by McCarthy in his seminal paper “Towards a mathematical science of computation”, is central to Computer Science. Unfortunately, the theory alone is not sufficient for many important verification applications such as program analysis. Motivated by this observation, we study extensions of the theory of arrays whose satisfiability problem (i.e. checking the satisfiability of conjunctions of ground literals) is decidable. In particular, we consider extensions where the indexes of arrays have the algebraic structure of Presburger Arithmetic and the theory of arrays is augmented with axioms characterizing additional symbols such as dimension, sortedness, or the domain of definition of arrays. We provide methods for integrating available decision procedures for the theory of arrays and Presburger Arithmetic with automatic instantiation strategies which allow us to reduce the satisfiability problem for the extension of the theory of arrays to that of the theories decided by the available procedures. Our approach aims to reuse as much as possible existing techniques so as to ease the implementation of the proposed methods. To this end, we show how to use modeltheoretic, rewritingbased theorem proving
Decidability and undecidability results for NelsonOppen and rewritebased decision procedures
 In Proc. IJCAR3, U. Furbach and
, 2006
"... Abstract. In the context of combinations of theories with disjoint signatures, we classify the component theories according to the decidability of constraint satisfiability problems in arbitrary and in infinite models, respectively. We exhibit a theory T1 such that satisfiability is decidable, but s ..."
Abstract

Cited by 21 (13 self)
 Add to MetaCart
(Show Context)
Abstract. In the context of combinations of theories with disjoint signatures, we classify the component theories according to the decidability of constraint satisfiability problems in arbitrary and in infinite models, respectively. We exhibit a theory T1 such that satisfiability is decidable, but satisfiability in infinite models is undecidable. It follows that satisfiability in T1 ∪ T2 is undecidable, whenever T2 has only infinite models, even if signatures are disjoint and satisfiability in T2 is decidable. In the second part of the paper we strengthen the NelsonOppen decidability transfer result, by showing that it applies to theories over disjoint signatures, whose satisfiability problem, in either arbitrary or infinite models, is decidable. We show that this result covers decision procedures based on rewriting, complementing recent work on combination of theories in the rewritebased approach to satisfiability. 1
A theory of singlylinked lists and its extensible decision procedure
 In SEFM
, 2006
"... The key to many approaches to reason about pointerbased data structures is the availability of a decision procedure to automatically discharge proof obligations in a theory encompassing data, pointers, and the reachability relation induced by pointers. So far, only approximate solutions have be ..."
Abstract

Cited by 20 (0 self)
 Add to MetaCart
(Show Context)
The key to many approaches to reason about pointerbased data structures is the availability of a decision procedure to automatically discharge proof obligations in a theory encompassing data, pointers, and the reachability relation induced by pointers. So far, only approximate solutions have been proposed which abstract either the data or the reachability component. Indeed, such approximations cause a lack of precision in the verication techniques where the decision procedures are exploited. In this paper, we consider the pointerbased data structure of singlylinked lists and dene a Theory of Linked Lists (TLL). The theory is expressive since it is capable of precisely expressing both data and reachability constraints, while ensuring decidability. Furthermore, its decidability problem is NPcomplete. We also design a practical decision procedure for TLL which can be combined with a wide range of available decision procedures for theories in rstorder logic. 1.
Fast Reflexive Arithmetic Tactics the linear case and beyond
 in &quot;Types for Proofs and Programs (TYPES’06)&quot;, Lecture Notes in Computer Science
, 2006
"... Abstract. When goals fall in decidable logic fragments, users of proofassistants expect automation. However, despite the availability of decision procedures, automation does not come for free. The reason is that decision procedures do not generate proof terms. In this paper, we show how to design ef ..."
Abstract

Cited by 20 (5 self)
 Add to MetaCart
(Show Context)
Abstract. When goals fall in decidable logic fragments, users of proofassistants expect automation. However, despite the availability of decision procedures, automation does not come for free. The reason is that decision procedures do not generate proof terms. In this paper, we show how to design efficient and lightweight reflexive tactics for a hierarchy of quantifierfree fragments of integer arithmetics. The tactics can cope with a wide class of linear and nonlinear goals. For each logic fragment, offtheshelf algorithms generate certificates of infeasibility that are then validated by straightforward reflexive checkers proved correct inside the proofassistant. This approach has been prototyped using the Coq proofassistant. Preliminary experiments are promising as the tactics run fast and produce small proof terms. 1
A case study of C source code verification: the SchorrWaite algorithm
 In 3rd IEEE Intl. Conf. SEFM’05
, 2005
"... We describe an experiment of formal verification of C source code, using the CADUCEUS tool. We performed a full formal proof of the classical SchorrWaite graphmarking algorithm, which has already been used several times as a case study for formal reasoning on pointer programs. Our study is origina ..."
Abstract

Cited by 16 (0 self)
 Add to MetaCart
(Show Context)
We describe an experiment of formal verification of C source code, using the CADUCEUS tool. We performed a full formal proof of the classical SchorrWaite graphmarking algorithm, which has already been used several times as a case study for formal reasoning on pointer programs. Our study is original with respect to previous experiments for several reasons. First, we use a generalpurpose tool for C programs: we start from a real source code written in C, specified using an annotation language for arbitrary C programs. Second, we use several theorem provers as backends, both automatic and interactive. Third, we indeed formally establish more properties of the algorithm than previous works, in particular a formal proof of termination is made 1. Keywords: Formal verification, FloydHoare logic, Pointer programs, Aliasing, C programming language. The SchorrWaite algorithm is the first moutain that any formalism for pointer aliasing should climb. — Richard Bornat ([4], page 121) 1.