Results 1  10
of
157
Z3: An Efficient SMT Solver
 In Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS
, 2008
"... Abstract. Satisfiability Modulo Theories (SMT) problem is a decision problem for logical first order formulas with respect to combinations of background theories such as: arithmetic, bitvectors, arrays, and uninterpreted functions. Z3 is a new and efficient SMT Solver freely available from Microsof ..."
Abstract

Cited by 419 (23 self)
 Add to MetaCart
Abstract. Satisfiability Modulo Theories (SMT) problem is a decision problem for logical first order formulas with respect to combinations of background theories such as: arithmetic, bitvectors, arrays, and uninterpreted functions. Z3 is a new and efficient SMT Solver freely available from Microsoft Research. It is used in various software verification and analysis applications. 1
A decision procedure for bitvectors and arrays
 In Computer Aided Verification, number 4590 in LNCS
, 2007
"... Abstract. STP is a decision procedure for the satisfiability of quantifierfree formulas in the theory of bitvectors and arrays that has been optimized for large problems encountered in software analysis applications. The basic architecture of the procedure consists of wordlevel preprocessing alg ..."
Abstract

Cited by 128 (7 self)
 Add to MetaCart
Abstract. STP is a decision procedure for the satisfiability of quantifierfree formulas in the theory of bitvectors and arrays that has been optimized for large problems encountered in software analysis applications. The basic architecture of the procedure consists of wordlevel preprocessing algorithms followed by translation to SAT. The primary bottlenecks in software verification and bug finding applications are large arrays and linear bitvector arithmetic. New algorithms based on the abstractionrefinement paradigm are presented for reasoning about large arrays. A solver for bitvector linear arithmetic is presented that eliminates variables and parts of variables to enable other transformations, and reduce the size of the problem that is eventually received by the SAT solver. These and other algorithms have been implemented in STP, which has been heavily tested over thousands of examples obtained from several realworld applications. Experimental results indicate that the above mix of algorithms along with the overall architecture is far more effective, for a variety of applications, than a direct translation of the original formula to SAT or other comparable decision procedures. 1
Lazy Satisfiability Modulo Theories
 Journal on Satisfiability, Boolean Modeling and Computation
, 2007
"... Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingl ..."
Abstract

Cited by 74 (32 self)
 Add to MetaCart
Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingly important due to its applications in many domains in different communities, in particular in formal verification. An amount of papers with novel and very efficient techniques for SMT has been published in the last years, and some very efficient SMT tools are now available. Typical SMT (T) problems require testing the satisfiability of formulas which are Boolean combinations of atomic propositions and atomic expressions in T, so that heavy Boolean reasoning must be efficiently combined with expressive theoryspecific reasoning. The dominating approach to SMT (T), called lazy approach, is based on the integration of a SAT solver and of a decision procedure able to handle sets of atomic constraints in T (Tsolver), handling respectively the Boolean and the theoryspecific components of reasoning. Unfortunately, neither the problem of building an efficient SMT solver, nor even that of acquiring a comprehensive background knowledge in lazy SMT, is of simple solution. In this paper we present an extensive survey of SMT, with particular focus on the lazy approach. We survey, classify and analyze from a theoryindependent perspective the most effective techniques and optimizations which are of interest for lazy SMT and which have been proposed in various communities; we discuss their relative benefits and drawbacks; we provide some guidelines about their choice and usage; we also analyze the features for SAT solvers and Tsolvers which make them more suitable for an integration. The ultimate goals of this paper are to become a source of a common background knowledge and terminology for students and researchers in different areas, to provide a reference guide for developers of SMT tools, and to stimulate the crossfertilization of techniques and ideas among different communities.
Back to the Future  Revisiting Precise Program Verification using SMT Solvers
 POPL'08
, 2008
"... This paper takes a fresh look at the problem of precise verification of heapmanipulating programs using firstorder SatisfiabilityModuloTheories (SMT) solvers. We augment the specification logic of such solvers by introducing the Logic of Interpreted Sets and Bounded Quantification for specifying ..."
Abstract

Cited by 65 (14 self)
 Add to MetaCart
This paper takes a fresh look at the problem of precise verification of heapmanipulating programs using firstorder SatisfiabilityModuloTheories (SMT) solvers. We augment the specification logic of such solvers by introducing the Logic of Interpreted Sets and Bounded Quantification for specifying properties of heapmanipulating programs. Our logic is expressive, closed under weakest preconditions, and efficiently implementable on top of existing SMT solvers. We have created a prototype implementation of our logic over the solvers SIMPLIFY and Z3 and used our prototype to verify many programs. Our preliminary experience is encouraging; the completeness and the efficiency of the decision procedure is clearly evident in practice and has greatly improved the user experience of the verifier.
The yices smt solver
, 2006
"... Abstract. SMT stands for Satisfiability Modulo Theories. An SMT solver decides the satisfiability of propositionally complex formulas in theories such as arithmetic and uninterpreted functions with equality. SMT solving has numerous applications in automated theorem proving, in hardware and software ..."
Abstract

Cited by 50 (0 self)
 Add to MetaCart
Abstract. SMT stands for Satisfiability Modulo Theories. An SMT solver decides the satisfiability of propositionally complex formulas in theories such as arithmetic and uninterpreted functions with equality. SMT solving has numerous applications in automated theorem proving, in hardware and software verification, and in scheduling and planning problems. This paper describes Yices, an efficient SMT solver developed at SRI International. Yices supports a rich combination of firstorder theories that occur frequently in software and hardware modeling: arithmetic, uninterpreted functions, bit vectors, arrays, recursive datatypes, and more. Beyond pure SMT solving, Yices can solve weighted MAXSMT problems, compute unsatisfiable cores, and construct models. Yices is the main decision procedure used by the SAL model checking environment, and it is being integrated to the PVS theorem prover. As a MAXSMT solver, Yices is the main component of the probabilistic consistency engine used in SRI’s CALO system. 1
Efficient Ematching for SMT solvers
, 2007
"... Satisfiability Modulo Theories (SMT) solvers have proven highly scalable, efficient and suitable for integrating theory reasoning. However, for numerous applications from program analysis and verification, the ground fragment is insufficient, as proof obligations often include quantifiers. A well ..."
Abstract

Cited by 35 (7 self)
 Add to MetaCart
Satisfiability Modulo Theories (SMT) solvers have proven highly scalable, efficient and suitable for integrating theory reasoning. However, for numerous applications from program analysis and verification, the ground fragment is insufficient, as proof obligations often include quantifiers. A well known approach for quantifier reasoning uses a matching algorithm that works against an Egraph to instantiate quantified variables. This paper introduces algorithms that identify matches on Egraphs incrementally and efficiently. In particular, we introduce an index that works on Egraphs, called Ematching code trees that combine features of substitution and code trees, used in saturation based theorem provers. Ematching code trees allow performing matching against several patterns simultaneously. The code trees are combined with an additional index, called the inverted path index, which filters Egraph terms that may potentially match patterns when the Egraph is updated. Experimental results show substantial performance improvements over existing stateoftheart SMT solvers.
Efficient Interpolant Generation in Satisfiability Modulo Theories ⋆
, 2007
"... Abstract. The problem of computing Craig Interpolants for propositional (SAT) formulas has recently received a lot of interest, mainly for its applications in formal verification. However, propositional logic is often not expressive enough for representing many interesting verification problems, whi ..."
Abstract

Cited by 27 (5 self)
 Add to MetaCart
Abstract. The problem of computing Craig Interpolants for propositional (SAT) formulas has recently received a lot of interest, mainly for its applications in formal verification. However, propositional logic is often not expressive enough for representing many interesting verification problems, which can be more naturally addressed in the framework of Satisfiability Modulo Theories, SMT. Although some works have addressed the topic of generating interpolants in SMT, the techniques and tools that are currently available have some limitations, and their performace still does not exploit the full power of current stateoftheart SMT solvers. In this paper we try to close this gap. We present several techniques for interpolant generation in SMT which overcome the limitations of the current generators mentioned above, and which take full advantage of stateoftheart SMT technology. These novel techniques can lead to substantial performance improvements wrt. the currently available tools. We support our claims with an extensive experimental evaluation of our implementation of the proposed techniques in the MathSAT SMT solver. 1
Delayed theory combination vs. NelsonOppen for satisfiability modulo theories: A comparative analysis
 IN PROC. LPAR’06, VOLUME 4246 OF LNAI
, 2006
"... Many approaches for Satisfiability Modulo Theory (SMT(T)) rely on the integration between a SAT solver and a decision procedure for sets of literals in the background theory T (Tsolver). When T is the combination T1 ∪ T2 of two simpler theories, the approach is typically handled by means of Nelson ..."
Abstract

Cited by 21 (7 self)
 Add to MetaCart
Many approaches for Satisfiability Modulo Theory (SMT(T)) rely on the integration between a SAT solver and a decision procedure for sets of literals in the background theory T (Tsolver). When T is the combination T1 ∪ T2 of two simpler theories, the approach is typically handled by means of NelsonOppen’s (NO) theory combination schema in which two specific Tsolvers deduce and exchange (disjunctions of) interface equalities. In recent papers we have proposed a new approach to SMT(T1 ∪ T2), called Delayed Theory Combination (DTC). Here part or all the (possibly very expensive) task of deducing interface equalities is played by the SAT solver itself, at the potential cost of an enlargement of the boolean search space. In principle this enlargement could be up to exponential in the number of interface equalities generated. In this paper we show that this estimate was too pessimistic. We present a comparative analysis of DTC vs. NO for SMT(T1 ∪T2), which shows that, using stateoftheart SATsolving techniques, the amount of boolean branches performed by DTC can be upper bounded by the number of deductions and boolean branches performed by NO on the same problem. We prove the result for different deduction capabilities of the Tsolvers and for both convex and nonconvex theories.
Compositional verification for componentbased systems and application
 in Proc. ATVA
, 2008
"... We present a compositional method for the verification of componentbased systems described in a subset of the BIP language encompassing multiparty interaction without data transfer. The method is based on the use of two kinds of invariants. Component invariants are overapproximations of component ..."
Abstract

Cited by 21 (11 self)
 Add to MetaCart
We present a compositional method for the verification of componentbased systems described in a subset of the BIP language encompassing multiparty interaction without data transfer. The method is based on the use of two kinds of invariants. Component invariants are overapproximations of components ’ reachability sets. Interaction invariants are global constraints on the states of components involved in interactions. The method has been implemented in the DFinder tool and has been applied for checking deadlockfreedom. The experimental results on nontrivial examples show that our method allow either to prove deadlockfreedom or to identify very few deadlock configurations that can be analyzed by using state space exploration. 1