Results 1  10
of
32
Lazy Satisfiability Modulo Theories
 JOURNAL ON SATISFIABILITY, BOOLEAN MODELING AND COMPUTATION 3 (2007) 141Â224
, 2007
"... Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingl ..."
Abstract

Cited by 181 (47 self)
 Add to MetaCart
(Show Context)
Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingly important due to its applications in many domains in different communities, in particular in formal verification. An amount of papers with novel and very efficient techniques for SMT has been published in the last years, and some very efficient SMT tools are now available. Typical SMT (T) problems require testing the satisfiability of formulas which are Boolean combinations of atomic propositions and atomic expressions in T, so that heavy Boolean reasoning must be efficiently combined with expressive theoryspecific reasoning. The dominating approach to SMT (T), called lazy approach, is based on the integration of a SAT solver and of a decision procedure able to handle sets of atomic constraints in T (Tsolver), handling respectively the Boolean and the theoryspecific components of reasoning. Unfortunately, neither the problem of building an efficient SMT solver, nor even that
Extending Sledgehammer with SMT Solvers
"... Abstract. Sledgehammer is a component of Isabelle/HOL that employs firstorder automatic theorem provers (ATPs) to discharge goals arising in interactive proofs. It heuristically selects relevant facts and, if an ATP is successful, produces a snippet that replays the proof in Isabelle. We extended Sl ..."
Abstract

Cited by 47 (11 self)
 Add to MetaCart
(Show Context)
Abstract. Sledgehammer is a component of Isabelle/HOL that employs firstorder automatic theorem provers (ATPs) to discharge goals arising in interactive proofs. It heuristically selects relevant facts and, if an ATP is successful, produces a snippet that replays the proof in Isabelle. We extended Sledgehammer to invoke satisfiability modulo theories (SMT) solvers as well, exploiting its relevance filter and parallel architecture. Isabelle users are now pleasantly surprised by SMT proofs for problems beyond the ATPs ’ reach. Remarkably, the best SMT solver performs better than the best ATP on most of our benchmarks. 1
veriT: an open, trustable and efficient SMTsolver
 Proc. Conference on Automated Deduction (CADE), volume 5663 of Lecture Notes in Computer Science
, 2009
"... Abstract. This article describes the first public version of the satisfiability modulo theory (SMT) solver veriT. It is opensource, proofproducing, and complete for quantifierfree formulas with uninterpreted functions and difference logic on real numbers and integers. 1 ..."
Abstract

Cited by 38 (9 self)
 Add to MetaCart
(Show Context)
Abstract. This article describes the first public version of the satisfiability modulo theory (SMT) solver veriT. It is opensource, proofproducing, and complete for quantifierfree formulas with uninterpreted functions and difference logic on real numbers and integers. 1
Fast Reflexive Arithmetic Tactics the linear case and beyond
 in &quot;Types for Proofs and Programs (TYPES’06)&quot;, Lecture Notes in Computer Science
, 2006
"... Abstract. When goals fall in decidable logic fragments, users of proofassistants expect automation. However, despite the availability of decision procedures, automation does not come for free. The reason is that decision procedures do not generate proof terms. In this paper, we show how to design ef ..."
Abstract

Cited by 27 (5 self)
 Add to MetaCart
(Show Context)
Abstract. When goals fall in decidable logic fragments, users of proofassistants expect automation. However, despite the availability of decision procedures, automation does not come for free. The reason is that decision procedures do not generate proof terms. In this paper, we show how to design efficient and lightweight reflexive tactics for a hierarchy of quantifierfree fragments of integer arithmetics. The tactics can cope with a wide class of linear and nonlinear goals. For each logic fragment, offtheshelf algorithms generate certificates of infeasibility that are then validated by straightforward reflexive checkers proved correct inside the proofassistant. This approach has been prototyped using the Coq proofassistant. Preliminary experiments are promising as the tactics run fast and produce small proof terms. 1
Combined satisfiability modulo parametric theories
 Proceedings of the 13th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
, 2007
"... Abstract. We give a fresh theoretical foundation for designing comprehensive SMT solvers, generalizing in a practically motivated direction. We define parametric theories that most appropriately express the “logic ” of common data types. Our main result is a combination theorem for decision proced ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We give a fresh theoretical foundation for designing comprehensive SMT solvers, generalizing in a practically motivated direction. We define parametric theories that most appropriately express the “logic ” of common data types. Our main result is a combination theorem for decision procedures for disjoint theories of this kind. Virtually all of the deeply nested data structures (lists of arays of sets of...) that arise in verification work are covered. 1
Compressing propositional refutations
 Sixth International Workshop on Automated Verification of Critical Systems (AVOCS ’06) – Preliminary Proceedings
, 2006
"... We report initial results on shortening propositional resolution refutation proofs. This has an application in speeding up deductive reconstruction (in theorem provers) of large propositional refutations, such as those produced by SATsolvers. Key words: Proof verification, Propositional refutations ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
(Show Context)
We report initial results on shortening propositional resolution refutation proofs. This has an application in speeding up deductive reconstruction (in theorem provers) of large propositional refutations, such as those produced by SATsolvers. Key words: Proof verification, Propositional refutations 1
HOLBoogie  An interactive proverbackend for the Verifiying C Compiler
"... Boogie is a verification condition generator for an imperative core language. It has frontends for the programming languages C# and C enriched by annotations in firstorder logic, i. e. pre and postconditions, assertions, and loop invariants. Moreover, concepts like ghost fields, ghost variables, ..."
Abstract

Cited by 9 (4 self)
 Add to MetaCart
(Show Context)
Boogie is a verification condition generator for an imperative core language. It has frontends for the programming languages C# and C enriched by annotations in firstorder logic, i. e. pre and postconditions, assertions, and loop invariants. Moreover, concepts like ghost fields, ghost variables, ghost code and specification functions have been introduced to support a specific modeling methodology. Boogie’s verification conditions — constructed via a wp calculus from annotated programs — are usually transferred to automated theorem provers such as Simplify or Z3. This also comprises the expansion of languagespecific modeling constructs in terms of a theory describing memory and elementary operations on it; this theory is called a machine/memory model. In this paper, we present a proof environment, HOLBoogie, that combines Boogie with the interactive theorem prover Isabelle/HOL, for a specific C frontend and a machine/memory model. In particular, we present specific techniques combining automated and interactive proof methods for code verification. The main goal of our environment is to help program verification engineers in their task to “debug” annotations and to find combined proofs where purely automatic proof attempts fail.
Data Networks
 Upper Saddle River
, 1992
"... filtering + clustering technique for powerlaw ..."
(Show Context)
Checking foundational proof certificates for firstorder logic
"... We present the design philosophy of a proof checker based on a notion of foundational proof certificates. This checker provides a semantics of proof evidence using recent advances in the theory of proofs for classical and intuitionistic logic. That semantics is then performed by a (higherorder) log ..."
Abstract

Cited by 7 (7 self)
 Add to MetaCart
(Show Context)
We present the design philosophy of a proof checker based on a notion of foundational proof certificates. This checker provides a semantics of proof evidence using recent advances in the theory of proofs for classical and intuitionistic logic. That semantics is then performed by a (higherorder) logic program: successful performance means that a formal proof of a theorem has been found. We describe how the λProlog programming language provides several features that help guarantee such a soundness claim. Some of these features (such as strong typing, abstract datatypes, and higherorder programming) were features of the ML programming language when it was first proposed as a proof checker for LCF. Other features of λProlog (such as support for bindings, substitution, and backtracking search) turn out to be equally important for describing and checking the proof evidence encoded in proof certificates. Since trusting our proof checker requires trusting a programming language implementation, we discuss various avenues for enhancing one’s trust of such a checker. 1
Combinations of theories and the BernaysSchönfinkelRamsey class
 4th International Verification Workshop  VERIFY’07, Bremen
, 2007
"... Abstract. The BernaysSchönfinkelRamsey (BSR) class of formulas is the class of formulas that, when written in prenex normal form, have an ∃ ∗ ∀ ∗ quantifier prefix and do not contain any function symbols. This class is decidable. We show here that BSR theories can furthermore be combined with a ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
(Show Context)
Abstract. The BernaysSchönfinkelRamsey (BSR) class of formulas is the class of formulas that, when written in prenex normal form, have an ∃ ∗ ∀ ∗ quantifier prefix and do not contain any function symbols. This class is decidable. We show here that BSR theories can furthermore be combined with another disjoint decidable theory, so that we obtain a decision procedure for quantifierfree formulas in the combination of the BSR theory and another decidable theory. The classical NelsonOppen combination scheme requires theories to be stablyinfinite, ensuring that, if a model is found for both theories in the combination, models agree on cardinalities and a global model can be built. We show that combinations with BSR theories can be much more permissive, even though BSR theories are not always stablyinfinite. We state that it is possible to describe exactly all the (finite or infinite) cardinalities of the models of a given BSR theory. For the other theory, it is thus only required to be able to decide if there exists a model of a given cardinality. With this result, it is notably possible to use some set operators, operators on relations, orders — any operator that can be expressed by a set of BSR formulas — together with the usual objects of SMT solvers, notably integers, reals, uninterpreted symbols, enumerated types. 1