Results 1  10
of
148
DPLL(T): Fast Decision Procedures
, 2004
"... The logic of equality with uninterpreted functions (EUF) and its extensions have been widely applied to processor verification, by means of a large variety of progressively more sophisticated (lazy or eager) translations into propositional SAT. Here we propose a new approach, namely a general DP ..."
Abstract

Cited by 117 (14 self)
 Add to MetaCart
The logic of equality with uninterpreted functions (EUF) and its extensions have been widely applied to processor verification, by means of a large variety of progressively more sophisticated (lazy or eager) translations into propositional SAT. Here we propose a new approach, namely a general DPLL(X) engine, whose parameter X can be instantiated with a specialized solver Solver T for a given theory T , thus producing a system DPLL(T ). We describe this DPLL(T ) scheme, the interface between DPLL(X) and Solver T , the architecture of DPLL(X), and our solver for EUF, which includes incremental and backtrackable congruence closure algorithms for dealing with the builtin equality and the integer successor and predecessor symbols. Experiments with a first implementation indicate that our technique already outperforms the previous methods on most benchmarks, and scales up very well.
Equality In Lazy Computation Systems
, 1998
"... In this paper we introduce a general class of lazy computation systems and define a natural program equivalence for them. We prove that if an extensionality condition holds of each of the operators of a computation system, then the equivalence relation is a congruence, so that the usual kinds of equ ..."
Abstract

Cited by 96 (6 self)
 Add to MetaCart
In this paper we introduce a general class of lazy computation systems and define a natural program equivalence for them. We prove that if an extensionality condition holds of each of the operators of a computation system, then the equivalence relation is a congruence, so that the usual kinds of equality reasoning are valid for it. This condition is a simple syntactic one, and is easy to verify for the various lazy computation systems we have considered so far. We also give conditions under which the equivalence coincides with observational congruence. These results have some important consequences for type theories like those of MartinLöf and Nuprl.
Processor verification using efficient reductions of the logic of uninterpreted functions to propositional logic
 ACM Transactions on Computational Logic
, 1999
"... The logic of equality with uninterpreted functions (EUF) provides a means of abstracting the manipulation of data by a processor when verifying the correctness of its control logic. By reducing formulas in this logic to propositional formulas, we can apply Boolean methods such as Ordered Binary Deci ..."
Abstract

Cited by 90 (24 self)
 Add to MetaCart
The logic of equality with uninterpreted functions (EUF) provides a means of abstracting the manipulation of data by a processor when verifying the correctness of its control logic. By reducing formulas in this logic to propositional formulas, we can apply Boolean methods such as Ordered Binary Decision Diagrams (BDDs) and Boolean satisfiability checkers to perform the verification. We can exploit characteristics of the formulas describing the verification conditions to greatly simplify the propositional formulas generated. We identify a class of terms we call "pterms" for which equality comparisons can only be used in monotonically positive formulas. By applying suitable abstractions to the hardware model, we can express the functionality of data values and instruction addresses flowing through an instruction pipeline with pterms. A decision procedure can exploit the restricted uses of pterms by considering only "maximally diverse" interpretations of the associated function symbols...
Lazy Satisfiability Modulo Theories
 Journal on Satisfiability, Boolean Modeling and Computation
, 2007
"... Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingl ..."
Abstract

Cited by 79 (33 self)
 Add to MetaCart
Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingly important due to its applications in many domains in different communities, in particular in formal verification. An amount of papers with novel and very efficient techniques for SMT has been published in the last years, and some very efficient SMT tools are now available. Typical SMT (T) problems require testing the satisfiability of formulas which are Boolean combinations of atomic propositions and atomic expressions in T, so that heavy Boolean reasoning must be efficiently combined with expressive theoryspecific reasoning. The dominating approach to SMT (T), called lazy approach, is based on the integration of a SAT solver and of a decision procedure able to handle sets of atomic constraints in T (Tsolver), handling respectively the Boolean and the theoryspecific components of reasoning. Unfortunately, neither the problem of building an efficient SMT solver, nor even that of acquiring a comprehensive background knowledge in lazy SMT, is of simple solution. In this paper we present an extensive survey of SMT, with particular focus on the lazy approach. We survey, classify and analyze from a theoryindependent perspective the most effective techniques and optimizations which are of interest for lazy SMT and which have been proposed in various communities; we discuss their relative benefits and drawbacks; we provide some guidelines about their choice and usage; we also analyze the features for SAT solvers and Tsolvers which make them more suitable for an integration. The ultimate goals of this paper are to become a source of a common background knowledge and terminology for students and researchers in different areas, to provide a reference guide for developers of SMT tools, and to stimulate the crossfertilization of techniques and ideas among different communities.
Data structure specifications via local equality axioms
 In CAV
, 2005
"... Abstract. We describe a program verification methodology for specifying global shape properties of data structures by means of axioms involving arbitrary predicates on scalar fields and pointer equalities in the neighborhood of a memory cell. We show that such local invariants are both natural and s ..."
Abstract

Cited by 78 (1 self)
 Add to MetaCart
Abstract. We describe a program verification methodology for specifying global shape properties of data structures by means of axioms involving arbitrary predicates on scalar fields and pointer equalities in the neighborhood of a memory cell. We show that such local invariants are both natural and sufficient for describing a large class of data structures. We describe a complete decision procedure for such a class of axioms. The decision procedure is not only simpler and faster than in other similar systems, but has the advantage that it can be extended easily with reasoning for any decidable theory of scalar fields.
On perfect supercompilation
 Journal of Functional Programming
, 1996
"... We extend positive supercompilation to handle negative as well as positive information. This is done by instrumenting the underlying unfold rules with a small rewrite system that handles constraints on terms, thereby ensuring perfect information propagation. We illustrate this by transforming a na ..."
Abstract

Cited by 78 (3 self)
 Add to MetaCart
We extend positive supercompilation to handle negative as well as positive information. This is done by instrumenting the underlying unfold rules with a small rewrite system that handles constraints on terms, thereby ensuring perfect information propagation. We illustrate this by transforming a naively specialised string matcher into an optimal one. The presented algorithm is guaranteed to terminate by means of generalisation steps.
Back to the Future  Revisiting Precise Program Verification using SMT Solvers
 POPL'08
, 2008
"... This paper takes a fresh look at the problem of precise verification of heapmanipulating programs using firstorder SatisfiabilityModuloTheories (SMT) solvers. We augment the specification logic of such solvers by introducing the Logic of Interpreted Sets and Bounded Quantification for specifying ..."
Abstract

Cited by 64 (14 self)
 Add to MetaCart
This paper takes a fresh look at the problem of precise verification of heapmanipulating programs using firstorder SatisfiabilityModuloTheories (SMT) solvers. We augment the specification logic of such solvers by introducing the Logic of Interpreted Sets and Bounded Quantification for specifying properties of heapmanipulating programs. Our logic is expressive, closed under weakest preconditions, and efficiently implementable on top of existing SMT solvers. We have created a prototype implementation of our logic over the solvers SIMPLIFY and Z3 and used our prototype to verify many programs. Our preliminary experience is encouraging; the completeness and the efficiency of the decision procedure is clearly evident in practice and has greatly improved the user experience of the verifier.
Automatic Recognition of Tractability in Inference Relations
 Journal of the ACM
, 1990
"... This report describes research done at the Artificial Intelligence Laboratory of the Massachusetts Institute of Technology. Support for the laboratory's artificial intelligence research is provided in part the National Science Foundation contract IRI8819624 and in part by the Advanced Research Proj ..."
Abstract

Cited by 62 (13 self)
 Add to MetaCart
This report describes research done at the Artificial Intelligence Laboratory of the Massachusetts Institute of Technology. Support for the laboratory's artificial intelligence research is provided in part the National Science Foundation contract IRI8819624 and in part by the Advanced Research Projects Agency of the Department of Defense under Office of Naval Research contract N0001486K0124
Disunification: a Survey
 Computational Logic: Essays in Honor of Alan
, 1991
"... Solving an equation in an algebra of terms is known as unification. Solving more complex formulas combining equations and involving in particular negation is called disunification. With such a broad definition, many works fall into the scope of disunification. The goal of this paper is to survey the ..."
Abstract

Cited by 56 (9 self)
 Add to MetaCart
Solving an equation in an algebra of terms is known as unification. Solving more complex formulas combining equations and involving in particular negation is called disunification. With such a broad definition, many works fall into the scope of disunification. The goal of this paper is to survey these works and bring them together in a same framework. R'esum'e On appelle habituellement (algorithme d') unification un algorithme de r'esolution d'une 'equation dans une alg`ebre de termes. La r'esolution de formules plus complexes, comportant en particulier des n'egations, est appel'ee ici disunification. Avec une d'efinition aussi 'etendue, de nombreux travaux peuvent etre consid'er'es comme portant sur la disunification. L'objet de cet article de synth`ese est de rassembler tous ces travaux dans un meme formalisme. Laboratoire de Recherche en Informatique, Bat. 490, Universit'e de ParisSud, 91405 ORSAY cedex, France. Email: comon@lri.lri.fr i Contents 1 Syntax 5 1.1 Basic Defini...
Exploiting Positive Equality in a Logic of Equality with Uninterpreted Functions
, 1999
"... In using the logic of equality with unininterpreted functions to verify hardware systems, specific characteristics of the formula describing the correctness condition can be exploited when deciding its validity. We distinguish a class of terms we call "pterms" for which equality comparisons can ..."
Abstract

Cited by 54 (9 self)
 Add to MetaCart
In using the logic of equality with unininterpreted functions to verify hardware systems, specific characteristics of the formula describing the correctness condition can be exploited when deciding its validity. We distinguish a class of terms we call "pterms" for which equality comparisons can appear only in monotonically positive formulas. By applying suitable abstractions to the hardware model, we can express the functionality of data values and instruction addresses flowing through an instruction pipeline with pterms. A decision procedure can exploit the restricted uses of pterms by considering only "maximally diverse" interpretations of the associated function symbols, where every function application yields a different value except when constrained by functional consistency. We present a procedure that translates the original formula into one in propositional logic by interpreting the formula over a domain of fixedlength bit vectors and using vectors of proposit...