Results 1  10
of
189
C.: The SMTLIB Standard: Version 2.0
, 2010
"... Permission is granted to anyone to make or distribute verbatim copies of this document, in any medium, provided that the copyright notice and permission notice are preserved, and that the distributor grants the recipient permission for further redistribution as permitted by this notice. Modified ver ..."
Abstract

Cited by 102 (11 self)
 Add to MetaCart
(Show Context)
Permission is granted to anyone to make or distribute verbatim copies of this document, in any medium, provided that the copyright notice and permission notice are preserved, and that the distributor grants the recipient permission for further redistribution as permitted by this notice. Modified versions may not be made. Preface The SMTLIB initiative is an international effort, supported by several research groups worldwide, with the twofold goal of producing an extensive online library of benchmarks and promoting the adoption of common languages and interfaces for SMT solvers. This document specifies Version 2.0 of the SMTLIB Standard. This is a major upgrade of the previous version, Version 1.2, which, in addition to simplifying and extending the languages of that version, includes a new command language for interfacing with SMT solvers. Acknowledgments Version 2.0 of the SMTLIB standard was developed with the input of the whole SMT community and three international work groups consisting of developers and users of SMT tools: the SMTAPI work group, led by A. Stump, the SMTLOGIC work group, led by C. Tinelli, the SMTMODELS work group, led by C. Barrett. Particular thanks are due to the following work group members, who contributed numerous
A.: Boolector: An efficient SMT solver for bitvectors and arrays
 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2009), Lecture Notes in Computer Science
, 2009
"... Abstract. Satisfiability Modulo Theories (SMT) is the problem of deciding satisfiability of a logical formula, expressed in a combination of firstorder theories. We present the architecture and selected features of Boolector, which is an efficient SMT solver for the quantifierfree theories of bit ..."
Abstract

Cited by 97 (9 self)
 Add to MetaCart
(Show Context)
Abstract. Satisfiability Modulo Theories (SMT) is the problem of deciding satisfiability of a logical formula, expressed in a combination of firstorder theories. We present the architecture and selected features of Boolector, which is an efficient SMT solver for the quantifierfree theories of bitvectors and arrays. It uses term rewriting, bitblasting to handle bitvectors, and lemmas on demand for arrays. 1
OracleGuided ComponentBased Program Synthesis
"... We present a novel approach to automatic synthesis of loopfree programs. The approach is based on a combination of oracleguided learning from examples, and constraintbased synthesis from components using satisfiability modulo theories (SMT) solvers. Our approach is suitable for many applications, ..."
Abstract

Cited by 49 (19 self)
 Add to MetaCart
(Show Context)
We present a novel approach to automatic synthesis of loopfree programs. The approach is based on a combination of oracleguided learning from examples, and constraintbased synthesis from components using satisfiability modulo theories (SMT) solvers. Our approach is suitable for many applications, including as an aid to program understanding tasks such as deobfuscating malware. We demonstrate the efficiency and effectiveness of our approach by synthesizing bitmanipulating programs and by deobfuscating programs. Categories and Subject Descriptors
Efficient interpolant generation in satisfiability modulo theories,” in
 Proc. TACAS, ser. LNCS 4963.
, 2008
"... Abstract. The problem of computing Craig interpolants in SAT and SMT has recently received a lot of interest, mainly for its applications in formal verification. Efficient algorithms for interpolant generation have been presented for some theories of interest including that of equality and uninter ..."
Abstract

Cited by 42 (7 self)
 Add to MetaCart
(Show Context)
Abstract. The problem of computing Craig interpolants in SAT and SMT has recently received a lot of interest, mainly for its applications in formal verification. Efficient algorithms for interpolant generation have been presented for some theories of interest including that of equality and uninterpreted functions (EUF ), linear arithmetic over the rationals (LA(Q)), and their combinationand they are successfully used within model checking tools. For the theory of linear arithmetic over the integers (LA(Z)), however, the problem of finding an interpolant is more challenging, and the task of developing efficient interpolant generators for the full theory LA(Z) is still the objective of ongoing research. In this paper we try to close this gap. We build on previous work and present a novel interpolation algorithm for SMT(LA(Z)), which exploits the full power of current stateoftheart SMT(LA(Z)) solvers. We demonstrate the potential of our approach with an extensive experimental evaluation of our implementation of the proposed algorithm in the MATHSAT SMT solver. Motivations, related work and goals Given two formulas A and B such that A∧B is inconsistent, a Craig interpolant (simply "interpolant" hereafter) for (A, B) is a formula I s.t. A entails I, I ∧ B is inconsistent, and all uninterpreted symbols of I occur in both A and B. Interpolation in both SAT and SMT has been recognized to be a substantial tool for formal verification. For instance, in the context of software model checking based on counterexampleguidedabstractionrefinement (CEGAR) interpolants of quantifierfree formulas in suitable theories are computed for automatically refining abstractions in order to rule out spurious counterexamples. Consequently, the problem of computing interpolants in SMT has received a lot of interest in the last years (e.g.,
ConflictDriven Answer Set Solving: From Theory to Practice
, 2012
"... We introduce an approach to computing answer sets of logic programs, based on concepts successfully applied in Satisfiability (SAT) checking. The idea is to view inferences in Answer Set Programming (ASP) as unit propagation on nogoods. This provides us with a uniform constraintbased framework capt ..."
Abstract

Cited by 38 (10 self)
 Add to MetaCart
(Show Context)
We introduce an approach to computing answer sets of logic programs, based on concepts successfully applied in Satisfiability (SAT) checking. The idea is to view inferences in Answer Set Programming (ASP) as unit propagation on nogoods. This provides us with a uniform constraintbased framework capturing diverse inferences encountered in ASP solving. Moreover, our approach allows us to apply advanced solving techniques from the area of SAT. As a result, we present the first fullfledged algorithmic framework for native conflictdriven ASP solving. Our approach is implemented in the ASP solver clasp that has demonstrated its competitiveness and versatility by winning first places at various solver contests.
Software model checking via largeblock encoding,
, 2009
"... AbstractSeveral successful approaches to software verification are based on the construction and analysis of an abstract reachability tree (ART). The ART represents unwindings of the controlflow graph of the program. Traditionally, a transition of the ART represents a single block of the program, ..."
Abstract

Cited by 33 (15 self)
 Add to MetaCart
(Show Context)
AbstractSeveral successful approaches to software verification are based on the construction and analysis of an abstract reachability tree (ART). The ART represents unwindings of the controlflow graph of the program. Traditionally, a transition of the ART represents a single block of the program, and therefore, we call this approach singleblock encoding (SBE). SBE may result in a huge number of program paths to be explored, which constitutes a fundamental source of inefficiency. We propose a generalization of the approach, in which transitions of the ART represent larger portions of the program; we call this approach largeblock encoding (LBE). LBE may reduce the number of paths to be explored up to exponentially. Within this framework, we also investigate symbolic representations: for representing abstract states, in addition to conjunctions as used in SBE, we investigate the use of arbitrary Boolean formulas; for computing abstractsuccessor states, in addition to Cartesian predicate abstraction as used in SBE, we investigate the use of Boolean predicate abstraction. The new encoding leverages the efficiency of stateoftheart SMT solvers, which can symbolically compute abstract largeblock successors. Our experiments on benchmark C programs show that the largeblock encoding outperforms the singleblock encoding.
Syntaxguided synthesis.
 In FMCAD,
, 2013
"... AbstractThe classical formulation of the programsynthesis problem is to find a program that meets a correctness specification given as a logical formula. Recent work on program synthesis and program optimization illustrates many potential benefits of allowing the user to supplement the logical sp ..."
Abstract

Cited by 29 (3 self)
 Add to MetaCart
(Show Context)
AbstractThe classical formulation of the programsynthesis problem is to find a program that meets a correctness specification given as a logical formula. Recent work on program synthesis and program optimization illustrates many potential benefits of allowing the user to supplement the logical specification with a syntactic template that constrains the space of allowed implementations. Our goal is to identify the core computational problem common to these proposals in a logical framework. The input to the syntaxguided synthesis problem (SyGuS) consists of a background theory, a semantic correctness specification for the desired program given by a logical formula, and a syntactic set of candidate implementations given by a grammar. The computational problem then is to find an implementation from the set of candidate expressions so that it satisfies the specification in the given theory. We describe three different instantiations of the counterexampleguidedinductivesynthesis (CEGIS) strategy for solving the synthesis problem, report on prototype implementations, and present experimental results on an initial set of benchmarks.
Towards SMT model checking of arraybased systems
, 2008
"... Abstract. We introduce the notion of arraybased system as a suitable abstraction of infinite state systems such as broadcast protocols or sorting programs. By using a class of quantifiedfirst order formulae to symbolically represent arraybased systems, we propose methods to check safety (invaria ..."
Abstract

Cited by 25 (15 self)
 Add to MetaCart
(Show Context)
Abstract. We introduce the notion of arraybased system as a suitable abstraction of infinite state systems such as broadcast protocols or sorting programs. By using a class of quantifiedfirst order formulae to symbolically represent arraybased systems, we propose methods to check safety (invariance) and liveness (recurrence) properties on top of Satisfiability Modulo Theories solvers. We find hypotheses under which the verification procedures for such properties can be fully mechanized. 1
Satisfiability Modulo the Theory of Costs: Foundations and Applications
, 2010
"... We extend the setting of Satisfiability Modulo Theories (SMT) by introducing a theory of costs C, where it is possible to model and reason about resource consumption and multiple cost functions, e.g., battery, time, and space. We define a decision procedure that has all the features required for th ..."
Abstract

Cited by 25 (5 self)
 Add to MetaCart
We extend the setting of Satisfiability Modulo Theories (SMT) by introducing a theory of costs C, where it is possible to model and reason about resource consumption and multiple cost functions, e.g., battery, time, and space. We define a decision procedure that has all the features required for the integration withint the lazy SMT schema: incrementality, backtrackability, construction of conflict sets, and deduction. This naturally results in an SMT solver for the disjoint union of C and any other theory T. This framework has two important applications. First, we tackle the problem of Optimization Modulo Theories: rather than checking the existence of a satisfying assignment, as in SMT, we require a satisfying assignment that minimizes a given cost function. We build on the decision problem for SMT with costs, i.e., finding a satisfying assigniment with cost within an admissibility range, and propose two algorithms for optimization. Second, we use multiple cost functions to deal with PseudoBoolean constraints. Within the SMT(C) framework, the effectively PseudoBoolean constraints are dealt with by the cost solver, while the other
Delayed theory combination vs. NelsonOppen for satisfiability modulo theories: A comparative analysis
 IN PROC. LPAR’06, VOLUME 4246 OF LNAI
, 2006
"... Many approaches for Satisfiability Modulo Theory (SMT(T)) rely on the integration between a SAT solver and a decision procedure for sets of literals in the background theory T (Tsolver). When T is the combination T1 ∪ T2 of two simpler theories, the approach is typically handled by means of Nelson ..."
Abstract

Cited by 25 (7 self)
 Add to MetaCart
Many approaches for Satisfiability Modulo Theory (SMT(T)) rely on the integration between a SAT solver and a decision procedure for sets of literals in the background theory T (Tsolver). When T is the combination T1 ∪ T2 of two simpler theories, the approach is typically handled by means of NelsonOppen’s (NO) theory combination schema in which two specific Tsolvers deduce and exchange (disjunctions of) interface equalities. In recent papers we have proposed a new approach to SMT(T1 ∪ T2), called Delayed Theory Combination (DTC). Here part or all the (possibly very expensive) task of deducing interface equalities is played by the SAT solver itself, at the potential cost of an enlargement of the boolean search space. In principle this enlargement could be up to exponential in the number of interface equalities generated. In this paper we show that this estimate was too pessimistic. We present a comparative analysis of DTC vs. NO for SMT(T1 ∪T2), which shows that, using stateoftheart SATsolving techniques, the amount of boolean branches performed by DTC can be upper bounded by the number of deductions and boolean branches performed by NO on the same problem. We prove the result for different deduction capabilities of the Tsolvers and for both convex and nonconvex theories.