argo-lib: A Generic Platform for Decision Procedures

Similar documents
smt-lib in xml clothes

Andrew Reynolds Liana Hadarean

Formally Certified Satisfiability Solving

Automatic Synthesis of Decision Procedures: a Case Study of Ground and Linear Arithmetic

Improving Coq Propositional Reasoning Using a Lazy CNF Conversion

Deductive Methods, Bounded Model Checking

Formalization of Incremental Simplex Algorithm by Stepwise Refinement

ArgoSMTExpression: an SMT-LIB 2.0 compliant expression library

SMTCoq: A plug-in for integrating SMT solvers into Coq

URBiVA: Uniform Reduction to Bit-Vector Arithmetic

SMT-LIB for HOL. Daniel Kroening Philipp Rümmer Georg Weissenbacher Oxford University Computing Laboratory. ITP Workshop MSR Cambridge 25 August 2009

DPLL(Γ+T): a new style of reasoning for program checking

Rewriting Needs Constraints and Constraints Need Rewriting

Lost in translation. Leonardo de Moura Microsoft Research. how easy problems become hard due to bad encodings. Vampire Workshop 2015

An Experimental Evaluation of Ground Decision Procedures

The Barcelogic SMT Solver

0.1 Induction Challenge OMDoc Manager (ICOM)

An Experimental Evaluation of Ground Decision Procedures

Yices 2.2. Bruno Dutertre. Computer Science Laboratory, SRI International, 333 Ravenswood Avenue, Menlo Park, CA 94025, USA

CAV Verification Mentoring Workshop 2017 SMT Solving

Efficient Instantiation Techniques in SMT (Work In Progress)

LOGIC AND DISCRETE MATHEMATICS

ARGO - Automated Reasoning GrOup

Yices 1.0: An Efficient SMT Solver

SMT Solvers for Verification and Synthesis. Andrew Reynolds VTSA Summer School August 1 and 3, 2017

Symbolic and Concolic Execution of Programs

Submitted to the Department of Electrical Engineering and Computer Science in partial fulfillment of the requirements for the degree of.

Backtracking and Induction in ACL2

The SMT-LIB 2 Standard: Overview and Proposed New Theories

Dynamic Geometry Software and the GCLC System

COUNTEREXAMPLE-GUIDED MODEL SYNTHESIS

A Pearl on SAT Solving in Prolog (extended abstract)

Rethinking Automated Theorem Provers?

An ACL2 Tutorial. Matt Kaufmann and J Strother Moore

Solving Quantified Verification Conditions using Satisfiability Modulo Theories

Motivation. CS389L: Automated Logical Reasoning. Lecture 17: SMT Solvers and the DPPL(T ) Framework. SMT solvers. The Basic Idea.

Lemmas on Demand for the Extensional Theory of Arrays

Extended Abstract: Combining a Logical Framework with an RUP Checker for SMT Proofs

COUNTEREXAMPLE-GUIDED MODEL SYNTHESIS

Losp for Predicate Calculus

Deciding Extensions of the Theory of Arrays by Integrating Decision Procedures and Instantiation Strategies

Theorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214

An LCF-Style Interface between HOL and First-Order Logic

Linear Clause Generation by Tableaux and DAGs

ArgoExpression: SMT-LIB 2.0 compliant expression library

CSE 20 DISCRETE MATH. Fall

Integration of SMT Solvers with ITPs There and Back Again

Definition: A context-free grammar (CFG) is a 4- tuple. variables = nonterminals, terminals, rules = productions,,

A Decision Procedure for (Co)datatypes in SMT Solvers. Andrew Reynolds Jasmin Christian Blanchette IJCAI sister conference track, July 12, 2016

VS 3 : SMT Solvers for Program Verification

Complete Instantiation of Quantified Formulas in Satisfiability Modulo Theories. ACSys Seminar

Challenging Problems for Yices

Foundations of AI. 9. Predicate Logic. Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution

SMT solvers for Rodin

OpenSMT2: An SMT Solver for Multi-Core and Cloud Computing

CIS 1.5 Course Objectives. a. Understand the concept of a program (i.e., a computer following a series of instructions)

An Alldifferent Constraint Solver in SMT

Solving Quantified Verification Conditions using Satisfiability Modulo Theories

[Draft. Please do not distribute] Online Proof-Producing Decision Procedure for Mixed-Integer Linear Arithmetic

Isabelle/HOL:Selected Features and Recent Improvements

CSE 20 DISCRETE MATH. Winter

An Industrially Useful Prover

Verification Condition Generation via Theorem Proving

OpenMath and SMT-LIB

Decision Procedures in First Order Logic

Module 6. Knowledge Representation and Logic (First Order Logic) Version 2 CSE IIT, Kharagpur

Model Checking Parallel Programs with Inputs

Decision Procedures for Recursive Data Structures with Integer Constraints

Nenofar: A Negation Normal Form SMT Solver

SAT/SMT summer school 2015 Introduction to SMT

Quantifier Inference Rules for SMT proofs

LEARNING TO INSTANTIATE QUANTIFIERS

Evaluating the SMT-LIB repository as a benchmark source for software verification

Model-Checking Modulo Theories at Work: the integration of Yices in MCMT

Numerical Computations and Formal Methods

Generating Small Countermodels. Andrew Reynolds Intel August 30, 2012

JPF SE: A Symbolic Execution Extension to Java PathFinder

COUNTEREXAMPLE-GUIDED MODEL SYNTHESIS

Satisfiability Modulo Theories: ABsolver

Improving Haskell Types with SMT

Encoding First Order Proofs in SMT

Seminar decision procedures: Certification of SAT and unsat proofs

Lecture Notes on Real-world SMT

Pooya Saadatpanah, Michalis Famelis, Jan Gorzny, Nathan Robinson, Marsha Chechik, Rick Salay. September 30th, University of Toronto.

System Description: Twelf A Meta-Logical Framework for Deductive Systems

Translation validation: from Simulink to C

Hardware versus software

System Description: iprover An Instantiation-Based Theorem Prover for First-Order Logic

Mathematical Logic Prof. Arindama Singh Department of Mathematics Indian Institute of Technology, Madras. Lecture - 37 Resolution Rules

Integration of SMT-LIB Support into Maple

Reading part: Design-Space Exploration with Alloy

GNATprove a Spark2014 verifying compiler Florian Schanda, Altran UK

MIDTERM EXAM (Solutions)

DISCRETE MATHEMATICS

TWO main approaches used to increase software quality

Decision Procedures for Equality Logic. Daniel Kroening and Ofer Strichman 1

Tree Interpolation in Vampire

Automated Theorem Proving and Proof Checking

Refutation-Based Synthesis in SMT

From Z3 to Lean, Efficient Verification

Transcription:

argo-lib: A Generic Platform for Decision Procedures Filip Marić 1 and Predrag Janičić 2 1 e-mail: filip@matf.bg.ac.yu 2 e-mail: janicic@matf.bg.ac.yu Faculty of Mathematics, University of Belgrade Studentski trg 16, 11 000 Belgrade, Serbia Abstract. argo-lib is a C++ library that provides support for using decision procedures and for schemes for combining and augmenting decision procedures. This platform follows the smt-lib initiative which aims at establishing a library of benchmarks for satisfiability modulo theories. The platform can be easily integrated into other systems. It also enables comparison and unifying of different approaches, evaluation of new techniques and, hopefully, can help in advancing the field. 1 Introduction The role of decision procedures is very important in theorem proving, model checking of real-time systems, symbolic simulation, etc. Decision procedures can reduce the search space of heuristic components of such systems and increase their abilities. Usually, decision procedures have to be combined, to communicate with heuristic components, or some additional hypotheses have to be invoked. There are several influential approaches for using decision procedures, some of them focusing on combining decision procedures [8, 12, 1] and some focusing on augmenting decision procedures [2, 7]. We believe there is a need for an efficient generic platform for using decision procedures. Such a platform should provide support for a range of decision procedures (for a range of theories) and also for different techniques for using decision procedures. argo-lib platform 1 is made motivated by the following requirements: it provides a flexible and efficient implementation of required primitives and also support for easily implementing higher-level procedures and different approaches for using decision procedures; it is implemented in the standard C++ programming language; the gains are in efficiency and in taking the full control over the proving process; the standard, plain C++ implementation is portable to different operating systems and there is no need for some specific operating system or some specific compiler; this also encourages and promotes sharing of code between different groups and enables converging implementation efforts in one direction; 1 The web page for argo-lib is at: www.matf.bg.ac.yu/~janicic/argo. The name argo comes from Automated Reasoning GrOup and from Aργω, the name of the galley of argonauts (this galley was very light and very fast).

it is light (i.e., small in size and stand-alone, requires only any standard C++ compiler) and fast (capable of coping with complex real-world problems using the existing or new approaches); its architecture is flexible and modular; any user can easily extend it by new functionalities or reimplement some modules of the system; it can work stand-alone but can also be integrated into some other tool (e.g., a theorem prover, constraint solver, model checking system etc.); it enables comparison on an equal footing between schemes for using decision procedures (especially when the worst-case complexity can be misleading); it is publicly available and it has simple, documented interface to all functionalities of the platform; it supports a library of relevant conjectures and a support for benchmarking (here we have in mind motivations, ideas, and standards promoted by the smt-lib initiative [10]); this enables exchange of problems, results, ideas, and techniques between different groups. Although some of the above requirements might seem conflicting, we do believe that we have built a system that meet them in a high degree. Indeed, instead of making a new programming language and/or a system that interprets proof methods and that takes care about protecting its user, we opt for C++ and give the user more freedom and responsibility. Namely, it is sensible to assume that the user interested in using efficient decision procedures is familiar with C++ and for him/her it is simpler to install and to use some C++ compiler then some specific theorem proving platform. Therefore, and also because of efficient code, we believe that C++ is one of the best (or the best) options for a generic platform for decision procedures which aims at realistic wider use (both in academia and in industry). 2 Background Concerning the background logic (first order classical logic with equality), underlying theories, description of theories, and format, argo-lib follows the smt-lib initiative [10]. The main goal of the smt-lib initiative, supported by a growing number of researchers world-wide is to produce a library of benchmarks for satisfiability modulo theories and all required standards and notational conventions. Such a library will facilitate the evaluation and the comparison of different approaches for using decision procedures and advance the state of the art in the field. The progress that has been made so far supports these expectations. In terms of logical organisation and organisation of methods, argo-lib follows the proof-planning paradigm [3] and the gs framework [6]. The gs framework for using decision procedures is built from a set of methods some of which are abstraction, entailment, congruence closure, and lemma invoking. There are generic and theory-specific methods. Some methods use decision procedures as black boxes, while some also use functionalities like elimination of variables. The gs framework is flexible and general enough to cover a range of schemes for both combining and augmenting decision procedures, including Nelson and Oppen s [8], Shostak s [12], and the approach used in the Tecton system [7].

3 Architecture Representation of expressions argo-lib contains a class hierarchy for representing first-order terms and formulae, with a wide set of low-level functions for manipulating them. Expressions are represented in a tree-like structure based on the Composite design pattern. Unification and rewriting argo-lib provides support for first order unification. The unification algorithm is encapsulated in the class Unification, so it can be easily altered. A generic rewriting mechanism (including reduction ordering) for terms and formulae is also supported. A set of rewrite rules can be provided directly in the code or it can be read from an external file. Theories Each (decidable) theory inherits the base class Theory and is characterized by: Signature, Decision procedure, Simplification procedure (a function that performs theory-specific simplification of a given formula). At the moment, there is support for PRA (Presburger Rational Arithmetic), FOLeq (universally quantified fragment of equality), and LISTS (theory of lists). Goals A goal is an object of the class Goal and is represented by: List of underlying theories, Conjecture (a first order logic formula over the combination of given theories), Status of the conjecture (satisfiable, valid, unsatisfiable, invalid), Extra signature (the list of uninterpreted symbols). A number of iterator classes (for iterating over the subgoals) is also provided. For example, the class GoalTheoriesIterator is used to iterate through the subgoals of a goal whose conjecture is a conjunction of (abstracted) literals defined over several theories a subgoal for each theory is created and its conjecture consists of all literals of the initial goal that are defined over that theory. Methods Each method inherits the abstract base class Method and transforms a given goal. A method has the following slots: Name, Preconditions (checks if the method is applicable to a given goal), Effect (a function that describes the effect of the method to a given goal), Postconditions (conditions that have to hold after the method application), Parameters (additional parameters, e.g., a variable to be eliminated). In argo-lib, the methods don t have tactics attached and do not produce object-level proofs. A list of methods is constantly being expanded. Existing methods are divided in several groups: general purpose methods (e.g., Rewriting, Prenex, DNF, CNF, Skolemization, Negation, FOLSimplification), theory specific methods (e.g., NelsonOppenCCC, FourierMotzkinElimination, ListsSimplification), combination of theories (e.g., Abstraction, Partitioning, DeduceEqualityAndReplace, Simplification, UnsatModuloTheories), combination schemes (e.g., NelsonOppenCombination- Scheme, TectonScheme). Input format and parsing The native input format for argo-lib is the smtlib format (for benchmarks). Description of theories and their signatures are also read from the files in the (slightly extended) smt-lib format. Output generating A number of classes (e.g., LaTeXOutput for L A TEX output, SMTOutput for smt-lib output, MathMLOutput for xml output) provide support for generating output in a readable and easy to understand format. The level and form of output information can be controlled.

4 Samples and Results The example below shows the C++ code for Nelson-Oppen s scheme [8]. The procedure is entirely based on the use of the argo-lib methods. Notice how the code faithfully reflects logical, high-level description of the procedure. Further below we show a part of one argo-lib output. We have tested argo-lib on a number of examples and the results are very good. For instance, cpu times are an order of magnitude less then for the prolog implementation reported in [6]. For instance, proving that x y(x y y x + car(cons(0, x)) p(h(x) h(y)) p(0)) is valid in combination of three theory takes 0.03s (on PC 700MHz). void NelsonOppenCombinationScheme::Effect(Goal& g) { negation.applyto(g); prenex.applyto(g); skolemization.applyto(g); dnf.applyto(g); GoalDisjunctsIterator gdi(g); for (gdi.first();!gdi.isdone(); gdi.next()) { Goal& current_disjunct=gdi.getcurrent(); abstraction_and_partitioning.applyto(current_disjunct); while(1) { simplify.applyto(current_disjunct); unsat_modulo_theories.applyto(current_disjunct); E_BOOL is_trivially_met=current_disjunct.istriviallymet(); if (is_trivially_met==true) { current_disjunct.settrue(); break; else if (is_trivially_met==false) { current_disjunct.setfalse(); g.setfalse(); return; if (!deduce_equality_and_replace.applyto(current_disjunct)) { current_disjunct.setfalse(); g.setfalse(); return; g.settrue(); 1. (c 2 = h(c 3)) (c 1 + 2 c 2 = 0) (h(c 1 + 1 c 2) = h(h(c 3))) if and only if (by the method AbstractionAndPartitioning) 2. ((c 1+ 2 c 2 = 0) (c 1+ 1 c 2 = c 4)) ((c 2 = h(c 3)) (h(c 4) = h(h(c 3)))) if and only if (by the method Deduce Equality and Replace (c 2=c 4)) 3. ((c 1 2 c 4 = 0) (c 1 c 4 = c 4)) ((c 4 = h(c 3)) (h(c 4) = h(h(c 3)))) if and only if (by the method Unsat Modulo Theory (FOL=)) 4. The goal has been met

5 Related Work The work presented in this paper is related to the long line of results and systems for using decision procedures [8, 12, 1, 2, 7]. Especially, the argo-lib builds on the gs framework [6]. Also, our work is related to several recent systems systems being developed with similar goals (light and efficient support for decision procedures), including harvey [9], CVC Lite [4], TSAT++ [14], ICS [5]. 6 Conclusions and Future Work In this paper we presented argo-lib a C++ library that provides support for using a range of decision procedures and mechanisms for their combination and augmentation. The library builds upon ideas from the gs framework and the smt-lib initiative. We hope that argo-lib will promote exchange of ideas, techniques, benchmarks and code and so help advance in the field. For further work we are planning to extend argo-lib by new decision procedures and also to further improve some low-level modules (e.g., unification). We are planning to test argo-lib on wide sets of real-world problems and to compare it to the rival systems. We will also look for its applications in systems of industrial strength. References 1. C. W. Barrett, D. L. Dill, and Aaron Stump. A Framework for Cooperating Decision Procedures. CADE-17, LNAI 1831. Springer, 2000. 2. R. S. Boyer and J S. Moore. Integrating Decision Procedures into Heuristic Theorem Provers: A Case Study of Linear Arithmetic. Machine Intelligence 11, 1988. 3. A. Bundy. The Use of Explicit Plans to Guide Inductive Proofs. CADE-9, Springer, 1988. 4. CVC Lite. on-line at: http://verify.stanford.edu/cvcl/. 5. ICS. on-line at: http://www.icansolve.com/. 6. P. Janičić and A. Bundy. A General Setting for the Flexible Combining and Augmenting Decision Procedures. Journal of Automated Reasoning, 28(3), 2002. 7. D. Kapur and M. Subramaniam. Using an induction prover for verifying arithmetic circuits. Software Tools for Technology Transfer, 3(1), 2000. 8. G. Nelson and D. C. Oppen. Simplification by cooperating decision procedures. ACM Transactions on Programming Languages and Systems, 1(2), 1979. 9. S. Ranise and D. Deharbe. Light-weight theorem proving for debugging and verifying units of code. SEFM-03). IEEE Computer Society Press, 2003. 10. S. Ranise and C. Tinelli. The SMT-LIB Format: An Initial Proposal. 2003. on-line at: http://goedel.cs.uiowa.edu/smt-lib/. 11. H. Rueß and N. Shankar. Deconstructing Shostak. In Proceedings of the Conference on Logic in Computer Science (LICS), 2001. 12. R. E. Shostak. Deciding combinations of theories. Journal of the ACM, 31(1), January 1984. 13. Aaron Stump, Arumugam Deivanayagam, Spencer Kathol, Dylan Lingelbach, and Daniel Schobel. Rogue deicision procedures. Workshop PDPAR. 2003, 14. TSAT++. on-line at: http://www.mrg.dist.unige.it/tsat.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback