Canonized Rewriting and Ground AC Completion Modulo Shostak Theories : Design and Implementation

Conchon, Sylvain; Contejean, Evelyne; Iguernelala, Mohamed

doi:10.2168/lmcs-8(3:16)2012

Cited by 11 publications

(10 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, the Why3 platform computes verification conditions from these programs, using traditional techniques of weakest preconditions, and emits them to a wide set of existing theorem provers, ranging from interactive proof assistants to automated theorem provers. In this work, we use the Coq proof assistant, the automated theorem prover Gappa [10] which uses interval arithmetic to prove properties that occur when verifying numerical applications, and the SMT prover Alt-Ergo [9].…”

Section: Methodsmentioning

confidence: 99%

Formal Verification of Programs Computing the Floating-Point Average

Boldo

2015

Formal Methods and Software Engineering

View full text Add to dashboard Cite

The most well-known feature of floating-point arithmetic is the limited precision, which creates round-off errors and inaccuracies. Another important issue is the limited range, which creates underflow and overflow, even if this topic is dismissed most of the time. This article shows a very simple example: the average of two floating-point numbers. As we want to take exceptional behaviors into account, we cannot use the naive formula (x+y)/2. Based on hints given by Sterbenz, we first write an accurate program and formally prove its properties. An interesting fact is that Sterbenz did not give this program, but only specified it. We prove this specification and include a new property: a precise certified error bound. We also present and formally prove a new algorithm that computes the correct rounding of the average of two floating-point numbers. It is more accurate than the previous one and is correct whatever the inputs.

show abstract

Section: Methodsmentioning

confidence: 99%

Formal Verification of Programs Computing the Floating-Point Average

Boldo

2015

Formal Methods and Software Engineering

View full text Add to dashboard Cite

show abstract

“…Much like in the spirit of the previous section, the bottom-right most sub-window of the interface (see Figure 1) gives real time profiling information for the different modules and theories of Alt-Ergo. These include the time spent in the SAT solver, the matching procedure, the congruence closure algorithm (CC(X)), the builtin support for associative and commutative symbols (AC(X)) [5] and the theories of arithmetic, arrays, enumerated data-types (Sum) and records. Figure 5 shows the state of the profiling information after running an example.…”

Section: Profilingmentioning

confidence: 99%

“…Alt-Ergo supports some theories that are useful in the context of program verification, such as the free theory of equality with uninterpreted symbols, linear arithmetic over integers and rationals, fragments of non-linear arithmetic, polymorphic functional arrays with extensionality, enumerated and record datatypes, and associative and commutative (AC) symbols. More details of our combination techniques, which are not necessary to understand the rest of the paper, can be found here [6,5,10].…”

Section: A Short Introduction To Alt-ergomentioning

confidence: 99%

AltGr-Ergo, a Graphical User Interface for the SMT Solver Alt-Ergo

Conchon

Iguernlala²,

Mebsout

2017

Electron. Proc. Theor. Comput. Sci.

Self Cite

View full text Add to dashboard Cite

Due to undecidability and complexity of first-order logic, SMT solvers may not terminate on some problems or require a very long time. When this happens, one would like to find the reasons why the solver fails. To this end, we have designed AltGr-Ergo, an interactive graphical interface for the SMT solver Alt-Ergo which allows users and tool developers to help the solver finish some proofs. AltGr-Ergo gives real time feedback in order to evaluate and quantify progress made by the solver, and also offers various syntactic manipulation options to allow a finer grained interaction with Alt-Ergo. This paper describes these features and their implementation, and gives usage scenarios for most of them.

show abstract

“…as conditional rewriting rules. For that, we are studying the design of a new combination algorithm which will extend our parametrized algorithms AC(X) [2] and CC(X) [3] to handle, in a uniform way, user-de ned rewriting systems. This would allow us to handle a fragment of the set theory of B in a built-in way.…”

Section: Alt-ergomentioning

confidence: 99%

“…Our improvements are: (1) better heuristics for instantiating polymorphic quanti ed formulas from B model; (2) new e cient internal data structures; (3) a plugin architecture to facilitate experiments with di erent SAT engines; and (4) the implementation of a new CDCL-based SAT solver.…”

mentioning

confidence: 99%

Tuning the Alt-Ergo SMT Solver for B Proof Obligations

Conchon

Iguernelala

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. In this paper, we present recent developments in the AltErgo SMT-solver to e ciently discharge proof obligations (POs) generated by Atelier B. This includes a new plugin architecture to facilitate experiments with di erent SAT engines, new heuristics to handle quantied formulas, and important modi cations in its internal data structures to boost performances of core decision procedures. Experiments realized on more than 10,000 POs generated from industrial B projects show signi cant improvements. Alt-Ergo is an open-source SMT solver capable of reasoning in a combination of several built-in theories such as uninterpreted equality, integer and rational arithmetic, arrays, records, enumerated data types and AC symbols. It is the unique SMT solver that natively handles polymorphic rst-order quanti ed formulas, which makes it particularly suitable for program veri cation. For instance, AltErgo is used as a back-end of SPARK and Frama-C to discharge proof obligations generated from Ada and C programs, respectively. Recently, we started using Alt-Ergo in the context of the ANR project BWare [8] which aims at integrating SMT solvers as back-ends of Atelier B.The proof obligations sent to Alt-Ergo are extracted from Atelier B as logical formulas that are combined with a (polymorphic) model of B's set theory [7]. This process relies on the Why3 platform [6] which can target a wide range of SMT solvers. However, we show (Section 2) on a large benchmark of industrial B projects that it is not immediate to obtain a substantial gain of performances by using SMT solvers. Without a speci c tunning for B, Alt-Ergo together with other SMT solvers compete just equally with Atelier B's prover on those industrial benchmarks.In this paper, we report on recent developments in Alt-Ergo that signi cantly improve its capacities to handle POs coming from Atelier B. Our improvements are: (1) better heuristics for instantiating polymorphic quanti ed formulas from B model; (2) new e cient internal data structures; (3) a plugin architecture to facilitate experiments with di erent SAT engines; and (4) the implementation of a new CDCL-based SAT solver.

show abstract

Canonized Rewriting and Ground AC Completion Modulo Shostak Theories : Design and Implementation

Cited by 11 publications

References 18 publications

Formal Verification of Programs Computing the Floating-Point Average

Formal Verification of Programs Computing the Floating-Point Average

AltGr-Ergo, a Graphical User Interface for the SMT Solver Alt-Ergo

Tuning the Alt-Ergo SMT Solver for B Proof Obligations

Contact Info

Product

Resources

About