Reasoning about comprehensions with first-order SMT solvers

Leino, K. Rustan M.; Monahan, Rosemary

doi:10.1145/1529282.1529411

Cited by 33 publications

(25 citation statements)

References 9 publications

(12 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We phrase this condition in terms of the logical semantics and check it by using the SMT solver. Order-irrelevance is less restrictive than conditions found in the literature such as associativity and commutativity (Cohen, 2006;Leino & Monahan, 2009). If f is associative and commutative then f is also order-irrelevant, but the converse fails in general.…”

Section: Algorithmic Purity Checkmentioning

confidence: 90%

Semantic subtyping with an SMT solver

Bierman¹,

Gordon²,

Hriţcu³

et al. 2012

J. Funct. Prog.

View full text Add to dashboard Cite

We study a first-order functional language with the novel combination of the ideas of refinement type (the subset of a type to satisfy a Boolean expression) and type-test (a Boolean expression testing whether a value belongs to a type). Our core calculus can express a rich variety of typing idioms; for example, intersection, union, negation, singleton, nullable, variant, and algebraic types are all derivable. We formulate a semantics in which expressions denote terms, and types are interpreted as first-order logic formulas. Subtyping is defined as valid implication between the semantics of types. The formulas are interpreted in a specific model that we axiomatize using standard first-order theories. On this basis, we present a novel type-checking algorithm able to eliminate many dynamic tests and to detect many errors statically. The key idea is to rely on a Satisfiability Modulo Theories solver to compute subtyping efficiently. Moreover, using a satisfiability modulo theories solver allows us to show the uniqueness of normal forms for non-deterministic expressions, provide precise counterexamples when type-checking fails, detect empty types, and compute instances of types statically and at run-time.

show abstract

Section: Algorithmic Purity Checkmentioning

confidence: 90%

Semantic subtyping with an SMT solver

Bierman¹,

Gordon²,

Hriţcu³

et al. 2012

J. Funct. Prog.

View full text Add to dashboard Cite

show abstract

“…One possibility to do so is to further investigate how to set instantiation triggers for comprehensions typically occurring in our scenarios. In [17] the authors already outlined a general approach that can serve as a starting point. Another option is to try to reduce the amount of quantifiers we use.…”

Section: Future Workmentioning

confidence: 99%

SMT Solvers for Validation of B and Event-B Models

Krings

Leuschel

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We present an integration of the constraint solving kernel of the ProB model checker with the SMT solver Z3. We apply the combined solver to B and Event-B predicates, featuring higher-order datatypes and constructs like set comprehensions. To do so we rely on the finite set logic of Z3 and provide a new translation from B to Z3, better suited for constraint solving. Predicates can then be solved by the two solvers working hand in hand: constraints are set up in both solvers simultaneously and (intermediate) results are transferred. We thus combine a constraint logic programming based solver with a DPLL(T) based solver into a single procedure. The improved constraint solver finds application in many validation tasks, from animation of implicit specifications, to test case generation, bounded and symbolic model checking on to disproving of proof obligations. We conclude with an empirical evaluation of our approach focusing on two dimensions: comparing low and high-level encodings of B as well as comparing pure ProB to ProB combined with Z3.

show abstract

“…An alternative based on unbounded splitting would be to give each reader half of the remaining permission. This, however, would require the invariant to include a sum over a (ghost) list of permission amounts, which is less intuitive, and causes additional work both in the specifications and for the SMT solver [9].…”

Section: Example 1: Countingmentioning

confidence: 99%

Constraint Semantics for Abstract Read Permissions

Boyland

Müller

Schwerhoff

et al. 2014

Proceedings of 16th Workshop on Formal Techniques for Java-Like Programs

View full text Add to dashboard Cite

The concept of controlling access to mutable shared data via permissions is at the heart of permission logics such as separation logic and implicit dynamic frames, and is also used in type systems, for instance, to give a semantics to "readonly" annotations. Existing permission models have different strengths in terms of expressiveness. Fractional permissions, for example, enable unbounded (recursive) splitting, whereas counting permissions enable unbounded subtraction of the same permission amount. Combining these strengths in a single permission model appeared to increase the complexity for the user and tools. In this paper we extend our previous work on abstract read permissions by providing them with a novel constraint semantics, which retains the use of the domain of rational numbers but enables unbounded subtraction of identical amounts. Thus we can keep an intuitive model conducive to SMT solvers while enabling "counting."

show abstract

Reasoning about comprehensions with first-order SMT solvers

Cited by 33 publications

References 9 publications

Semantic subtyping with an SMT solver

Semantic subtyping with an SMT solver

SMT Solvers for Validation of B and Event-B Models

Constraint Semantics for Abstract Read Permissions

Contact Info

Product

Resources

About