SMTCoq: A Plug-In for Integrating SMT Solvers into Coq

Ekici, Burak; Mebsout, Alain; Tinelli, Cesare; Keller, Chantal; Katz, Guy; Reynolds, Andrew; Barrett, Clark

doi:10.1007/978-3-319-63390-9_7

Cited by 57 publications

(46 citation statements)

References 9 publications

(10 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For future work, we plan to reduce the complexity of the side conditions in the DRAT and LRAT signatures and the proof production overhead in the translation workflows. We also plan to add support for the new signatures in SMTCoq [7], a tool that increases automation in Coq [16] using proofs generated by CVC4. In a more applicative…”

Section: Resultsmentioning

confidence: 99%

DRAT-based Bit-Vector Proofs in CVC4

Ozdemir

Niemetz

Preiner

et al. 2019

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Many state-of-the-art Satisfiability Modulo Theories (SMT) solvers for the theory of fixed-size bit-vectors employ an approach called bit-blasting, where a given formula is translated into a Boolean satisfiability (SAT) problem and delegated to a SAT solver. Consequently, producing bit-vector proofs in an SMT solver requires incorporating SAT proofs into its proof infrastructure. In this paper, we describe three approaches for integrating DRAT proofs generated by an off-the-shelf SAT solver into the proof infrastructure of the SMT solver CVC4 and explore their strengths and weaknesses. We implemented all three approaches using CryptoMiniSat as the SAT back-end for its bit-blasting engine and evaluated performance in terms of proof-production and proof-checking.

show abstract

Section: Resultsmentioning

confidence: 99%

DRAT-based Bit-Vector Proofs in CVC4

Ozdemir

Niemetz

Preiner

et al. 2019

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…In future research, we plan to investigate a translation of our results to a proof assistant such as Coq, for which a bit-vector library was recently developed [9]. This will involve supporting proofs in the SMT solver for non-linear arithmetic and quantifiers.…”

Section: Conclusion and Further Researchmentioning

confidence: 99%

Towards Bit-Width-Independent Proofs in SMT Solvers

Niemetz

Preiner

Reynolds

et al. 2019

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Many SMT solvers implement efficient SAT-based procedures for solving fixed-size bit-vector formulas. These approaches, however, cannot be used directly to reason about bit-vectors of symbolic bit-width. To address this shortcoming, we propose a translation from bit-vector formulas with parametric bit-width to formulas in a logic supported by SMT solvers that includes non-linear integer arithmetic, uninterpreted functions, and universal quantification. While this logic is undecidable, this approach can still solve many formulas by capitalizing on advances in SMT solving for non-linear arithmetic and universally quantified formulas. We provide several case studies in which we have applied this approach with promising results, including the bit-width independent verification of invertibility conditions, compiler optimizations, and bit-vector rewrites. Symbol SMT-LIB Syntax

show abstract

“…Using this function, we can define ringosc3-one-safe-trace, which means all states in a trace are one-safe. (ringosc3-one-safe-state r (car tr))) 7 (ringosc3-one-safe-trace r tr)) 8 :hints (("Goal" 9 :induct (ringosc3-one-safe-trace r tr) 10 :in-theory (e/d (ringosc3-one-safe-trace 11 ringosc3-valid 12 inverter-valid) 13 (ringosc3-one-safe-lemma))) 14 ("Subgoal *1/1.1" In this theorem, Smtlink helped to prove the inductive step. Due to space constraints, the details of ringosc3-one-safe-lemma are elided in this paper.. We note that proving this theorem using just ACL2 requires proving detailed lemmas about possible transitions of the ring oscillator.…”

Section: Circuit and Trace Modeling Using Fty Typesmentioning

confidence: 99%

“…They trust Yices as an oracle. Works like [5,9] do proof reconstruction. Sledgehammer [5,14] is a proof assistant that integrates a bunch of SMT solvers into the theorem prover Isabelle/HOL.…”

Section: Related Workmentioning

confidence: 99%

“…Proof reconstruction task is hard, and as pointed out in [14] the reconstruction can fail, and sometimes take a tremendous amount of time. Armand [1,9] developed a framework in the theorem prover Coq for integrating external SMT solver results. They developed a set of "small checkers" that are able to take a certificate and call corresponding small checker for proof checks and used Coq tactics for automation.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Smtlink 2.0

Peng

Greenstreet

2018

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

Smtlink is an extension of ACL2 with Satisfiability Modulo Theories (SMT) solvers. We presented an earlier version at ACL2'2015. Smtlink 2.0 makes major improvements over the initial version with respect to soundness, extensibility, ease-of-use, and the range of types and associated theorysolvers supported. Most theorems that one would want to prove using an SMT solver must first be translated to use only the primitive operations supported by the SMT solver -this translation includes function expansion and type inference. Smtlink 2.0 performs this translation using a sequence of steps performed by verified clause processors and computed hints. These steps are ensured to be sound. The final transliteration from ACL2 to Z3's Python interface requires a trusted clause processor. This is a great improvement in soundness and extensibility over the original Smtlink which was implemented as a single, monolithic, trusted clause processor. Smtlink 2.0 provides support for FTY defprod, deflist, defalist, and defoption types by using Z3's arrays and user-defined data types. We have identified common usage patterns and simplified the configuration and hint information needed to use Smtlink.

show abstract

SMTCoq: A Plug-In for Integrating SMT Solvers into Coq

Cited by 57 publications

References 9 publications

DRAT-based Bit-Vector Proofs in CVC4

DRAT-based Bit-Vector Proofs in CVC4

Towards Bit-Width-Independent Proofs in SMT Solvers

Smtlink 2.0

Contact Info

Product

Resources

About