Advertisement

Towards Bit-Width-Independent Proofs in SMT Solvers

  • Aina Niemetz
  • Mathias Preiner
  • Andrew Reynolds
  • Yoni ZoharEmail author
  • Clark Barrett
  • Cesare Tinelli
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11716)

Abstract

Many SMT solvers implement efficient SAT-based procedures for solving fixed-size bit-vector formulas. These approaches, however, cannot be used directly to reason about bit-vectors of symbolic bit-width. To address this shortcoming, we propose a translation from bit-vector formulas with parametric bit-width to formulas in a logic supported by SMT solvers that includes non-linear integer arithmetic, uninterpreted functions, and universal quantification. While this logic is undecidable, this approach can still solve many formulas by capitalizing on advances in SMT solving for non-linear arithmetic and universally quantified formulas. We provide several case studies in which we have applied this approach with promising results, including the bit-width independent verification of invertibility conditions, compiler optimizations, and bit-vector rewrites.

References

  1. 1.
    Alur, R., et al.: Syntax-guided synthesis. In: Formal Methods in Computer-Aided Design, FMCAD 2013, Portland, OR, USA, 20–23 October 2013, pp. 1–8 (2013)Google Scholar
  2. 2.
    Barrett, C., et al.: CVC4. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 171–177. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22110-1_14CrossRefGoogle Scholar
  3. 3.
    Barrett, C., Stump, A., Tinelli, C.: The SMT-LIB standard: version 2.0. In: Gupta, A., Kroening, D. (eds.) Proceedings of the 8th International Workshop on Satisfiability Modulo Theories, Edinburgh, UK (2010)Google Scholar
  4. 4.
    BjØrner, N.S., Pichora, M.C.: Deciding fixed and non-fixed size bit-vectors. In: Steffen, B. (ed.) Tools and Algorithms for the Construction and Analysis of Systems, pp. 376–392. Springer, Berlin (1998).  https://doi.org/10.1007/BFb0054184CrossRefGoogle Scholar
  5. 5.
    Blanchette, J.C., Böhme, S., Paulson, L.C.: Extending sledgehammer with SMT solvers. J. Autom. Reasoning 51(1), 109–128 (2013).  https://doi.org/10.1007/s10817-013-9278-5MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Cimatti, A., Griggio, A., Irfan, A., Roveri, M., Sebastiani, R.: Experimenting on solving nonlinear integer arithmetic with incremental linearization. In: Beyersdorff, O., Wintersteiger, C.M. (eds.) SAT 2018. LNCS, vol. 10929, pp. 383–398. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-94144-8_23CrossRefzbMATHGoogle Scholar
  7. 7.
    Cimatti, A., Griggio, A., Irfan, A., Roveri, M., Sebastiani, R.: Incremental linearization for satisfiability and verification modulo nonlinear arithmetic and transcendental functions. ACM Trans. Comput. Log. 19(3), 19:1–19:52 (2018)MathSciNetCrossRefGoogle Scholar
  8. 8.
    de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78800-3_24. http://dl.acm.org/citation.cfm?id=1792734.1792766CrossRefGoogle Scholar
  9. 9.
    Ekici, B., et al.: SMTCoq: a plug-in for integrating smt solvers into Coq. In: Majumdar, R., Kuncak, V. (eds.) CAV 2017. LNCS, vol. 10427, pp. 126–133. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63390-9_7CrossRefGoogle Scholar
  10. 10.
    Enderton, H., Enderton, H.B.: A Mathematical Introduction to logic. Elsevier, Amsterdam (2001)zbMATHGoogle Scholar
  11. 11.
    Gupta, A., Fisher, A.L.: Parametric circuit representation using inductive boolean functions. In: Courcoubetis, C. (ed.) CAV 1993. LNCS, vol. 697, pp. 15–28. Springer, Heidelberg (1993).  https://doi.org/10.1007/3-540-56922-7_3CrossRefGoogle Scholar
  12. 12.
    Gupta, A., Fisher, A.L.: Representation and symbolic manipulation of linearly inductive boolean functions. In: Proceedings of the 1993 IEEE/ACM International Conference on Computer-aided Design, pp. 192–199, ICCAD 1993. IEEE Computer Society Press, Los Alamitos (1993). http://dl.acm.org.stanford.idm.oclc.org/citation.cfm?id=259794.259827
  13. 13.
    Kovács, L., Voronkov, A.: First-order theorem proving and Vampire. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 1–35. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-39799-8_1CrossRefGoogle Scholar
  14. 14.
    Kovásznai, G., Fröhlich, A., Biere, A.: Complexity of fixed-size bit-vector logics. Theory Comput. Syst. 59(2), 323–376 (2016).  https://doi.org/10.1007/s00224-015-9653-1MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Kroening, D., Strichman, O.: Decision Procedures - An Algorithmic Point of View. Texts in Theoretical Computer Science. An EATCS Series, 2nd edn. Springer, Berlin (2016)CrossRefGoogle Scholar
  16. 16.
    Lattner, C., Adve, V.S.: LLVM: a compilation framework for lifelong program analysis & transformation. In: 2nd IEEE/ACM International Symposium on Code Generation and Optimization (CGO 2004), 20–24 March 2004, San Jose, CA, USA, pp. 75–88. IEEE Computer Society (2004).  https://doi.org/10.1109/CGO.2004.1281665
  17. 17.
    Lopes, N.P., Menendez, D., Nagarakatte, S., Regehr, J.: Provably correct peephole optimizations with alive. In: Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 22–32, PLDI 2015. ACM, New York (2015).  https://doi.org/10.1145/2737924.2737965
  18. 18.
    de Moura, L., Bjørner, N.: Efficient E-matching for SMT solvers. In: Pfenning, F. (ed.) CADE 2007. LNCS (LNAI), vol. 4603, pp. 183–198. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-73595-3_13CrossRefGoogle Scholar
  19. 19.
    Niemetz, A., Preiner, M., Reynolds, A., Barrett, C., Tinelli, C.: Solving Quantified Bit-Vectors Using Invertibility Conditions. In: Chockler, H., Weissenbacher, G. (eds.) CAV 2018. LNCS, vol. 10982, pp. 236–255. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-96142-2_16CrossRefGoogle Scholar
  20. 20.
    Nipkow, T., Wenzel, M., Paulson, L.C. (eds.): Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45949-9CrossRefzbMATHGoogle Scholar
  21. 21.
    Nötzli, A., et al.: Syntax-guided rewrite rule enumeration for SMT solvers. In: Janota, M., Lynce, I. (eds.) SAT 2019. LNCS, vol. 11628. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-24258-9_20CrossRefGoogle Scholar
  22. 22.
    Pichora, M.C.: Automated reasoning about hardware data types using bit-vectors of symbolic lengths. Ph.D. thesis, Toronto, ON, Canada (2003). aAINQ84686Google Scholar
  23. 23.
    Reger, G., Suda, M., Voronkov, A.: Unification with abstraction and theory instantiation in saturation-based reasoning. In: Beyer, D., Huisman, M. (eds.) TACAS 2018. LNCS, vol. 10805, pp. 3–22. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-89960-2_1CrossRefGoogle Scholar
  24. 24.
    Reynolds, A., Barbosa, H., Fontaine, P.: Revisiting enumerative instantiation. In: Beyer, D., Huisman, M. (eds.) TACAS 2018. LNCS, vol. 10806, pp. 112–131. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-89963-3_7CrossRefGoogle Scholar
  25. 25.
    Reynolds, A., Deters, M., Kuncak, V., Tinelli, C., Barrett, C.: Counterexample-guided quantifier instantiation for synthesis in SMT. In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9207, pp. 198–216. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-21668-3_12CrossRefGoogle Scholar
  26. 26.
    Reynolds, A., Tinelli, C., Jovanović, D., Barrett, C.: Designing theory solvers with extensions. In: Dixon, C., Finger, M. (eds.) FroCoS 2017. LNCS (LNAI), vol. 10483, pp. 22–40. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66167-4_2CrossRefGoogle Scholar
  27. 27.
    Reynolds, A., Tinelli, C., de Moura, L.M.: Finding conflicting instances of quantified formulas in SMT. In: Formal Methods in Computer-Aided Design, FMCAD 2014, Lausanne, Switzerland, 21–24 October 2014, pp. 195–202 (2014).  https://doi.org/10.1109/FMCAD.2014.6987613
  28. 28.
    Solidity Language Developers: Solidity (2018). https://solidity.readthedocs.io/en/v0.4.25/
  29. 29.
    TC Development team: The Coq proof assistant reference manual version 8.9 (2019). https://coq.inria.fr/distrib/current/refman/
  30. 30.
    Tinelli, C., Zarba, C.G.: Combining decision procedures for sorted theories. In: Alferes, J.J., Leite, J. (eds.) JELIA 2004. LNCS (LNAI), vol. 3229, pp. 641–653. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-30227-8_53CrossRefGoogle Scholar
  31. 31.
    Voronkov, A.: AVATAR: the architecture for first-order theorem provers. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 696–710. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-08867-9_46CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Stanford UniversityStanfordUSA
  2. 2.The University of IowaIowa CityUSA

Personalised recommendations