Section: New Results
We develop general techniques which allow us to re-use available tools in order to build a new generation of satisfiability solvers offering a good trade-off between expressiveness, flexibility, and scalability. We focus on the careful integration of combination techniques and rewriting techniques to design satisfiability procedures for a wide range of (combined) theories of interest in verification.
Decision Procedures and their Extensions
In  , we develop a framework to design cooperation schemas between satisfiability procedures which allows us to maintain the modularity of their interfaces. In particular, we introduce the concept of deduction complete satisfiability procedures: we show how to build them for large classes of theories and we provide a schema to modularly combine them. Then, we consider the problem of modularly constructing explanations for combinations by re-using available proof-producing procedures for the component theories. To solve this problem, we introduce a proof-producing refinement of the Nelson-Oppen method and we study how the computed explanations relate to an appropriate notion of minimality.
In  , we present a novel technique to combine satisfiability procedures for theories that model some data-structures and that share the integer offsets. This procedure extends the Nelson-Oppen approach to a family of non-disjoint theories that have practical interest in verification. The result is derived by showing that the considered theories satisfy the hypotheses of a general result on non-disjoint combination. In particular, the capability of computing logical consequences over the shared signature is ensured in a non trivial way by devising a suitable complete superposition calculus.
Decision Procedures and Model-checking of Infinite State Systems
Daniele Zucchelli has defended his thesis  . The contributions of the thesis are the following: First of all, we give a decidability result for the constraint satisfiability problem for interesting extensions of the theory of arrays. Secondly, along the lines of Manna and Pnueli, who have shown how a mixture of first-order logic and linear time temporal logic is sufficient to state the verification problems for the class of reactive systems, we draw on the recent literature about the combination of decision procedures to give decidability and undecidability results for the satisfiability problem for logics that allow to plug reasoning modulo first-order theories into a temporal setting. The results obtained in the case of linear flows of time are then generalized to the temporal and modal logics whose relativized satisfiability problem is decidable. The last contribution is the decidability of the model checking problem for linear flows of time under suitable hypothesis over the first-order theories involved. The proofs of the decidability results suggest that efficient Satisfiability Modulo Theories solvers might be successfully employed in the model checking of infinite-state systems.
In  , we introduce the notion of array-based system as a suitable abstraction of infinite state systems such as broadcast protocols or sorting programs. By using a class of quantified-first order formulae to symbolically represent array-based systems, we propose methods to check safety (invariance) and liveness (recurrence) properties on top of Satisfiability Modulo Theories solvers. We find hypotheses under which the verification procedures for such properties can be fully mechanized.
Participant : Alain Giorgetti.
In deductive verification of large C programs by SMT provers, some valid verification conditions cannot be automatically discharged by any automated prover mainly due to their size and a high number of irrelevant hypotheses. At the FTP'07 workshop, Couchot and Hubert have presented heuristics for relevant hypothesis selection. We extend these heuristics to axioms and comparison operators  . The relevance of a hypothesis is the combination of separated static dependency analyzes based on graph constructions and traversals. The approach is applied on two benchmarks issued from industrial program verification.
Tree Automata Extensions
We have considered classes of tree automata combining automata with equality test and automata modulo equational theories with F. Jacquemard ( DAHU project-team)  . These tree automata are obtained by extending their standard Horn clause representations with equational conditions and rewrite systems. We show in particular that a generalized membership problem (extending the emptiness problem) is decidable by proving that the saturation of tree automata presentations with suitable paramodulation strategies terminates. Alternatively our results can be viewed as new decidable classes of first-order formula. These tree automata classes can be applied to the reachability problem for a fragment of pi-calculus that can encode protocol verification problems.