I understand that in general, non-linear integer arithmetic is undecidable.
However, this is not the case for the arithmetic of finite fields mod p, as in particular this can be reduced to a SAT problem over finite bit vectors. The reduction to SAT is however, it seems, somewhat inefficient for large primes p (this is Z3's default behaviour).
Is there a more efficient way of modelling arithmetic operations in Z3 over such a finite field? Perhaps performance improvements can be made over Z3's default strategy from the knowledge that all arithmetic operations are over the same finite field?
Related
what is the usual precision for Real variables in Z3? Is exact arithmetic used?
Is there a way to set the accuracy level manually?
If Real means that exact arithmetic must be used, is there any other data type for floating point values which has limited precision?
Finally: from this point of view, is z3 different with respect to the other popular SMT solvers, or is this standardised in the SMT-LIB definition?
See this answer: z3 existential theory of the reals
Regarding printing precision, see this one: algebraic reals: does z3 do rounding when pretty printing?
In short, yes they are precisely represented as roots of polynomials. Not every real number can be represented by the Real type (transcendentals, e, pi, etc.); but all polynomial roots are representable.
This paper discusses how to also deal with transcendentals.
Is the QF_NRA logic in SMT-LIB decidable?
I know that Tarski proved that nonlinear arithmetic is decidable, in the sense that systems of polynomials in the real numbers are decidable. However, it's not obvious that QF_NRA falls under this umbrella, because QF_NRA contains division. So the first question is whether or not division in QF_NRA includes division by variables where the denominator is potentially zero. I posted that as a separate question, because answering that turns out to be difficult enough all on its own.
If division by zero is not part of QF_NRA, then division in QF_NRA can be converted to multiplication, and the problem will be decidable as proven by Tarski. If division is in fact included in QF_NRA, then I'm less sure. My feeling is that the problem can still be broken up case-wise, with new variables introduced for the cases where division by zero occurs. In this case QF_NRA would still be decidable.
It is decidable.
You can encode SMT-LIB division by treating division as an uninterpreted function that you axiomatize where needed, i.e. for each (/ t1 t2) appearing in the problem, you can add
t2 != 0 => t1 = (/ t1 t2)*t2 .
This in effect reduces the SMT-LIB theory of QF_NRA to the combination of two theories: reals (without division) and uninterpreted functions. Now, since both reals and uninterpreted functions are decidable theories in the quantifier-free fragment, you can rely on the classic arguments of Nelson and Oppen to show that the combination theory is decidable.
Yices2, for example, can decide such combinations of reals and uninterpreted functions (based on MCSAT). Z3, as far as I know, can not combine reals and uninterpreted functions, and CVC4 does not yet have a decision procedure for the reals.
Does z3's SAT solver(s) obtain a complete assignment to the propositional(ized) part of an SMT problem before doing a theory consistency check? In particular, I am curious to know what is done by default for each of the following background theories/combination (if this is theory-dependent): Linear Real Arithmetic (LRA), Linear Integer Real Arithmetic (LIRA), Non-Linear Integer Real Arithmetic (NIRA)? Also, where in the actual code (codeplex stable z3 v4.3.1) is a propositional literal (heuristically) decided by the SAT solver?
No, Z3 does not obtain a complete assignment before doing theory consistency checks.
However, it delays "expensive" checks. "Expensive" checks are performed in a step called final_check that is performed only when a (complete) proprositional assignment is produced. Here the word "expensive" is relative. Linear real arithmetic consistency checks can be quite expensive due to big number arithmetic computations, but they are considered "cheap" in Z3.
Linear real arithmetic checks are done eagerly. Nonlinear and linear integer arithmetic checks are done at the final_check step.
Note that Z3 contains more than one solver. The behavior above is for the one implemented in the directory smt. The nonlinear real arithmetic solver (nlsat directory) works in a completely different way, and it does not use the final_check approach described above.
My program, bounded synthesizer of reactive finite state systems, produces SMT queries to annotate a product automaton of the (uninterpreted) system and a specification. Essentially it is a model checking with uninterpreted functions. If the annotation exists => the model found by Z3 satisfies the spec. The queries contain:
datatype (to encode states of a system and of a specification automaton)
>= (greater), > (strictly) (to specify ranking function of states of automaton system*spec, which is used to search lassos with bad states)or in other words, ordering of states of that automaton, which
uninterpreted functions with boolean domain and range
all clauses are horn clauses
An example is https://dl.dropboxusercontent.com/u/444947/posts/full_arbiter2.smt2
('forall' are used to encode "don't care" inputs to functions)
Currently queries take strictly greater > operator from integers arithmetic (that is a ranking function has Int range).
Question: is it worth developing a custom theory solver in Z3 for such queries? It could exploit DFS based search of lassos which might be faster than integers theory solver (or diff-neg tactic).
Or Z3 already efficiently handles this? (efficiently means "comparable to graph-based search of lassos").
Arithmetic is not the bottleneck of your benchmark.
We can check that by using
valgrind --tool=callgrind z3 full_arbiter2.smt2
kcachegrind
Valgrind and kcachegrind are available in most Linux distros.
So, I don't think you will get a significant performance improvement if you implement a solver for order theory.
One bottleneck is the datatype theory. You may get a performance boost if you encode the types Q and T using Bit-vectors. Another bottleneck is quantifier reasoning. Have you tried to expand them before invoking Z3?
In Z3, the qe (quantifier elimination) tactic will essentially expand Boolean quantifiers.
I got a small speedup by replacing
(check-sat)
with
(check-sat-using (then qe smt))
Is it possible to ask Z3 to prove satisfiability of a system of integer polynomial inequalities with 2 different variables (or in general case) by approximating the original system with a system of linear inequalities?
By default, Z3 will try to solve a nonlinear integer problem as a linear one. The basic trick is to treat nonlinear terms such as x*y as new "variables". Nonlinear integer arithmetic is not well supported in Z3, the following post has a summary on how Z3 handles nonlinear integer arithmetic:
How does Z3 handle non-linear integer arithmetic?