Is the QF_NRA logic in SMT-LIB decidable?
I know that Tarski proved that nonlinear arithmetic is decidable, in the sense that systems of polynomials in the real numbers are decidable. However, it's not obvious that QF_NRA falls under this umbrella, because QF_NRA contains division. So the first question is whether or not division in QF_NRA includes division by variables where the denominator is potentially zero. I posted that as a separate question, because answering that turns out to be difficult enough all on its own.
If division by zero is not part of QF_NRA, then division in QF_NRA can be converted to multiplication, and the problem will be decidable as proven by Tarski. If division is in fact included in QF_NRA, then I'm less sure. My feeling is that the problem can still be broken up case-wise, with new variables introduced for the cases where division by zero occurs. In this case QF_NRA would still be decidable.
It is decidable.
You can encode SMT-LIB division by treating division as an uninterpreted function that you axiomatize where needed, i.e. for each (/ t1 t2) appearing in the problem, you can add
t2 != 0 => t1 = (/ t1 t2)*t2 .
This in effect reduces the SMT-LIB theory of QF_NRA to the combination of two theories: reals (without division) and uninterpreted functions. Now, since both reals and uninterpreted functions are decidable theories in the quantifier-free fragment, you can rely on the classic arguments of Nelson and Oppen to show that the combination theory is decidable.
Yices2, for example, can decide such combinations of reals and uninterpreted functions (based on MCSAT). Z3, as far as I know, can not combine reals and uninterpreted functions, and CVC4 does not yet have a decision procedure for the reals.
Related
what is the usual precision for Real variables in Z3? Is exact arithmetic used?
Is there a way to set the accuracy level manually?
If Real means that exact arithmetic must be used, is there any other data type for floating point values which has limited precision?
Finally: from this point of view, is z3 different with respect to the other popular SMT solvers, or is this standardised in the SMT-LIB definition?
See this answer: z3 existential theory of the reals
Regarding printing precision, see this one: algebraic reals: does z3 do rounding when pretty printing?
In short, yes they are precisely represented as roots of polynomials. Not every real number can be represented by the Real type (transcendentals, e, pi, etc.); but all polynomial roots are representable.
This paper discusses how to also deal with transcendentals.
is there a way to express assumptions in Z3 (I am using the Z3Py library) such that the engine does not check their validity but takes them as underlying theories, just like in theorem proving?
For example, lets say that I have two unary functions with argument of type Real. I would like to tell the Z3 engine that for all input values, f1(t) is equal to f2(t).
Encoded in Z3Py that would look something like the following:
t = Real("t")
assumption1 = ForAll(t, f1(t) = f2(t)).
The problem with the presented code is that my assertion set is quite big and I use quantifiers (I am trying to prove satisfiability of a real-time system). If I add the above assertion to the set of the other assertions the checking procedure does not terminate.
is there a way to express assumptions in Z3 (I am using the Z3Py library) such that the engine does not check their validity but takes them as underlying theories, just like in theorem proving?
In fact, all assertions you add to Z3 are treated as what you call assumptions. Z3 checks satisfiability of the assertions, it does not check validity. To check validity of a formula F, you assert (not F), and check for satisfiability of (not F). If (not F) is unsat, then F is valid. If you have background axioms, you are essentially checking validity of Background => F, so you can check satisifiability of Background & (not F).
Whether Z3 terminates on your query depends on which combination of theories and quantifiers you use. The more features your queries combine the tougher it is.
For formulas over pure linear arithmetic or polynomial real arithmetic,
these are called LRA, LIA and NRA in the SMT-LIB classification (see smtlib.org) Z3 uses specialized decision procedures that have recently been added.
Yes, that's possible just as you describe it, but you will end up with quantifiers, which does of course mean that you're solving a harder problem and Z3 will behave differently (it's possible you end up using completely different solvers that don't even share much source code).
For the particular example given, it's possible to eliminate the quantifier cheaply because it has the form of a function definition (ForAll x . f(x) = ...), i.e., we can just replace all occurrences of f with the right hand side and then the quantifier is trivially satisfied. In Z3, this is done by the macro finder, which may be applied as a tactic (with name "macro-finder"), or if you are using the "smt" tactic (implicitly via others or directly), then you can set smt.macro_finder=true.
As far as I understand, Z3, when encountering quantified linear real/rational arithmetic, applies a form of quantifier elimination described in Bjørner, IJCAR 2010 and more recent work by Bjørner and Monniaux (that's what qe_sat_tactic.cpp says, at least).
I was wondering
Whether it still works if the formula is multilinear, in the sense that the "constants" are symbolic. E.g. ∀x, ax≤b ⇒ ax ≤ 0 can be dealt with by separating the cases a<0, a=0 and a>0. This is possible using Weispfenning's virtual substitution approach, but I don't know what ended up being implemented in Z3 (that is, whether it implements the general approach or the one restricted to constant coefficients).
Whether it is possible, in Z3, to output the result of elimination instead of just solving for one model. There might be a Z3 tactic to do so but I don't know how this is supposed to be requested.
Whether it is possible, in Z3, to perform elimination as described above, then use the new nonlinear solver to obtain a model. Again, a succession of tactics might do the trick, but I don't know how this is supposed to be requested.
Thanks.
After long travels (including a travel where I met David at a conference), here is a short summary to answer the questions as they are posed.
There is no specific support for multi-linear forms.
The 'qe' tactic produces results of elimination, but may as a side-effect decide satisfiablity.
This is a very interesting problem to investigate, but it is not supported out of the box.
Can SMT solver efficiently find a solution (or an assignment) for the pseudo-Boolean problem as described as follows:
\sum {i..m} f_i x1 x2.. xn *w_i
where f_i x1 x2 .. xn is a Boolean function, and w_i is a weight of Int type.
For your convenience, I highlight the contents in page 1 and 3, which is enough for specifying
the pseudo-Boolean problem.
SMT solvers typically address the question: given a logical formula, optionally using functions and predicates from underlying theories (such as the theory of arithmetic, the theory of bit-vectors, arrays), is the formula satisfiable or not.
They typically don't expose a way for you specify objective functions
and typically don't have built-in optimization procedures.
Some special cases are formulas that only use Booleans or a combination of Booleans and either bit-vectors or integers. Pseudo Boolean constraints can be formulated with either integers or encoded (with some care taking overflow semantics into account) using bit-vectors, or they can be encoded directly into SAT. For some formulas using bounded integers that fall in the class of psuedo-boolean problems, Z3 will try automatic reductions into bit-vectors. This applies only to benchmkars in the SMT-LIB2 format tagged as QF_LIA or applies if you explicitly invoke a tactic that performs this reduction (the "qflia" tactic should apply).
While Z3 does not directly expose objective functions, the question of augmenting
SMT solvers with objective functions is actively pursued in the research community.
One approach suggested by Nieuwenhuis and Oliveras in SAT 2006 was to build in
solving for the "weighted max SMT" problem as a custom theory. Yices comes with built-in
features for weighted max SMT, Z3 does not, but it is possible to write a custom
theory that performs the backtracking search of a weighted max SMT solver, but nothing
out of the box.
Sometimes people try to specify objective functions using quantified formulas.
In theory one could hope that quantifier elimination procedures then can solve
for the objective.
This is generally pretty bad when it comes to performance. Quantifier elimination
is an overfit and the routines (that we have) will not be efficient.
For your problem, if you want to find an optimized (maximum or minimum) result from the sum, yes Z3 has this ability. You can use the Optimize class of Z3 library instead of Solver class. The class provides two methods for 'maximization' and 'minimization' respectively. You can pass the SMT variable that is needed to be optimized and Optimization class model will give the solution for you. It actually worked with C# API using Microsoft.Z3 library. For your inconvenience, I am attaching a snippet:
Optimize opt; // initializing object
opt.MkMaximize(*your variable*);
opt.MkMinimize(*your variable*);
opt.Assert(*anything you need to do*);
For the same reasons than described here (user defined uninterpreted function) I want to define my own uninterpreted function
bvredxnor() : xnor over the bits of a given bitvector.
If I follow the example given here (example of universal quantifiers with C API) I don't know what sort to provide to the argument of my function (a bitvector)
I could create a bitvector sort of a given length, but I would like to have it for bitvectors of any length.
Looking at bitvector functions available in the C API, I noticed that the type of all arguments is Z3_ast, so I was thinking I could use the same generic type. But there is no function in the API that generate a Z3_ast sort... (writing this I feel i am touching the difference between types and sorts, but it is still a bit unclear)
Is the solution to use uninterpreted sorts? And if so, in doing that, wouldn't I loose some precision in my model by enlarging the type too much, while this artefact is only for debugging purpose? I mean, if I apply this function to a bitvector, will this work?
Thank you in advance,
AG.
SMTLib does not allow bit-vectors with variable lengths. That is, you cannot express problems that are parameterized over the bitvector lengths. The reason for this is that properties about bit-vectors do not necessarily hold parametrically over lengths, due to cardinality issues. To wit, consider:
exists x0, x1, x2, x3, x4. distinct [x0, x1, x2, x3, x4]
This property says there are at least 5 distinct bit-vector values. That is true if the domain of x has length at least 3, but not otherwise. So, the validity of the statement depends on the domain. You can also view this as a limitation of the first-order nature of SMTLib in general.
Of course, the above applies to SMTLib, and not necessarily to Z3. Leo and co have always been ahead of the curve, and Z3 does have many tricks that go beyond what SMTLib calls for. It'd be a pleasant surprise if Z3 does support some notion of parametric bit-vector problems in the way you are describing.