I just downloaded the benchmarks for seq and regexp sorts (using z3-4.3.2). What could be the problem when I get unknown as result after running "membership_1.smt2"?
I did not specify any further command line options. According to the benchmark it should result in sat, but unknown is printed without any model.
Thank you
edit:
I noticed further, that "re-begin" is not recognized. Has this to do with the version of z3 or did u just forgot a command line option?
Firstly, I don't know where the OP or commenter found the "membership_1.smt2" example input. I checked the SMT-LIB benchmarks, and the source of Z3, S3, and Z3-str, and couldn't find it.
In any case, the problem was that the OP was testing a benchmark written either for S3 or Z3-str and running it against an unmodified version of Z3. S3 and Z3-str require a modified version of Z3 to handle these extensions. This is described on the S3 website [S3: A Symbolic String Solver for Web Security Analysis, http://www.comp.nus.edu.sg/~trinhmt/S3/, accessed Aug. 4, 2016]:
Modified Version of Z3 Solver
The source code of the modified Z3 is available here.
We modify Z3 to have the interaction between String theory and Arithmetic theory.
These newly-added API methods allows us to query the length of a string variable, and relationship between the length of different
string variables, as shown in our CCS'14 paper.
Our modified version of Z3 is also used by Z3-str GROUP for integer/string theory integration.
Grepping the (unmodified) Z3 source shows no matches for "re-begin" or "re-concat". Grepping the modified version shows that these tokes are defined in lib/seq_decl_plugin.cpp of z3-source-060115.zip.
Related
I'm trying to inspect a simple looping program that finds the maximal element in an integer array. Here is the permalink here. Everything works fine, but I'm really interested in
the resulting SMT file, so I extracted it using:
$ dafny /compile:3 /proverLog:./mySMT.smt myCode.dfy
Then ran with z3 as follows:
$ z3 ./mySMT.smt
I got 3 unsat responses and I was wondering what are the corresponding 3 queries?
I looked at the *.smt file and found 11K of machine-generated SMT.
Any tips on deciphering the smt file? thanks!
If you want the resulting SMT file, then that 11K file is your answer. I imagine that looking at it will lead you to the conclusion that you don't actually want to look at the resulting SMT file.
So, I don't know what it is that you want to accomplish. If you want to learn more about your program, then the best way is to work (only) from the Dafny program text. For example, you can add more assert statements to, essentially, ask the verifier if the given condition is provable at the location of the statement.
If you're interested in how Dafny encodes its verification conditions (that is, if you yourself are a tool developer and want to learn how to generate good verification conditions), then I suggest you use the /print switch to generate the Boogie program that Dafny generates. With some understanding of the Boogie intermediate verification language, the Boogie code is readable. For a more tutorial account of how to encode a Dafny-like language into Boogie, I recommend:
"Specification and verification of object-oriented software",
K. Rustan M. Leino.
Lecture note, Marktoberdorf 2008.
Rustan
PS. Unless you insist on particular formatting, you can print your array elements without using a loop if you first convert the array's element to a sequence:
print "a = ", a[..], "\n";
I'm trying to find the c++ file for Z3 where the algorithm backtraces if it can't find a solution on the current branch. I've been looking through all the files and tried debug mode on the python files, but no luck so far. I just want to add a print statement to the method, so I can tell when it is returning to a previous node and trying a new path.
Thanks!
It depends on which solver Z3 uses for your problem. It typically uses smt_context.cpp in src/smt. The relevant backjump can be traced in the context::pop_scope method. Other solvers exist too: the src/sat/sat_solver is used for bit-vector and Boolean problems. It has a similar pop method. Finally, nlsat is used for non-linear polynomial arithmetic over the reals.
According to http://research.microsoft.com/en-us/um/people/leonardo/z3_doc/parallel.html I can set CC_NUM_THREADS=4 from the z3 command line if I'm using a .smt file.
How do I do this if I'm using the z3py api?
The portfolio solver that supports lemma sharing is not part of the latest version of Z3. These parameters are therefore not supported, and the parameter format that allows multiple values for each parameter is not supported either (on the commandline or via python).
That said, there is still a way to utilize multiple cores, which is the par-or tactic; see e.g., the Z3 Strategy Tutorial (search for par-or). The example shows how to run multiple tactics in parallel (in this example with different random seeds) via the SMT2 input language; in z3py we would use the ParOr function to create such a parallel tactic.
I need to conduct some experiments using z3 and mathsat. I have already finished the experiments with mathsat. It takes a lot of time to write the input file for mathsat and I don't want to write the input files for z3 again. Mathsat supports generating 'smt' files from the 'msat' files. The converting command is shown below:
/home/xdb/mathsat/mathsat-4.2.17-linux-x86_64/bin/mathsat -input=msat -output=smt -logic=QF_LRA /home/xdb/satcase/sample/sample.msat>>/home/xdb/satcase/sample/sample.smt
My question is that can z3 recognize this 'smt' file?
Z3 can read SMT 1.0 and 2.0 files. The format is defined at http://www.smtlib.org. If the formulas generated by MathSAT are compliant with the standard, then you should have no problems. Have you tried to use Z3 to read the generated files? If it didn't work, what was the error message produced by Z3?
The theorem proving tool z3 is taking a lot of time to solve a formula, which I believe it should be able to handle easily. To understand this better and possibly optimize my input to z3, I wanted to see the internal constraints that z3 generates as part of its solving process.
How do I print the formula that z3 produces for its back-end solvers, when using z3 from the command line?
Z3 command line tool does not have such option. Moreover, Z3 contains several solvers and pre-processing steps. It is unclear which step would be useful for you. The Z3 source code is available at https://github.com/Z3Prover/z3. When Z3 is compiled in debug mode, it provides an extra command line option -tr:<tag>. This option can be used to selectively dump information. For example, the source file nlsat_solver.cpp contains the following instruction:
TRACE("nlsat", tout << "starting search...\n"; display(tout);
tout << "\nvar order:\n";
display_vars(tout););
The command line option -tr:nlsat will instruct Z3 to execute the instruction above. tout is the trace output stream. It will be stored in the file .z3-trace. The Z3 source is full of these TRACE commands. Since the code is available, we can also add our own trace commands in the code.
If you post your example, I can tell you which Z3 components are used to preprocess and solve it.
Then, we can select which "tags" we should enable for tracing.
EDIT (after the constraints were posted):
Your example is in the mixed integer & real nonlinear arithmetic.
The new nonlinear arithmetic solver (nlsat) in Z3 does not support to_int.
Thus, the Z3 general purpose solver is used to solve your problem.
Although this solver accepts almost everything, it is not even complete for nonlinear real arithmetic. The nonlinear support on this solver is based on: interval analysis and Grobner basis computations.
This solver is implemented in the folder src/smt (in the unstable branch).
The arithmetic module is implemented in the files theory_arith*.
A good tracing command line option is -tr:after_reduce. It will display the set of constraints after pre-processing.
The bottleneck is the arithmetic module (theory_arith*).
Additional Remarks:
The problem is in a undecidable fragment: mixed integer & real nonlinear arithmetic. That is, it is impossible to write a sound and complete solver for this fragment. Of course, we can write a solver that solves instances we find in practice. I believe it is possible to extend nlsat to handle the to_int.
If you avoid to_int, you will be able to use nlsat. The problem will be in the nonlinear real arithmetic fragment. I understand that this may be hard, since the to_int seems to be a key thing in your encoding.
The code in the "unstable" branch at z3.codeplex.com is much better organized than the official version in the "master" branch. I will merge it with the "master" branch soon. You can retrieve the "unstable" branch if you want to play with the source code.
The "unstable" branch uses a new build system. You can build the release version with tracing support. You just have to use the option -t when generating the Makefile.
python scripts/mk_make.py -t
When Z3 is compiled in debug mode, the option AUTO_CONFIG=false by default. Thus, to reproduce the behavior of "release" mode, you must provide the command line option AUTO_CONFIG=true.