smt

问题 This question is related to my previous question Is it possible to get a legit range info when using a SMT constraint with Z3 So it seems that "efficiently" finding the maximum range info is not proper, given typical 32-bit vectors and so on. But on the other hand, I am thinking whether it is feasible to find certain "sub-maximum" range info, which hopefully becomes more efficient. Another thing is that we may want to have certain "safe" guarantee, say for all elements in the sub-maximum

问题 Given is a function and a description of its behavior: add: (ℤ ∪ {Error, None})² → (ℤ ∪ {Error, None}) For x ∈ (ℤ ∪ {Error, None}): add(x, None) = add(None, x) = None For x ∈ (ℤ ∪ {Error}): add(x, Error) = add(Error, x) = Error For x, y ∈ ℤ: add(x, y) = x + y How can I transform this description to SMT (I'm using Z3) and check whether the description defines a total function? To give you an idea what I want to achieve: in the end I want to generate Python code implementing this function with

问题 Can somebody help me in pointing out what will be the best encoding of following equation using first order formula so as to give it as input to the SMT solver?? x`=Ax+b 回答1: You can encode the differential equation easily in Z3 as it is just a set of n linear (affine) functions over n^2 + n real constants (n^2 from a_ij, n from b_i) and n real variables (x_i). You can encode this directly in Z3. dotx_1 = a_11 * x_1 + a_12 * x_2 + a_13 * x_3 + ... + a_1n * x_n + b_1 dotx_2 = a_21 * x_1 + a_22

问题 I have a big boolean formula to solve, due to the reason of the redaction, I have to paste an image here: Also, I have already a function area to measure the dimension of 4 integers: area(c,d,e,f)=|c−d|×|e−f| I would like to do more than just figuring out if the formula is satisfiable: I am looking for an optimal 6-tuple (a,b,c,d,e,f) which makes the big formula TRUE and area(c,d,e,f) is greater or equal to the dimension of any other 6-tuple which also satisfies the formula. In other word,

问题 This is a simple bit vector problem: import z3 s = z3.Tactic('bv').solver() m = z3.Function('m', z3.BitVecSort(32), z3.BitVecSort(32)) a, b = z3.BitVecs('a b', 32) axioms = [ a == m(12432), z3.Not(a == b) ] s.add(axioms) print(s.check()) Python crashes with error code 139. Please note that, this is not my real problem, so I must use bit vector tactic in my project, though it doesn't have any problem with smt tactic or even qfbv tactic. 回答1: It seems to be a bug in 4.4.0. With 4.4.0 and Ubuntu

问题 Is division by zero included in QF_NRA? The SMT-LIB standard is confusing in this matter. The paper where the standard is defined simply does not discuss this point, in fact NRA and QF_NRA do not appear anywhere in that document. Some information is provided on the standard website. Reals are defined as including: - all terms of the form (/ m n) or (/ (- m) n) where - m is a numeral other than 0, - n is a numeral other than 0 and 1, - as integers, m and n have no common factors besides 1.

问题 I am inferring a Function(var1) and I only care about the values of this function when 0 <= var1 <= 10 and I know, when 0 <= var <= 10, 0 <= Function(var1) <= 10. A common way (I guess) to constrain the search space of the Function is something like asserting constraints like (in z3py): for i in range(11): solver.add(And(Function(i)>=0,Function(i)<=10)) My question is that: is there a better way so that I can constrain the search space of Function? Something like setting upperbound/lowerbound

问题 I am using the Z3 SMT solver by Microsoft, and I am trying to define constants of a custom sort. It seems like such constants are not unequal by default. Suppose you have the following program: (declare-sort S 0) (declare-const x S) (declare-const y S) (assert (= x y)) (check-sat) This will give "sat", because it is of course perfectly possible that two constants of the same sort are equal. Since I am making model in which constants have to be different from each other, this means that I

问题 I notice that the Z3 C++ (and C) API allows you to supply the logic to be used. I have two questions about this that I couldn't answer by looking online: Are these supposed to be the standard SMT-LIB logics i.e. QF_LRA When are these worth supplying i.e. when will Z3 actually use this information My context is mainly QF no BV but everything else possible, I am using the SMT solver incrementally and I can always work out what logic I will be in at the start. 回答1: Z3 will also try to figure out

问题 I am writing to inquire the theory/algorithm behind the Z3 Optimize function, especially for its maximum and minimum function. This seems pretty magic to me. Is it somehow a binary search or so? How can it efficiently figure out the max/min value here..? I tried to search for the source code of the related functions (e.g., the execute_min_max function), but without a deep understanding about the terms there, it does not make too much sense to me... Basically what does lex stand for here? It