Call to `eval` times-out

Question

Leonardo: Thanks for quick replies! Much appreciated.

If I feed the following script to Z3:

(set-option :MBQI true)
(set-option :produce-models true)
(declare-fun s1 ((_ BitVec 16)) (_ BitVec 16))
(assert (forall ((s0 (_ BitVec 16))) (bvuge s0 (s1 s0))))
(check-sat)
(get-model)
(eval (s1 #x0000))

Z3 successfully constructs the model, where s1 is given the identity function. However, the call to eval causes Z3 to timeout. Is there a particular option I need to set?

Also, I noticed that if I remove the line:

(set-option :MBQI true)

Then Z3 responds unknown. Since QBVF is decidable, that was a bit surprising that I needed to set an option. Is it the case that we should be setting MBQI to true in all QBVF problems, or is there something particular about this instance?

Thanks..

Answer 1

Z3 has several engines for handling quantifiers: E-matching, MBQI, superposition, etc. Although QBVF is a decidable fragment, only the MBQI engine can decide it. The E-matching module is only effective in showing that formulas are unsatisfiable. It will always fail (return unknown) for satisfiable instances. The superposition module is effective in pure (no theories) first-order logic formulas.

In some versions of Z3, the MBQI module is not enabled by default because it is very expensive. Some applications, such as VCC and Spec#, use very complex quantified formulas that are not in any decidable fragment that can be supported by MBQI. So, the MBQI module is just overhead for these applications. In Z3 3.1 (available for download in the Z3 website), MBQI is enabled by default.

In the forthcoming Z3 3.2, the logic UFBV will be officially supported. UFBV is the SMT-LIB name for QBVF. So, you will be able to use (set-logic UFBV) and Z3 will automatically configure itself for this logic.

Regarding the eval command, this is a bug, I will fix it. The fix will be available in Z3 3.2.