Let's say I have a pretty simple SMT problem - some free variables and some constrains С on them. I also have an extra constraint EC. I want to prefer a solution when both C an EC are met and fallback to C-only solution if this is impossible.
How should I call check-sat in this case? Intuition tells me something like this:
(assert C)
(push)
(assert EC)
(check-sat)
<dance happy dance if it worked, or ...>
(pop)
(check-sat)
But I suspect that pop will wipe all the knowledge solver has mined, and the second check-sat will start from scratch.
I can try
(assert C)
(check-sat)
(push)
(assert EC)
(check-sat)
<dance happy dance if it worked, or ...>
(pop)
(check-sat)
The question is - can I be sure than the last (check-sat) will be a no-op, because there already was a call to check-sat with the same constraint set?
You write:
But I suspect that pop will wipe all the knowledge solver has mined, and the second check-sat will start from scratch.
Not necessarily. Learned clauses that depend only on C do not need to be discarded at pop(), although it is always safe to do so. This may be solver dependent.
The question is - can I be sure than the last (check-sat) will be a no-op, because there already was a call to check-sat with the same constraint set?
I wouldn't expect an SMT solver to remember that the previous check-sat was satisfiable, the previous model or even the previous sequence of decisions that lead to the SAT conclusion (after you asserted and checked something else). Nonetheless, the last check-sat should be much cheaper than the first check, because learned clauses don't need to be generated twice.
Focusing on pure SMT solvers, one option would be to use the API rather than the SMT-LIB interface so that one can simply save the SAT model after the first check-sat and there is no need of a third check-sat after pop().
What you probably want is to encode your problem as a MaxSMT problem.
Definition 2.3.4. (Partial Weighted MaxSMT, Partial MaxSMT, Weighted MaxSMT).
A Partial Weighted MaxSMT problem is a pair <φ_h, φ_s>
where φ_h is the set of "hard" T-clauses, and φ_s is a
collection of positive-weighted "soft" T-clauses of the form
<C_i, w_i>, and the goal is to find the maximum-weight set
of T-clauses ψ_s, ψ_s ⊆ φ_s, such that φ_h ∪ ψ_s is
T-satisfiable [NO06, CFG+10, ABP+11b, CGSS13a].
A Partial MaxSMT problem is a Partial Weighted MaxSMT problem
in which all "soft" T-clauses in φ_s have a unitary weight.
A Weighted MaxSMT problem is a Partial Weighted MaxSMT
problem in which the set of "hard" T-clauses φ_h is empty.
[source, p. 40]
In this case, you would assert EC as one, or more, soft clauses.
Let's say EC is a list of constraints ec_1, ..., ec_k, there are two cases:
you want all ec_1, ..., ec_k to be satisfied at the same time; then you would write:
(assert C)
(assert-soft EC)
(check-sat)
(get-model)
you want the largest possible subset of EC to be satisfied at the same time; then you would write:
(assert c)
(assert-soft ec_1)
(assert-soft ...)
(assert-soft ec_k)
(check-sat)
(get-model)
MaxSMT is supported by OMT solvers like Barcelogic, OptiMathSAT and Z3.
Related
A bug in VerCors generated some silver that looks like:
field f: Int
method test(n: Int, x: Ref)
requires n == 100
requires acc(x.f, wildcard * n)
{}
Viper seems to accept this, but I don't understand what it would mean, if anything.
Intuitively, it means that the callee obtains a tiny (but non-zero) permission amount — times n. In effect, this should be no different from just obtaining the tiny amount (i.e. acc(x.f, wildcard)), although one can maybe engineer contrived situations, in probably involving perm, in which it makes a difference.
Bottom line: The example is indeed somewhat confusing and the semantics not totally obvious, but everything is well defined.
I'm new to OCL and currently trying to figure out how to do invariants.
I attached a picture with the diagramm I'm working on.
https://imgur.com/1ucZq5w
The invariants that I'm trying to resolve are :
a) A player has 0 or 2 cards in hand.
Context Player
inv i1: self.card->size()=0 or self.card->size()=2
b) A player, who has not played any rounds, can't have more Game Capital than the maximal Buy-In of the table.
Context Player
inv i2: self.numberOfRounds=0 implies (self.gameCapital < self.Table.maxBuyIn)
c) At every table can be only players that belong to different users
Context Player
inv i3: Player.UserAccount.allInstances().userID->isUnique()
I'm not sure if 'allInstances()' is supposed to go after Player or after PlayerAccount.
And I don't know what I'm supposed to do with the 'At every table' part of the text.
There are two more points that I really don't know how to do.
d) In the deck are 52 cards, which differ from eachother through color or value
e) The inputs of all players that still have cards in the hand are equal when bidDone True.
Can you please tell me if what I've done until now is correct and maybe some advice or solution for d) and e)?
Any help is appreciated!
Seems plausible, but I would recommend sensible names, since a validation tool will tend to report that e.g Constraint Player::i2 is not satisfied for ...
b) looks to have a < / <= bug
c) allInstances takes a type source so "Player." is wrong. allInstances is generally very inefficient to execute so should only be used as a last resort. In your case it is clearly wrong since your scope is "at every Table". You should be using context Table and then reasoning about the players at the table.
d) if you rephrase "differ from" as "is unique with respect to", you can perhaps see how you could use a Tuple of color+value as the basis for uniqueness.
e) no idea what an input is, but it just seems like a cascade of implies clauses.
In SubL (aka sub-lisp) what function may one use to determine is one class is a subclass of another?
I know that e.g. (genls #$Automobile) will return a list of concepts like #$RoadVehicle #$WheeledTransportationDevice but is there some sort of boolean function I can call that given two classes tells me if one is the subclass of another?
I've tried (genls-p #$Automobile #$RoadVehicle) in e.g. the SubL interactor and get "GENLS-P is not fboundp."
I suppose David Whitten is technically correct, i.e. you can roll your own function called genls-p. However, please be aware that there is already a function in SubL that does what you want genls-p to do (and it is likely much faster than a hand-rolled function).
That function is called "genls?".
Here are some examples:
If you put....
(genls? #$Automobile #$RoadVehicle)
...into some SubL interpreter (e.g. the SubL Interactor on the GUI), it will return...
T
....In other words, if you ask Cyc "Is automobile a subclass of the road-vehicle?" it will answer T meaning true, i.e. "yes".
Likewise, if you put something like...
(genls? #$Automobile #$BaseKB)
...into a SubL interpreter, it will return...
NIL
...In other words if you ask it "Is automobile a subclass of the BaseKB, i.e. the most general context that makes the weakest assumptions about the universe", then Cyc will answer NIL, i.e. False, i.e. "No".
Note that microtheories can sometimes cause confusing results. Consider the following illustrative examples:
(genls? #$Ghost #$SupernaturalBeing) ==> NIL
However, if you ask this question within a context with appropriate assumptions beliefs about the world you will get not NIL but T as the result. E.g.
(with-mt #$WorldMythologyMt (genls? #$Ghost #$SupernaturalBeing)) ==> T
...Whereas in a microtheory that is less superstitious, more scientific such as #$LinnaeanTaxonomyPhysiologyMt you will get NIL, not T as the result...
(with-mt #$LinnaeanTaxonomyPhysiologyMt (genls? #$Ghost #$SupernaturalBeing)) ==> NIL
...and if you ask this in that most general, weakest assumption microtheory known as BaseKB you will also get NIL....
(with-mt #$BaseKB (genls? #$Ghost #$SupernaturalBeing)) ==>
...Sometimes you will want to ignore the complexities of microtheories and collapse across microtheories. I think this is one way to do that...
(with-all-mts (#$genls? #$Ghost #$SupernaturalBeing)) ==> T
...although be forewarned that you may get self-contradictory results. E.g. If you had...
"The earth is a flat object" in a 'flat earth beliefs microtheory'
..and...
"The earth is a round object" in a 'general scientific consensus microtheory'
...you might get Cyc to return a self-contradictory answer that the earth was both a flat and a round object. In most practical applications. you can just get away with not worrying about such contradictions and thus with-all-mts is an okay bet.
I hope I haven't confused you.
To recap the most important point, if you want to achieve the kind of functionality you desire this SubL expression will serve you well...
(genls? #$Automobile RoadVehicle)
the message that genls-p is not fboundp tells you that you can create a function that is indeed a "f"-unctional "bound" "p"-redicate thusly:
(define genls-p (a b) (ret (pif (member b (genls a)) T nil))
so you can then use the function the way you expect:
CYC(167): (genls-p #$Automobile #$RoadVehicle)
[Time: 0.0 secs]
T
CYC(168): (genls-p #$BaseKB #$RoadVehicle)
[Time: 0.0 secs]
NIL
David Whitten
whitten#netcom.com
713-870-3834
I have the following facts in dlv, knows (X,Y) means X knows Y.
knows(adam, dan).
knows(adam,alice).
knows(adam,peter).
knows(adam,eva).
knows(dan, adam).
knows(dan,alice).
knows(dan,peter).
knows(eva, alice).
knows(eva,peter).
knows(alice, peter).
knows(peter, alice).
I have defined the following predicates,
person(X) :- knows(X, _).
This will give all the persons from the facts. I am trying to find a predicate popular(X). that will give the popular person. It is defined such that if all persons knows X then X is popular. The answer for the above list of facts is alice and peter. I defined it as below,
popular(X):-person(X),knows(_,X).
X is popular if its a person and everyone knows X. But I am getting all persons as the result when I run it. Where am I making a mistake?
As per the comment string on the original post, you have defined popular to be "a person that is known by someone". Since - in your knowledge base - everyone is known by someone, everyone is popular.
Assuming "a popular person is one whom everyone knows but the popular person knows only other popular persons"; if we want to know if X is popular:
We either need to count all the people that know X and then compare that to the number of people;
Or we need to verify that it is never the case that someone doesn't know X.
I'll focus on the second way to do this, using forall. Take sometime and run some tests on your own to understand how that works. Here's an example of what you might do:
popular(X): - person(X),
forall(
( person(Y),
X \= Y
),
knows(Y,X)
).
If you run this, you get Alice and Peter as answers.
But if we include the other condition:
popular(X): - person(X),
forall(
( person(Y),
X \= Y
),
knows(Y,X)
),
forall(
knows(X,Z),
popular(Z)
).
That last line says X needs to know people that are popular exclusively... and now, if you run this, you're most likely going to get a 'out of local stack' - it's a bottomless recursive definition.
You always need to check if someone is popular to know if someone is popular to know if someone is popular... Try to think about the problem and why that is. Is there a way to check if someone is popular without needing to check if someone else is popular? What if someone 'knows' themselves? What if two people know each other? This might take a slightly more complex approach to solve.
By the way, notice that your definition of person returns multiple people - everyone is a person for every person they know. Besides making every check take a lot longer (since there are more 'people' to check), this might be a problem if you decide to go with the firs approach (the counting one).
Wouldn't it make sense to define explicitly who are the people and then define 'knowing' as a relation between people?
person('Alice').
person('Bob').
knows('Alice','Bob').
As said in lurker's comment (with slight modification and emphasis by me), the reason you get all persons as a result is
You have defined person as: X is a person if X knows someone. And you've defined popular as: X is popular if X is a person and someone knows X.
But you wanted to define: X is popular if X is a person and everyone knows X.
The following is an ASP solution for clingo 4. DLV might have slight differences in syntax.
% Project
person(P) :- knows(P, _).
% Separate helper predicate knows2/2.
% Not needed if polluting knows/2 with knows(X, X) is OK.
knows2(O, P) :- knows(O, P).
knows2(P, P) :- person(P).
% Everybody knows a popular person.
% When there is a person O that doesn't know P, #false is active.
% I.e. all rule instantiations where some O doesn't know P are discarded.
popular(P) :- person(P), #false : person(O), not knows2(O, P).
% Popular person knows only other popular persons.
% Redundant at this point, since the above rule already results
% in correct answer without further integrity constraints.
:- person(P), person(O), popular(P), not popular(O), knows(P, O).
#show popular/1.
This is a problem that's been nagging at me for some time, and I wonder if anyone here can help.
I have a PLT Redex model of a language called lambdaLVar that is more or less a garden-variety untyped lambda calculus, but extended with a store containing "lattice variables", or LVars. An LVar is a variable whose value can only increase over time, where the meaning of "increase" is given by a partially ordered set (aka a lattice) that the user of the language specifies. Therefore lambdaLVar is really a family of languages -- instantiate it with one lattice and you get one language; with a different lattice, and you get another. You can take a look at the code here; the important stuff is in lambdaLVar.rkt.
In the on-paper definition of lambdaLVar, the language definition is parameterized by that user-specified lattice. For a long time, I've wanted to do the same kind of parameterization in the Redex model, but so far, I haven't been able to figure out how. Part of the trouble is that the grammar of the language depends on how the user instantiates the lattice: elements of the lattice become terminals in the grammar. I don't know how to express a grammar in Redex that is abstract over the lattice.
In the meantime, I tried to make lambdaLVar.rkt as modular as I could. The language defined in that file is specialized to a particular lattice: natural numbers with max as the least-upper-bound (lub) operation. (Or, equivalently, natural numbers ordered by <=. It's a very boring lattice.) The only parts of the code that are specific to that lattice are the line (define lub-op max) near the top, and natural appearing in the grammar. (There's a lub metafunction that is defined in terms of the user-specified lub-op function. The latter is just a Racket function, so lub has to escape out to Racket to call lub-op.)
Barring the ability to actually specify lambdaLVar in a way that is abstract over the choice of lattice, it seems like I ought to be able to write a version of lambdaLVar with the most bare-bones of lattices -- just Bot and Top elements, where Bot <= Top -- and then use define-extended-language to add more stuff. For instance, I could define a language called lambdaLVar-nats that is specialized to the naturals lattice I described:
;; Grammar for elements of a lattice of natural numbers.
(define-extended-language lambdaLVar-nats
lambdaLVar
(StoreVal .... ;; Extend the original language
natural))
;; All we have to specify is the lub operation; leq is implicitly <=
(define-metafunction/extension lub lambdaLVar-nats
lub-nats : d d -> d
[(lub-nats d_1 d_2) ,(max (term d_1) (term d_2))])
Then, to replace the two reduction relations slow-rr and fast-rr that I had for lambdaLVar, I could define a couple of wrappers:
(define nats-slow-rr
(extend-reduction-relation slow-rr
lambdaLVar-nats))
(define nats-fast-rr
(extend-reduction-relation fast-rr
lambdaLVar-nats))
My understanding from the documentation on extend-reduction-relation is that it should reinterpret the rules in slow-rr and fast-rr, but using lambdaLVar-nats. Putting all this together, I tried running the test suite that I had with one of the new, extended reduction relations:
> (program-test-suite nats-slow-rr)
The first thing I get is a contract violation complaint: small-step-base: input (((l 3)) new) at position 1 does not match its contract. The contract line of small-step-base is just #:contract (small-step-base Config Config), where Config is a grammar nonterminal that has a new meaning if reinterpreted under lambdaLVar-nats than it did under lambdaLVar, because of the specific lattice stuff. As an experiment, I got rid of the contracts onsmall-step-base and small-step-slow.
I was then able to actually run my 19 test programs, but 10 of them fail. Perhaps unsurprisingly, all the ones that fail are programs that use natural-number-valued LVars in some way. (The rest are "pure" programs that don't interact with the store of LVars at all.) So, the tests that fail are exactly the ones that use the extended grammar.
So I kept following the rabbit hole, and it seems like Redex wants me to extend all of the existing judgment forms and metafunctions to be associated with lambdaLVar-nats rather than lambdaLVar. That makes sense, and it seems to work OK for judgment forms as far as I can tell, but with metafunctions I get into trouble: I want the new metafunction to overload the old one of the same name (because existing judgment forms are using it) and there doesn't seem to be a way to do that. If I have to rename the metafunctions, it defeats the purpose, because I'll have to write whole new judgment forms anyway. I suppose that what I want is a sort of late binding of metafunction calls!
My question in a nutshell: Is there any way in Redex to parameterize the definition of a language in the way I want, or to extend the definition of a language in a way that will do what I want? Will I end up just having to write Redex-generating macros?
Thanks for reading!
I asked the Racket users mailing list; the thread begins here. To summarize the resulting discussion: In Redex as it stands today, the answer is no, there is no way to parameterize a language definition in the way I want. However, it should be possible in a future version of Redex with a module system, which is in the works right now.
It also doesn't work to try to use Redex's existing extension forms (define-extended-language, extend-reduction-relation, and so on) in the way I tried to do here, because -- as I discovered -- the original metafunctions do not get transitively reinterpreted to use the extended languages. But a module system would apparently help with this, too, because it would allow you to package up metafunctions, judgment-forms, and reduction relations together and simultaneously extend them (see the discussion here).
So, for now, the answer is, indeed, to write a Redex-generating macro. Something like this works:
(define-syntax-rule (define-lambdaLVar-language name lub-op lattice-values ...)
(begin
;; Entire original Redex model goes here, with `natural` replaced with
;; `lattice-values ...`, and instances of `...` replaced with `(... ...)`
))
And then you can instantiate particular lattices with, e.g.,:
(define-lambdaLVar-language lambdaLVar-nat max natural)
I hope Redex does get modules soon, but in the meantime, this seems to work well.