It happens sometimes that e.g. the internalizer goes above the soft memory limit
But since it's only by a small amount, when the exception propagates back to the context, some stuff
has been freed already and we are not longer above the memory threshold
Just delete these asserts
* replace u_set by indexed_uint_set
* replace u_set by indexed_uint_set
* create insert-fresh and insert for indexed_uint_set to make use cases with non-fresh inserts easier
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
* update nightly to pull arm
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
* update nightly to pull arm
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
* fixing the build of lp_tst
* update nightly to pull arm
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
* replace u_set by indexed_uint_set
* replace u_set by indexed_uint_set
* fixing the build of lp_tst
* remove unnecessery call to contains() before
insert to indexed_uint_set
* formatting, no check for contains()
in indexed_uint_set, always init m_touched_rows to nullptr
---------
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
Co-authored-by: Nikolaj Bjorner <nbjorner@microsoft.com>
* qe_lite: cleanup and comment
no change to code
* mbp_arrays: refactor out partial equality (peq)
Partial array equality, PEQ, is used as an intermediate
expression during MBP for arrays. We need to factor it out
so that it can be shared between MBP-QEL and existing MBP.
Partial array equality (peq) is used in MBP for arrays.
Factoring this out to be used by multiple MBP implementations.
* rewriter: new rewrite rules
These rules are specializes for terms that are created in QEL.
QEL commit is comming later
* datatype_rw: new rewrite rule for ADTs
The rule handles this special case:
(cons (head x) (tail x)) --> x
* array_rewriter rules for rewriting PEQs
Special rules to simplify PEQs
* th_rewriter: wire PEQ simplifications
* spacer_iuc: avoid terms with default in IUC
Spacer prfers to not have a term representing default value of an array.
This guides IUC from picking such terms in interpolation
* mbp_term_graph: replace root with repr
* mbp_term_graph: formatting
* mbp_term_graph: class_props, getters, setters
Class properties allow to keep information for an equivalence class.
Getters and setters for terms allow accessing information
* mbp_term_graph: auxiliary methods for qel
QEL commit is comming later in the history
* mbp_term_graph: bug fix
* mbp_term_graph: pick, refine repr, compute cgrnd
* mbp_term_graph: internalize deq
* mbp_term_graph: constructor
* mbp_term_graph: optionally internalize equalities
Reperesent equalities explicitly by nodes in the term_graph
* qel
* formatting
* comments on term_lt
* get terms and other api for mbp_qel
* plugins for mbp_qel
* mbp_qel_util: utilities for mbp_qel
* qe_mbp: QEL-based mbp
* qel: expose QEL API
* spacer: replace qe_lite in qe_project_spacer by qel
This changes the default projection engine that spacer uses.
* cmd_context: debug commands for qel and mbp_qel
New commands are
mbp-qel -- MBP with term graphs
qel -- QEL with term graphs
qe-lite -- older qelite
* qe_mbp: model-based rewriters for arrays
* qe_mbp: QEL-based projection functions
* qsat: wire in QEL-based mbp
* qsat: debug code
* qsat: maybe a bug fix
Changed the code to follow the paper by adding all predicates above a given
level, not just predicates of immediately preceding level.
* chore: use new api to create solver in qsat
* mbp_term_graph use all_of idiom
* feat: solver for integer multiplication
* array_peq: formatting, no change to code
* mbp_qel_util: block comment + format
* mbt_term_graph: clang-format
* bug fix. Move dt rewrite to qe_mbp
* array_peq: add header
* run clang format on mbp plugins
* clang format on mul solver
* format do-while
* format
* format do-while
* update release notes
---------
Co-authored-by: hgvk94 <hgvk94@gmail.com>
Co-authored-by: Isabel Garcia <igarciac@uwaterloo.ca>
this will allow copying the solver state within a scope.
The new solver state has its state at level 0. It is not possible to pop scopes from the new solver (you can still pop scopes from the original solver). The reason for this semantics is the relative difficulty of implementing (getting it right) of a state copy that preserves scopes.
The bulk of the functionality using these was removed between
Z3 4.4.1 and 4.5.0, back in 2015.
Co-authored-by: Bruce Mitchener <bruce.mitchener@configura.com>
remove bv_eq_axioms as an external option to toggle.
Diseqalities have to be enforced for extensionality.
There are no internal code paths where the option is set to false.
An initial update to support polymorphism from SMTLIB3 and the API (so far C, Python).
The WIP SMTLIB3 format is assumed to be supporting the following declaration
```
(declare-type-var A)
```
Whenever A is used in a type signature of a function/constant or bound quantified variable, it is taken to mean that all instantiations of A are included in the signature and assertions.
For example, if the function f is declared with signature A -> A, then there is a version of f for all instances of A.
The semantics of polymorphism appears to follow previous proposals: the instances are effectively different functions.
This may clash with some other notions, such as the type signature forall 'a . 'a -> 'a would be inhabited by a unique function (the identity), while this is not enforced in this version (and hopefully never because it is more busy work).
The C API has the function 'Z3_mk_type_variable' to create a type variable and applying functions modulo polymorphic type signatures is possible.
The kind Z3_TYPE_VAR is added to sort discriminators.
This version is considered as early alpha. It passes a first rudimentary unit test involving quantified axioms, declare-fun, define-fun, and define-fun-rec.
* patching merge
* fix the format and some warnings
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* a fix in the delta calculation
* test patching
* try a new version of get_patching_deltas
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* remove dead code from lp_tst and try optimizing patching
* add comments, replace VERIFY with lp_assert
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* cleanup
---------
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
After introducing the rewriter.sort_disjunctions option (#6774), I
noticed a segfault in a Z3 run that was working fine for me before the
PR.
I traced the difference to a slight discrepancy between the first patch
I submitted and the one we ended up merging: my first version would skip
sorting the disjuncts in mk_nflat_core, but still return BR_DONE, while
the patch in master returns BR_FAILED instead.
This patch fixes that problem, and it makes slightly more sense to me to
return a BR_DONE since, if `s` is true, some disjunct (e.g. a `false`
or a repeat) might have been simplified away. However I don't fully
understand this code.
... and I can't say I understand why the segfault happens. Perhaps that
is a separate issue?
This is the file to reproduce:
https://gist.github.com/mtzguido/b7360c74d3d2e42d89f1bd9149ad26f6
Here's a stack trace of the failure, mk_nflat_or_core is not involved.
```
(gdb) where
#0 0x0000555555b98497 in smt::context::get_lit_assignment(unsigned int) const ()
#1 0x0000555555b984cb in smt::context::get_assignment(sat::literal) const ()
#2 0x0000555555b98504 in smt::context::get_assignment(unsigned int) const ()
#3 0x0000555555ca83b8 in smt::context::get_assignment_core(expr*) const ()
#4 0x0000555555c9af5a in smt::context::get_assignment(expr*) const ()
#5 0x0000555555d7bd1d in (anonymous namespace)::has_child_assigned_to(smt::context&, app*, lbool, expr*&, unsigned int) ()
#6 0x0000555555d7c413 in (anonymous namespace)::rel_case_split_queue::next_case_split_core(ptr_vector<expr>&, unsigned int&, unsigned int&, lbool&) ()
#7 0x0000555555d7c589 in (anonymous namespace)::rel_case_split_queue::next_case_split(unsigned int&, lbool&) ()
#8 0x0000555555c9c1b7 in smt::context::decide() ()
#9 0x0000555555ca39fd in smt::context::bounded_search() ()
#10 0x0000555555ca30c2 in smt::context::search() ()
#11 0x0000555555ca273d in smt::context::check(unsigned int, expr* const*, bool) ()
#12 0x0000555555cb166a in smt::kernel::check(unsigned int, expr* const*) ()
#13 0x0000555555cb9695 in (anonymous namespace)::smt_solver::check_sat_core2(unsigned int, expr* const*) ()
#14 0x00005555560dc0c6 in solver_na2as::check_sat_core(unsigned int, expr* const*) ()
#15 0x00005555560d73f3 in combined_solver::check_sat_core(unsigned int, expr* const*) ()
#16 0x00005555560d34e3 in solver::check_sat(unsigned int, expr* const*) ()
#17 0x0000555556097b26 in cmd_context::check_sat(unsigned int, expr* const*) ()
#18 0x0000555556082ff0 in smt2::parser::parse_check_sat() ()
#19 0x0000555556084dc0 in smt2::parser::parse_cmd() ()
#20 0x00005555560861b6 in smt2::parser::operator()() ()
#21 0x00005555560757e6 in parse_smt2_commands(cmd_context&, std::basic_istream<char, std::char_traits<char> >&, bool, params_ref const&, char const*) ()
#22 0x00005555555e8f68 in read_smtlib2_commands(char const*) ()
#23 0x00005555555ee6f6 in main ()
(gdb)
```
* patterns: add option for pattern decomposition (pi.decompose_patterns)
True by default, retaining current behavior.
* rewriter: add option for sorting of disjunctions (rewriter.sort_disjunctions)
True by default, retaining current behavior.
* use heap to track infeasible columns
* fix the formatting
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
---------
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
check-assumptions with compound formulas create fresh proxy variables both during compilation to internal format and for the assumptions. These fresh variables may occur in lemmas that are created during search. The lemmas are garbage for future check-sats, but the solver needs to be allowed to invoke GC. Adding a GC call before a check-sat with assumptions allows removing some lemmas every time a new assumptions are used. Eager GC when using assumptions is used elsewhere, for example in cube&conquer scenarios where lemmas learned from one set of assumptions are less likely to be useful for other assumptions.
With the GC invocation memory grows at a lesser pace. However, it is not entirely free of memory increases. To avoid memory bloat, have the solver pre-compile the assumptions by defining them as propositional variables, add assertions that the propositional variables are equivalent to the compound formulas and use the propositional variables as assumptions. The same propositional variables come with no extra overhead when invoking check-assumptions. The lemmas are then over the same fixed vocabulary. It is generally a good idea to recycle useful lemmas during the enumeration pass.
destructive equality resolution uses an occurs check function that is only safe for quantifier-free formulas. In the special case where a bound variable is Boolean and occurs on a side of an equality the other side cannot have a quantifier.
Fix missing <cstdint> include in src/util/tptr.h that causes build
failure with GCC 13:
```
In file included from /tmp/z3/src/util/region.cpp:53:
/tmp/z3/src/util/region.cpp: In member function ‘void* region::allocate(size_t)’:
/tmp/z3/src/util/tptr.h:29:62: error: ‘uintptr_t’ does not name a type
29 | #define ALIGN(T, PTR) reinterpret_cast<T>(((reinterpret_cast<uintptr_t>(PTR) >> PTR_ALIGNMENT) + \
| ^~~~~~~~~
/tmp/z3/src/util/region.cpp:82:22: note: in expansion of macro ‘ALIGN’
82 | m_curr_ptr = ALIGN(char *, new_curr_ptr);
| ^~~~~
/tmp/z3/src/util/region.cpp:57:1: note: ‘uintptr_t’ is defined in header ‘<cstdint>’; did you forget to ‘#include <cstdint>’?
56 | #include "util/page.h"
+++ |+#include <cstdint>
57 |
```
* Logical names for function declarations in c++
Currently, for example, the function declaration symbol member for
checking whether multiplication *does not* overflow is called
`m_bv_smul_ovfl`. Since we are introducing the upcoming smtlib2 symbols
that check that multpliciation *does* overflow, the not overflow check
symbols are renamed to `m_bv_smul_no_ovfl` etc.
* Implement smtlib overflow preds for multiplication
Smtlib2 is being extended to include overflow predicates for bit
vectors (see https://groups.google.com/u/1/g/smt-lib/c/J4D99wT0aKI).
This commit introduces the predicates `bvumulo` and `bvsmulo` that
return `true` if the unsigned multiplication overflows or the signed
multiplication underflows or overflows, respectively.
* Move mul overflow predicates to BV logic
* Add a todo on illogical argument order
* Implement mk_unary_pred for bv
* Implement bvnego
* Implement bvuaddo
* Implement bvsaddo
* Implement bvusubo
* Implement bvssubo
* Implement bvsdivo
* implement Optimize class for the high level Typescript API
* javascript and wasm: add _malloc to exported functions
fix the bug https://github.com/Z3Prover/z3/issues/6709
* javascript: add tests for the Optimize class
* javascript: no reason that minimize and optimize must be constants
- scan_for_linear returns true if it finds a new linear equation. It then should break GB.
- if scan_for_linear returns false, it should still allow try_modify_eqs.
This behavior was masked by requiring scan_for_linear to always be true before
allowing try_to_modify_eqs.
based on repro from Guido Martinez @mtzguido
deals with fluke regression for F* reported by Guido Martinez
Background:
The automatic pattern inference facility looks for terms that contains all bound variables of a quantifier. It may end up with a term that contains all bound variables but the extracted term can be simplified.
Example. The pattern
(ApplyTT (ApplyTT @x3!1 (ApplyTT @x4!0 (:var 1))) (ApplyTT @x4!0 (:var 0)))
can be decomposed into a multi-pattern
(ApplyTT @x4!0 (:var 1))) (ApplyTT @x4!0 (:var 0))
The multi-pattern may enable a quantifier instantiation while the original pattern does not. The multi-pattern should be preferred.
The regression showed up based on a change that should not be considered harmful but turned out to be noticeable.
The change was a simplification of and-or expressions based on sorting. This played with the case split queue used by F* (smt.case_split = 3) that uses a top-level case split of clauses to avoid redundant branches. The net effect was that without sorting, the benchmarks would always choose the opportune branch that enabled matching against the larger term. With sorting it would mostly choose inopportune branches.
* before rm lu
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm get_column_in_lu_mode
* rm lu
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm lu
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm_lp
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm_lu
* rm lu
* rm lu
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm lu
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm lu
* rm lu
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm lu
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm lu
* cleanup
* rm breakpoints
* rm dealing with doubles
* Revert "rm dealing with doubles"
This reverts commit 547254abe7.
* rm lu
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm lu
* rm lu
* rm scaler
* rm square_sparse_matrix
* more cleanup
* rm dead code
* rp precise
* remove many methods dealing with double
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* rm lu related fields from lp_core_solver_base.h
* remove dead code
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* more dead code removal
* remove more dead code
* more dead code
* rm dead code
* more dead code
* fix lp_tst
* more dead code
* replace lp_assert(false) with UNREACHABLE
* rm non feas costs
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
* fix the build
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
---------
Signed-off-by: Lev Nachmanson <levnach@hotmail.com>
Hello, I was looking at the different api string conversions for FuncEntry and I believe that the ml version is incorrect? Clearly we want the argument(`c`) to be comma separated from the accumulated string `p`. The current implementation just so happens to have most of the arguments separated, but the order is flipped and one of the commas is misplaced.
- add option pp.no_lets (default = false) to print formulas without let (used by the low-level SMT2 printer).
- print lemmas2console faster by using the low level printer
