The fix is to remove a hack that used a theory rewriter to simplify
the conversion. Now the conversion happens less often than possible.
Will need more thinking to fix properly.
The unsoundness at this point would cause SPACER to generate lemmas
that do not block a proof obligation and then get stuck in an infinite loop
blocking and generating the same lemma.
* When pretty-printing SMTLIB2, ensure that Z3 uses the correct syntax for 'push'
Signed-off-by: Andrew V. Jones <andrew.jones@vector.com>
* When pretty-printing SMTLIB2, ensure that Z3 uses the correct syntax for 'pop'
Signed-off-by: Andrew V. Jones <andrew.jones@vector.com>
* flag when quantified lemmas are added to smt_context
* When solver returns unknown but cannot create child, return unknown
* handle unknowns when qlemmas and weak_abs are turned on
Spacer has a different defintion of is_clause() than ast_util.
It is currently only used in assertions.
Main difference:
x=y
where x and y are Bool atoms is considered to be an atom, so that
(or (= x y) (not (= z y)))
is a literal
Co-authored-by: Arie Gurfinkel <arie.gurfinkel@uwaterloo.ca>
better proof generation for the case when the query is reachable from initial
states. This case needs to be handled better so that spacer can assume
the problem is non-trivial.
Fixes a bug in computation of implicants inside spacer.
The instance now returns `unknown`. The root cause is the difference in what
proofs are in spacer and SMT. Spacer returns a proof of query, but horn_tactic
expects a proof of FALSE.
* [spacer] logging solver events
New option fp.spacer.trace_file='file.log' enables logging solving events
into a file.
These events are useful for debugging the solver, but also for visualizing
the solving process in a variety of ways
* [spacer] allow setting logic for solvers used by spacer
* [spacer] option to set arithmetic solver explicitly
* [spacer] improve of dumping solver_pool state for debugging
* fix propagate_ineqs to handle strict inequality
Co-authored-by: Nham Van Le <nv3le@precious3.eng.uwaterloo.ca>
Must check that newly constructed generalization blocks
the proof obligation.
Was only checking that generalization is entailed by the transition system!
