3
0
Fork 0
mirror of https://github.com/Z3Prover/z3 synced 2025-10-25 00:44:36 +00:00
Commit graph

17526 commits

Author SHA1 Message Date
Nikolaj Bjorner
a099972354 fix #5714
It is not unlike other fuzz bugs: it exercises some behavior that applications are unlikely to expose. In this case, a rule body expanded into a conjunction with more than 1M formulas (with a lot of repetition). The original rule representation assumed silently that the number of constraints in a body would fit within 20 bits, but reality allowed bodies with as many as 2^{32} - 1 constraints.
So "minimizing" the bug as @agurfinkel asks for seems not to make too much sense.

Just running the samples in debug mode  points to the root cause.

Since fuzz bugs are not from applications and fuzz tools have the potential for creating a large number of issues, I find it reasonable to push some basic pro-active asks on filers:

- reproduce bug in debug builds to assess whether a debug assert triggers.
- minimize or keep it simpler when possible (in this case it does not apply)
- perform basic diagnostics/triage. I am basically asking to push this part of the work on to the fuzzer. Otherwise, addressing random bugs doesn't scale. Triaging should have pointed to the root cause.

Now, there tends to be something to learn from bugs. In this case, the question was: "can we avoid constraints with duplications"? In particular, it points to a basic inefficiency of extracting conjunctions (and disjunctions). The function didn't deduplicate. So I added deduplication into this function. It is used throughout z3 code base so could expose latent issues. We will see.
2021-12-16 10:20:53 -08:00
Nikolaj Bjorner
dd6a11b526 fix #5715 2021-12-16 09:35:54 -08:00
Nikolaj Bjorner
2caa7e6e45 remove EnumToNative as it drops reference counts, fixes #5713 2021-12-16 03:22:54 -08:00
Nikolaj Bjorner
8f8d88bc9d ups 2021-12-15 14:13:01 -08:00
Nikolaj Bjorner
02369647a0 add functionality for bit-wise and 2021-12-15 14:07:53 -08:00
Nikolaj Bjorner
c9472b01fe fixes
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-15 11:45:25 -08:00
Margus Veanes
2be93870c8
Cleanup regex info and some fixes in Derivative code (#5709)
* removed unused regex info fields

* cleanup of info and fixes in antimirov derivatives

* removed extra qualification on operator
2021-12-15 10:59:34 -08:00
Nikolaj Bjorner
4eb3f5c630 elaborate on narrow
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-15 10:17:42 -08:00
Nikolaj Bjorner
a6684824c1 elaborate on narrow
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-15 10:13:33 -08:00
Nikolaj Bjorner
12fe964ea5 na
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-15 09:32:09 -08:00
Nikolaj Bjorner
a2aa1170f9 rename to op-constraint to give space for other operations
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-15 09:20:11 -08:00
Nikolaj Bjorner
bc1e44ab71 fill in some use cases 2021-12-14 19:51:30 -08:00
Nikolaj Bjorner
79bc33b88e na 2021-12-14 19:42:19 -08:00
Nikolaj Bjorner
134831283f space 2021-12-14 19:25:53 -08:00
Nikolaj Bjorner
6eb6eb39a4 more of shr 2021-12-14 19:23:31 -08:00
Nikolaj Bjorner
842e9234c9 remove pragma 2021-12-14 14:38:12 -08:00
Nikolaj Bjorner
06f7ba2e78 add stubs for shr 2021-12-14 14:35:08 -08:00
Nikolaj Bjorner
3b58f548f7 remove dead code 2021-12-14 13:42:52 -08:00
Nikolaj Bjorner
03b5380a20 na 2021-12-14 13:39:52 -08:00
Nikolaj Bjorner
934564882c na
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-14 12:34:34 -08:00
Nikolaj Bjorner
b1d167de5b fix co-factoring'
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-14 10:12:38 -08:00
Nikolaj Bjorner
5348af3c4c fix co-factoring
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-14 10:05:09 -08:00
Nikolaj Bjorner
f40becf099 remove case for non-emptiness to combine with standard membership
as part of revising engine for addressing #5693
2021-12-13 18:17:40 -08:00
Nikolaj Bjorner
b2af7ea68f stdout
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-13 15:19:29 -08:00
Nikolaj Bjorner
9ec0f94ab9 hoisting out blocker for empty
#5693
2021-12-13 14:25:05 -08:00
Nikolaj Bjorner
8c2735e68b prepare for diseq_lin viable 2021-12-13 12:00:19 -08:00
Nikolaj Bjorner
fcdf8d4948 include atomic
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-13 11:40:45 -08:00
Nikolaj Bjorner
651b41f8c0 refactor fi functionality 2021-12-13 11:39:15 -08:00
Nikolaj Bjorner
ca3251b152 add widening in all cases 2021-12-13 10:55:03 -08:00
Nikolaj Bjorner
c7da31a67d na
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-13 10:24:42 -08:00
Nikolaj Bjorner
b85f2f7e86 #5704 2021-12-12 21:10:07 -08:00
Nikolaj Bjorner
0a7e003709 this one is for you Nuno
- pull request might have new bugs given that build is broken.
- this test doesn't expose race conditions under simple tests, yet. It is a starting point.
- run under cuzz (app-verifier) should expose races, this is what it was made for.
2021-12-12 17:51:05 -08:00
Nikolaj Bjorner
33d433d742 split out restart 2021-12-12 17:27:30 -08:00
Nikolaj Bjorner
30a2c32c3b add placeholder for simplification 2021-12-12 14:52:09 -08:00
Nikolaj Bjorner
d80b375ac3 accelerate 2021-12-12 14:33:57 -08:00
Nikolaj Bjorner
96e871c826 add stub for testing updates to scoped_timer
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-12 12:31:23 -08:00
Nikolaj Bjorner
7bf76dd1f6 finally!
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-12 10:26:54 -08:00
Nikolaj Bjorner
f1d46b58a4 na
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-11 17:38:09 -08:00
Nikolaj Bjorner
59acd77981 n
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-11 13:01:08 -08:00
Nikolaj Bjorner
91c95aab16 Merge branch 'polysat' of https://github.com/z3prover/z3 into polysat 2021-12-11 08:41:17 -08:00
Nikolaj Bjorner
83efb1413a na 2021-12-11 08:41:04 -08:00
Nikolaj Bjorner
4c2231897f more general simplification 2021-12-10 04:45:48 -08:00
Nikolaj Bjorner
9c3489ba4b na 2021-12-09 15:58:23 -08:00
Nikolaj Bjorner
bf258ee29d add bit shorthand 2021-12-09 15:25:44 -08:00
Calvin Loncaric
0405a597d4
Fix return type of as_int64 (#5703) 2021-12-09 14:39:38 -08:00
Nikolaj Bjorner
a4fc63c542 initial overflow test
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-09 14:39:00 -08:00
Nikolaj Bjorner
99e2247ccb ovfl
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-09 13:15:59 -08:00
Nikolaj Bjorner
51fa40ece5 fix spelling 2021-12-09 10:23:37 -08:00
Nikolaj Bjorner
dcdbbfb925 na
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-09 09:50:53 -08:00
Nikolaj Bjorner
bd08d766d2 na
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
2021-12-09 09:44:45 -08:00