Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

compile error Visual Studio 2008 Windows 7 32 bit #3

Closed
muratgu opened this issue Mar 27, 2015 · 3 comments
Closed

compile error Visual Studio 2008 Windows 7 32 bit #3

muratgu opened this issue Mar 27, 2015 · 3 comments

Comments

@muratgu
Copy link

muratgu commented Mar 27, 2015

Getting a build error on Windows 7 32 bit machine.

>nmake

Microsoft (R) Program Maintenance Utility Version 9.00.30729.01
Copyright (C) Microsoft Corporation.  All rights reserved.

api_interp.cpp
z3-master\src\interp\iz3mgr.h(133) : error C2143: syntax error : missing ';' before '<'
z3-master\src\interp\iz3mgr.h(133) : error C2913: explicit specialization; 'std::less' is not a specialization of a class template
z3-master\src\interp\iz3mgr.h(133) : error C2059: syntax error : '<'
z3-master\src\interp\iz3mgr.h(133) : error C2143: syntax error : missing ';' before '{'
z3-master\src\interp\iz3mgr.h(133) : error C2447: '{' : missing function header (old-style formal list?)
NMAKE : fatal error U1077: '"\Programs\Common\Microsoft\Visual C++ for Python\9.0\VC\Bin\cl.EXE"' : return code '0x2'
Stop.
@capiman
Copy link

capiman commented Mar 27, 2015

You seem to use Visual Studio 2008?

I am seeing the same on 64 bit edition:
(Took sources revision ac21ffe)

d:\z3-master>python scripts/mk_make.py
New component: 'util'
New component: 'polynomial'
New component: 'sat'
New component: 'nlsat'
New component: 'hilbert'
New component: 'interval'
New component: 'realclosure'
New component: 'subpaving'
New component: 'ast'
New component: 'rewriter'
New component: 'normal_forms'
New component: 'model'
New component: 'tactic'
New component: 'substitution'
New component: 'parser_util'
New component: 'grobner'
New component: 'euclid'
New component: 'core_tactics'
New component: 'sat_tactic'
New component: 'arith_tactics'
New component: 'nlsat_tactic'
New component: 'subpaving_tactic'
New component: 'aig_tactic'
New component: 'solver'
New component: 'interp'
New component: 'cmd_context'
New component: 'extra_cmds'
New component: 'smt2parser'
New component: 'proof_checker'
New component: 'simplifier'
New component: 'fpa'
New component: 'macros'
New component: 'pattern'
New component: 'bit_blaster'
New component: 'smt_params'
New component: 'proto_model'
New component: 'smt'
New component: 'user_plugin'
New component: 'bv_tactics'
New component: 'fuzzing'
New component: 'fpa_tactics'
New component: 'smt_tactic'
New component: 'sls_tactic'
New component: 'qe'
New component: 'duality'
New component: 'muz'
New component: 'transforms'
New component: 'rel'
New component: 'pdr'
New component: 'clp'
New component: 'tab'
New component: 'bmc'
New component: 'duality_intf'
New component: 'fp'
New component: 'smtlogic_tactics'
New component: 'ufbv_tactic'
New component: 'portfolio'
New component: 'smtparser'
New component: 'api'
New component: 'shell'
New component: 'test'
New component: 'api_dll'
New component: 'dotnet'
New component: 'java'
New component: 'cpp'
Python bindings directory was detected.
New component: 'cpp_example'
New component: 'iz3'
New component: 'z3_tptp'
New component: 'c_example'
New component: 'maxsat'
New component: 'dotnet_example'
New component: 'java_example'
New component: 'py_example'
Generated 'src\util\version.h'
Updated 'src\api\dotnet\Properties\AssemblyInfo'
Generated 'src\api\dll\api_dll.def'
Generated 'src\ast\pp_params.hpp'
Generated 'src\ast\normal_forms\nnf_params.hpp'
Generated 'src\ast\pattern\pattern_inference_params_helper.hpp'
Generated 'src\ast\rewriter\arith_rewriter_params.hpp'
Generated 'src\ast\rewriter\array_rewriter_params.hpp'
Generated 'src\ast\rewriter\bool_rewriter_params.hpp'
Generated 'src\ast\rewriter\bv_rewriter_params.hpp'
Generated 'src\ast\rewriter\poly_rewriter_params.hpp'
Generated 'src\ast\rewriter\rewriter_params.hpp'
Generated 'src\ast\simplifier\arith_simplifier_params_helper.hpp'
Generated 'src\ast\simplifier\array_simplifier_params_helper.hpp'
Generated 'src\ast\simplifier\bv_simplifier_params_helper.hpp'
Generated 'src\interp\interp_params.hpp'
Generated 'src\math\polynomial\algebraic_params.hpp'
Generated 'src\math\realclosure\rcf_params.hpp'
Generated 'src\model\model_evaluator_params.hpp'
Generated 'src\model\model_params.hpp'
Generated 'src\muz\base\fixedpoint_params.hpp'
Generated 'src\nlsat\nlsat_params.hpp'
Generated 'src\parsers\util\parser_params.hpp'
Generated 'src\sat\sat_asymm_branch_params.hpp'
Generated 'src\sat\sat_params.hpp'
Generated 'src\sat\sat_scc_params.hpp'
Generated 'src\sat\sat_simplifier_params.hpp'
Generated 'src\smt\params\smt_params_helper.hpp'
Generated 'src\solver\combined_solver_params.hpp'
Generated 'src\tactic\sls\sls_params.hpp'
Generated 'src\ast\pattern\database.h'
Generated 'src\shell\install_tactic.cpp'
Generated 'src\test\install_tactic.cpp'
Generated 'src\api\dll\install_tactic.cpp'
Generated 'src\shell\mem_initializer.cpp'
Generated 'src\test\mem_initializer.cpp'
Generated 'src\api\dll\mem_initializer.cpp'
Generated 'src\shell\gparams_register_modules.cpp'
Generated 'src\test\gparams_register_modules.cpp'
Generated 'src\api\dll\gparams_register_modules.cpp'
Generated 'src\api\python\z3consts.py'
Generated 'src\api\dotnet\Enumerations.cs'
Generated 'src\api\api_log_macros.h'
Generated 'src\api\api_log_macros.cpp'
Generated 'src\api\api_commands.cpp'
Generated 'src\api\python\z3core.py'
Generated 'src\api\dotnet\Native.cs'
Listing src\api\python ...
Compiling src\api\python\z3.py ...
Compiling src\api\python\z3consts.py ...
Compiling src\api\python\z3core.py ...
Compiling src\api\python\z3num.py ...
Compiling src\api\python\z3poly.py ...
Compiling src\api\python\z3printer.py ...
Compiling src\api\python\z3rcf.py ...
Compiling src\api\python\z3test.py ...
Compiling src\api\python\z3types.py ...
Compiling src\api\python\z3util.py ...
Copied 'z3.py'
Copied 'z3consts.py'
Copied 'z3core.py'
Copied 'z3num.py'
Copied 'z3poly.py'
Copied 'z3printer.py'
Copied 'z3rcf.py'
Copied 'z3test.py'
Copied 'z3types.py'
Copied 'z3util.py'
Generated 'z3.pyc'
Generated 'z3consts.pyc'
Generated 'z3core.pyc'
Generated 'z3num.pyc'
Generated 'z3poly.pyc'
Generated 'z3printer.pyc'
Generated 'z3rcf.pyc'
Generated 'z3test.pyc'
Generated 'z3types.pyc'
Generated 'z3util.pyc'
64-bit: True
Writing build\Makefile
Copied Z3Py example 'example.py' to 'build'
Makefile was successfully generated.
compilation mode: Release
platform: x86
To build Z3, open a [Visual Studio Command Prompt], then
type 'cd d:\z3-master\build && nmake'

Remark: to open a Visual Studio Command Prompt, go to: "Start > All Programs > Visual Studio > Visual Studio Tools"

d:\z3-master>cd d:\z3-master\build && nmake

Microsoft (R) Program Maintenance Utility Version 9.00.21022.08
Copyright (C) Microsoft Corporation. All rights reserved.

cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
gparams_register_modules.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
install_tactic.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
main.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
mem_initializer.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_algebraic.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_arith.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_array.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_ast.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_ast_map.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_ast_vector.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_bv.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_commands.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_config_params.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_context.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_datalog.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_datatype.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_goal.cpp
cl : Command line warning D9002 : ignoring unknown option '/arch:SSE2'
api_interp.cpp
d:\z3-master\src\interp\iz3mgr.h(133) : error C2143: syntax error : missing ';' before '<'
d:\z3-master\src\interp\iz3mgr.h(133) : error C2913: explicit specialization; 'std::less' is not a specialization of a class
template
d:\z3-master\src\interp\iz3mgr.h(133) : error C2059: syntax error : '<'
d:\z3-master\src\interp\iz3mgr.h(133) : error C2143: syntax error : missing ';' before '{'
d:\z3-master\src\interp\iz3mgr.h(133) : error C2447: '{' : missing function header (old-style formal list?)
NMAKE : fatal error U1077: '"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\BIN\amd64\cl.EXE"' : return code '0x2'
Stop.

d:\z3-master\build>

@muratgu muratgu changed the title build error on windows 7 32 bit build error on Visual Studio 2008 windows 7 32 bit Mar 28, 2015
@muratgu muratgu changed the title build error on Visual Studio 2008 windows 7 32 bit compile error Visual Studio 2008 Windows 7 32 bit Mar 28, 2015
@wintersteiger
Copy link
Contributor

No message was added here, but I think this was solved by the fix by this. Could you check whether the problem still exists?

@muratgu
Copy link
Author

muratgu commented Apr 28, 2015

The build is now successful. Thank you.

@muratgu muratgu closed this as completed Apr 28, 2015
wintersteiger referenced this issue in wintersteiger/z3 Jun 15, 2015
wintersteiger referenced this issue in wintersteiger/z3 Feb 4, 2016
Performance fix for the 'core' sub-theory of QF_BV.
martin-neuhaeusser pushed a commit to martin-neuhaeusser/z3 that referenced this issue Apr 11, 2016
Improvements of the OCaml API implementation
NikolajBjorner referenced this issue in NikolajBjorner/z3 May 22, 2016
Added integration with base theory solver for LRA using lar_solver
@evmaus evmaus mentioned this issue May 24, 2019
Columpio pushed a commit to Columpio/z3 that referenced this issue Jun 7, 2021
NikolajBjorner pushed a commit that referenced this issue Aug 30, 2022
* Make spacer_sem_matcher::reset() public

* Add .clang-format for src/muz/spacer

* Mark substitution::get_bindings() as const

* Fix in spacer_antiunify

* Various helper methods in spacer_util

Minor functions to compute number of free variables, detect presence of certain
sub-expressions, etc.

The diff is ugly because of clang-format

* Add spacer_cluster for clustering lemmas

A cluster of lemmas is a set of lemmas that are all instances of the same
pattern, where a pattern is a qff formula with free variables.

Currently, the instances are required to be explicit, that is, they are all
obtained by substituting concrete values (i.e., numbers) for free variables of
the pattern.

Lemmas are clustered in cluster_db in each predicate transformer.

* Integrate spacer_cluster into spacer_context

* Custom clang-format pragmas for spacer_context

spacer_context.(cpp|h) are large and have inconsistent formatting. Disable
clang-format for them until merge with main z3 branch and re-format.

* Computation of convex closure and matrix kernel

Various LA functions. The implementations are somewhat preliminary.

Convex closure is simplemented via syntactic convex closure procedure.
Kernel computation considers many common cases.

spacer_arith_kernel_sage implements kernel computation by call external
Sage binary. It is used only for debugging and experiments. There is no
link dependence on Sage. If desired, it can be removed.

* Add spacer_concretize

* Utility methods for spacer conjecture rule

* Add spacer_expand_bnd_generalizer

Generalizes arithmetic inequality literals of the form x <= c,
by changing constant c to other constants found in the problem.

* Add spacer_global_generalizer

Global generalizer checks every new lemma against a cluster
of previously learned lemmas, and, if possible, conjectures
a new pob, that, when blocked, generalizes multiple existing
lemmas.

* Remove fp.spacer.print_json option

The option is used to dump state of spacer into json for debugging.

It has been replaced by `fp.spacer.trace_file` that allows dumping an execution
of spacer. The json file can be reconstructed from the trace file elsewhere.

* Workaround for segfault in spacer_proof_utils

Issue #3 in hgvk94/z3

Segfault in some proof reduction. Avoid by bailing out on reduction.

* Revert bug for incomplete models

* Use local fresh variables in spacer_global_generalizer

* Cleanup of spacer_convex_closure

* Allow arbitrary expressions to name cols in convex_closure

* WIP: convex closure

* WIP: convex closure

* Fix bindings order in spacer_global_generalizer

The matcher creates substitution using std_order, which is
reverse of expected order (variable 0 is last). Adjust the code
appropriately for that.

* Increase verbosity level for smt_context stats

* Dead code in qe_mbp

* bug fixes in spacer_global_generalizer::subsumer

* Partially remove dependence of size of m_alphas

I want m_alphas to potentially be greater than currently used alpha variables.
This is helpful for reusing them across multiple calls to convex closure

* Subtle bug in kernel computation

Coefficient was being passed by reference and, therefore, was
being changed indirectly.

In the process, updated the code to be more generic to avoid rational
computation in the middle of matrix manipulation.

* another test for sparse_matrix_ops::kernel

* Implementation of matrix kernel using Fraction Free Elimination

Ensures that the kernel is int for int matrices. All divisions are exact.

* clang-format sparse_matrix_ops.h

* another implementation of ffe kernel in sparse_matrix_ops

* Re-do arith_kernel and convex_closure

* update spacer_global_generalization for new subsumer

* remove spacer.gg.use_sage parameter

* cleanup of spacer_global_generalizer

* Removed dependency on sage

* fix in spacer_convex_closure

* spacer_sem_matcher: consider an additional semantic matching

disabled until it is shown useful

* spacer_global_generalizer: improve do_conjecture

 - if conjecture does not apply to pob, use lemma instead
 - better normalization
 - improve debug prints

* spacer_conjecture: formatting

* spacer_cluster: improve debug prints

* spacer_context: improve debug prints

* spacer_context: re-queue may pobs

enabled even if global re-queue is disabled

* spacer_cluster print formatting

* reset methods on pob

* cleanup of print and local variable names

* formatting

* reset generalization data once it has been used

* refactored extra pob creation during global guidance

* fix bug copying sparse matrix into spacer matrix

* bug fix in spacer_convex_closure

* formatting change in spacer_context

* spacer_cluster: get_min_lvl

chose level based on pob as well as lemmas

* spacer_context: add desired_level to pob

desired_level indicates at which level pob should be proved.
A pob will be pushed to desired_level if necessary

* spacer_context: renamed subsume stats

the name of success/failed was switched

* spacer_convex_closure: fix prototype of is_congruent_mod()

* spacer_convex_closure: hacks in infer_div_pred()

* spacer_util: do not expand literals with mod

By default, equality literal t=p is expanded into t<=p && t>=p

Disable the expansion in case t contains 'mod' operator since such
expansion is usually not helpful for divisibility

* spacer_util: rename m_util into m_arith

* spacer_util: cleanup normalize()

* spacer_util: formatting

* spacer_context: formatting cleanup on subsume and conjecture

* spacer_context: fix handling may pobs when abs_weakness is enabled

A pob might be undef, so weakness must be bumped up

* spacer_arith_kernel: enhance debug print

* spacer_global_generalizer: improve matching on conjecture

* spacer_global_generalizer: set desired level on conjecture pob

* spacer_global_generalizer: debug print

* spacer_global_generalizer: set min level on new pobs

the new level should not be higher than the pob that was generalized

* spacer_global_generalizer: do no re-create closed pobs

If a generalized pob exist and closed, do not re-create it.

* spacer_context: normalize twice

* spacer_context: forward propagate only same kind of pobs

* sketch of inductive generalizer

A better implementation of inductive generalizer that in addition to dropping
literals also attempts to weaken them.

Current implementation is a sketch to be extended based on examples/requirements.

* fix ordering in spacer_cluster_util

* fix resetting of substitution matcher in spacer_conjecture

Old code would forget to reset the substitution provided to the sem_matcher.
Thus, if the substitution was matched once (i.e., one literal of interest is
found), no other literal would be matched.

* add spacer_util is_normalized() method

used for debugging only

* simplify normalization of pob expressions

pob expressions are normalized to increase syntactic matching.
Some of the normalization rules seem out of place, so removing them for now.

* fix in spacer_global_generalizer

If conjecture fails, do not try other generalization strategies -- they will not apply.

* fix in spacer_context

do not check that may pob is blocked by existing lemmas.
It is likely to be blocked. Our goal is to block it again and generalize
to a new lemma.

This can be further improved by moving directly to generalization when pob is
blocked by existing lemmas...

Co-authored-by: hgvk94 <[email protected]>
mtzguido added a commit to mtzguido/z3 that referenced this issue Jun 23, 2023
…junctions

After introducing the rewriter.sort_disjunctions option, I noticed a
segfault in a Z3 run that was working fine for me.

I traced the difference to a slight discrepancy between the first patch
I submitted and the one we ended up merging: my first version would skip
sorting the disjuncts in mk_nflat_core, but still return BR_DONE, while
the patch in master returns BR_FAILED instead.

This patch fixes the problem for me, and it makes slightly more sense
to me to return a BR_DONE since, if `s` is true, some disjunct (e.g. a
`false` or a repeat) might have been simplified away. However I don't
fully understand this code.

.. and I can't say I understand why the segfault happens. Perhaps that
is a separate issue?

This is the file to reproduce:
 https://gist.github.com/mtzguido/b7360c74d3d2e42d89f1bd9149ad26f6

Here's a stack trace of the failure, mk_nflat_or_core is not involved.
```
 (gdb) where
 #0  0x0000555555b98497 in smt::context::get_lit_assignment(unsigned int) const ()
 Z3Prover#1  0x0000555555b984cb in smt::context::get_assignment(sat::literal) const ()
 Z3Prover#2  0x0000555555b98504 in smt::context::get_assignment(unsigned int) const ()
 Z3Prover#3  0x0000555555ca83b8 in smt::context::get_assignment_core(expr*) const ()
 Z3Prover#4  0x0000555555c9af5a in smt::context::get_assignment(expr*) const ()
 Z3Prover#5  0x0000555555d7bd1d in (anonymous namespace)::has_child_assigned_to(smt::context&, app*, lbool, expr*&, unsigned int) ()
 Z3Prover#6  0x0000555555d7c413 in (anonymous namespace)::rel_case_split_queue::next_case_split_core(ptr_vector<expr>&, unsigned int&, unsigned int&, lbool&) ()
 Z3Prover#7  0x0000555555d7c589 in (anonymous namespace)::rel_case_split_queue::next_case_split(unsigned int&, lbool&) ()
 Z3Prover#8  0x0000555555c9c1b7 in smt::context::decide() ()
 Z3Prover#9  0x0000555555ca39fd in smt::context::bounded_search() ()
 Z3Prover#10 0x0000555555ca30c2 in smt::context::search() ()
 Z3Prover#11 0x0000555555ca273d in smt::context::check(unsigned int, expr* const*, bool) ()
 Z3Prover#12 0x0000555555cb166a in smt::kernel::check(unsigned int, expr* const*) ()
 Z3Prover#13 0x0000555555cb9695 in (anonymous namespace)::smt_solver::check_sat_core2(unsigned int, expr* const*) ()
 Z3Prover#14 0x00005555560dc0c6 in solver_na2as::check_sat_core(unsigned int, expr* const*) ()
 Z3Prover#15 0x00005555560d73f3 in combined_solver::check_sat_core(unsigned int, expr* const*) ()
 Z3Prover#16 0x00005555560d34e3 in solver::check_sat(unsigned int, expr* const*) ()
 Z3Prover#17 0x0000555556097b26 in cmd_context::check_sat(unsigned int, expr* const*) ()
 Z3Prover#18 0x0000555556082ff0 in smt2::parser::parse_check_sat() ()
 Z3Prover#19 0x0000555556084dc0 in smt2::parser::parse_cmd() ()
 Z3Prover#20 0x00005555560861b6 in smt2::parser::operator()() ()
 Z3Prover#21 0x00005555560757e6 in parse_smt2_commands(cmd_context&, std::basic_istream<char, std::char_traits<char> >&, bool, params_ref const&, char const*) ()
 Z3Prover#22 0x00005555555e8f68 in read_smtlib2_commands(char const*) ()
 Z3Prover#23 0x00005555555ee6f6 in main ()
 (gdb)
```
mtzguido added a commit to mtzguido/z3 that referenced this issue Jun 23, 2023
…junctions

After introducing the rewriter.sort_disjunctions option (Z3Prover#6774), I
noticed a segfault in a Z3 run that was working fine for me before the
PR.

I traced the difference to a slight discrepancy between the first patch
I submitted and the one we ended up merging: my first version would skip
sorting the disjuncts in mk_nflat_core, but still return BR_DONE, while
the patch in master returns BR_FAILED instead.

This patch fixes that problem, and it makes slightly more sense to me to
return a BR_DONE since, if `s` is true, some disjunct (e.g. a `false`
or a repeat) might have been simplified away. However I don't fully
understand this code.

... and I can't say I understand why the segfault happens. Perhaps that
is a separate issue?

This is the file to reproduce:
 https://gist.github.com/mtzguido/b7360c74d3d2e42d89f1bd9149ad26f6

Here's a stack trace of the failure, mk_nflat_or_core is not involved.
```
 (gdb) where
 #0  0x0000555555b98497 in smt::context::get_lit_assignment(unsigned int) const ()
 Z3Prover#1  0x0000555555b984cb in smt::context::get_assignment(sat::literal) const ()
 Z3Prover#2  0x0000555555b98504 in smt::context::get_assignment(unsigned int) const ()
 Z3Prover#3  0x0000555555ca83b8 in smt::context::get_assignment_core(expr*) const ()
 Z3Prover#4  0x0000555555c9af5a in smt::context::get_assignment(expr*) const ()
 Z3Prover#5  0x0000555555d7bd1d in (anonymous namespace)::has_child_assigned_to(smt::context&, app*, lbool, expr*&, unsigned int) ()
 Z3Prover#6  0x0000555555d7c413 in (anonymous namespace)::rel_case_split_queue::next_case_split_core(ptr_vector<expr>&, unsigned int&, unsigned int&, lbool&) ()
 Z3Prover#7  0x0000555555d7c589 in (anonymous namespace)::rel_case_split_queue::next_case_split(unsigned int&, lbool&) ()
 Z3Prover#8  0x0000555555c9c1b7 in smt::context::decide() ()
 Z3Prover#9  0x0000555555ca39fd in smt::context::bounded_search() ()
 Z3Prover#10 0x0000555555ca30c2 in smt::context::search() ()
 Z3Prover#11 0x0000555555ca273d in smt::context::check(unsigned int, expr* const*, bool) ()
 Z3Prover#12 0x0000555555cb166a in smt::kernel::check(unsigned int, expr* const*) ()
 Z3Prover#13 0x0000555555cb9695 in (anonymous namespace)::smt_solver::check_sat_core2(unsigned int, expr* const*) ()
 Z3Prover#14 0x00005555560dc0c6 in solver_na2as::check_sat_core(unsigned int, expr* const*) ()
 Z3Prover#15 0x00005555560d73f3 in combined_solver::check_sat_core(unsigned int, expr* const*) ()
 Z3Prover#16 0x00005555560d34e3 in solver::check_sat(unsigned int, expr* const*) ()
 Z3Prover#17 0x0000555556097b26 in cmd_context::check_sat(unsigned int, expr* const*) ()
 Z3Prover#18 0x0000555556082ff0 in smt2::parser::parse_check_sat() ()
 Z3Prover#19 0x0000555556084dc0 in smt2::parser::parse_cmd() ()
 Z3Prover#20 0x00005555560861b6 in smt2::parser::operator()() ()
 Z3Prover#21 0x00005555560757e6 in parse_smt2_commands(cmd_context&, std::basic_istream<char, std::char_traits<char> >&, bool, params_ref const&, char const*) ()
 Z3Prover#22 0x00005555555e8f68 in read_smtlib2_commands(char const*) ()
 Z3Prover#23 0x00005555555ee6f6 in main ()
 (gdb)
```
NikolajBjorner pushed a commit that referenced this issue Jun 23, 2023
…junctions (#6779)

After introducing the rewriter.sort_disjunctions option (#6774), I
noticed a segfault in a Z3 run that was working fine for me before the
PR.

I traced the difference to a slight discrepancy between the first patch
I submitted and the one we ended up merging: my first version would skip
sorting the disjuncts in mk_nflat_core, but still return BR_DONE, while
the patch in master returns BR_FAILED instead.

This patch fixes that problem, and it makes slightly more sense to me to
return a BR_DONE since, if `s` is true, some disjunct (e.g. a `false`
or a repeat) might have been simplified away. However I don't fully
understand this code.

... and I can't say I understand why the segfault happens. Perhaps that
is a separate issue?

This is the file to reproduce:
 https://gist.github.com/mtzguido/b7360c74d3d2e42d89f1bd9149ad26f6

Here's a stack trace of the failure, mk_nflat_or_core is not involved.
```
 (gdb) where
 #0  0x0000555555b98497 in smt::context::get_lit_assignment(unsigned int) const ()
 #1  0x0000555555b984cb in smt::context::get_assignment(sat::literal) const ()
 #2  0x0000555555b98504 in smt::context::get_assignment(unsigned int) const ()
 #3  0x0000555555ca83b8 in smt::context::get_assignment_core(expr*) const ()
 #4  0x0000555555c9af5a in smt::context::get_assignment(expr*) const ()
 #5  0x0000555555d7bd1d in (anonymous namespace)::has_child_assigned_to(smt::context&, app*, lbool, expr*&, unsigned int) ()
 #6  0x0000555555d7c413 in (anonymous namespace)::rel_case_split_queue::next_case_split_core(ptr_vector<expr>&, unsigned int&, unsigned int&, lbool&) ()
 #7  0x0000555555d7c589 in (anonymous namespace)::rel_case_split_queue::next_case_split(unsigned int&, lbool&) ()
 #8  0x0000555555c9c1b7 in smt::context::decide() ()
 #9  0x0000555555ca39fd in smt::context::bounded_search() ()
 #10 0x0000555555ca30c2 in smt::context::search() ()
 #11 0x0000555555ca273d in smt::context::check(unsigned int, expr* const*, bool) ()
 #12 0x0000555555cb166a in smt::kernel::check(unsigned int, expr* const*) ()
 #13 0x0000555555cb9695 in (anonymous namespace)::smt_solver::check_sat_core2(unsigned int, expr* const*) ()
 #14 0x00005555560dc0c6 in solver_na2as::check_sat_core(unsigned int, expr* const*) ()
 #15 0x00005555560d73f3 in combined_solver::check_sat_core(unsigned int, expr* const*) ()
 #16 0x00005555560d34e3 in solver::check_sat(unsigned int, expr* const*) ()
 #17 0x0000555556097b26 in cmd_context::check_sat(unsigned int, expr* const*) ()
 #18 0x0000555556082ff0 in smt2::parser::parse_check_sat() ()
 #19 0x0000555556084dc0 in smt2::parser::parse_cmd() ()
 #20 0x00005555560861b6 in smt2::parser::operator()() ()
 #21 0x00005555560757e6 in parse_smt2_commands(cmd_context&, std::basic_istream<char, std::char_traits<char> >&, bool, params_ref const&, char const*) ()
 #22 0x00005555555e8f68 in read_smtlib2_commands(char const*) ()
 #23 0x00005555555ee6f6 in main ()
 (gdb)
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants