Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid model for string index when symbolic string is not contained in the other string #875

Closed
tlringer opened this issue Jan 24, 2017 · 3 comments
Closed

Invalid model for string index when symbolic string is not contained in the other string #875

tlringer opened this issue Jan 24, 2017 · 3 comments

Comments

@tlringer
Copy link

Hi again, I have another invalid model with strings. Here I am checking that whenever one string does not contain the other, there is no index at which the other string appears as a substring of the first string:

(set-option :model-validate true)

(declare-fun c0 () String)
(declare-fun c1 () String)
(declare-fun c2 () Int)
(assert (<= 0 (str.indexof c0 c1 c2)))
(assert (not (str.contains c0 c1)))
(assert (< c2 (str.len c0)))
(check-sat)

(get-model)

Z3 returns a negative index, then recognizes that it is an invalid model:

sat
(error "line 9 column 10: an invalid model was generated")
(model 
  (define-fun c2 () Int
    (- 1))
  (define-fun c0 () String
    "")
  (define-fun c1 () String
    "\x00")
)

I know that str.at is undefined with negative offset -- here it looks like Z3 is generating a negative offset for string.index. Is this defined? The line that fails with that model is:

(assert (<= 0 (str.indexof c0 c1 c2)))

Should I be constraining c2 to always be greater than or equal to zero myself?

Thanks again!

Talia
@tlringer
Copy link
Author

tlringer commented Jan 24, 2017
edited

If I add an extra line that constrains c2 to be greater than or equal to zero:

(set-option :model-validate true)

(declare-fun c0 () String)
(declare-fun c1 () String)
(declare-fun c2 () Int)
(assert (<= 0 (str.indexof c0 c1 c2)))
(assert (not (str.contains c0 c1)))
(assert (< c2 (str.len c0)))
(assert (<= 0 c2))
(check-sat)

(get-model)

Then Z3 times out. (Maybe that is just generally a hard query, though.)

NikolajBjorner added a commit that referenced this issue Jan 26, 2017
@NikolajBjorner
fix part 1 of #875
777091e 
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
@NikolajBjorner
Copy link
Contributor

My axiomatization had some things left to be desired. Perhaps still have, but it now addresses the issues you report.

@NikolajBjorner
Copy link
Contributor

this is fixed.

nunoplopes added a commit that referenced this issue Jan 3, 2023
@nunoplopes
fix Alive bug #875: bit blaster not respecting soft memory limit
e508ef1
hgvk94 pushed a commit to hgvk94/z3 that referenced this issue Mar 27, 2023
@nunoplopes @hgvk94
fix Alive bug Z3Prover#875: bit blaster not respecting soft memory limit
d939fa6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@NikolajBjorner @tlringer