From 06a41980e6bbdfea136dca122097f89c7c9d34ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Basile=20Cl=C3=A9ment?= Date: Wed, 13 Sep 2023 17:22:53 +0200 Subject: [PATCH] Do not discard `bvnot` applied to uninterpreted terms In PR #745 we correctly handled the case where uninterpreted terms appear deep within a bit-vector terms, but we accidentally missed the case where the whole bit-vector is itself an uninterpreted term, leading to unsoundness (see the attached test). This patch fixes the code to properly deal with `bvnot` applied to an uninterpreted term. --- src/lib/reasoners/bitv.ml | 16 ++++++-------- .../bitv/testfile-bvnot-term.dolmen.expected | 2 ++ tests/bitv/testfile-bvnot-term.dolmen.smt2 | 7 ++++++ tests/dune.inc | 22 +++++++++++++++++++ 4 files changed, 38 insertions(+), 9 deletions(-) create mode 100644 tests/bitv/testfile-bvnot-term.dolmen.expected create mode 100644 tests/bitv/testfile-bvnot-term.dolmen.smt2 diff --git a/src/lib/reasoners/bitv.ml b/src/lib/reasoners/bitv.ml index 4eab14800..9732eb51e 100644 --- a/src/lib/reasoners/bitv.ml +++ b/src/lib/reasoners/bitv.ml @@ -250,15 +250,13 @@ module Shostak(X : ALIEN) = struct let other ~neg t sz ctx = let r, ctx' = X.make t in let ctx = List.rev_append ctx' ctx in - match X.extract r with - | Some bv -> - if neg then - try negate_abstract bv, ctx with - | Failure _ -> - [ { bv = Other (X.term_embed (E.BV.bvnot t)); sz } ], ctx - else - bv, ctx - | None -> [ { bv = Other r; sz } ], ctx + let bv = embed r in + if neg then + try negate_abstract bv, ctx with + | Failure _ -> + [ { bv = Other (X.term_embed (E.BV.bvnot t)); sz } ], ctx + else + bv, ctx let extract_st i j ({ bv; sz } as st) = match bv with diff --git a/tests/bitv/testfile-bvnot-term.dolmen.expected b/tests/bitv/testfile-bvnot-term.dolmen.expected new file mode 100644 index 000000000..a6e005255 --- /dev/null +++ b/tests/bitv/testfile-bvnot-term.dolmen.expected @@ -0,0 +1,2 @@ + +unknown diff --git a/tests/bitv/testfile-bvnot-term.dolmen.smt2 b/tests/bitv/testfile-bvnot-term.dolmen.smt2 new file mode 100644 index 000000000..fe478a577 --- /dev/null +++ b/tests/bitv/testfile-bvnot-term.dolmen.smt2 @@ -0,0 +1,7 @@ +(set-logic BV) + +(declare-const x (_ BitVec 4)) +(declare-const y (_ BitVec 4)) +(assert (= x (bvnot y))) +(assert (distinct y x)) +(check-sat) diff --git a/tests/dune.inc b/tests/dune.inc index a73f23378..b94a3f7f2 100644 --- a/tests/dune.inc +++ b/tests/dune.inc @@ -123314,6 +123314,28 @@ (diff testfile-bvnot.dolmen.expected testfile-bvnot.dolmen_dolmen.output))) + (rule + (target testfile-bvnot-term.dolmen_dolmen.output) + (deps (:input testfile-bvnot-term.dolmen.smt2)) + (package alt-ergo) + (action + (chdir %{workspace_root} + (with-stdout-to %{target} + (ignore-stderr + (with-accepted-exit-codes 0 + (run %{bin:alt-ergo} + --timelimit=2 + --enable-assertions + --output=smtlib2 + --frontend dolmen + %{input}))))))) + (rule + (alias runtest-quick) + (package alt-ergo) + (action + (diff + testfile-bvnot-term.dolmen.expected + testfile-bvnot-term.dolmen_dolmen.output))) (rule (target testfile-bitv023_ci_cdcl_no_minimal_bj.output) (deps (:input testfile-bitv023.ae))