Add support for sets to the arrays encoding #1093
Conversation
…into ro/tla-sets-as-smt-arrays
…into ro/tla-sets-as-smt-arrays
…into ro/tla-sets-as-smt-arrays
…into ro/tla-sets-as-smt-arrays � Conflicts: � tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/passes/BoundedCheckerPassImpl.scala
…into ro/tla-sets-as-smt-arrays
… and wrong ssa treatment during incremental solving
…into ro/tla-sets-as-smt-arrays
…into ro/tla-sets-as-smt-arrays � Conflicts: � UNRELEASED.md
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/SymbStateRewriterAutoWithArrays.scala
Show resolved
Hide resolved
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/rules/EqRuleWithArrays.scala
Outdated
Show resolved
Hide resolved
| val rightDomain = state.arena.getDom(powsetCell) | ||
| val rightDomainElems = state.arena.getHas(rightDomain) | ||
| // EqConstraints need to be generated, since missing in-relations, e.g. in sets of tuples, will lead to errors. | ||
| // TODO: Inlining this method is pointless. We should consider handling tuples and other structures natively in SMT. |
There was a problem hiding this comment.
Good point. We should figure out how to deal with records that can be used as discriminated unions. Perhaps, ADTs should help us.
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/rules/SetInRuleWithArrays.scala
Outdated
Show resolved
Hide resolved
Co-authored-by: Igor Konnov <igor@informal.systems>
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/rules/SetInRuleWithArrays.scala
Outdated
Show resolved
Hide resolved
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/smt/SolverConfig.scala
Outdated
Show resolved
Hide resolved
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/smt/Z3SolverContext.scala
Show resolved
Hide resolved
…verConfig.scala Co-authored-by: Igor Konnov <igor@informal.systems>
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/SymbStateRewriterImplWithArrays.scala
Outdated
Show resolved
Hide resolved
| case (FinSetT(_), FinSetT(_)) => | ||
| subset(rightState, leftCell, rightCell, false) | ||
|
|
||
| case (FinSetT(FinSetT(t1)), PowSetT(FinSetT(t2))) => | ||
| if (t1 != t2) { | ||
| throw new RewriterException( | ||
| "Unexpected set types: %s and %s in %s" | ||
| .format(t1, t2, state.ex), state.ex) | ||
| } else { | ||
| subset(rightState, leftCell, rightCell, true) | ||
| } | ||
|
|
||
| case _ => |
There was a problem hiding this comment.
Technically, the case PowSetT(FinSetT(t1)), FinSetT(FinSetT(t1) should be possible too, no? Suboptimal, but not illegal.
There was a problem hiding this comment.
This is equal to the original SetInclusionRule rule. I didn't think much about it since an exception is already thrown there. If we make a change it should be in both encodings I think. Maybe in a separate PR?
There was a problem hiding this comment.
There is case _ => that throws an exception below. So it will be reported as an error. Perhaps, we should throw a better exception there that indicates that this case is not supported.
There was a problem hiding this comment.
Yeah, but shouldn't
A == {1,2}
B == SUBSET A \subseteq { x \in SUBSET A: \A y \in x: y < 5 } \* <=> SUBSET A \subseteq SUBSET A <=> TRUE
translate into exactly the case where the LHS is a PowSetT and the RHS is a standard FinSetT because of the filter?
You can't throw on this example.
There was a problem hiding this comment.
I am not sure. You can try this example and see what happens. Maybe the left-hand side will get expanded. If it does not, we should fix ExpansionMarker to do that.
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/smt/Z3SolverContext.scala
Outdated
Show resolved
Hide resolved
tla-bmcmt/src/test/scala/at/forsyte/apalache/tla/bmcmt/EncodingBase.scala
Outdated
Show resolved
Hide resolved
tla-bmcmt/src/main/scala/at/forsyte/apalache/tla/bmcmt/rules/SetInRuleWithArrays.scala
Outdated
Show resolved
Hide resolved
| // The updated set is cached here, it needs to be added to a predicate later, via "getInPred". | ||
| // The inStored map is used to ensure that the first call to "getInPred" related to the declared inPred will | ||
| // return a "store", and the subsequent calls will return a "select". | ||
| inCache += ((set.id, elem.id) -> (updatedSet, level)) | ||
| inStored += ((set.id, elem.id) -> List((false, level))) |
There was a problem hiding this comment.
This looks like an error-prone approach. What happens if a rewriting rule does not use inPred at all and then store is used in a random place somewhere? An alternative would be to explicitly introduce two operators in ApalacheOper: store and select. These would be auxiliary operators that only appear in the internals of Apalache.
There was a problem hiding this comment.
The point about using the cache wrongly could be made about any of the caches in the solver context. inStored is currently used only in declareInPredIfNeeded and getInPred.
I like the idea of adding store and select, I haven't though of adding new ApalacheOper before.
| // inPred can either represent an array update, i.e. a "store", or an array access, i.e. a "select", as the | ||
| // the current implementation is adhering to the interface made for the original encoding. | ||
| // TODO: Should we split this method and abandon the concept of an in-relation? |
There was a problem hiding this comment.
Yes, I would prefer having store and select as operators in the Apalache IR, as it seems you need them.
tla-bmcmt/src/test/scala/at/forsyte/apalache/tla/bmcmt/TestRewriterWithOOPSLA19.scala
Show resolved
Hide resolved
The PR contains rules for all set operators in the map, excluding the ones flagged at the bottom. Most rules, like set ctr, set union, etc., were added implicitly by changing the constraints they generated, as mentioned in the top comment. |
So it means they did not require any change? |
The |
That's interesting. If we introduce |
Probably. It depends on how |
Yes, I think we can postpone it for another PR. This one is not going to break anything. |
make fmt-fix(or had formatting run automatically on all files edited)This PR contains the initial version of the arrays encoding. It adds support for basic types, which are unchanged from the original encoding, as well as sets. A number of encoding rules was changed, either explicitly, through new
RewritingRuleclasses, or implicitly, through changes toZ3SolverContextthat make the SMT constraints produced be different from those of the original rules. A number of existing unit and integration tests are now running with the arrays encoding. Below is an overview of the changes. Closes #1092.checkcommand options.Z3SolverContext, as this is where the SMT constraints are made. See the updated ADR for details.ruleLookupTableinSymbStateRewriterImplWithArrays:EqRuleWithArrays,SetInRuleWithArrays, andSetInclusionRuleWithArrays.RewriterBase. To see which unit tests were enabled to run with the arrays encoding, checkTestArenaWithArrays,TestRewriterWithArrays, andTestRecordingSolverContextWithArrays.array-encodingincli-integration-tests. The CI setup to run the tagged tests is not part of this PR.