Surprising behaviour when trying to prove a forall

Question

Consider the following SMT-LIB code:

(set-option :auto_config false)
(set-option :smt.mbqi false)
; (set-option :smt.case_split 3)
(set-option :smt.qi.profil         


        

Answer 1

The situation is as follows:

• when using pattern based instantiation exclusively Z3 takes a somewhat operational approach to finding quantifier instantiations.

• by disabling MBQI you rely on the equality matching engine.

• case_split = 3 instructs Z3 to use relevancy heuristic when choosing candidates for equality matching.
• The assert (not (forall (a, b, c) (and (trigG a) (trigF a b c)))) expands into a disjunction (or (not (trigG a!0)) (not (trigF a!0 b!1 c!2))).
• only one of the two disjuncts is relevant for satisfying the formula.
• The search sets (trigG a!0) to false, so the clause is satisfied. The trigger (trigF a b c) is therefore never activated.

You can bypass this issue by distributing in universal quantifiers over conjunctions, and supplying patterns in each case. Thus, you(r tool) could rewrite the axiom:

(assert (forall ((a Int) (b Int) (c Int)) (!
  (and
    (trigG a)
    (trigF a b c))
  :pattern ((trigF a b c))
  :qid |bar|
 )))

to the two axioms.

(assert (forall ((a Int)) (! (trigG a) :pattern ((trigG a))))
(assert (forall ((a Int) (b Int) (c Int)) (!
    (trigF a b c)
  :pattern ((trigF a b c))
  :qid |bar|
 )))

The issue of setting auto-completion seems fixed. I somewhat recently fixed bug in the way that some top-level configurations were reset if multiple top-level configurations were set in the smt-lib input.