Fix SMT2 encoding of array_comprehension_exprt

[SaswatPadhi]

The SMT conversion routines were missing a rule for translating array_comprehension_exprt.

This PR creates a new translation rule leveraging the lambda construct in SMTLIB2.

NOTE: There may be several other broken-smt-backend regression tests that may be fixed by this change; I haven't checked (there are too many!).

• Each commit message has a non-empty body, explaining why the change was made.
• NA Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
• NA The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
• Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
• NA My commit message includes data points confirming performance improvements (if claimed).
• My PR is restricted to a single feature or bugfix.
• NA White-space or formatting changes outside the feature-related changed lines are in commits of their own.

[codecov]

Codecov Report

Merging #5973 (c499ff7) into develop (e76d811) will increase coverage by 0.02%.
The diff coverage is 37.50%.

@@             Coverage Diff             @@
##           develop    #5973      +/-   ##
===========================================
+ Coverage    75.12%   75.14%   +0.02%     
===========================================
  Files         1435     1444       +9     
  Lines       156301   157307    +1006     
===========================================
+ Hits        117416   118207     +791     
- Misses       38885    39100     +215     

Impacted Files	Coverage Δ
src/solvers/smt2/smt2_conv.h	100.00% <ø> (ø)
src/solvers/smt2/smt2_conv.cpp	59.95% <12.76%> (+0.56%)	⬆️
src/memory-analyzer/gdb_api.cpp	86.89% <50.00%> (ø)
unit/memory-analyzer/gdb_api.cpp	86.46% <94.73%> (ø)
src/util/std_expr.h	92.62% <0.00%> (-0.53%)	⬇️
src/memory-analyzer/analyze_symbol.cpp	72.60% <0.00%> (ø)
...rc/memory-analyzer/memory_analyzer_parse_options.h	100.00% <0.00%> (ø)
src/memory-analyzer/analyze_symbol.h	88.23% <0.00%> (ø)
src/memory-analyzer/memory_analyzer_main.cpp	100.00% <0.00%> (ø)
... and 10 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e42cc6c...c499ff7. Read the comment docs.

[kroening]

If you can use an SMT-LIB expression that maps directly onto what you want to translate, you no longer need the defined_expressions mechanism!

[martin-cs]

1. Is you think it fixes other things, please can you take the time to find out what they are? Someone will have to do this at some point and it would be better that it is connected with the change that fixes them.
2. I'm pretty sure lambda isn't in SMT-LIB 2. It has been /proposed/ for SMT-LIB 3 but we shouldn't be outputting it in an SMT-LIB 2.0 back-end.

[martin-cs]

Why are you creating a function with no arguments that returns a lambda?

[martin-cs]

Unless I have got the wrong end of the stick completely, I think you can implement this without the lambda.

[SaswatPadhi]

Arrays are infinite maps in SMT and are represented just like key -> value functions. The function with no arguments returns a lambda, because we want to return an array.

This has been tested with both Z3 -- you can run the attached regression test with cbmc --smt2.
I am not super sure about the official status of lambda within SMTLIB2 vs SMTLIB3, but Z3 supports it for a while now.

AFAIK, the only other way to implement array comprehension would be to use quantifiers, but that did not work even for the simpler case of array_of where the lambda expression was a constant (independent of the index).

[SaswatPadhi]

I will make this translation solver-specific then -- only emit SMT2 output using lambda if solver is Z3. Otherwise, fall back to quantifier-based initialization.

[Also, more info about lambda handling here: Z3Prover/z3/issues/2221]

[SaswatPadhi]

I have tested this (the attached regression test) locally with both --z3 and --cvc4 and it works correctly.

However, with CVC4 (and other solvers that don't allow lambda as an array), the SMT logic needs to be set to AUFBV instead of QF_AUFBV [see #5977] because we fallback to universally quantified initialization of the array.

[martin-cs]

I would rather not have the default logic change to be quantified as it will block some solvers. Beyond that, looks OK.

[SaswatPadhi]

Thanks for taking a look, @martin-cs.

I agree with not changing the default logic to allow quantifiers. I opened #5977 to discuss more about this issue.