
Z3: A high-performance theorem prover from Microsoft Research - tchajed
https://z3.codeplex.com/
======
microarchitect
In terms of applicability, SMT (satisfiability module theory) solvers
basically allow you to do things which are slightly more complex than plain
SAT solving.

If you're looking to learn more, Leonardo has a nice introduction to SMT and
its applications over here:
[http://dl.acm.org/citation.cfm?id=1995394](http://dl.acm.org/citation.cfm?id=1995394).
To make a long story short, various problems in program verification and
static analysis have seen success with SMT.

/some academic navel-gazing follows.

Yices
([http://yices.csl.sri.com/index.shtml](http://yices.csl.sri.com/index.shtml))
and Z3 are the two main SMT solvers used by academics today. Yices is the
"original" solver and was developed by Leonardo de Moura and Bruno Dutertre at
SRI in the mid-2000s. At some point towards the end of the last decade,
Leonardo moved to Microsoft Research and for reasons which are unclear started
working on Z3 independently. I am told that Z3 is a slightly faster solver
today.

~~~
beambot
Pardon the relative ignorance... but I thought these types of problems (SAT
and SMT) were NP-Complete in the general case? Does Z3 do something special
(eg apply heuristics)? It looks very impressive!

~~~
dons
[http://www.csl.sri.com/users/rushby/slides/jaist07.pdf](http://www.csl.sri.com/users/rushby/slides/jaist07.pdf)

See "SMT Solvers: Disruptive Innovation in Theorem Proving", Rushby, 2007.

> SAT solving is the quintessential NP-complete problem. But now amazingly
> fast in practice (most of the time)

> SMT ... generalizes SAT solving by adding the ability to handle arithmetic
> and other decidable theories

------
jbapple
Though the source is available, it cannot be used for commercial purposes.

[https://z3.codeplex.com/sourcecontrol/latest#LICENSE.txt](https://z3.codeplex.com/sourcecontrol/latest#LICENSE.txt)

You may not redistribute the source on a website intending to teach the use of
Z3 for commercial purposes.

You also agree that MS can sell any modifications or derivative software that
you produce.

~~~
vdaniuk
Is it even legal to prohibit teaching something due to copyright infringment?

~~~
oh_sigh
"...for commercial purposes"

~~~
vdaniuk
Yeah, I got that first time, thanks.

It is not trivial to separate commercial and non-commercial purposes. Creative
commons licenses still don't have a clear criteria. So as it goes with
copyright, this just has a chilling effect on the education of some compsci
fundamentals. I just dont get why MS would do that, is it a competitive
advantage?

~~~
randomhunt
Commercial = I make money from using this; Non-commercial = NOT commercial

(In case the sarcasm was a bit too thick, although it was at no less a level
than your reply, I think it's plainly obvious what the licence is dictating
and hope you will go into a little more detail of your viewpoint that it
isn't)

~~~
barrkel
What if you don't make money from it now, but use what you learned to profit
ten minutes later? How about 10 days later? Or 10 years later?

Non-commercial use for something that is directly involved in the production
of something else is fairly easy to determine; it depends on whether that
something else is sold for money or not.

But for analytical software like this prover, you could indirectly use it to
improve something that is sold for money, but the process of improvement is
not necessarily a commercial transaction. It could be performed by students at
a university, for example. I have in mind formal verification of program
invariants, with potential identification of breaks, as an example.

~~~
randomhunt
Is there a direct link between you using this software under such a licence
and then gaining monetary advantage (if not money directly itself)?

Using your process of improvement for me it is quite clear there would be.

[Perhaps the solver could be used to figure the applicability of the licence]

------
freyrs3
It's worth noting that there are excellent Python bindings to Z3.
[http://rise4fun.com/z3py/tutorial](http://rise4fun.com/z3py/tutorial)

~~~
tel
There's also a tremendous Haskell binding, SBV
([http://hackage.haskell.org/package/sbv](http://hackage.haskell.org/package/sbv))
though it's specialized to bitvector theory.

~~~
psuter
...and for Scala: [https://github.com/epfl-
lara/ScalaZ3](https://github.com/epfl-lara/ScalaZ3) (/ shameless plug).

------
tptacek
If people are using this for interesting projects, I'd love some details.

~~~
colanderman
Last week I wrote a fun tool using it (actually, any SMT-LIB 2 compatible
solver, of which Z3 seems to be the only open-source-ish one that works out of
the box) to search for optimal branch-free load-free C implementations of
small integer lookup tables (i.e. something the compiler should do but
doesn't). It's really a minimal use of an SMT solver, but it saved me from
having to think of a more clever algorithm than brute force.

~~~
psuter
In case you or someone else is still looking, CVC4 [1] is a competitive open
source alternative to Z3 or Yices.

[1] [http://cvc4.cs.nyu.edu/](http://cvc4.cs.nyu.edu/)

~~~
colanderman
Thanks! Last I checked (maybe a year back), something-or-other about CVC4
didn't work for me (I wholly forget what it was). I will try it out again.

I don't know if you are associated with CVC4 at all, but unfortunately the
hashes of the amd64 Debian stable packages (cvc4, libcvc4-1, and
libcvc4parser1) don't seem to match? It is probably just a package error
however it makes me hesitant to install the packages…

~~~
psuter
I am not associated with CVC4 directly (or Z3 for that matter). Something that
is true for all these tools is that they evolve very quickly. As a result,
you're better off building from source. In both cases, that means running
`make` and nothing else.

------
shirkey
What are the advantages/differences between this and Google's or-tools
([https://code.google.com/p/or-tools/](https://code.google.com/p/or-tools/)),
which is available under Apache license?

~~~
tel
Without examining or-tools too much, I think it's solving a totally different
problem. The Z3 guideis a good way to learn more
([http://rise4fun.com/z3/tutorial](http://rise4fun.com/z3/tutorial))

~~~
lmeyerov
Z3 is about "satisfiability modulo theories", which basically means a SAT
solver with smart extensions for things like floating point arithmetic that
would otherwise die under a naive encoding. It's used for program
verification, and in my group, program synthesis. OR tools like Google's choke
on such problems that require reasoning about logic, recursive functions, etc.

For an example of a program verifier using Z3, Pex is amazing: pex4fun.com .
It does 'whitebox' fuzzing (program analysis + SMT) to find inputs that break
your assert statements and open-ended unit tests.

For an example of a program synthesizer, I spent the past few days writing a
regular expression / sed script generator that infers the code from
input/output pairs: [http://lmeyerov.blogspot.com/2013/09/sneak-peek-for-my-
stran...](http://lmeyerov.blogspot.com/2013/09/sneak-peek-for-my-strange-loop-
talk-on.html) . Underneath, it calls into a SAT solver (it goes through
Rosette[1], which plugs in its own solver or Z3).

[1] [http://splashcon.org/2013/program/onward-research-
papers/909...](http://splashcon.org/2013/program/onward-research-
papers/909-session-3)

------
joe_the_user
Weirdly enough, I've studying this kind of thing lately.

So it seems from the various papers Z3 is oriented around infinite precision
real arithmetic. It's that kind of overkill for most practical problems?

How does it compare with iSat or similar approaches in speed? One of the
problems with SMT, Satisfiability Modulo Theories, is that it involves a
somewhat loose connection between a SAT problem and an underlying theory
prover, which can slow down the whole process if the underlying theory prover
is not very fast.

[http://en.wikipedia.org/wiki/Satisfiability_Modulo_Theories](http://en.wikipedia.org/wiki/Satisfiability_Modulo_Theories)

~~~
colanderman
Z3 supports many more theories than just real arithmetic. I've primarily
dabbled with difference logic and bit vectors, both of which I believe benefit
strongly from SMT's SAT underpinnings.

------
auggierose
Did anyone make a Javascript version of this with emscripten? I am currently
using Z3 on the server side but would really like a client side solution to
save computational resources.

~~~
azakai
The license is a non-commercial one, which makes it impractical for many use
cases. Could be why it hasn't been ported yet (I might have done so myself,
had the license been otherwise).

~~~
auggierose
If you want to use it for commercial purposes, there is probably a way to get
a license from them for that.

