d99d5a736f
* Add dual-row shared-factor sandwich for NLA bound propagation
When enabled via arith.nl.monomial_sandwich (default off), monomial_bounds
finds LP term columns whose term has shape a_m * m + a_v * v with exactly
two variables — both factors of a binary monomial m = u*v. The term column's
bound bounds (a_m * m + a_v * v); substituting m = u*v gives v * (a_m*u + a_v),
and sign-aware interval division by v plus an affine shift yields a numeric
bound on u. The derived interval is fed to the existing propagate_value path
so the lemma channel and integer rounding logic are shared with the rest of
NLA's forward/backward propagation; no new emit code.
Catches conflicts of the form
α_v1 * v + α_m * m ≥ k1
α_v2 * v + α_m * m ≤ k2
that today require nlsat (when no single row alone yields infeasibility but
their conjunction tightly bounds u after factoring v).
Scope: binary monomials only (m.size()==2, no squares); cap of 16 term-columns
scanned per call; one lemma per (u,v) attempt to keep the lemma channel quiet.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* Add arith.nl.order.binomial_sign flag (default true)
Granular gate for order_lemma_on_binomial_sign — the only order family that
embeds a model-snapshot literal (x ≷ val(x)) in the lemma body. Disabling it
keeps the always-good structural mon-ol family running while removing the
SAT-splitter shape that cascades under model perturbations (e.g., from
arith.nl.monomial_sandwich tightening factor bounds).
Default true preserves master behaviour; the flag is intended as an
experimental knob to measure how much of an observed cascade is specifically
attributable to the binomial-sign splitter vs. the structural cancellation
lemmas in the same module.
See ord-binom-opportunities.md for the full gap analysis and the
deterministic-replacement directions (sandwich, McCormick) that would let
this flag eventually default to false without regressing leaves where
ord-binom currently carries the proof.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* Add sign-pinned binomial bound for NLA (Opportunity 1 from ord-binom doc)
When enabled via arith.nl.monomial_binomial_sign (default off), monomial_bounds
adds a third pass alongside propagate_down (existing) and propagate_shared_factor
(sandwich). For a binary monomial m = u*v in m_to_refine whose model value mv
disagrees with val(u)*val(v), and where v has a determined sign:
1. synthesize a one-sided interval for m.var() at mv (no deps; the snapshot
enters as a literal in the lemma body, not as an antecedent)
2. divide by v's interval (sign-aware via dep.div<with_deps>) to get a
deterministic interval for u
3. emit a propagate_value-style lemma whose body is
m.var() < mv (or > mv) ∨ u-bound
conditioned on v's bound witness
Targets the case ord-binom currently handles: factors have determined signs,
m.var() may have no LP bound. The clause is sound modulo the monomial
definition (same condition propagate_down, propagate_shared_factor, and
ord-binom already rely on).
A new throttle kind MONOMIAL_BINOMIAL_SIGN keyed on (m.var, u, v, direction)
prevents cascading: without it, each new val(m.var()) snapshot would re-emit
across model changes the same way ord-binom does.
Validated via smt.arith.validate=true: 0 soundness errors across the
32-leaf test corpus.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* Add McCormick box-corner tangent points (Opportunity 2 from ord-binom doc)
When enabled via arith.nl.tangents.box_corners (default off, sub-flag of
arith.nl.tangents), tangent_imp::get_points selects m_a, m_b at the corners
of the bound box [x_lo, x_hi] × [y_lo, y_hi] instead of the model-centered
points val(x) ± delta. The selection follows the classical McCormick
under/over envelope:
- m_below=true (under-approximation):
m_a = (x_lo, y_lo), m_b = (x_hi, y_hi)
- m_below=false (over-approximation):
m_a = (x_lo, y_hi), m_b = (x_hi, y_lo)
The existing generate_plane already produces the McCormick linear form
xy ≷ pl.y·x + pl.x·y − pl.x·pl.y at any chosen point pl. push_point is
skipped in box-corner mode: corners are extremes, so doubling the offset
moves out of the box and would invalidate the McCormick property.
Falls back to the existing model-driven point selection when either factor
has an unbounded side or the box is degenerate (single-point in a
dimension).
Soundness — non-strict inequality at corners. The classical model-driven
flow uses pl strictly in the interior of the box, so generate_plane emits
xy > T (strict). At the box corners the tangent meets the surface along
the box's edges (xy = T when x = pl.x or y = pl.y), so the strict
inequality is violated by any model with x at the box boundary. A new
m_pl_strict_interior member, set false on a successful set_box_corners(),
switches generate_plane's emission to ≥/≤ (non-strict). The model-driven
path keeps strict — its push_point + plane_is_correct_cut chain already
guarantees pl is interior.
Validated via smt.arith.validate=true: 0 validate_conflict() failures
across the 32-leaf test corpus with box_corners=true.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .github | ||
| a3 | ||
| agentics | ||
| cmake | ||
| codeql/custom_queries | ||
| contrib | ||
| doc | ||
| docker | ||
| examples | ||
| noarch | ||
| resources | ||
| scripts | ||
| src | ||
| .bazelrc | ||
| .clang-format | ||
| .dockerignore | ||
| .gitattributes | ||
| .gitignore | ||
| BUILD.bazel | ||
| build_z3.bat | ||
| CMakeLists.txt | ||
| configure | ||
| LICENSE.txt | ||
| MODULE.bazel | ||
| README-CMake.md | ||
| README.md | ||
| RELEASE_NOTES.md | ||
| Z3-AGENT.md | ||
| z3.pc.cmake.in | ||
| z3guide.jpeg | ||
Z3
Z3 is a theorem prover from Microsoft Research. It is licensed under the MIT license. Windows binary distributions include C++ runtime redistributables
If you are not familiar with Z3, you can start here.
Pre-built binaries for stable and nightly releases are available here.
Z3 can be built using Visual Studio, a Makefile, using CMake, using vcpkg, or using Bazel. It provides bindings for several programming languages.
See the release notes for notes on various stable releases of Z3.
Build status
Pull Request & Push Workflows
| WASM Build | Windows Build | CI | OCaml Binding |
|---|---|---|---|
 |
 |
 |
 |
Scheduled Workflows
| Open Bugs | Android Build | Pyodide Build | Nightly Build | Cross Build |
|---|---|---|---|---|
 |
 |
 |
 |
 |
| MSVC Static | MSVC Clang-CL | Build Z3 Cache | Code Coverage | Memory Safety | Mark PRs Ready |
|---|---|---|---|---|---|
 |
 |
 |
 |
 |
 |
Manual & Release Workflows
| Documentation | Release Build | WASM Release | NuGet Build |
|---|---|---|---|
 |
 |
 |
 |
Specialized Workflows
| Nightly Validation | Copilot Setup | Agentics Maintenance |
|---|---|---|
 |
 |
 |
Agentic Workflows
| A3 Python | API Coherence | Code Simplifier | Release Notes | Workflow Suggestion |
|---|---|---|---|---|
 |
 |
 |
 |
 |
| Academic Citation | Build Warning Fixer | Code Conventions | CSA Report | Issue Backlog |
|---|---|---|---|---|
 |
 |
 |
 |
 |
| Memory Safety Report | Ostrich Benchmark | QF-S Benchmark | Tactic-to-Simplifier | ZIPT Code Reviewer |
|---|---|---|---|---|
 |
 |
 |
 |
 |
Building Z3 on Windows using Visual Studio Command Prompt
For 32-bit builds, start with:
python scripts/mk_make.py
or instead, for a 64-bit build:
python scripts/mk_make.py -x
then run:
cd build
nmake
Z3 uses C++20. The recommended version of Visual Studio is therefore VS2019 or later.
Security Features (MSVC): When building with Visual Studio/MSVC, a couple of security features are enabled by default for Z3:
- Control Flow Guard (
/guard:cf) - enabled by default to detect attempts to compromise your code by preventing calls to locations other than function entry points, making it more difficult for attackers to execute arbitrary code through control flow redirection - Address Space Layout Randomization (
/DYNAMICBASE) - enabled by default for memory layout randomization, required by the/GUARD:CFlinker option - These can be disabled using
python scripts/mk_make.py --no-guardcf(Python build) orcmake -DZ3_ENABLE_CFG=OFF(CMake build) if needed
Building Z3 using make and GCC/Clang
Execute:
python scripts/mk_make.py
cd build
make
sudo make install
Note by default g++ is used as C++ compiler if it is available. If you
prefer to use Clang, change the mk_make.py invocation to:
CXX=clang++ CC=clang python scripts/mk_make.py
Note that Clang < 3.7 does not support OpenMP.
You can also build Z3 for Windows using Cygwin and the Mingw-w64 cross-compiler. In that case, make sure to use Cygwin's own Python and not some Windows installation of Python.
For a 64-bit build (from Cygwin64), configure Z3's sources with
CXX=x86_64-w64-mingw32-g++ CC=x86_64-w64-mingw32-gcc AR=x86_64-w64-mingw32-ar python scripts/mk_make.py
A 32-bit build should work similarly (but is untested); the same is true for 32/64 bit builds from within Cygwin32.
By default, it will install z3 executables at PREFIX/bin, libraries at
PREFIX/lib, and include files at PREFIX/include, where the PREFIX
installation prefix is inferred by the mk_make.py script. It is usually
/usr for most Linux distros, and /usr/local for FreeBSD and macOS. Use
the --prefix= command-line option to change the install prefix. For example:
python scripts/mk_make.py --prefix=/home/leo
cd build
make
make install
To uninstall Z3, use
sudo make uninstall
To clean Z3, you can delete the build directory and run the mk_make.py script again.
Building Z3 using CMake
Z3 has a build system using CMake. Read the README-CMake.md file for details. It is recommended for most build tasks, except for building OCaml bindings.
Building Z3 using vcpkg
vcpkg is a full platform package manager. To install Z3 with vcpkg, execute:
git clone https://github.com/microsoft/vcpkg.git
./bootstrap-vcpkg.bat # For powershell
./bootstrap-vcpkg.sh # For bash
./vcpkg install z3
Building Z3 using Bazel
Z3 can be built using Bazel. This is known to work on Ubuntu with Clang (but may work elsewhere with other compilers):
bazel build //...
Dependencies
Z3 itself has only few dependencies. It uses C++ runtime libraries, including pthreads for multi-threading. It is optionally possible to use GMP for multi-precision integers, but Z3 contains its own self-contained multi-precision functionality. Python is required to build Z3. Building Java, .NET, OCaml and Julia APIs requires installing relevant toolchains.
Z3 bindings
Z3 has bindings for various programming languages.
.NET
You can install a NuGet package for the latest release Z3 from nuget.org.
Use the --dotnet command line flag with mk_make.py to enable building these.
See examples/dotnet for examples.
C
These are always enabled.
See examples/c for examples.
C++
These are always enabled.
See examples/c++ for examples.
Java
Use the --java command line flag with mk_make.py to enable building these.
For IDE setup instructions (Eclipse, IntelliJ IDEA, Visual Studio Code) and troubleshooting, see the Java IDE Setup Guide.
See examples/java for examples.
Go
Use the --go command line flag with mk_make.py to enable building these. Note that Go bindings use CGO and require a Go toolchain (Go 1.20 or later) to build.
With CMake, use the -DZ3_BUILD_GO_BINDINGS=ON option.
See examples/go for examples and src/api/go/README.md for complete API documentation.
OCaml
Use the --ml command line flag with mk_make.py to enable building these.
See examples/ml for examples.
Python
You can install the Python wrapper for Z3 for the latest release from pypi using the command:
pip install z3-solver
Use the --python command line flag with mk_make.py to enable building these.
Note that it is required on certain platforms that the Python package directory
(site-packages on most distributions and dist-packages on Debian-based
distributions) live under the install prefix. If you use a non-standard prefix
you can use the --pypkgdir option to change the Python package directory
used for installation. For example:
python scripts/mk_make.py --prefix=/home/leo --python --pypkgdir=/home/leo/lib/python-2.7/site-packages
If you do need to install to a non-standard prefix, a better approach is to use
a Python virtual environment
and install Z3 there. Python packages also work for Python3.
Under Windows, recall to build inside the Visual C++ native command build environment.
Note that the build/python/z3 directory should be accessible from where Python is used with Z3
and it requires libz3.dll to be in the path.
virtualenv venv
source venv/bin/activate
python scripts/mk_make.py --python
cd build
make
make install
# You will find Z3 and the Python bindings installed in the virtual environment
venv/bin/z3 -h
...
python -c 'import z3; print(z3.get_version_string())'
...
See examples/python for examples.
Julia
The Julia package Z3.jl wraps the C API of Z3. A previous version of it wrapped the C++ API: Information about updating and building the Julia bindings can be found in src/api/julia.
WebAssembly / TypeScript / JavaScript
A WebAssembly build with associated TypeScript typings is published on npm as z3-solver. Information about building these bindings can be found in src/api/js.
Smalltalk (Pharo / Smalltalk/X)
Project MachineArithmetic provides a Smalltalk interface to Z3's C API. For more information, see MachineArithmetic/README.md.
AIX
Build settings for AIX are described here.
System Overview
Interfaces
-
Default input format is SMTLIB2
-
Other native foreign function interfaces:
-
Python API (also available in pydoc format)
-
C
-
OCaml
-
Smalltalk (supports Pharo and Smalltalk/X)
Power Tools
- The Axiom Profiler currently developed by ETH Zurich