一种懒惰和模块化的喷砂方法

IF 0.5 4区计算机科学 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS

Acta Informatica Pub Date : 2026-04-10 DOI:10.1007/s00236-026-00529-y

Max Barth, Matthias Heizmann, Jochen Hoenicke

{"title":"一种懒惰和模块化的喷砂方法","authors":"Max Barth, Matthias Heizmann, Jochen Hoenicke","doi":"10.1007/s00236-026-00529-y","DOIUrl":null,"url":null,"abstract":"<div>Bit-vector operations are ubiquitous in programming languages and formal verification, but their complex semantics pose challenges for SMT solvers. Although bit-blasting—translating bit-vectors to Boolean variables—is widely used, it struggles with arithmetic bit-vector operations on large bit-widths (e.g., 64-bit or 256-bit variables) due to exponential blowup. Int-blasting, which maps bit-vectors to integer arithmetic, offers a scalable alternative for arithmetic bit-vector operations, but introduces many modulo operations of which some are redundant. This article presents a modular three-step translation from bit-vector formulas to integer formulas, designed to keep the amount of modulo operations low, while preserving correctness. In the first step, we translate bit-vector operations to integer operations. Thereby, we introduce the two functions \\(\\texttt {bv2nat}\\) and \\(\\texttt {nat2bv}_k\\) as explicit operators in the SMT-LIB theory of bit-vectors. Each integer operation is wrapped by \\(\\texttt {bv2nat}\\) and \\(\\texttt {nat2bv}_k\\). Hence, the sort of all bit-vector terms is preserved. Therefore, the first translation step is an equivalence transformation. In the second step, we simplify the formula by replacing the composition \\(\\texttt {bv2nat} \\circ \\texttt {nat2bv}_k\\) with a modulo operation. These modulo operations are added lazily, i.e., if the modulo does not change the result of the operation, it is omitted. In our experiments this reduced the average amount of modulo operations by 51%. In the third step, we introduce lemmas to precisely capture the meaning of \\(\\texttt {bv2nat}\\) and \\(\\texttt {nat2bv}_k\\). We prove that these lemmas suffice to solve bit-vector formulas. Furthermore, we illustrate that these lemmas are also sufficient for bit-vector formulas with quantifiers, arrays and uninterpreted functions. We implement our translation in SMTInterpol and evaluate it on 19570 SMT-LIB benchmarks. Results show that our lazy int-blasting solves 15% more tasks than an eager int-blasting, with 35% faster average runtime and 12% lower memory usage.</div>","PeriodicalId":7189,"journal":{"name":"Acta Informatica","volume":"63 2","pages":""},"PeriodicalIF":0.5000,"publicationDate":"2026-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://link.springer.com/content/pdf/10.1007/s00236-026-00529-y.pdf","citationCount":"0","resultStr":"{\"title\":\"A lazy and modular approach to int-blasting\",\"authors\":\"Max Barth, Matthias Heizmann, Jochen Hoenicke\",\"doi\":\"10.1007/s00236-026-00529-y\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>Bit-vector operations are ubiquitous in programming languages and formal verification, but their complex semantics pose challenges for SMT solvers. Although bit-blasting—translating bit-vectors to Boolean variables—is widely used, it struggles with arithmetic bit-vector operations on large bit-widths (e.g., 64-bit or 256-bit variables) due to exponential blowup. Int-blasting, which maps bit-vectors to integer arithmetic, offers a scalable alternative for arithmetic bit-vector operations, but introduces many modulo operations of which some are redundant. This article presents a modular three-step translation from bit-vector formulas to integer formulas, designed to keep the amount of modulo operations low, while preserving correctness. In the first step, we translate bit-vector operations to integer operations. Thereby, we introduce the two functions \\\\(\\\\texttt {bv2nat}\\\\) and \\\\(\\\\texttt {nat2bv}_k\\\\) as explicit operators in the SMT-LIB theory of bit-vectors. Each integer operation is wrapped by \\\\(\\\\texttt {bv2nat}\\\\) and \\\\(\\\\texttt {nat2bv}_k\\\\). Hence, the sort of all bit-vector terms is preserved. Therefore, the first translation step is an equivalence transformation. In the second step, we simplify the formula by replacing the composition \\\\(\\\\texttt {bv2nat} \\\\circ \\\\texttt {nat2bv}_k\\\\) with a modulo operation. These modulo operations are added lazily, i.e., if the modulo does not change the result of the operation, it is omitted. In our experiments this reduced the average amount of modulo operations by 51%. In the third step, we introduce lemmas to precisely capture the meaning of \\\\(\\\\texttt {bv2nat}\\\\) and \\\\(\\\\texttt {nat2bv}_k\\\\). We prove that these lemmas suffice to solve bit-vector formulas. Furthermore, we illustrate that these lemmas are also sufficient for bit-vector formulas with quantifiers, arrays and uninterpreted functions. We implement our translation in SMTInterpol and evaluate it on 19570 SMT-LIB benchmarks. Results show that our lazy int-blasting solves 15% more tasks than an eager int-blasting, with 35% faster average runtime and 12% lower memory usage.</div>\",\"PeriodicalId\":7189,\"journal\":{\"name\":\"Acta Informatica\",\"volume\":\"63 2\",\"pages\":\"\"},\"PeriodicalIF\":0.5000,\"publicationDate\":\"2026-04-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://link.springer.com/content/pdf/10.1007/s00236-026-00529-y.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Acta Informatica\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://link.springer.com/article/10.1007/s00236-026-00529-y\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Acta Informatica","FirstCategoryId":"94","ListUrlMain":"https://link.springer.com/article/10.1007/s00236-026-00529-y","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

位向量运算在编程语言和形式验证中无处不在，但其复杂的语义给SMT求解器带来了挑战。虽然比特爆破（将比特向量转换为布尔变量）被广泛使用，但由于指数膨胀，它在大比特宽度（例如，64位或256位变量）上的算术比特向量操作中遇到困难。将位向量映射到整数运算的int -爆破，为算术位向量运算提供了一种可伸缩的替代方法，但引入了许多冗余的模运算。本文介绍了从位矢量公式到整数公式的模块化三步转换，旨在保持低模数运算量，同时保持正确性。在第一步中，我们将位向量操作转换为整数操作。因此，我们在位向量的SMT-LIB理论中引入两个函数\(\texttt {bv2nat}\)和\(\texttt {nat2bv}_k\)作为显式运算符。每个整数操作都由\(\texttt {bv2nat}\)和\(\texttt {nat2bv}_k\)包装。因此，保留了所有位向量项的排序。因此，平移的第一步是等价变换。在第二步中，我们通过用模操作替换组合\(\texttt {bv2nat} \circ \texttt {nat2bv}_k\)来简化公式。这些模运算是惰性添加的，也就是说，如果模运算没有改变运算的结果，则省略。在我们的实验中，这将模操作的平均次数减少了51次%. In the third step, we introduce lemmas to precisely capture the meaning of \(\texttt {bv2nat}\) and \(\texttt {nat2bv}_k\). We prove that these lemmas suffice to solve bit-vector formulas. Furthermore, we illustrate that these lemmas are also sufficient for bit-vector formulas with quantifiers, arrays and uninterpreted functions. We implement our translation in SMTInterpol and evaluate it on 19570 SMT-LIB benchmarks. Results show that our lazy int-blasting solves 15% more tasks than an eager int-blasting, with 35% faster average runtime and 12% lower memory usage.

本文章由计算机程序翻译，如有差异，请以英文原文为准。

A lazy and modular approach to int-blasting

查看原文本刊更多论文

A lazy and modular approach to int-blasting

Bit-vector operations are ubiquitous in programming languages and formal verification, but their complex semantics pose challenges for SMT solvers. Although bit-blasting—translating bit-vectors to Boolean variables—is widely used, it struggles with arithmetic bit-vector operations on large bit-widths (e.g., 64-bit or 256-bit variables) due to exponential blowup. Int-blasting, which maps bit-vectors to integer arithmetic, offers a scalable alternative for arithmetic bit-vector operations, but introduces many modulo operations of which some are redundant. This article presents a modular three-step translation from bit-vector formulas to integer formulas, designed to keep the amount of modulo operations low, while preserving correctness. In the first step, we translate bit-vector operations to integer operations. Thereby, we introduce the two functions \(\texttt {bv2nat}\) and \(\texttt {nat2bv}_k\) as explicit operators in the SMT-LIB theory of bit-vectors. Each integer operation is wrapped by \(\texttt {bv2nat}\) and \(\texttt {nat2bv}_k\). Hence, the sort of all bit-vector terms is preserved. Therefore, the first translation step is an equivalence transformation. In the second step, we simplify the formula by replacing the composition \(\texttt {bv2nat} \circ \texttt {nat2bv}_k\) with a modulo operation. These modulo operations are added lazily, i.e., if the modulo does not change the result of the operation, it is omitted. In our experiments this reduced the average amount of modulo operations by 51%. In the third step, we introduce lemmas to precisely capture the meaning of \(\texttt {bv2nat}\) and \(\texttt {nat2bv}_k\). We prove that these lemmas suffice to solve bit-vector formulas. Furthermore, we illustrate that these lemmas are also sufficient for bit-vector formulas with quantifiers, arrays and uninterpreted functions. We implement our translation in SMTInterpol and evaluate it on 19570 SMT-LIB benchmarks. Results show that our lazy int-blasting solves 15% more tasks than an eager int-blasting, with 35% faster average runtime and 12% lower memory usage.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Acta Informatica 工程技术-计算机：信息系统

CiteScore

2.40

自引率

16.70%

发文量

审稿时长

>12 weeks

期刊介绍： Acta Informatica provides international dissemination of articles on formal methods for the design and analysis of programs, computing systems and information structures, as well as related fields of Theoretical Computer Science such as Automata Theory, Logic in Computer Science, and Algorithmics. Topics of interest include: • semantics of programming languages • models and modeling languages for concurrent, distributed, reactive and mobile systems • models and modeling languages for timed, hybrid and probabilistic systems • specification, program analysis and verification • model checking and theorem proving • modal, temporal, first- and higher-order logics, and their variants • constraint logic, SAT/SMT-solving techniques • theoretical aspects of databases, semi-structured data and finite model theory • theoretical aspects of artificial intelligence, knowledge representation, description logic • automata theory, formal languages, term and graph rewriting • game-based models, synthesis • type theory, typed calculi • algebraic, coalgebraic and categorical methods • formal aspects of performance, dependability and reliability analysis • foundations of information and network security • parallel, distributed and randomized algorithms • design and analysis of algorithms • foundations of network and communication protocols.