Open Source Adventures: Episode 01: Crystal FFI and Z3
Welcome to my new series! Previously I did Electron Adventures and 100 Languages Speedrun.
Now it's time for something a bit less ambitious. I do a lot of small Open Source things anyway all the time, so in this series I'll just write about the kind of things I do anyway.
I plan it as a more or less daily series of 100 episodes. They'll mostly be much smaller than in my 100 Languages Speedrun series, and any big topic will likely be split into multiple bite-size episodes. Some will be new stuff, some might be flashbacks to old things I made before.
Let's get started!
Z3 and Crystal
Z3 is a theorem prover library, and I maintain a Ruby gem for it. I wrote about it previously in 100 Languages Speedrun: Episode 23: Ruby Z3 .
I want to play with Crystal a bit more, and since I already know Z3, that's a decent start.
Z3 C API
Z3 C API is super unfun to work with. We need to create a Context
object (passing a Config
), then we need to pass that damn context to every single function call. Due to limitations of C there's some weird calling convention for anything that takes variable number of arguments or returns multiple values. And worst of all, there are so many ways to pass arguments that pass the C type system, but will still hard crash Z3 - like trying to add an integer expression (type Ast
) to a boolean expression (also type Ast
) for an obvious example, but there are many others.
The way I solved it in Ruby is by layers. First I created the Z3::VeryLowLevel
which directly maps to the C API, with functions like these:
module Z3
module VeryLowLevel
attach_function :Z3_mk_gt, [:ctx_pointer, :ast_pointer, :ast_pointer], :ast_pointer
end
end
This means function Z3_mk_gt
takes three arguments (Context
, Ast
, Ast
), and returns one argument Ast
.
Then there's second layer Z3::LowLevel
which handles context, unwraps passed objects, and also handles peculiarities of C APIs like how arrays and multiple return values are handled:
module Z3
module LowLevel
def mk_gt(ast1, ast2) #=> :ast_pointer
VeryLowLevel.Z3_mk_gt(_ctx_pointer, ast1._ast, ast2._ast)
end
end
end
Only on top of that I built the actual API, which did all the crash-prevention checks, automatic coercion, operators, and so on:
module Z3
class Expr < AST
class << self
def Gt(a, b)
a, b = coerce_to_same_sort(a, b)
case a
when ArithExpr
BoolSort.new.new(LowLevel.mk_gt(a, b))
when BitvecExpr
raise Z3::Exception, "Use #signed_gt or #unsigned_gt for Bitvec, not >"
else
raise Z3::Exception, "Can't compare #{a.sort} values"
end
end
end
end
end
module Z3
class ArithExpr < Expr
def >(other)
Expr.Gt(self, other)
end
end
end
The end result is that you can do this:
> Z3.Int("a") > 420
Bool<a > 420>
Which does a lot of Z3 calls behind the scene.
Crystal FFI
OK, let's get started with doing this in Crystal. First, manually doing just enough of the very low level API to get started:
@[Link("z3")]
lib Z3
type Ast = Void*
type Config = Void*
type Context = Void*
type Model = Void*
type Solver = Void*
type Sort = Void*
type Symbol = Void*
# Just list the ones we need, there's about 700 API calls total
fun mk_add = Z3_mk_add(ctx : Context, count : UInt32, asts : Ast*) : Ast
fun mk_const = Z3_mk_const(ctx : Context, name : Symbol, sort : Sort) : Ast
fun mk_context = Z3_mk_context(cfg : Config) : Context
fun mk_contig = Z3_mk_config() : Config
fun mk_eq = Z3_mk_eq(ctx : Context, a : Ast, b : Ast) : Ast
fun mk_ge = Z3_mk_ge(ctx : Context, a : Ast, b : Ast) : Ast
fun mk_gt = Z3_mk_gt(ctx : Context, a : Ast, b : Ast) : Ast
fun mk_int_sort = Z3_mk_int_sort(ctx : Context) : Sort
fun mk_le = Z3_mk_le(ctx : Context, a : Ast, b : Ast) : Ast
fun mk_lt = Z3_mk_lt(ctx : Context, a : Ast, b : Ast) : Ast
fun mk_distinct = Z3_mk_distinct(ctx : Context, count : UInt32, asts : Ast*) : Ast
fun mk_mul = Z3_mk_mul(ctx : Context, count : UInt32, asts : Ast*) : Ast
fun mk_numeral = Z3_mk_numeral(ctx : Context, s : UInt8*, sort : Sort) : Ast
fun mk_solver = Z3_mk_solver(ctx : Context) : Solver
fun mk_string_symbol = Z3_mk_string_symbol(ctx : Context, s : UInt8*) : Symbol
fun model_to_string = Z3_model_to_string(ctx : Context, model : Model) : UInt8*
fun solver_assert = Z3_solver_assert(ctx : Context, solver : Solver, ast : Ast) : Void
fun solver_check = Z3_solver_check(ctx : Context, solver : Solver) : Int32
fun solver_get_model = Z3_solver_get_model(ctx : Context, solver : Solver) : Model
end
SEND + MORE = MONEY
And let's do a very simple problem, SEND + MORE = MONEY.
First, the global setup:
# Setup library
cfg = Z3.mk_contig()
ctx = Z3.mk_context(cfg)
solver = Z3.mk_solver(ctx)
int_sort = Z3.mk_int_sort(ctx)
There's no automatic conversion of numbers to Z3 objects, so we need to do this manually:
# Integer constants
nums = Hash(Int32, Z3::Ast).new
[0, 1, 9, 10, 100, 1000, 10000].each do |num|
nums[num] = Z3.mk_numeral(ctx, num.to_s, int_sort)
end
And set up variables. They all need to be 0 to 9, but we can't have leading zeroes so M and S must be at least 1:
# Variables, all 0 to 9
vars = Hash(String, Z3::Ast).new
%w[s e n d m o r e m o n e y].uniq.each do |name|
name_sym = Z3.mk_string_symbol(ctx, name)
var = Z3.mk_const(ctx, name_sym, int_sort)
vars[name] = var
Z3.solver_assert(ctx, solver, Z3.mk_ge(ctx, var, nums[0]))
Z3.solver_assert(ctx, solver, Z3.mk_le(ctx, var, nums[9]))
end
# m and s need to be >= 1, no leading zeroes
Z3.solver_assert(ctx, solver, Z3.mk_ge(ctx, vars["m"], nums[1]))
Z3.solver_assert(ctx, solver, Z3.mk_ge(ctx, vars["s"], nums[1]))
They also need to be all different:
# all letters represent different digits
all_distinct = Z3.mk_distinct(ctx, vars.size, vars.values)
Z3.solver_assert(ctx, solver, all_distinct)
Now SEND + MORE = MONEY. This is very verbose, but all the extra arguments like ctx
and array sizes get in the way of doing it more concisely:
send_vars = [
Z3.mk_mul(ctx, 2, [vars["s"], nums[1000]]),
Z3.mk_mul(ctx, 2, [vars["e"], nums[100]]),
Z3.mk_mul(ctx, 2, [vars["n"], nums[10]]),
vars["d"],
]
more_vars = [
Z3.mk_mul(ctx, 2, [vars["m"], nums[1000]]),
Z3.mk_mul(ctx, 2, [vars["o"], nums[100]]),
Z3.mk_mul(ctx, 2, [vars["r"], nums[10]]),
vars["e"],
]
money_vars = [
Z3.mk_mul(ctx, 2, [vars["m"], nums[10000]]),
Z3.mk_mul(ctx, 2, [vars["o"], nums[1000]]),
Z3.mk_mul(ctx, 2, [vars["n"], nums[100]]),
Z3.mk_mul(ctx, 2, [vars["e"], nums[10]]),
vars["y"],
]
send_sum = Z3.mk_add(ctx, send_vars.size, send_vars)
more_sum = Z3.mk_add(ctx, more_vars.size, more_vars)
money_sum = Z3.mk_add(ctx, money_vars.size, money_vars)
send_more_sum = Z3.mk_add(ctx, 2, [send_sum, more_sum])
equation = Z3.mk_eq(ctx, send_more_sum, money_sum)
Z3.solver_assert(ctx, solver, equation)
And finally let's print the results. Z3 at least saves us here, as it has some rudimentary model to string conversion, so we don't need to do anything complicated. Eventually we don't want to use that - we'd rather get Hash
of results from Z3 Model and handle printing it out ourselves, but that's still far away.
Result code has three possibilities ("definitely no", "definitely yes", and "Z3 couldn't solve it"):
# Get the result
result_code = Z3.solver_check(ctx, solver)
puts "Result code is: #{result_code}"
model = Z3.solver_get_model(ctx, solver)
s = Z3.model_to_string(ctx, model)
puts String.new(s)
Let's run it:
$ ./send_more_money.cr
Result code is: 1
d -> 7
n -> 6
o -> 0
m -> 1
r -> 8
s -> 9
e -> 5
y -> 2
That is: 9567 + 1085 == 10652
Story so far
I put the code in crystal-z3 repo.
We got the point where we can run Z3 from Crystal, but the API is horrendous.
So far Crystal FFI handled everything without any issues, but a lot of complexity is still ahead, and there's also a lot of things I'm ignoring like integrating with Z3 memory management.
Coming next
In the next episode, we'll try to make Crystal handle Z3 Contexts and other very low level concerns for us, so we can make code look less like ass. It will take many iterations before we get something decent. One step at a time.