Skip to content

Incremental SMT2: Add size limit to array element retrieval#8902

Draft
tautschnig wants to merge 1 commit intodiffblue:developfrom
tautschnig:fix-8071-smt2-incr-large-array
Draft

Incremental SMT2: Add size limit to array element retrieval#8902
tautschnig wants to merge 1 commit intodiffblue:developfrom
tautschnig:fix-8071-smt2-incr-large-array

Conversation

@tautschnig
Copy link
Copy Markdown
Collaborator

@tautschnig tautschnig commented Mar 27, 2026

Add MAX_TRACE_ARRAY_SIZE (1000) threshold to get_expr for array_typet. When an array exceeds this size, return empty optional with a warning instead of enumerating all elements, which caused OOM for large arrays (e.g., __CPROVER_max_malloc_size = 2^23).

The caller in get() already handles empty optional gracefully by falling back to returning the original expression.

Also remove the no-new-smt exclusion tag from pointer-offset-01 test since this fix prevents the OOM that required the exclusion.

Fixes: #8071

  • Each commit message has a non-empty body, explaining why the change was made.
  • Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
  • The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
  • Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
  • My commit message includes data points confirming performance improvements (if claimed).
  • My PR is restricted to a single feature or bugfix.
  • White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@tautschnig
Incremental SMT2: Add size limit to array element retrieval
8ecb705 
Add MAX_TRACE_ARRAY_SIZE (1000) threshold to get_expr for array_typet.
When an array exceeds this size, return empty optional with a warning
instead of enumerating all elements, which caused OOM for large arrays
(e.g., __CPROVER_max_malloc_size = 2^23).

The caller in get() already handles empty optional gracefully by
falling back to returning the original expression.

Also remove the no-new-smt exclusion tag from pointer-offset-01 test
since this fix prevents the OOM that required the exclusion.

Fixes: diffblue#8071
@tautschnig tautschnig self-assigned this Mar 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@peterschrammel peterschrammel Awaiting requested review from peterschrammel peterschrammel will be requested when the pull request is marked ready for review peterschrammel is a code owner

@TGWDB TGWDB Awaiting requested review from TGWDB TGWDB will be requested when the pull request is marked ready for review TGWDB is a code owner

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees

@tautschnig tautschnig

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Large arrays cause out of memory issues during trace generation with incremental smt2 decision procedure

1 participant

@tautschnig