def _ipsSendRules(self): p = z3.Const('__ips_Packet_%s' % (self.ips), self.ctx.packet) eh = z3.Const('__ips_node1_%s' % (self.ips), self.ctx.node) eh2 = z3.Const('__ips_node2_%s' % (self.ips), self.ctx.node) eh3 = z3.Const('__ips_node3_%s' % (self.ips), self.ctx.node) # The ips never invents packets # \forall e_1, p\ send (f, e_1, p) \Rightarrow \exists e_2 recv(e_2, f, p) self.constraints.append(z3.ForAll([eh, p], z3.Implies(self.ctx.send(self.ips, eh, p), \ z3.Exists([eh2], \ z3.And(self.ctx.recv(eh2, self.ips, p), \ z3.Not(z3.Exists([eh3], z3.And(self.ctx.send(self.ips, eh3, p),\ eh3 != eh))), \ self.ctx.etime(self.ips, p, self.ctx.recv_event) < \ self.ctx.etime(self.ips, p, self.ctx.send_event)))))) # Actually enforce ips rules # \forall e_1, p send(f, e_1, p) \Rightarrow (cached(p.src, p.dest) # \land ctime(p.src, p.dest) <= etime(ips, p, R)) # \lor (cached(p.dest, p.src) \land ctime(p.dest, p.src) <= etime(ips. p, R)) self.constraints.append(z3.ForAll([eh, p], z3.Implies(self.ctx.send(self.ips, eh, p), \ z3.And(z3.Not(self.policy.dpi_match(self.ctx.packet.body(p))), \ z3.Or(z3.And(self.cached(self.ctx.packet.src(p), self.ctx.src_port(p), self.ctx.packet.dest(p), self.ctx.dest_port(p)), \ self.ctime(self.ctx.packet.src(p), self.ctx.src_port(p), self.ctx.packet.dest(p), self.ctx.dest_port(p)) <\ self.ctx.etime(self.ips, p, self.ctx.recv_event)), \ z3.And(self.cached(self.ctx.packet.dest(p), self.ctx.dest_port(p), self.ctx.packet.src(p), self.ctx.src_port(p)), \ self.ctime(self.ctx.packet.dest(p), self.ctx.dest_port(p), self.ctx.packet.src(p), self.ctx.src_port(p)) <\ self.ctx.etime(self.ips, p, self.ctx.recv_event)))))))
def _firewallSendRules(self): p_0 = z3.Const('%s_firewall_send_p_0' % (self.fw), self.ctx.packet) p_1 = z3.Const('%s_firewall_send_p_1' % (self.fw), self.ctx.packet) n_0 = z3.Const('%s_firewall_send_n_0' % (self.fw), self.ctx.node) n_1 = z3.Const('%s_firewall_send_n_1' % (self.fw), self.ctx.node) t_0 = z3.Int('%s_firewall_send_t_0' % (self.fw)) t_1 = z3.Int('%s_firewall_send_t_1' % (self.fw)) t_2 = z3.Int('%s_firewall_send_t_2' % (self.fw)) self.acl_func = z3.Function('%s_acl_func' % (self.fw), self.ctx.packet, z3.BoolSort()) self.constraints.append(z3.ForAll([n_0, p_0, t_0], z3.Implies(self.ctx.send(self.fw, n_0, p_0, t_0), \ z3.Exists([n_1, t_1], \ z3.And(self.ctx.recv(n_1, self.fw, p_0, t_1),\ t_1 < t_0))))) self.constraints.append(z3.ForAll([n_0, p_0, t_0], z3.Implies(\ z3.And(self.ctx.send(self.fw, n_0, p_0, t_0), \ z3.Not(self.acl_func(p_0))), \ z3.Exists([n_1, p_1, t_1], \ z3.And(self.ctx.send(self.fw, n_1, p_1, t_1), \ t_1 + 1 <= t_0, \ self.acl_func(p_1), \ self.ctx.packet.src(p_0) == self.ctx.packet.dest(p_1), \ self.ctx.packet.dest(p_0) == self.ctx.packet.src(p_1), \ self.ctx.src_port(p_0) == self.ctx.dest_port(p_1), \ self.ctx.dest_port(p_0) == self.ctx.src_port(p_1), \ )))))
def _constraints(self): #self.count_func = z3.Function('count_%s'%(self.node), self.ctx.address, self.ctx.address, \ #z3.IntSort(), z3.IntSort()) p0 = z3.Const('_counter_p0_%s' % (self.node), self.ctx.packet) p1 = z3.Const('_counter_p1_%s' % (self.node), self.ctx.packet) n0 = z3.Const('_counter_n0_%s' % (self.node), self.ctx.node) n1 = z3.Const('_counter_n1_%s' % (self.node), self.ctx.node) n2 = z3.Const('_counter_n2_%s' % (self.node), self.ctx.node) t0 = z3.Int('_counter_t0_%s' % (self.node)) t1 = z3.Int('_counter_t1_%s' % (self.node)) a0 = z3.Const('_counter_a0_%s' % (self.node), self.ctx.address) a1 = z3.Const('_counter_a1_%s' % (self.node), self.ctx.address) # Make sure all packets sent were first recved self.constraints.append(z3.ForAll([n0, p0], \ z3.Implies(self.ctx.send(self.node, n0, p0), \ z3.And( \ z3.Exists([n1], \ z3.And (self.ctx.recv(n1, self.node, p0), \ n0 != n1)), \ z3.Not(z3.Exists([n2], \ z3.And(self.ctx.send(self.node, n2, p0), \ n2 != n0))), \ self.ctx.etime(self.node, p0, self.ctx.send_event) > \ self.ctx.etime(self.node, p0, self.ctx.recv_event))))) # Make sure packets go one at a time self.constraints.append(z3.ForAll([p0, t0], \ z3.Implies(z3.And(self.ctx.etime(self.node, p0, self.ctx.send_event) == t0, \ t0 != 0), \ z3.ForAll([p1], \ z3.Or(p0 == p1, \ self.ctx.etime(self.node, p1, \ self.ctx.send_event) != \ t0)))))
def _populateLoadBalancerConstraints(self): self.hash_function = z3.Function( 'load_balancer_hash_%s' % (self.balancer), z3.IntSort(), z3.IntSort(), z3.IntSort()) p0 = z3.Const('_load_balancer_p0_%s' % (self.balancer), self.ctx.packet) p1 = z3.Const('_load_balancer_p1_%s' % (self.balancer), self.ctx.packet) n0 = z3.Const('_load_balancer_n0_%s' % (self.balancer), self.ctx.node) n1 = z3.Const('_load_balancer_n1_%s' % (self.balancer), self.ctx.node) n2 = z3.Const('_load_balancer_n2_%s' % (self.balancer), self.ctx.node) hash_same = [self.ctx.packet.src(p0) == self.ctx.packet.src(p1), \ self.ctx.packet.dest(p0) == self.ctx.packet.dest(p1), \ self.hash_function(self.ctx.src_port(p0), self.ctx.dest_port(p0)) == \ self.hash_function(self.ctx.src_port(p1), self.ctx.dest_port(p1)), \ self.ctx.send(self.balancer, n0, p0), \ self.ctx.send(self.balancer, n1, p1) ] self.constraints.append(z3.ForAll([n0, p0, n1, p1], \ z3.Implies(z3.And(hash_same), \ n0 == n1))) self.constraints.append(z3.ForAll([n0, p0], \ z3.Implies(\ self.ctx.send(self.balancer, n0, p0), \ z3.And( \ z3.Exists([n1], \ z3.And(self.ctx.recv(n1, self.balancer, p0), \ n1 != n0)), \ z3.Not(z3.Exists([n2], \ z3.And(n2 != n0, \ self.ctx.send(self.balancer, n2, p0)))), \ self.ctx.etime(self.balancer, p0, self.ctx.send_event) > \ self.ctx.etime(self.balancer, p0, self.ctx.recv_event)))))
def _addConstraints(self, solver): solver.add(self.constraints) p = z3.Const('__ips_acl_Packet_%s' % (self.ips), self.ctx.packet) addr_a = z3.Const('__ips_acl_cache_a_%s' % (self.ips), self.ctx.address) port_a = z3.Const('__ips_acl_port_a_%s' % (self.ips), z3.IntSort()) addr_b = z3.Const('__ips_acl_cache_b_%s' % (self.ips), self.ctx.address) port_b = z3.Const('__ips_acl_port_b_%s' % (self.ips), z3.IntSort()) aclConstraints = map(lambda (a, b): z3.And(self.ctx.packet.src(p) == a, \ self.ctx.packet.dest(p) == b), self.acls) eh = z3.Const('__ips_acl_node_%s' % (self.ips), self.ctx.node) # Constraints for what holes are punched # \forall a, b cached(a, b) \iff \exists e, p send(f, e, p) \land # p.src == a \land p.dest == b \land ctime(a, b) = etime(ips, p, R) \land # neg(ACL(p)) if len(aclConstraints) > 0: solver.add(z3.ForAll([addr_a, port_a, addr_b, port_b], self.cached(addr_a, port_a, addr_b, port_b) ==\ z3.Exists([eh, p], \ z3.And(self.ctx.recv(eh, self.ips, p), \ z3.And(self.ctx.packet.src (p) == addr_a, self.ctx.packet.dest(p) == addr_b, \ self.ctx.src_port (p) == port_a, self.ctx.dest_port (p) == port_b, \ self.ctime (addr_a, port_a, addr_b, port_b) == self.ctx.etime(self.ips, p, self.ctx.recv_event), \ z3.Not(z3.Or(aclConstraints))))))) else: solver.add(z3.ForAll([addr_a, port_a, addr_b, port_b], self.cached(addr_a, port_a, addr_b, port_b) ==\ z3.Exists([eh, p], \ z3.And(self.ctx.recv(eh, self.ips, p), \ z3.And(self.ctx.packet.src (p) == addr_a, self.ctx.packet.dest(p) == addr_b, \ self.ctx.src_port (p) == port_a, self.ctx.dest_port (p) == port_b, \ self.ctime (addr_a, port_a, addr_b, port_b) == self.ctx.etime(self.ips, p, self.ctx.recv_event))))))
def CheckNodeTraversalProperty(self, src, dest, nodes): class IsolationResult(object): def __init__(self, result, violating_packet, last_hop, last_send_time, last_recv_time, ctx, assertions, model=None): self.ctx = ctx self.result = result self.violating_packet = violating_packet self.last_hop = last_hop self.model = model self.last_send_time = last_send_time self.last_recv_time = last_recv_time self.assertions = assertions assert (src in self.net.elements) assert (dest in self.net.elements) self.solver.push() self.AddConstraints() p = z3.Const('check_isolation_p_%s_%s' % (src.z3Node, dest.z3Node), self.ctx.packet) n_0 = z3.Const('check_isolation_n_0_%s_%s' % (src.z3Node, dest.z3Node), self.ctx.node) n_1 = z3.Const('check_isolation_n_1_%s_%s' % (src.z3Node, dest.z3Node), self.ctx.node) n_2 = z3.Const('check_isolation_n_2_%s_%s' % (src.z3Node, dest.z3Node), self.ctx.node) t_0 = z3.Int('check_isolation_t0_%s_%s' % (src.z3Node, dest.z3Node)) t_1 = z3.Int('check_isolation_t1_%s_%s' % (src.z3Node, dest.z3Node)) t_2 = z3.Int('check_isolation_t2_%s_%s' % (src.z3Node, dest.z3Node)) self.solver.add(self.ctx.recv(n_0, dest.z3Node, p, t_0)) self.solver.add(self.ctx.send(src.z3Node, n_1, p, t_1)) self.solver.add( self.ctx.nodeHasAddr(src.z3Node, self.ctx.packet.src(p))) self.solver.add(self.ctx.packet.origin(p) == src.z3Node) if not isinstance(nodes, list): nodes = [nodes] for node in nodes: self.solver.add(z3.Not(z3.Exists([n_2, t_2],\ z3.And(self.ctx.recv(n_2, node.z3Node, p, t_2), \ t_2 < t_0)))) self.solver.add(z3.Not(z3.Exists([n_2, t_2],\ z3.And(self.ctx.send(node.z3Node, n_2, p, t_2), \ t_2 < t_0)))) result = self.solver.check() model = None assertions = self.solver.assertions() if result == z3.sat: model = self.solver.model() self.solver.pop() return IsolationResult(result, p, n_0, t_1, t_0, self.ctx, assertions, model)
def as_z3(self): if isinstance(self.domain, Type): return z3.Exists([self.var.as_z3()], self.prop.as_z3()) else: var = self.var.as_z3() return z3.Exists( [var], z3.And( z3.And(var >= self.domain[0].as_z3(), var < self.domain[1].as_z3()), self.prop.as_z3(), ), )
def _firewallSendRules (self): p = z3.Const('__firewall_Packet_%s'%(self.fw), self.ctx.packet) eh = z3.Const('__firewall_node1_%s'%(self.fw), self.ctx.node) eh2 = z3.Const('__firewall_node2_%s'%(self.fw), self.ctx.node) eh3 = z3.Const('__firewall_node3_%s'%(self.fw), self.ctx.node) # The firewall never invents self.ctx.packets # \forall e_1, p\ send (f, e_1, p) \Rightarrow \exists e_2 recv(e_2, f, p) self.constraints.append(z3.ForAll([eh, p], z3.Implies(self.ctx.send(self.fw, eh, p), \ z3.And(z3.Exists([eh2], self.ctx.recv(eh2, self.fw, p)), \ z3.Not(z3.Exists([eh3], z3.And(self.ctx.send(self.fw, eh3, p),\ eh3 != eh))), \ self.ctx.etime(self.fw, p, self.ctx.send_event) >\ self.ctx.etime(self.fw, p, self.ctx.recv_event)))))
def _nullNode (self): p = z3.Const('__nnode_Packet_%s'%(self.node), self.ctx.packet) n0 = z3.Const('__nnode_node1_%s'%(self.node), self.ctx.node) n2 = z3.Const('__nnode_node2_%s'%(self.node), self.ctx.node) n3 = z3.Const('__nnode_node3_%s'%(self.node), self.ctx.node) # The nnode never invents self.ctx.packets # \forall e_1, p\ send (f, e_1, p) \Rightarrow \exists e_2 recv(e_2, f, p) self.constraints.append(z3.ForAll([n0, p], z3.Implies(self.ctx.send(self.node, n0, p), \ z3.And(z3.Exists([n2], self.ctx.recv(n2, self.node, p)), \ z3.Not(z3.Exists([n3], z3.And(self.ctx.send(self.node, n3, p),\ n3 != n0))), \ self.ctx.etime(self.node, p, self.ctx.send_event) >\ self.ctx.etime(self.node, p, self.ctx.recv_event)))))
def query(self, atom): """Query a relation on the compiled theory""" self.compiler.substitutes_constants_in_array(atom.args) if atom.table not in self.compiler.typed_tables: raise base.Z3NotWellFormed( "Unknown relation {}".format(atom.table)) atom.types = self.compiler.typed_tables[atom.table] if len(atom.types) != len(atom.args): raise base.Z3NotWellFormed( "Arity of predicate inconsistency in {}".format(atom)) for i in moves.xrange(len(atom.types)): atom.args[i].type = atom.types[i] ast_vars = list(OrderedDict.fromkeys([ arg for arg in atom.args if isinstance(arg, ast.Variable) ])) vars = {} self.compiler.project = None query = self.compile_atom(vars, atom, {}) if vars != {}: compiled_vars = [vars[ast_var.full_id()] for ast_var in ast_vars] query = z3.Exists(compiled_vars, query) self.context.query(query) types = [self.datasource.types[ast_var.type] for ast_var in ast_vars] variables = [ast_var.id for ast_var in ast_vars] raw_answer = self.context.get_answer() logging.getLogger().debug("Raw answer:\n%s", raw_answer) answer = z3r.z3_to_array(raw_answer, types) return variables, answer
def to_z3(self): z3_constraints = [] for predicate_name in self.program.get_idb_predicate_names(): self.reset_fresh_vars() predicate = self.get_predicate(predicate_name, self.unroll_limit) z3_head_vars = [] for var_id in range(predicate.arity()): z3_fresh_var = self.get_fresh_var(predicate.domain(var_id)) z3_head_vars.append(z3_fresh_var) (z3_body_free_vars, z3_body_constraint) = self.pred_to_z3(predicate_name, self.unroll_limit, z3_head_vars) if DISTINCT_CONSTRAINT: vertex_variables = [ var for var in z3_head_vars + z3_body_free_vars if var.sort() == VERTEX ] if vertex_variables: z3_body_constraint = z3.And(z3.Distinct(vertex_variables), z3_body_constraint) z3_constraint = z3.ForAll( z3_head_vars, predicate(z3_head_vars) == ( z3_body_constraint if len(z3_body_free_vars) == 0 else z3.Exists(z3_body_free_vars, z3_body_constraint))) z3_constraints.append(z3_constraint) return z3_constraints
def mkNewQuery(self, qr, fpred, t_flags, f_flags): """ Create a new query by adding * qr old query * fpred failing predicate * idxs list of failing predicate """ print "Creating a new query ..." body = qr.body() pred = None for p in self.preds: if fpred.decl().eq(p.decl()): pred = p pred_vars = pred.children() false_vars = self.getVars(f_flags, pred_vars, qr) true_vars = self.getVars(t_flags, pred_vars, qr) not_vars = [z3.Not(ix) for ix in false_vars] exist_vars, body = stripQuantifierBlock(qr) true_false_vars = not_vars + true_vars + [qr.ctx] new_vars_conjunct = z3.Not(z3.And(*true_false_vars)) and_predicate = z3.And(*[body, new_vars_conjunct, qr.ctx]) if verbose: print "New Conjunct:", and_predicate new_exist_vars = self.existVars(exist_vars, true_false_vars) new_query = z3.Exists(new_exist_vars, and_predicate) if verbose: print "NEW Query:\n", new_query return new_query
def toZ3(f: Union[Formula, Term], env: Environment) -> z3.ExprRef: def R(f: Union[Formula, Term]) -> z3.ExprRef: return toZ3(f, env) if isinstance(f, And): if len(f.c) == 0: return z3.BoolVal(True) return z3.And(*[R(x) for x in f.c]) elif isinstance(f, Or): if len(f.c) == 0: return z3.BoolVal(False) return z3.Or(*[R(x) for x in f.c]) elif isinstance(f, Not): return z3.Not(R(f.f)) elif isinstance(f, Relation): return z3_rel_func[f.rel](*[R(x) for x in f.args]) elif isinstance(f, Func): return z3_rel_func[f.f](*[R(x) for x in f.args]) elif isinstance(f, Equal): return R(f.args[0]) == R(f.args[1]) elif isinstance(f, Var): v = env.lookup_var(f.var) if v is None: raise RuntimeError("Cannot convert invalid formula to z3") return z3.Const(f.var, sorts_to_z3[v]) elif isinstance(f, Forall) or isinstance(f, Exists): env.bind(f.var, f.sort) sub_f = toZ3(f.f, env) env.pop() bv = z3.Const(f.var, sorts_to_z3[f.sort]) return z3.ForAll(bv, sub_f) if isinstance(f, Forall) else z3.Exists( bv, sub_f) else: print("Can't translate", f) assert False
def elim_bool_ite(exp): if z3.is_quantifier(exp): (qvars, matrix) = strip_qblock(exp) matrix = elim_bool_ite(matrix) if exp.is_forall(): e = z3.ForAll(qvars, matrix) else: e = z3.Exists(qvars, matrix) return e if not z3.is_bool(exp): return exp if z3.is_true(exp) or z3.is_false(exp): return exp assert z3.is_app(exp) decl = exp.decl() args = map(elim_bool_ite, exp.children()) # need to worry about And and Or because they can take >2 args and # decl(*args) doesn't seem to work with the py interface if z3.is_and(exp): return z3.And(*args) elif z3.is_or(exp): return z3.Or(*args) elif is_ite(exp): impl1 = z3.Implies(args[0], args[1]) impl2 = z3.Implies(z3.Not(args[0]), args[2]) return z3.And(impl1, impl2) else: return decl(*args)
def test_fault(self): with self.assertRaises(util.NoReturn): self.ctx.call('@fault') pid = util.FreshBitVec('pid', dt.pid_t) s = self.state.copy() s.procs[s.current].killed = z3.BoolVal(True) newstate = spec.switch_proc(s, pid)[1] self._prove(z3.Exists([pid], spec.state_equiv(self.ctx, newstate)))
def mk_query(self): assert (self.is_query()) f = self._body assert (len(f) > 0) f = z3.And(f) if len(self._bound_constants) > 0: f = z3.Exists(self._bound_constants, f) return f
def LSRRConstraints(self): p0 = z3.Const('_counter_p0_%s' % (self.router), self.ctx.packet) p1 = z3.Const('_counter_p1_%s' % (self.router), self.ctx.packet) n0 = z3.Const('_counter_n0_%s' % (self.router), self.ctx.node) n1 = z3.Const('_counter_n1_%s' % (self.router), self.ctx.node) n2 = z3.Const('_counter_n2_%s' % (self.router), self.ctx.node) t0 = z3.Int('_counter_t0_%s' % (self.router)) t1 = z3.Int('_counter_t1_%s' % (self.router)) a0 = z3.Const('_counter_a0_%s' % (self.router), self.ctx.address) a1 = z3.Const('_counter_a1_%s' % (self.router), self.ctx.address) self.constraints.append ( \ z3.ForAll ([p0, n0], \ z3.Implies (self.ctx.send(self.router, n0, p0), \ z3.Or( \ z3.Exists([n1], \ z3.And(self.ctx.recv(n1, self.router, p0), \ z3.Not(self.ctx.hostHasAddr(self.router, \ self.ctx.packet.dest(p0))), \ z3.Not(z3.Exists([n2], \ z3.And(n2 != n0, \ self.ctx.send(self.router, n2, p0)))), \ self.ctx.etime(self.router, p0, self.ctx.recv_event) < \ self.ctx.etime(self.router, p1, self.ctx.send_event))), \ z3.Exists([n1, p1], \ z3.And(self.ctx.recv(n1, self.router, p1), \ self.ctx.hostHasAddr(self.router, self.ctx.packet.dest(p1)), \ z3.Not(z3.Exists([n2], \ z3.And(n2 != n0, \ self.ctx.send(self.router, n2, p0)))), \ self.ctx.hostHasAddr(self.router, \ self.ctx.packet.src(p0)), \ self.ctx.packet.dest(p0) == \ self.option(self.ctx.packet.options(p0), \ self.ctx.packet.dest(p1)), \ z3.Not(self.ctx.hostHasAddr(self.router, \ self.ctx.packet.dest(p0))), \ self.ctx.src_port(p0) == self.ctx.src_port(p1), \ self.ctx.dest_port(p0) == self.ctx.dest_port(p1), \ self.ctx.packet.body(p0) == self.ctx.packet.body(p1), \ self.ctx.packet.orig_body(p0) == self.ctx.packet.orig_body(p1), \ self.ctx.packet.seq(p0) == self.ctx.packet.seq(p1), \ self.ctx.packet.options(p0) == self.ctx.packet.options(p1), \ self.ctx.packet.origin(p0) == self.ctx.packet.origin(p1), \ self.ctx.etime(self.router, p1, self.ctx.recv_event) < \ self.ctx.etime(self.router, p0, self.ctx.send_event)))))))
def is_join(modelset, s, t, g, a): # Assert that modelset behaves, on inputs g and a, like s "joined" with t. # "joined" is the |><| operator. alpha = Action('alpha') beta = Action('beta') return z3_helpers.Iff( has(modelset, g, a), z3.Exists(alpha, beta), z3.And(has(s, g, alpha), has(t, g, beta), is_plus(alpha, beta, a)))
def cofactor_term_ite(exp): if z3.is_quantifier(exp): (qvars, matrix) = strip_qblock(exp) matrix = cofactor_term_ite(matrix) if exp.is_forall(): return z3.ForAll(qvars, matrix) else: return z3.Exists(qvars, matrix) t = z3.Tactic('cofactor-term-ite', ctx=exp.ctx) return t(exp).as_expr()
def _ddosSendRules(self): p_0 = z3.Const('%s_dpi_send_p_0'%(self.dpi), self.ctx.packet) p_1 = z3.Const('%s_dpi_send_p_1'%(self.dpi), self.ctx.packet) n_0 = z3.Const('%s_dpi_send_n_0'%(self.dpi), self.ctx.node) n_1 = z3.Const('%s_dpi_send_n_1'%(self.dpi), self.ctx.node) t_0 = z3.Int('%s_dpi_send_t_0'%(self.dpi)) t_1 = z3.Int('%s_dpi_send_t_1'%(self.dpi)) t_2 = z3.Int('%s_dpi_send_t_2'%(self.dpi)) t_3 = z3.Int('%s_dpi_send_t_3'%(self.dpi)) self.constraints.append(z3.ForAll([n_0, p_0, t_0], z3.Implies(self.ctx.send(self.dpi, n_0, p_0, t_0), \ z3.And(z3.Not(self.failed(t_0)), \ z3.Exists([n_1, t_1], \ z3.And(self.ctx.recv(n_1, self.dpi, p_0, t_1), \ t_1 < t_0, \ z3.Not(self.failed(t_1)), \ z3.ForAll([t_2], \ z3.Or(z3.Not(self.ddos(self.ctx.packet.src(p_0), t_2)), \ z3.Exists([t_3], \ z3.And(t_2 < t_3, t_3 < t_0, t_3 < t_1, self.failed(t_3)))))))))))
def to_quantified_z3(a): import z3 t = [b.to_z3() for b in a.uvars() & a.free_vars()] e = [b.to_z3() for b in a.evars() & a.free_vars()] #nats_t = z3.And([v >= 0 for v in t if type(v) is z3.ArithRef]) #nats_e = z3.And([v >= 0 for v in e if type(v) is z3.ArithRef]) #ex = z3.Exists(e, z3.Implies(nats_e, a.to_z3())) if len(e) > 0 else a.to_z3() #return z3.ForAll(t, z3.Implies(nats_t, ex)) if len(t) > 0 else ex ex = z3.Exists(e, a.to_z3()) if len(e) > 0 else a.to_z3() return z3.ForAll(t, ex) if len(t) > 0 else ex
def predicate(p, t): t_0 = z3.Int('route_t') t_1 = z3.Int('route_t1') n = z3.Const('%s_route_n', self.ctx.node) received = z3.Exists([t_0], z3.And(self.ctx.recv(s.z3Node, node.z3Node, p, t_0), \ t_0 < t, \ z3.ForAll([t_1, n], \ z3.Or(t_1 > t, \ z3.Implies(self.ctx.recv(n, node.z3Node, p, t_1), \ z3.Or(t_1 < t_0, z3.And(t_1 == t_0, n == s.z3Node))))))) return z3.And(destAddrPredicate(self.ctx, d)(p), received)
def _fabricSendRules(self): p_0 = z3.Const('%s_fabric_p_0' % (self.node), self.ctx.packet) n_0 = z3.Const('%s_fabric_n_0' % (self.node), self.ctx.node) n_1 = z3.Const('%s_fabric_n_1' % (self.node), self.ctx.node) t_0 = z3.Int('%s_fabric_t_0' % (self.node)) t_1 = z3.Int('%s_fabric_t_1' % (self.node)) self.constraints.append(z3.ForAll([n_0, p_0, t_0], z3.Implies(self.ctx.send(self.node, n_0, p_0, t_0), \ z3.Exists([n_1, t_1], \ z3.And(self.ctx.recv(n_1, self.node, p_0, t_1), \ t_1 < t_0)))))
def _scrubberRules(self): p_0 = z3.Const('%s_p_0' % (self.node), self.ctx.packet) n_0 = z3.Const('%s_n_0' % (self.node), self.ctx.node) n_1 = z3.Const('%s_n_1' % (self.node), self.ctx.node) t_0 = z3.Int('%s_t_0' % self.node) t_1 = z3.Int('%s_t_1' % self.node) self.constraints.append(z3.ForAll([n_0, p_0, t_0], z3.Implies(self.ctx.send(self.node, n_0, p_0, t_0), \ z3.Exists([n_1, t_1], \ z3.And(self.ctx.recv(n_1, self.node, p_0, t_1), \ #z3.Not(self.suspicious(p_0)), \ t_1 < t_0)))))
def does_contain(*tup): assert len(tup) == len(kept_columns) col_map = dict(zip(kept_columns, tup)) variables = [] existentials = [] for c in self.columns: if c in col_map: variables.append(col_map[c]) else: var = z3.Const(c, self.sort) existentials.append(var) variables.append(var) return z3.Exists(existentials, self.does_contain(*variables))
def _rules(self): p_0 = z3.Const('%s_send_p_0' % (self.node), self.ctx.packet) n_0 = z3.Const('%s_send_n_0' % (self.node), self.ctx.node) n_1 = z3.Const('%s_send_n_1' % (self.node), self.ctx.node) t_0 = z3.Int('%s_send_t_0' % (self.node)) t_1 = z3.Int('%s_send_t_1' % (self.node)) self.constraints.append(\ z3.ForAll([n_0, p_0, t_0], z3.Implies(self.ctx.send(self.node, n_0, p_0, t_0), \ z3.And(z3.Not(self.failed(t_0)), \ z3.Exists([n_1, t_1], \ z3.And(self.ctx.recv(n_1, self.node, p_0, t_1), \ t_1 < t_0, \ z3.Not(self.failed(t_1))))))))
def _wanOptSendRule(self): p1 = z3.Const('__wanopt_unmoded_packet_%s' % (self.opt), self.ctx.packet) p2 = z3.Const('__wanopt_moded_packet_%s' % (self.opt), self.ctx.packet) e1 = z3.Const('__wanopt_ingress_node_%s' % (self.opt), self.ctx.node) e2 = z3.Const('__wanopt_egress_node_%s' % (self.opt), self.ctx.node) e3 = z3.Const('__wanopt_not_egress_node_%s' % (self.opt), self.ctx.node) self.constraints.append( \ z3.ForAll([e1, p1], \ z3.Implies(self.ctx.send(self.opt, e1, p1), \ z3.Exists([e2, p2], \ z3.And(self.ctx.recv(e2, self.opt, p2), \ self.ctx.PacketsHeadersEqual(p1, p2), \ self.ctx.packet.body(p1) == self.transformation(self.ctx.packet.body(p2)), \ self.ctx.packet.orig_body(p1) == self.ctx.packet.orig_body(p2), \ z3.Not(z3.Exists([e3], \ z3.And(e3 != e1, \ self.ctx.send(self.opt, e3, p2)))), \ self.ctx.etime(self.opt, p1, self.ctx.send_event) > \ self.ctx.etime(self.opt, p2, self.ctx.recv_event))))))
def __solve(self, forall: bool = False) -> ProofResult: cond = self.z3expr() variables = { v for v in self.variables(True) if isinstance(v.name, str) } if variables: if forall: cond = z3.ForAll([v.z3expr() for v in variables], cond) else: cond = z3.Exists([v.z3expr() for v in variables], cond) solver = z3.Solver() solver.add(cond) return ProofResult(solver.check())
def mk_query(self): assert self.is_query() assert len(self.body()) > 0 _body = self.body() if self.is_simple_query(): return _body[0] if len(_body) == 1: f = _body[0] else: f = z3.And(_body, self._ctx) if len(self._bound_constants) > 0: f = z3.Exists(self._bound_constants, f) return f
def projection_test(n=5, m=7): P = polyedre(n=n, m=m) F1 = conjunction(P) print("Random polyhedron", F1) E1 = z3.Exists(z3.Int("x0"), F1) #print("Expected formula after projection", E1) #t=z3.Tactic("qe") #Formula1 = t(E1) #print("Expected formula after projection, with z3 quantifier elimination", Formula1) a = Parse(get_lexema_list(str(E1))).cooper().toZ3() #print("Expected formula after projection, with my implementation of quantifier elimination", a) F2 = isl_intersection(P) Fp = project(F2) Str = "(" + get_formula(Fp) + ")" LL = get_lexema_list(Str) E2 = Parse(LL) #print("Formula given by ISL after projection", E2.toZ3()) #Formula2=t(E2.toZ3()) #print("Formula given by ISL after projection, after z3 quantifier elimination", Formula2) b = E2.cooper().toZ3() #print("Formula given by ISL after projection, after my implementation of quantifier elimination", b) my_solver = z3.Solver() my_solver.add(z3.Xor(a, b)) r = my_solver.check() == z3.unsat print("Result with my implementation of quantifier elimination", r) return r #z3_solver = z3.Then("smt","qe").solver() #z3_solver.add(z3.Xor(E1,E2.toZ3())) #print("Result with z3 quantifier elimination", z3_solver.check()==z3.unsat) #z3_solver = z3.Then("smt","qe").solver() #z3_solver.add(z3.Not(z3.Implies(E1,E2.toZ3()))) #print("A => B", z3_solver.check()==z3.unsat) #z3_solver = z3.Then("smt", "qe").solver() #z3_solver.add(z3.Not(z3.Implies(E2.toZ3(),E1))) #print("B => A", z3_solver.check()==z3.unsat) '''SE=str(E) LLE=get_lexema_list(SE) Lol = Parse(LLE) print(Lol.toString()) Unch = Lol.cooper() print("unch",Unch.toString())''' '''Fp=isl_intersection(P)