This takes a memory address as an argument, not a possibly-symbolic
value (which we do support). We probably need to extend the DeepState
API to support this robustly.
We don't declare the functions to ensure compilation fails fast, not
linking. We keep the commented prototype for the sake of documentation,
instead of just deleting it. We may also eventually be able to impl the
functions if we extend the DeepState API.
- Use `DeepState_CurrentTestRun` global shared struct
- Allocate memory for the above in `DeepState_Setup()`
- Update `DeepState_Catch...` functions to map enums to status ints
- Use `DeepState_AllocCurrentTestRun()` to map memory in take-over setup
- Add error handling for `mmap()` call
- Unify init of test globals via `DeepState_InitCurrentTestRun()`
- Map shared memory for `DeepState_CurrentTestRun`
- For non-crashing forked test runs, inspect the above to figure out
what happened. In particular, this supports `CHECK` and soft failures.
Warning: this does not work correctly with tests that soft fail, e.g.
via a `CHECK` assertion. This is because the soft failures only update
the child's `DeepState_TestFailed` global variable, but do not exit.
What we will soon do is share memory with the child process, and derive
the "test result" from that shared memeory.
In take-over mode, the "test" is the entire binary being executed as a
child process. So, we want to exit, rather than trying to `longjmp()` to
`DeepState_ReturnToRun`, which was never initialized.
Now we have API parity with the angr executor, and return 1 from
`DeepState_TakeOver()` when it is hooked for symbolic execution under
the Manticore backend.
- Add `--take_over` flag
- Allow running tests from non-function instruction addr
- Hook `DeepState_TakeOver()` with a `SimProcedure` that returns 1
- Make a fake test case that starts after `TakeOver` returns
