alex
|
c65b0c7ba4
|
better version
|
2017-12-12 00:20:13 -08:00 |
|
alex
|
70090bd712
|
Version that works, test depth
|
2017-12-11 23:17:18 -08:00 |
|
Peter Goodman
|
669f6cf3f9
|
Made the OneOf example work.
|
2017-12-11 19:40:39 -05:00 |
|
alex
|
76ff9ec5b3
|
capture fixed
|
2017-12-11 14:56:48 -08:00 |
|
alex
|
26657954c7
|
OneOf example (failing)
|
2017-12-11 14:30:37 -08:00 |
|
Peter Goodman
|
f15e09520b
|
Merge branch 'master' of github.com:trailofbits/deepstate
|
2017-12-10 20:09:36 -05:00 |
|
Peter Goodman
|
8248bbdcbc
|
Removed usage of old name, added in a Euler power of like primes example. When the pairwise ASSERT_NEs are absent, you get interesting results that show examples of integer overflows.
|
2017-12-10 20:08:08 -05:00 |
|
Peter Goodman
|
f28b285ac3
|
Removed usage of old name, added in a Euler power of like primes example. When the pairwise ASSERT_NEs are absent, you get interesting results that show examples of integer overflows.
|
2017-12-10 14:39:05 -05:00 |
|
Peter Goodman
|
fcd000dc14
|
Added a maximize objective API to DeepState.
|
2017-12-10 13:37:47 -05:00 |
|
Peter Goodman
|
188d4517d8
|
Added prime polynomial example, new Pumping function to address scalability challenges with primality testing, and some improvements to the streaming interface, where if you don't stream in values, then the python side doesn't end up printing out some 'empty' stream infos.
|
2017-12-09 16:43:43 -05:00 |
|
Peter Goodman
|
3aaaf71b85
|
Added support for c++ test fixtures.
|
2017-12-08 23:58:59 -05:00 |
|
Peter Goodman
|
f9fb7e81be
|
Initial progress in Issue #7 with support for a Dr. Fuzz harness.
|
2017-12-08 21:07:52 -05:00 |
|
Peter Goodman
|
a411f0e032
|
Adds ONE_OF. Breaks some lines at 80 columns.
|
2017-12-07 20:05:06 -05:00 |
|
Peter Goodman
|
a5ce3eaf31
|
Fix issue where I passed cast_to to min.
|
2017-12-03 20:57:15 -05:00 |
|
Peter Goodman
|
29f2465ebf
|
Fixes issue with logger. Fixes issue where we weren't get the minimum value SATed.
|
2017-11-21 13:01:32 -05:00 |
|
Peter Goodman
|
5f36822021
|
Made the report function concretize using the minimizer, so that eventually we'll be able to compare inputs generated across tools
|
2017-11-09 10:35:48 -05:00 |
|
Peter Goodman
|
02fce4cdf9
|
Merge pull request #2 from trailofbits/squares_example
Squares example
|
2017-11-02 13:39:09 -04:00 |
|
Peter Goodman
|
6ec7d71188
|
Added error checking.
|
2017-11-02 01:05:15 -04:00 |
|
Peter Goodman
|
a093a82ef9
|
Merge branch 'master' of github.com:trailofbits/deepstate
|
2017-11-02 00:54:22 -04:00 |
|
Peter Goodman
|
c4f74e2389
|
Adds some error checking around finding important symbols and initializing Manticore/Angr. Adds the ability to save concretized bytes to an output directory. For the time being, I'm going with the approach of the user specifying a output dir, then within that I create directories for each file basename in the tests, and subdirectories for each test name, and in there I put binary test files.
|
2017-11-02 00:54:18 -04:00 |
|
Peter Goodman
|
fee42a7677
|
Merge pull request #1 from trailofbits/user_install_clang4
Allow for user specific installs, build with Clang 4.0
|
2017-11-02 00:46:07 -04:00 |
|
Artem Dinaburg
|
2157f67dac
|
Add an example that modifies an existing C program for symbolic testing
|
2017-11-02 00:33:35 -04:00 |
|
Artem Dinaburg
|
07fb0fb4c8
|
build using clang 4.0
|
2017-11-01 22:59:17 -04:00 |
|
Artem Dinaburg
|
373441fb9f
|
Allow for a user only install if CMAKE_INSTALL_PREFIX is set
|
2017-11-01 22:59:04 -04:00 |
|
Peter Goodman
|
bc208dbd4d
|
Fixes issue where the angr script printed out the wrong symbol bytes.
|
2017-11-01 21:27:08 -04:00 |
|
Peter Goodman
|
4f914e4eee
|
Fixes to stream formatting of doubles, they weren't being streamed before. Implemented the chk versions of printf and such, so that they all route through the logging interface as well. Implemented the concretization APIs.
|
2017-11-01 17:56:54 -04:00 |
|
Peter Goodman
|
d2bc82fc35
|
Renaming from McTest to DeepState.
|
2017-11-01 13:38:32 -04:00 |
|
Peter Goodman
|
f7f029965b
|
Whatever I had before renaming.
|
2017-11-01 12:14:22 -04:00 |
|
Peter Goodman
|
a46e06b03b
|
Refactored to split common code between Manticore and Angr out into common.py. Implemented the new deferred streaming stuff, it seems to work semi-well for this simple cases I've tested, but there's still work to do. The latest code has some remaining issues. Printing out the final input bytes in Angr shows the wrong thing, although what gets streamed out is right. This is visible when running mctest-angr examples/ArtihmeticProperties. With Manticore, the big issue is that it doesn't properly pickle smt expressions (or something to this effect), so I'm ending up with multiple definitions of the same stuff and that throws exceptions. This is tricky to deal with because the streaming of output needs to be able to save symbolic data.
|
2017-11-01 02:42:31 -04:00 |
|
Peter Goodman
|
8ec44074ad
|
Make sure to make new lists of messages so that messages from one test don't get put into another.
|
2017-10-30 14:39:15 -04:00 |
|
Peter Goodman
|
3702bfcb81
|
Changed how the logging works to log to a static buffer, then the hooks pull info out from there.
|
2017-10-30 14:16:02 -04:00 |
|
Peter Goodman
|
e4f4cfe0db
|
Kind of feature parity between Manticore and Angr on these tests.
|
2017-10-30 00:45:59 -04:00 |
|
Peter Goodman
|
4b786adc70
|
Got Manticore (with some minor unpublished fixes) working for McTest, based on Yan's initial work. Most of the angr code directly ports over, which is convenient. Haven't yet implemented McTest_Log (which isn't working for angr, curiously).
|
2017-10-29 20:35:50 -04:00 |
|
Peter Goodman
|
0ec7047b0f
|
Merge branch 'master' of github.com:trailofbits/mctest
|
2017-10-29 18:54:48 -04:00 |
|
Peter Goodman
|
e0f104aaef
|
Adding logger support, and other things.
|
2017-10-29 18:54:41 -04:00 |
|
yan
|
e3d8ab9b61
|
Expand Manticore support
|
2017-10-29 18:17:15 -04:00 |
|
Peter Goodman
|
7c9710cd05
|
Remove IsSymbolic preficate for pointers.
|
2017-10-28 20:26:43 -04:00 |
|
Peter Goodman
|
b8560c553f
|
USe a C++ style case in McTest.hpp
|
2017-10-28 20:23:23 -04:00 |
|
Peter Goodman
|
89da3e8e94
|
Made it so that tests can be run on their own, independent of a symbolic executor. This will open up libFuzzer support, and concrete execution of solved-for test case inputs. Removed all stuff related to sections. Made tests get registered via initializers. Working on exposing the API functions to be hooked by Manticore via a special system call with addres 0x41414141. Split the Angr version out into the mctest-angr binary, and going to try to make the mctest binary use Manticore.
|
2017-10-28 19:13:59 -04:00 |
|
Peter Goodman
|
0d336bd4d6
|
Fixed build errors for c++ test basics. Added a ForAll thingy to abstract around making symbols. Shortened section name lengths. Added a simple arithmetic properties test case.
|
2017-10-28 01:11:59 -04:00 |
|
Peter Goodman
|
76585f095b
|
Improvements. Now hooking fewer functions, and instead making on big array symbolic. This will make it easier to run the inputs concretely (by eventually filling in the array with the concrete bytes), and will also make possible fuzzer integration (where the fuzzer mutates the bytes of the array) possible.
|
2017-10-28 00:09:33 -04:00 |
|
Peter Goodman
|
6249ec6208
|
Initial commit.
|
2017-10-27 16:34:58 -04:00 |
|