DeforaNetworks/deepstate
3
0
Fork 0
Code Releases Activity
102 Commits 2 Branches 0 Tags
c9fa425e4b2ed27aae4a3d865fc3432bbc00136f
Commit Graph

102 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Groce
c9fa425e4b Add link to BAR paper 2018-02-18 13:13:33 -07:00
Peter Goodman
7e69ee208f Merge pull request #33 from trailofbits/improve-mc-crash-saving 
Be stricter about what terminated states are saved as crashes
 2018-02-18 12:00:45 +08:00
alex
4cb2354759 Better failure when using Manticore but Z3 is not installed 2018-02-16 16:26:50 -08:00
Joe Ranweiler
39e57b6725 Be stricter about what terminated states are saved as crashes 
We only want to save a `.crash` file if the input would cause a crash
when executing using the native harness. The old impl treated any state
termination as a crash. Now we add a predicate which checks the `reason`
and decides if the termination represents a crash in the program being
analyzed.

For now, we only flag `InvalidMemoryAccess` exceptions as crashes, as
identified by the `message` property on a `TerminateState` exception.
 2018-02-16 12:31:33 -08:00
Joe Ranweiler
febe14ac89 Merge pull request #30 from trailofbits/save-crashes 
Save crashes
 2018-02-16 10:46:37 -08:00
Joe Ranweiler
226d0f5513 Add enum for test run results and exit codes 2018-02-15 12:43:12 -08:00
Joe Ranweiler
4814e8184b Flag unknown Manticore state terminations as crashes 
This is an over-approximation, which we will tighten later.
 2018-02-15 10:54:47 -08:00
Joe Ranweiler
c1b91432fd Fix executor docstrings 2018-02-14 14:26:24 -08:00
Joe Ranweiler
0b82d4e409 Run saved .crash test cases in native harness 2018-02-14 12:30:14 -08:00
Joe Ranweiler
7fbb966777 Detect, report crashes in deepstate-angr 2018-02-14 12:24:33 -08:00
Joe Ranweiler
23af5b562d Add DeepState_Crash() hook 2018-02-14 12:22:38 -08:00
Joe Ranweiler
8ede1e2ddc Remove stray whitespace 2018-02-14 12:06:26 -08:00
Joe Ranweiler
86d0fac206 Log error when test crashes 2018-02-14 12:06:26 -08:00
Joe Ranweiler
12dc706534 Add crashing example tests 2018-02-14 12:06:26 -08:00
Joe Ranweiler
dd9c16865d Merge pull request #29 from trailofbits/fork-test-runs 
Fork test runs
 2018-02-14 10:25:26 -08:00
Joe Ranweiler
ac7e57a833 Consistently stub test case save hooks 2018-02-14 10:24:15 -08:00
Joe Ranweiler
ab43f75361 Add hook to save crashing tests 2018-02-14 10:24:15 -08:00
Joe Ranweiler
68595a9493 Fix handling of test failures due to uncaught exceptions 
We don't just want to exit here, but `longjmp()` back to the conditional
via a call to `DeepState_Fail()`. In doing so, we end up in the common
`DeepState_CatchFail()` branch, which exits with the same nonzero error
code, but also saves the test case if appropriate.
 2018-02-14 10:10:51 -08:00
Joe Ranweiler
a68520642a Fully factor out forking and running a single test 2018-02-13 14:37:14 -08:00
Joe Ranweiler
3c5d5daeaf Use more accurate function name 2018-02-13 14:37:14 -08:00
Joe Ranweiler
b61b3e7f2d Fork for all test runs 2018-02-13 14:37:14 -08:00
Joe Ranweiler
8f39961b3f Save result of forked test run if flag set 2018-02-13 14:37:14 -08:00
Joe Ranweiler
8ff5f6cac6 Fork when running saved test cases 
This anticipates support for crashing tests.
 2018-02-13 14:23:44 -08:00
Joe Ranweiler
b15e2a6f17 Merge pull request #26 from trailofbits/read-auto-generated-tests 
Read auto-generated tests
 2018-02-12 08:46:32 -08:00
Joe Ranweiler
879000bc73 Document functions for running saved test cases 2018-02-11 12:52:56 -08:00
Joe Ranweiler
d25a181771 Fix indent level 2018-02-10 16:09:37 -08:00
Joe Ranweiler
579cba3705 Check for error when stating test input file 2018-02-10 16:09:37 -08:00
Joe Ranweiler
d81cbba137 Clear log stream before failing with longjmp in fatal log 
When an assertion fails in the C++ API, it ultimately invokes a
`Fatal`-level `DeepState_Log()`. This calls `DeepState_Fail()`, which
longjmps. If we don't clear the log buffer here, it won't get cleared by
the usual logic which does so. This causes hanging, unflushed log
messages to persist between tests.

This relationship should eventually be inverted and decoupled.
 2018-02-10 16:09:37 -08:00
Joe Ranweiler
4a90b2a5e8 Skip tests with no saved cases to run 2018-02-10 16:09:37 -08:00
Joe Ranweiler
f3d13e37b3 Factor out initializing input from file 2018-02-10 16:09:36 -08:00
Joe Ranweiler
78cc5d46be Add initial impl of running saved test cases 2018-02-10 16:09:36 -08:00
Joe Ranweiler
2c7334ab0d Fix typo in error message 2018-02-10 16:09:36 -08:00
Joe Ranweiler
731876a7e6 Fix typo in example CMakeLists.txt 2018-02-10 16:09:36 -08:00
Joe Ranweiler
dd8a1c6608 Use external linkage for global input buffer 
This is to support running saved auto-generated test cases.
 2018-02-08 16:07:35 -08:00
Joe Ranweiler
c6eca451c5 Fix flag decl and defs 2018-02-08 14:16:16 -08:00
Joe Ranweiler
1f3a4a982d Merge pull request #25 from trailofbits/python-version 
Explicitly depend on Python 2.7
 2018-02-06 15:37:33 -08:00
Joe Ranweiler
9df8d2b9fd Merge pull request #20 from trailofbits/readme 
Add first pass at README
 2018-02-06 15:34:54 -08:00
Joe Ranweiler
124c54194d Explicitly depend on Python 2.7 
Not using a more specific binary causes build failures on systems where
the default Python is 3. The existing backends, angr and Manticore, both
require Python 2.7, so we can look at supporting Python 3 when they do.
 2018-02-06 14:25:51 -08:00
Joe Ranweiler
07b38bd73f Add first pass at README 2018-02-06 14:24:03 -08:00
Peter Goodman
1aa468dabc Minor formatting changes. 2018-02-06 12:18:06 +08:00
Peter Goodman
d227cc7f34 Enabled PIC. 2018-01-22 21:19:54 -05:00
Peter Goodman
ee80baa0ea Minor fix. 2018-01-18 14:24:08 -05:00
Peter Goodman
2eaeb7480c Adding Google Flags-like command-line option parsing, though implemented in C, to the main executable. The code is ported from Granary2. 2018-01-07 16:25:31 -05:00
Peter Goodman
49524e610d Symbol lookup refactor. 2017-12-14 14:56:09 -05:00
Alex Groce
0d934d4fac Attempt at OS X symbol lookup fix 2017-12-14 11:39:37 -08:00
Peter Goodman
31838780c3 Trim out trailing newlines and stuff 2017-12-14 00:56:22 -05:00
Peter Goodman
622afcdb98 Made variadic argument lists work in 32 bit x86. 2017-12-13 23:53:48 -05:00
Peter Goodman
303da80e78 Add OneOf for C-strings, vectors, and arrays. 2017-12-13 23:08:50 -05:00
Peter Goodman
1433f34960 Makeing 100% sure that the format_bufs are NUL-terminated. 2017-12-13 22:46:20 -05:00
Peter Goodman
7c585f5c44 Add 32-bit support, i.e. libdeepstate32 2017-12-13 21:53:33 -05:00