if a ldr used the same reg for dest and writeback offset, we'd
compute writeback wrong because we'd run the insn and then use the new
value in computing writeback
* Install instructions updates
* Update README.md
* also need pip
* need to update, plus compact a few things
* add -y
* grammar?
* typos
* Add bountysource link
* consistency
* Point users to the examples dir and wiki
I thought these links were cluttering things a bit, and 2 out of 3 of
them aren’t official documentation yet we’re linking to them in the
first line of the README. I updated the wiki to address these directly
in a way I think is more clear.
* link to Z3 releases
* oops, don't know where that came from
* ensure people run the latest pip
* be more explicit
* Add an Issue Template
* be more explicit
* no longer appropriate here
* unnecessary
* add note about 16.04
* move issue template to hidden folder
* Spelling
* be explicit, makes copy/paste easier
* Add example taint usage
- use new_symbolic_value API instead, because it's making an int symbolic
- add every instruction hook that checks for tainted data in operands
* update readme with taint example
* Fix sys_fstat
i'm pretty sure it was totally wrong before, in terms of how it laid
out the struct
I'm based this on using arm-linux-gnueabi-gcc -E
which shows me this struct:
struct stat
{
__dev_t st_dev;
unsigned short int __pad1;
__ino_t st_ino;
__mode_t st_mode;
__nlink_t st_nlink;
__uid_t st_uid;
__gid_t st_gid;
__dev_t st_rdev;
unsigned short int __pad2;
__off_t st_size;
__blksize_t st_blksize;
__blkcnt_t st_blocks;
# 72 "/usr/arm-linux-gnueabi/include/bits/stat.h" 3
struct timespec st_atim;
struct timespec st_mtim;
struct timespec st_ctim;
# 87 "/usr/arm-linux-gnueabi/include/bits/stat.h" 3
unsigned long int __glibc_reserved4;
unsigned long int __glibc_reserved5;
};
* Add stat32
* Minor
* Update README.md
* Remove FAQ -> plan to move to wiki
* Rough cut
* Moved quickstart a little lower, but still above the fold
* Added more complete list of requirements
* Added full instructions to quickstart
* Clarified Installation instruction options
* Moved extra details about why requirements are what they are to FAQ
* less is more
* Minor updates
* begin refactoring logging to use manticore object
* fix verbosity things
* fix logging when in scripts
* remove m.log_file now that it's no longer used
* remove unnecessary init_logging usage and unused log_debug variable
* accidentally deleted the wrong line
* re-hide init_logging
* remove old log_debug
* remove unnecessary API stuff and refactor around that
* Capstone operand type cornered to one function
* Un-inline type_map
* Immediate fix to lacking immediate
* Add FAQ about relationship to CRS
* add link to Grr
* reorder instructions
* passive voice
* add slack badge
* begin refactoring logging to use manticore object
* fix verbosity things
* fix logging when in scripts
* remove m.log_file now that it's no longer used
* remove unnecessary init_logging usage and unused log_debug variable
* accidentally deleted the wrong line
* re-hide init_logging
* remove old log_debug
* remove unnecessary API stuff and refactor around that
* Capstone operand type cornered to one function
* Un-inline type_map
* Immediate fix to lacking immediate
* Add FAQ about relationship to CRS
* add link to Grr
* reorder instructions
* passive voice
* add slack badge
* Rebasing noise
* rebase noise
* Operand.reg moved up to Operand
* begin refactoring logging to use manticore object
* fix verbosity things
* fix logging when in scripts
* remove m.log_file now that it's no longer used
* remove unnecessary init_logging usage and unused log_debug variable
* accidentally deleted the wrong line
* re-hide init_logging
* remove old log_debug
* remove unnecessary API stuff and refactor around that
* re-introduce logging PR
* fix Popen
* lost a line in merge
* fix test_binaries
* Log to stdout instead of stderr
* implement mark's changes
* Configure Z3 depending on installed version
* Mocking for subprocess.check_output
* change get_value_fmt to private attribute _get_value_fmt
* Move memoized to utils
* Remove minimal version and simplify
* Re-add invalid versions/sanity checks
* Z3 version format checked on github
* New tests. Version is future proof
* Better logging
* Enable simple ARM register concretization for Unicorn
* Add canonical_registers property to abstractcpu
* cpu to self
* Check for regs_access better
* Emulate a single instruction
* Bypass capstone 3.0.4 arm bug
* Dealing with capstone
* Temporary disable ASR and remobe BitVec.Bool from test
* WIP WIP debug prints WIP WIP
* Unicorn fallback working (using unicorn master)
* HAck to support unicorn 1.0.0
* WIP
* Unicorn hack to handle PC updates
* [WIP] do not do anything with this commit; for debugging only
* Adding before clean up
* emulation more or less works; need to work out more unicorn bugs
* clean up emulate() caller code
* move hooks to methods; cleanup
* Concretize memory when emulating
* Re-add Bool()
* Update tests to start at offset 4
When an instruction branches to the previous instruction,
Unicorn attempts to dereference that memory. We'd like to use
unit tests to also make sure Unicorn emulation is in line with
our own semantics. If we start all tests at offset 4, we can
jump to a previous instruction and not fault when Unicorn
dereferences it.
* Fix concretization
* Clean up test imports; upper-case Cpu
* Unicorn tests
* Add tests for all the ARM semantics, but make sure they're equivalent
on unicorn.
* Add a few tests to make sure unicorn correctly concretizes the memory
it references
* Fix broken import
* Add symbolic register tests
* Re-introduce the unicorn hack
* Add the 'ONE' concretization policy
* Rm unused function
* Update concretization; add comments
* Add ONE policy test
* Create a base class for all concretization exceptions
* Remove Armv7Cpu._concretize_registers
* Check for enabled logging in a more idiomatic way
* [wip] intermediate testing commit
* Reimplement hooks and execution with unicorn
* Add a DMB (mem barrier) instruction; nop
* simplify instruction resolution
* improve unicorn error handling
* explicitly delete emu
* Handle ARM helpers inline
* map fetched memory
* Narrow exception handling
* Update DMB docs; make __kuser_dmb match real implementation
* Fix typo; add comment; remove extraneous parameter
* typos++
* Fix interpreter load
* turn off some debug
* cuack
* Correct loader condition (#111)
* Rm unnecessary condition
We always want to run this code if there is an interpreter present, not
just if the exe is ET_DYN
* Add correct interp header type check
* no-mp not uset and redundant
* Add timeout
* Unused args reremoved timeout readded
* no-mp not uset and redundant
* Add timeout
* Unused args reremoved timeout readded
* Move import to the top op op op
* add basic benchmarking script
* add results class, collect more information, and fix check for no args
* fix indentation
* we don't have logger here
* use argv[0] for name of program
* allow dumping of stats from the API and use .format()
* add ProfilingResults class
* bugfixes
