diff options
| author | Theofilos Augoustis <theofilos.augoustis@gmail.com> | 2023-12-31 18:29:31 +0100 |
|---|---|---|
| committer | Theofilos Augoustis <theofilos.augoustis@gmail.com> | 2023-12-31 18:29:31 +0100 |
| commit | eae0b3b08bd078ad2f621ce2ef201e656da3f16a (patch) | |
| tree | eb93252f39543c46146297264ff548d9925178e0 /README.md | |
| parent | d26ae0a7d583da5034cd6271f953b6253119ceae (diff) | |
| download | focaccia-eae0b3b08bd078ad2f621ce2ef201e656da3f16a.tar.gz focaccia-eae0b3b08bd078ad2f621ce2ef201e656da3f16a.zip | |
Refactor project structure
Read concrete state on demand during concolic exec During concolic tracing, don't record full program snapshots at each basic block, but instead read concrete values directly from the concrete target when they are needed.
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 30 |
1 files changed, 14 insertions, 16 deletions
diff --git a/README.md b/README.md index 4200b8c..82918b0 100644 --- a/README.md +++ b/README.md @@ -38,33 +38,31 @@ The `tools/` directory contains additional utility scripts to work with focaccia The following files belong to a rough framework for the snapshot comparison engine: - - `main.py`: Entry point to the tool. Handling of command line arguments, pre-processing of input logs, etc. + - `focaccia/snapshot.py`: Structures used to work with snapshots. The `ProgramState` class is our primary +representation of program snapshots. - - `snapshot.py`: Structures used to work with snapshots. The `ProgramState` class is our primary representation of -program snapshots. + - `focaccia/compare.py`: The central algorithms that work on snapshots. - - `compare.py`: The central algorithms that work on snapshots. - - - `parser.py`: Utilities for parsing logs from Arancini and QEMU, as well as serializing/deserializing to/from our own -log format. - - - `arch/`: Abstractions over different processor architectures. Will be used to integrate support for more + - `focaccia/arch/`: Abstractions over different processor architectures. Will be used to integrate support for more architectures later. Currently, we only have X86. -## Concolic execution +### Concolic execution The following files belong to a prototype of a data-dependency generator based on symbolic execution: - - `symbolic.py`: Algorithms and data structures to compute and manipulate symbolic program transformations. This -handles the symbolic part of "concolic" execution. + - `focaccia/symbolic.py`: Algorithms and data structures to compute and manipulate symbolic program transformations. +This handles the symbolic part of "concolic" execution. - - `lldb_target.py`: Tools for executing a program concretely and tracking its execution using + - `focaccia/lldb_target.py`: Tools for executing a program concretely and tracking its execution using [LLDB](https://lldb.llvm.org/). This handles the concrete part of "concolic" execution. - - `miasm_util.py`: Tools to evaluate Miasm's symbolic expressions based on a concrete state. Ties the symbolic and -concrete parts together into "concolic" execution. + - `focaccia/miasm_util.py`: Tools to evaluate Miasm's symbolic expressions based on a concrete state. Ties the symbolic +and concrete parts together into "concolic" execution. + +### Helpers -## Helpers + - `focaccia/parser.py`: Utilities for parsing logs from Arancini and QEMU, as well as serializing/deserializing to/from +our own log format. - `miasm_test.py`: A test script that traces a program concolically. |