Esempi in Python per Solver.minmax

Esempio n. 1

File: test_memory.py Progetto: Debug-Orz/pysymemu

    def testBasicSymbolic(self):
        my_solver = Solver()
        mem = SMemory(my_solver, 32, 12)

        #alloc/map a little mem
        size = 0x10000
        addr = mem.mmap(None, size, 'rwx')
        #initialize first 10 bytes as [100, 101, 102, .. 109]
        for i in xrange(addr, addr+10):
            mem.putchar(i, chr(100+i-addr))

        #mak a free symbol of 32 bits
        x = my_solver.mkBitVec(32) 
        #constraint it to range into [addr, addr+10)
        my_solver.add(x>=addr)
        my_solver.add(x<addr+10)

        #Well.. x is symbolic
        self.assertTrue(issymbolic(x))
        #It shall be a solution
        self.assertTrue(my_solver.check(), 'sat')
        #if we ask for a possible solution (an x that comply with the constraints)
        sol = my_solver.getvalue(x)
        #it should comply..
        self.assertTrue(sol >= addr and sol<addr+10)

        #min and max value should be addr and addr+9
        m, M = my_solver.minmax(x)
        self.assertEqual(m, addr)
        self.assertEqual(M, addr+9)

        #If we ask for all possible solutions...
        for val in my_solver.getallvalues(x):
            #any solution must comply..
            self.assertTrue(sol >= addr and sol<addr+10)

        #so now lets ask the memory for values pointed by addr
        c = mem.getchar(x)
        for val in my_solver.getallvalues(c):
            self.assertTrue(val>=100 and val<110)

        #constarint the address a litlle more
        my_solver.add(x<=addr)
        #It shall be a solution
        self.assertTrue(my_solver.check(), 'sat')
        #if we ask for a possible solution 
        sol = my_solver.getvalue(x)
        #it must be addr
        self.assertTrue(sol == addr)

        #lets ask the memory for the value under that address
        c = mem.getchar(x)
        sol = my_solver.getvalue(c)
        self.assertTrue(sol==100)

Esempio n. 2

File: system.py Progetto: Root-nix/pysymemu

            test_case_no+=1
            if e.message == 'Finished':
                print "Program Finnished correctly"
                generate_testcase(linux)
            elif e.message == "Max number of different solutions hit":
                print "Max number of target PCs hit. Checking for wild PC."
                solver = linux.solver
                solver.push()
                try:
                    #Quick heuristics to determine wild pc
                    solver.push()
                    solver.add(linux.cpu.PC == 0x41414141)
                    if solver.check() == 'sat':
                        print "PC seems controled!"
                    solver.pop()
                    m,M = solver.minmax(linux.cpu.PC)
                    print "Program counter range: %016x - %016x" %(m,M)
                    generate_testcase(linux)
                finally:
                    solver.pop()
            else:
                print Exception, e
                generate_testcase(linux)
                print '-'*60
                traceback.print_exc(file=sys.stdout)
                print '-'*60
                import pdb
                pdb.set_trace()

except Exception,e:
    print "Exception in user code:", e