Git Product home page Git Product logo

Comments (6)

0ca avatar 0ca commented on August 25, 2024

To implement this we need to keep in memory all the conditional jumps executed. We can keep the TritonInstruction, or only the information we need like the RIP symbolic expression ID and address when the jump is taken/not taken.

For now I keeping all the TritonInstructions in a map:

std::map<triton::__uint, std::list<triton::arch::Instruction *>> instructions_executed_map;

I think keeping all the instructions is not very memory consuming compare to keep all the symbolic expressions. And having all the instructions could be useful for other functionalities like the slicing #23, or if the user wants to know the symbolic expressions for a given address.

Other important thing is that a condition could be executed more than one time. So we need to have a list per every address.

Then we should show besides the "Negate condition" menu a submenu with all the times the condition was executed, so the user could negate a condition at a given point.

For example, if we have a loop and we want the loop to be executed 10 times, we only want to negate the 10th condition.

from ponce.

0ca avatar 0ca commented on August 25, 2024

Implemented solve formula.
image

We still need to deal with a same address executed multiple times.

from ponce.

0ca avatar 0ca commented on August 25, 2024

When we are solving we should differenciate between solving online or offline.

Offline is when the user has execute all the program and after that is trying to invert a condition. But this condition could has been executed multiple times so we need to offer him which one he wants to negate.

Online is when the user is debugging an app and he wants to invert a condition. In that case we don't need to ask him for the condition, he want to invert the current condition at the last execution point.

from ponce.

0ca avatar 0ca commented on August 25, 2024

@illera88 done right? Or there is some pending thing to do here? Maybe change the name of the negate runtime. Right now it is:

Negate condition
Negate Inject Restore

Maybe we could use:

Negate & Inject
Negate, Inject & Restore snapshot

Is it ok?

from ponce.

illera88 avatar illera88 commented on August 25, 2024

yes! I like the second one.

Change the name and close

from ponce.

0ca avatar 0ca commented on August 25, 2024

This is still not working when the condition is in a loop.

from ponce.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.