search

trailofbits / binrec-tob

BinRec: Dynamic Binary Lifting and Recompilation
Other
104 stars 15 forks source link

coreutils: seq fails during symbolic execution #9

Open michaelbrownuc opened 2 years ago

michaelbrownuc commented 2 years ago

When tracing the coreutils seq benchmark with a symbolic argument, tracing fails with the following error message:

[FunctionLog] Saving Trace Info... 
[FunctionLog] Restoring tracing vars for state: 0
qemu-system-i386: /home/michaeldbrown/binrec-prerelease/s2e/source/s2e/libs2eplugins/src/s2e/Plugins/binrec_plugins/FunctionLog.cpp:235: void s2e::plugins::FunctionLog::slotStateSwitch(s2e::S2EExecutionState *, s2e::S2EExecutionState *): Assertion `m_tracesByState.find(newStateID) != m_tracesByState.end() && " Could not restore traceinfo state!"' failed.
INFO: [run] S2E terminated with code -6
INFO: [run] Terminating S2E
WARNING: [run] Sending SIGTERM to S2E process group
INFO: [s2e_env.server.stats] Terminating stats collection thread
INFO: [s2e_env.server] Waiting for unfinished threads
INFO: [s2e_env.server] Waiting for thread "RequestHandlingThread-0"
ERROR: [run] S2E terminated with error -6
ameily commented 2 years ago

I am also seeing this with symbolic inputs on cut.

Batch trace file (symbolic args are the delimiter and the field number):

{
    "traces": [{
        "args": ["2 4", "-d", ":", "-f", "1", "/etc/passwd"]
    }]
}