New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unicorn Plugin #29

Closed
Manouchehri opened this Issue Jun 26, 2016 · 11 comments

Comments

Projects
None yet
6 participants
@Manouchehri
Copy link

Manouchehri commented Jun 26, 2016

As previously mentioned in angr/cle#22 (comment), a Unicorn Engine plugin is in progress. Thought it would make sense to open up a GitHub issue in the proper repo so other people are aware.

@isra17 recently posted a neat benchmark showing angr vs. Unicorn. https://github.com/isra17/emu_test

@rhelmot

This comment has been minimized.

Copy link
Member

rhelmot commented Jun 26, 2016

(As a clerical note, it looks likely at this point that we will not release
the unicorn support until after the CGC in August)

On Sunday, June 26, 2016, David Manouchehri notifications@github.com
wrote:

As previously mentioned in angr/cle#22 (comment)
angr/cle#22 (comment), a Unicorn
Engine http://www.unicorn-engine.org/ plugin is in progress. Thought it
would make sense to open up a GitHub issue in the proper repo so other
people are aware.

@isra17 https://github.com/isra17 recently posted a neat benchmark
showing angr vs. Unicorn. https://github.com/isra17/emu_test


You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
#29, or mute the thread
https://github.com/notifications/unsubscribe/ACYg9eC-MY_47pwdrVxQaNLCuygLboVqks5qPstKgaJpZM4I-nde
.

@zardus zardus added the enhancement label Jun 27, 2016

@zardus

This comment has been minimized.

Copy link
Member

zardus commented Jun 27, 2016

Yep, we're definitely working on it! It won't quite match @isra17's unicorn benchmarks (because we need to hook memory accesses to sync the state back into angr), but it'll be a lot faster than emulating VEX with python. Some preliminary benchmarks show runtime increases of 600x for certain workloads.

@Manouchehri

This comment has been minimized.

Copy link
Author

Manouchehri commented Jun 27, 2016

Exciting stuff! Looking forward to the release after you win CGC. =)

@ltfish

This comment has been minimized.

Copy link
Member

ltfish commented Jun 27, 2016

I guess we will release it even if we don't win CGC :D

@aquynh

This comment has been minimized.

Copy link

aquynh commented Jun 27, 2016

nice to hear, and looking forward to your release this Unicorn support :-)

@Manouchehri

This comment has been minimized.

Copy link
Author

Manouchehri commented Aug 10, 2016

For anyone following this, Unicorn support has been completed but not pushed to the repo yet.

@aquynh

This comment has been minimized.

Copy link

aquynh commented Aug 10, 2016

cool, cant wait! but exactly how Unicorn is used there?

@Manouchehri

This comment has been minimized.

Copy link
Author

Manouchehri commented Aug 10, 2016

As per @zardus' previous comment, it's used instead of emulating VEX with Python.

@salls

This comment has been minimized.

Copy link
Member

salls commented Aug 10, 2016

The main use cases of unicorn right now are the following:

  1. The data currently being operated on is concrete. Symbolic emulation isn't necessary so we jump into unicorn and let unicorn/qemu execute until symbolic data would be touched or introduced.
  2. There is something we haven't implemented (weird vex instruction, syscall etc). In these cases I believe it is better to run the part angr can't handle with unicorn. We lose the symbolic relationship, but at least we can continue execution in a sane state
@Manouchehri

This comment has been minimized.

Copy link
Author

Manouchehri commented Aug 21, 2016

Looks like it's been pushed!

@rhelmot

This comment has been minimized.

Copy link
Member

rhelmot commented Aug 21, 2016

It's been pushed for the last two weeks! The big thing, though, is that our fork of Unicorn is now pushed, to https://github.com/angr/unicorn.

The changes we've made are all pending pull requests to upstream. They're mostly bug fixes and minor features, the biggest thing is that it overhauls the python setup process to do things like actually work correctly without manually copying files around, and also packaging the library headers so simuvex can build against it.

Basically, you should just be able to python setup.py install in the bindings/python directory and it should Just Work. (You can also run the setup.py in the repo root but that's just a compatibility shim until it's distributed on pip)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment