Allow callback inspection of exceptions which trigger TerminateState
#756
Labels
Milestone
Comments
|
Hi @ranweiler, thank you very much for the extremely clear explanation of the issue and your thoughts on potential solutions, I appreciate it so much :) I agree with you - I think (1) is best solution for now. I like how (2) does not involve patching more attributes onto the Exception object, but this makes the solution less powerful as the user cannot introspect into the crash as deeply. Would love to see a PR for (1)! @yan any thoughts on this? |
|
Agree that (1) is best for right now, although I imagine once we have a better idea into the categories of exceptions and how they're actually used, we'll end up with a hybrid. (An extended, but still relatively shallow hierarchy of exceptions, with a |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi! I'm working with some Manticore-powered code that subscribes to the
will_terminate_stateevent. The subscribing callback receives aTerminateStateexception as one of its arguments. I'd like to be able to inspect the underlying exception (if any) which causedTerminateStateto be raised. The motivation here is that I want to decide whether or not to flag the terminated state as a "crash" for the program being analyzed, or not (e.g. it was some other kind of out-of-band error).Right now, I can do this by looking at the
messageproperty (astr) of theTerminateStateexception, and if the message contains certain substrings, infer that the state exploration was terminated due to (for example) anInvalidMemoryAccessexception. In other words, I am indirectly checking if the exception arose due to other particular exceptions within Manticore. What I would is avoid doing this via string comparisons, which can be brittle, non-canonical, &c.Some options to accomplish this larger goal:
causetoTerminateStateinstances, to which we could assign the underlying exception (if any) which triggered theTerminateState.TerminateStatecalled (for example)CrashStatewhich is used in place ofTerminateStatewhen the termination reason is that the program being symbolically-executed "would have crashed", for some definition of this.In each case, the Manticore user can now directly use class hierarchies/
isinstance()to determine if theTerminateStatewas due to a "crash". In (1), the user must decide for themselves exactly which Manticore exceptions indicate a "program crash" (vs. a Manticore execution error). The improvement is the removal of lossy indirection via themessageproperty. In (2), Manticore must commit to some particular exceptions as having the semantics of a "program crash". These ideas are not mutually exclusive, either, so Manticore could useCrashStatewhere it is incontestable, and library users could usecauseto narrow or expand the meaning of "crash" for their needs.To me, (1) alone is the best choice. It would be easy to implement, might be more broadly useful, and doesn't require any big API commitments from Manticore. It also seems theoretically nicer: for a program whose native behavior would raise a
SIGSEGV, some signal handler might actually avoid a crash. (2) would be extremely convenient for me as a user, but seems to place an undue (intractable?) burden on Manticore.I'd be happy to cook up a PR for this, but wanted input from others before doing so. Thanks!
The text was updated successfully, but these errors were encountered: