Merge pull request #28 from quarkslab/fix/symexec-circular-ref

Fix rtn_table circular reference
quarkslab · May 16, 2024 · 8471580 · 8471580
2 parents 6fabcd8 + 0b7757d
commit 8471580
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 11 deletions.
diff --git a/tritondse/symbolic_executor.py b/tritondse/symbolic_executor.py
@@ -511,6 +511,14 @@ def _map_dynamic_symbols(self) -> None:
         .. FIXME: This function does not apply all possible relocations
         :return: None
         """
+        def default_stub(se: 'SymbolicExecutor', pstate: ProcessState):
+            rtn_name, _ = se.rtn_table[pstate.cpu.program_counter]
+            logger.warning(f"calling {rtn_name} which is unsupported")
+            if se.config.skip_unsupported_import:
+                return None  # Like if function did nothing
+            else:
+                raise AbortExecutionException('Execution aborted')
+
         for symbol, (addr, is_func) in self.pstate.dynamic_symbol_table.items():
 
             if symbol in SUPPORTED_ROUTINES:  # if the routine name is supported
@@ -529,18 +537,10 @@ def _map_dynamic_symbols(self) -> None:
                     logger.warning(f"symbol {symbol} imported but unsupported")
                 if is_func:
                     # Add link to a default stub function
-                    self.rtn_table[addr] = (symbol, self.__default_stub)
+                    self.rtn_table[addr] = (symbol, default_stub)
                 else:
                     pass    # do nothing on unsupported symbols
 
-    def __default_stub(self, _: 'SymbolicExecutor', pstate: ProcessState):
-        rtn_name, _ = self.rtn_table[pstate.cpu.program_counter]
-        logger.warning(f"calling {rtn_name} which is unsupported")
-        if self.config.skip_unsupported_import:
-            return None  # Like if function did nothing
-        else:
-            self.abort()
-
     def abort(self) -> NoReturn:
         """
         Abort the current execution. It works by raising

diff --git a/tritondse/symbolic_explorator.py b/tritondse/symbolic_explorator.py
@@ -138,7 +138,7 @@ def _worker(self, seed, uid):
             execution.load(self.loader)
         else:
             execution.load_process(ProcessState())
-        self.current_executor = execution
+        # self.current_executor = execution
 
         # increment exec_count
         self._exec_count += 1
@@ -162,6 +162,11 @@ def _worker(self, seed, uid):
 
         logger.info(f"Emulation: {self._fmt_secs(expl_ts)} | Solving: {self._fmt_secs(solve_time)} | Elapsed: {self._fmt_secs(self.__time_delta())}\n")
 
+        self.current_executor = None
+        del execution.rtn_table
+        del cbs
+        # del execution
+
     def step(self) -> None:
         """
         Perform a single exploration step. That means it execute
@@ -208,7 +213,7 @@ def explore(self) -> ExplorationStatus:
 
         try:
             while self.seeds_manager.seeds_available() and not self._stop:
-                gc.collect()
+                # gc.collect()
                 self.step()
 
             if self.status == ExplorationStatus.RUNNING: