Test cases not stable with respect to capstone version

Question

Test cases not stable with respect to capstone version

hamarituc opened this issue a year ago · 4 comments

The test suite fails, if run against more recent capstone versions.

With capstone 5.0rc3 and 5.0rc4 one yield the following diff: capstone-5.0-rc3.txt

With capstone 5.0.1 the diff increases even more: capstone-5.0.1.txt

Unfortunately I have no clue how to fix that issue in general. Maybe it's the best to pin the capstone version in the requirements to the most recent capstone release (not considering release candidates) and to keep the test reference up to date to that release.

See https://bugs.gentoo.org/912164 for more details.

Answer 1 · 2023-08-31T07:42:37.000Z

AFAIK, Python does not allow installing multiple versions of the same package (I am not considering virtrual envs). So, pinning capstone to current latest version will break updating when the new one is released. I suppose I'll just specify the minimum required (>=) capstone version as latest and update the tests to correspond the latest version.

Answer 2 · 2023-09-01T05:45:57.000Z

Most of the differences are caused by the Capstone commits capstone-engine/capstone@f3a3018 and capstone-engine/capstone@34aa92d. Some ret and jmp are now decoded with their prefixes repz and notrack respectively. They are not currently not recognized by ROPgadget.

The following gadgets in elf-Linux-x64 are currently not found with the most recent capstone release.

11820a11817
> 0x000000000040a358 : adc byte ptr [rbp - 0x1b], dh ; ret
12131a12129
> 0x000000000044478c : add al, ch ; jmp 0xffffffff898f4793

But they are still valid.

$ r2 elf-Linux-x64
[0x00400f78]> pd 2 @0x000000000040a358
            0x0040a358      1075e5         adc byte [rbp - 0x1b], dh
            0x0040a35b      f3c3           repz ret
[0x00400f78]> pd 2 @0x000000000044478c
            0x0044478c      00e8           add al, ch
        ┌─< 0x0044478e      3ee9ffff4a89   notrack jmp 0xffffffff898f4793

Neglecting this cases, just the following difference between test reference and test output remains in elf-ARMv7-ls, which were not discovered by older capstone releases.

5513d5512
< 0x00013664 : bl #0x19958 ; vmov d8, r0, r1 ; vmov.f64 d0, d8 ; vpop {d8} ; pop {r4, r5, r6, pc}
6163,6164d6161
< 0x00019a84 : vcvt.u32.f64 s14, d7 ; vmov ip, s14 ; orr r2, r0, ip ; mov r0, r2 ; bx lr
< 0x00013668 : vmov d8, r0, r1 ; vmov.f64 d0, d8 ; vpop {d8} ; pop {r4, r5, r6, pc}
6166d6162
< 0x0001366c : vmov.f64 d0, d8 ; vpop {d8} ; pop {r4, r5, r6, pc}

These gadgets seem to be valid, so that the test reference can be updated.

Answer 3 · 2023-09-01T06:19:10.000Z

@hamarituc, wow! Thank you for digging into the details. I'll prepare a release with the fixes.

Answer 4 · 2023-09-01T07:18:42.000Z

@hamarituc, I successfully published the release. Thank you for your work! You may update Gentoo package now.