Add run_fw.py creation to fuzz.py and the --project option to CreateBaseDir.py

DICE-Evaluation/ARM/Fuzzing/CreateBaseDir.py

@@ -39,9 +39,14 @@
         help="fuzzing run number")
     parser.add_argument("-B", "--base", dest="base", default="FuzzDir",
         help="base dir for fuzzing ")
+    parser.add_argument("-P", "--project", dest="project", default="",
+        help="project name (if unspecified, generates for all built-in projects)")
 
     args = parser.parse_args()
 
+    if len(args.project) != 0:
+        dirs = [args.project]
+
     base = args.base
     run_num = args.run
 
@@ -50,4 +55,4 @@
     for d in dirs:
         os.makedirs(base + "/" + d + "/" + run_num + "/inputs")
         os.makedirs(base + "/" + d + "/" + run_num + "/outputs")
-        Create(base + "/" + d + "/" + run_num + "/inputs/input.data")
+        Create(base + "/" + d + "/" + run_num + "/inputs/input.data")

DICE-Evaluation/ARM/Fuzzing/fuzz.py

@@ -18,6 +18,7 @@
 
 import configparser
 import argparse
+import stat
 from argparse import Namespace
 
 cfg_board = {"f103": "NUCLEO-F103RB", "f429": "STM32F429I-Discovery", "f303":"NUCLEO_F303RE", \
@@ -222,22 +223,46 @@ def sigalarm_handler(signum, frame):
         cmd_afl += ["-d"]
     # end of afl options 
 
-    if 'none' in cfg.redzones:
-       cmd_afl += [cfg.qemu_bin, "-nographic",
-              "-board",  cfg_board[cfg.mcu] , "-mcu", cfg_mcu[cfg.mcu], "-image", cfg.img,
-              "-pm-stage", "3", "-aflFile", "@@", 
-          ]
-
-    else:
-       cmd_afl += [cfg.qemu_bin, "-nographic",
-            "-board",  cfg_board[cfg.mcu] , "-mcu",  cfg_mcu[cfg.mcu], "-image", cfg.img, "--dmaFile", cfg.redzones,
-            "-pm-stage", "3", "-aflFile", "@@", 
-
+    cmd_no_afl = [cfg.qemu_bin, "-nographic",
+        "-board",  cfg_board[cfg.mcu] , "-mcu", cfg_mcu[cfg.mcu], "-image", cfg.img,
+        "-pm-stage", "3", "-aflFile", "@@"
+    ]
+
+    if not 'none' in cfg.redzones:
+       cmd_no_afl += [
+            "--dmaFile", cfg.redzones,
         ]
 
+    cmd_afl += cmd_no_afl
 
 
     print("cmd_afl: %s\n" % ' '.join(cmd_afl))
 
+
+    # Write run_fw.py
+    with open("run_fw.py", "w") as f:
+        f.write("#!/usr/bin/env python3\n")
+        f.write("import sys,subprocess\n")
+        f.write("if len(sys.argv) < 3 or len(sys.argv) > 4:\n")
+        f.write("    print(\"Usage: %s last_round_of_model_instantiation test_case [--debug]\" % sys.argv[0])\n")
+        f.write("    print(\"\t--debug argument is optional. It halts QEMU and wait for a debugger to be attached on TCP port 9000\")\n")
+        f.write("    sys.exit(-1)\n")
+        f.write("\n")
+        # replace "'@@'" with "sys.argv[2]"
+        cmd = str(cmd_no_afl + ["-model-input", "%s/%%s/peripheral_model.json %% sys.argv[1]" % cfg.working_dir]).replace("'@@'", "sys.argv[2]").replace(" % sys.argv[1]'", "' % sys.argv[1]")
+        f.write("cmd = %s\n" % str(cmd))
+        f.write("\n")
+        f.write("if len(sys.argv) == 4 and sys.argv[3] == '--debug':\n")
+        f.write("    # halt qemu and wait for a debugger to be attached\n")
+        f.write("    cmd+=%s\n" % str(["-gdb", "tcp::9000", "-S"]))
+        f.write("print(cmd)\n")
+        f.write("\n")
+        f.write("subprocess.call(cmd)\n")
+    os.chmod("run_fw.py", stat.S_IRWXU)
+
+    print("cmd_afl: %s\n" % ' '.join(cmd_afl))
+
+
+
     if not args.no_fuzzing:
       subprocess.call(cmd_afl, env=dict(os.environ, AFL_NO_FORKSRV=''))