maat::Snapshot class

Data container class used by the engine for snapshoting.

It holds copies of some objects and states when the snapshot was taken, in particular the CPU state, optional IR state, engine information.

It also holds data dynamically added by the engine during execution after the snapshot is taken, typically memory modifications (read/write, segment creation, permission changes, ...).

❱   Base classes

class Serializable
Virtual interface that serializable classes must implement.

❱   Public functions

auto class_uid() const -> uid_t virtual
Return the class uid (see ClassId enum)

void dump(serial::Serializer&) const virtual
Dump the object contents in a serializer stream.

void load(serial::Deserializer&) virtual
Restore an object from a deserializer stream.

❱   Public variables

ir::CPU cpu
CPU state snapshot.

symbolic_mem_snapshot_t symbolic_mem
Snapshot id for the symbolic memory engine.

std::list<SavedMemState> saved_mem
Backup of memory overwritten since snapshot.

std::list<addr_t> created_segments
List of segments created since snapshot.

std::optional<ir::IRMap::InstLocation> pending_ir_state
Pending IR state (optional, used if snapshoting in the middle of native instructions)

std::list<PageSet> page_permissions
Page permissions snapshot.

std::list<MemMap> mem_mappings
Mappings snapshot.

PathManager::path_snapshot_t path
Path constraints.

info::Info info
Engine info snapshot.

std::shared_ptr<ProcessInfo> process
Process info snapshot.

int env
Environment.