BAP Announcement

(for those who clicked this link, that I have accidentally posted on reddit)

The Carnegie Mellon University Binary Analysis Platform (CMU BAP) is a suite of utilities and libraries that enables analysis of programs that are represented as machine code (aka binaries). CMU BAP is written in OCaml and uses plugin-based architecture to enable extensibility. We also have a domain-specific language, called Primus Lisp, that we use to write analysis, specify verification conditions, interact with the built-in SMT solver, and model the semantics of machine instructions and functions. The BAP 2.1.0 Release offers lots of new features and a new symbolic executor based on z3. Enjoy!

Well, fasten your seatbelts and get ready for the show:

$ du -h $(which bap)
92M     /home/ivg/.opam/4.09.0+flambda/bin/bap

That’s a lot, but bap uses a plugin based architecture, so most of the functionality is shipped in plugins, which are loaded dynamically on-demand, so how big are the plugins?

$ du -hc $(opam config var lib)/bap/*.plugin | grep total
628M    total

So the total distribution of bap will weight 700Mb. Well if we will compress all this it will take only 180Mb which is twice the size of our current debian package compressed with the same algorithm¹. So it is not that bad as it might look like. Especially, since this distribution has llvm, z3, core_kernel, ocaml, and many more packages in it and can be run standalone.

We will probably switch our CI and packaging scripts to use OCAMLPARAM, the only concern is whether our CI infrastructure will be able to sustain such a heavy load. My desktop yesterday wasn’t)

And yes, will be keeping people in posted. I would also like to investigate why there is such a volatility in the results, e.g., 40% vs 10%.

¹⁾We used to compress our plugins, but stopped doing this for performance reasons.