Git Product home page Git Product logo

Comments (3)

zardus avatar zardus commented on July 25, 2024

It shouldn't... Could you Ctrl-C it on ubuntu and see where it hung?

from angr-doc.

leithon avatar leithon commented on July 25, 2024

In the Mac, the result is
<SAO <BV64 0x7fffffffffeffe0>>
<SAO <BV64 0x7fffffffffeffe1>>
<SAO <BV64 0x7fffffffffeffe2>>
<SAO <BV64 0x7fffffffffeffe3>>
<SAO <BV64 0x7fffffffffeffe4>>
<SAO <BV64 0x7fffffffffeffe5>>
<SAO <BV64 0x7fffffffffeffe6>>
<SAO <BV64 0x7fffffffffeffe7>>
<PathGroup with 465 pruned, 146 avoid, 27 active, 1 found>
The flag is ‘dddddd’

Whereas, in the ubuntu platform, it hangs as below.
<SAO <BV64 0x7fffffffffeffe0>>
<SAO <BV64 0x7fffffffffeffe1>>
<SAO <BV64 0x7fffffffffeffe2>>
<SAO <BV64 0x7fffffffffeffe3>>
<SAO <BV64 0x7fffffffffeffe4>>
<SAO <BV64 0x7fffffffffeffe5>>
<SAO <BV64 0x7fffffffffeffe6>>
<SAO <BV64 0x7fffffffffeffe7>>

After Ctrl-C it, the result is

CTraceback (most recent call last):
  File "Babyfuscator-solve.py", line 45, in <module>
    main()
  File "Babyfuscator-solve.py", line 33, in main
    ex = pgp.explore(find=find, avoid=avoid)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/path_group.py", line 806, in explore
    n=n)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/path_group.py", line 830, in run
    return self.step(n=n, step_func=step_func, until=until_func, stash=stash)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/path_group.py", line 520, in step
    pg = pg._one_step(stash=stash, selector_func=selector_func, successor_func=successor_func, check_func=check_func, **kwargs)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/path_group.py", line 311, in _one_step
    r = self._one_path_step(a, successor_func=successor_func, check_func=check_func, **kwargs)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/path_group.py", line 208, in _one_path_step
    successors = a.step(**kwargs)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/path.py", line 195, in step
    self._make_sim_run(throw=throw)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/path.py", line 226, in _make_sim_run
    self._run = self._project.factory.sim_run(self.state, **self._run_args)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/factory.py", line 173, in sim_run
    r = self.sim_block(state, addr=addr, **block_opts)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/angr/factory.py", line 95, in sim_block
    force_bbl_addr=force_bbl_addr)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/irsb.py", line 69, in __init__
    self._handle_irsb()
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/irsb.py", line 102, in _handle_irsb
    self._handle_statements()
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/irsb.py", line 237, in _handle_statements
    s_stmt = translate_stmt(self.irsb, stmt_idx, self.last_imark, self.state)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/statements/__init__.py", line 31, in translate_stmt
    s.process()
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/statements/base.py", line 26, in process
    self._execute()
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/statements/wrtmp.py", line 6, in _execute
    data = self._translate_expr(self.stmt.data)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/statements/base.py", line 36, in _translate_expr
    e = translate_expr(expr, self.imark, self.stmt_idx, self.state)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/expressions/__init__.py", line 14, in translate_expr
    e.process()
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/expressions/base.py", line 38, in process
    self._execute()
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/vex/expressions/get.py", line 18, in _execute
    self.expr = self.state.registers.load(self._expr.offset, size)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/storage/memory.py", line 616, in load
    a,r,c = self._load(addr_e, size_e, condition=condition_e, fallback=fallback_e)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/plugins/symbolic_memory.py", line 500, in _load
    read_value = self._read_from(addrs[0], size)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/plugins/symbolic_memory.py", line 460, in _read_from
    buf.append(last_expr.bytes_at(addr+buf_size, i-buf_size))
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/simuvex/storage/memory_object.py", line 43, in bytes_at
    return self.object[left:right]
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/claripy/ast/bv.py", line 59, in __getitem__
    return Extract(left, right, self)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/claripy/operations.py", line 50, in _op
    simp = _handle_annotations(simplifiers[name](*fixed_args), args)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/claripy/operations.py", line 492, in extract_simplifier
    val = ast.all_operations.Concat(*reversed([a.reversed for a in val.args[0].args]))
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/claripy/operations.py", line 65, in _op
    return return_type(name, fixed_args, **kwargs)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/claripy/ast/base.py", line 153, in __new__
    self.__a_init__(op, a_args, **kwargs)
  File "/home/leizhao/.virtualenvs/angr/local/lib/python2.7/site-packages/claripy/ast/base.py", line 203, in __a_init__
    self._simplified = simplified
KeyboardInterrupt

from angr-doc.

rhelmot avatar rhelmot commented on July 25, 2024

This is now over a year old, so I'm going to close it since the relevant parts of the code have almost certainly changed by now. My best guess is that it's some issue in z3 itself, or possibly the platform difference contributing to how implicit concretizations played out, making the solution possible or not possible.

If this is still an problem please open a new issue with a testcase.

from angr-doc.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.