search

angr / angr

A powerful and user-friendly binary analysis platform!
http://angr.io
BSD 2-Clause "Simplified" License
7.6k stars 1.09k forks source link

MIPS: Wrong calculations of `ConstantResolver` #4979

Open DanielBotnik opened 1 month ago

DanielBotnik commented 1 month ago

Description

I've tried to run CFGFast with normalized=True on my binary but I notice that for one of the functions usb_release_dev, the blocks were wrong. usbcore.zip is the said binary.

While I expect the function to have 10 blocks like the non-normalized, when running it with normalized=True I get one block, and its smaller then the original block.

Steps to reproduce the bug

In [1]: import angr

In [2]: proj = angr.Project("./usbcore.ko", auto_load_libs=False, main_opts={"base_addr": 0x0})
WARNING  | 2024-10-19 01:07:41,835 | cle.backends.elf.relocation | Unknown reloc 4 on MIPS32
WARNING  | 2024-10-19 01:07:42,104 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kfree
WARNING  | 2024-10-19 01:07:42,104 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kasprintf
WARNING  | 2024-10-19 01:07:42,104 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: add_uevent_var
WARNING  | 2024-10-19 01:07:42,104 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: printk
WARNING  | 2024-10-19 01:07:42,104 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_unmap_sg
WARNING  | 2024-10-19 01:07:42,104 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_map_sg
WARNING  | 2024-10-19 01:07:42,104 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: jiffies
WARNING  | 2024-10-19 01:07:42,104 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: down_trylock
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: msleep
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: put_device
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: get_device
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: down
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: up
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: mutex_lock
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: mutex_unlock
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: malloc_sizes
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kmem_cache_alloc
WARNING  | 2024-10-19 01:07:42,105 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_initialize
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dev_set_name
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: snprintf
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: driver_for_each_device
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: schedule_work
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dev_driver_string
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: down_read
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __udelay
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: up_read
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __wake_up
WARNING  | 2024-10-19 01:07:42,106 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kthread_stop
WARNING  | 2024-10-19 01:07:42,107 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: schedule_delayed_work
WARNING  | 2024-10-19 01:07:42,107 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: msecs_to_jiffies
WARNING  | 2024-10-19 01:07:42,107 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kthread_create
WARNING  | 2024-10-19 01:07:42,107 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: wake_up_process
WARNING  | 2024-10-19 01:07:42,107 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: ap_usb_led_on
WARNING  | 2024-10-19 01:07:42,107 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: memcpy
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: memcmp
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: strlen
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __kmalloc
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kstrdup
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_add
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: ap_usb_led_off
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_del
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: cancel_delayed_work_sync
WARNING  | 2024-10-19 01:07:42,108 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: cancel_work_sync
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kref_put
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kref_init
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: init_timer_key
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __mutex_init
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: warn_slowpath_null
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kthread_should_stop
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kref_get
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: printk_ratelimit
WARNING  | 2024-10-19 01:07:42,109 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: find_next_zero_bit
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: autoremove_wake_function
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: prepare_to_wait
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: schedule
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: finish_wait
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: sscanf
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: sysfs_remove_group
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: del_timer
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: free_irq
WARNING  | 2024-10-19 01:07:42,110 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: memset
WARNING  | 2024-10-19 01:07:42,111 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_unmap_single
WARNING  | 2024-10-19 01:07:42,111 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: mod_timer
WARNING  | 2024-10-19 01:07:42,111 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: request_threaded_irq
WARNING  | 2024-10-19 01:07:42,111 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: sysfs_create_group
WARNING  | 2024-10-19 01:07:42,111 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_map_single
WARNING  | 2024-10-19 01:07:42,111 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: strlcpy
WARNING  | 2024-10-19 01:07:42,111 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: init_uts_ns
WARNING  | 2024-10-19 01:07:42,112 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: schedule_timeout
WARNING  | 2024-10-19 01:07:42,112 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: complete
WARNING  | 2024-10-19 01:07:42,112 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: yield
WARNING  | 2024-10-19 01:07:42,112 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: wait_for_completion
WARNING  | 2024-10-19 01:07:42,112 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: sg_next
WARNING  | 2024-10-19 01:07:42,112 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: mem_map
WARNING  | 2024-10-19 01:07:42,113 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __init_waitqueue_head
WARNING  | 2024-10-19 01:07:42,113 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: wait_for_completion_timeout
WARNING  | 2024-10-19 01:07:42,113 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: _ctype
WARNING  | 2024-10-19 01:07:42,113 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: utf16s_to_utf8s
WARNING  | 2024-10-19 01:07:42,113 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: driver_unregister
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: driver_remove_file
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: driver_register
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: driver_create_file
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_release_driver
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_attach
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_bind_driver
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: get_driver
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: driver_attach
WARNING  | 2024-10-19 01:07:42,114 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: put_driver
WARNING  | 2024-10-19 01:07:42,115 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: down_write
WARNING  | 2024-10-19 01:07:42,115 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: up_write
WARNING  | 2024-10-19 01:07:42,115 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_destroy
WARNING  | 2024-10-19 01:07:42,115 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: class_destroy
WARNING  | 2024-10-19 01:07:42,115 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __class_create
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: strrchr
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_create
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: unregister_chrdev
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: register_chrdev
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: module_put
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_pool_free
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_free_coherent
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_pool_alloc
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_alloc_coherent
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_pool_destroy
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dma_pool_create
WARNING  | 2024-10-19 01:07:42,116 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: sprintf
WARNING  | 2024-10-19 01:07:42,117 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_remove_file
WARNING  | 2024-10-19 01:07:42,117 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_create_file
WARNING  | 2024-10-19 01:07:42,117 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_remove_bin_file
WARNING  | 2024-10-19 01:07:42,117 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_create_bin_file
WARNING  | 2024-10-19 01:07:42,117 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_unregister
WARNING  | 2024-10-19 01:07:42,117 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: device_register
WARNING  | 2024-10-19 01:07:42,118 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: put_pid
WARNING  | 2024-10-19 01:07:42,118 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __copy_user
WARNING  | 2024-10-19 01:07:42,118 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: bus_find_device
WARNING  | 2024-10-19 01:07:42,118 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kill_pid_info_as_uid
WARNING  | 2024-10-19 01:07:42,118 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __get_free_pages
WARNING  | 2024-10-19 01:07:42,118 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: free_pages
WARNING  | 2024-10-19 01:07:42,119 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: current_kernel_time
WARNING  | 2024-10-19 01:07:42,119 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: default_wake_function
WARNING  | 2024-10-19 01:07:42,119 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: add_wait_queue
WARNING  | 2024-10-19 01:07:42,119 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: remove_wait_queue
WARNING  | 2024-10-19 01:07:42,120 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: cdev_del
WARNING  | 2024-10-19 01:07:42,120 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: unregister_chrdev_region
WARNING  | 2024-10-19 01:07:42,120 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: blocking_notifier_call_chain
WARNING  | 2024-10-19 01:07:42,120 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: blocking_notifier_chain_unregister
WARNING  | 2024-10-19 01:07:42,120 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: blocking_notifier_chain_register
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __release_region
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __iounmap
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: iomem_resource
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: ioport_resource
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: pci_disable_device
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: pci_enable_device
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __request_region
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: __ioremap
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: pci_set_master
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: unregister_filesystem
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: remove_proc_entry
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: get_sb_single
WARNING  | 2024-10-19 01:07:42,121 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: seq_printf
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: match_octal
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: match_int
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: match_token
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: strsep
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: new_inode
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: init_special_inode
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: simple_dir_inode_operations
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: simple_dir_operations
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: d_alloc_root
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: iput
WARNING  | 2024-10-19 01:07:42,122 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: d_instantiate
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: lookup_one_len
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dentry_unhash
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: d_delete
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: dput
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: simple_pin_fs
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: simple_release_fs
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: bus_unregister_notifier
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: bus_unregister
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: bus_register
WARNING  | 2024-10-19 01:07:42,123 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: bus_register_notifier
WARNING  | 2024-10-19 01:07:42,124 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: register_chrdev_region
WARNING  | 2024-10-19 01:07:42,124 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: cdev_init
WARNING  | 2024-10-19 01:07:42,124 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: cdev_add
WARNING  | 2024-10-19 01:07:42,124 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: register_filesystem
WARNING  | 2024-10-19 01:07:42,124 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: proc_mkdir
WARNING  | 2024-10-19 01:07:42,125 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: param_set_bool
WARNING  | 2024-10-19 01:07:42,125 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: param_get_bool
WARNING  | 2024-10-19 01:07:42,125 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: param_set_int
WARNING  | 2024-10-19 01:07:42,125 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: param_get_int
WARNING  | 2024-10-19 01:07:42,125 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: kill_litter_super
WARNING  | 2024-10-19 01:07:42,125 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: generic_delete_inode
WARNING  | 2024-10-19 01:07:42,125 | cle.backends.externs | Symbol was allocated without a known size; emulation may fail if it is used non-opaquely: simple_statfs
WARNING  | 2024-10-19 01:07:42,202 | cle.loader     | For more information about "Symbol was allocated without a known size",see https://docs.angr.io/extending-angr/environment#simdata

In [3]: cfg = proj.analyses.CFGFast(normalize=False)
WARNING  | 2024-10-19 01:07:55,828 | angr.analyses.cfg.indirect_jump_resolvers.mips_elf_fast | Failed to determine value of register gp for function 0x58e8.
WARNING  | 2024-10-19 01:07:55,829 | angr.analyses.cfg.indirect_jump_resolvers.mips_elf_fast | Failed to determine value of register gp for function 0x58e8.
WARNING  | 2024-10-19 01:07:57,472 | angr.analyses.cfg.indirect_jump_resolvers.mips_elf_fast | Failed to determine value of register gp for function 0x12488.

In [4]: list(cfg.kb.functions['usb_release_dev'].blocks)
Out[4]:
[<Block for 0x11c, 40 bytes>,
 <Block for 0x144, 16 bytes>,
 <Block for 0x16c, 12 bytes>,
 <Block for 0x154, 12 bytes>,
 <Block for 0x178, 16 bytes>,
 <Block for 0x168, 16 bytes>,
 <Block for 0x160, 8 bytes>,
 <Block for 0x188, 8 bytes>,
 <Block for 0x190, 8 bytes>,
 <Block for 0x198, 28 bytes>]

In [5]: cfg = proj.analyses.CFGFast(normalize=True)
WARNING  | 2024-10-19 01:09:11,552 | angr.analyses.cfg.indirect_jump_resolvers.mips_elf_fast | Failed to determine value of register gp for function 0x58e8.
WARNING  | 2024-10-19 01:09:11,552 | angr.analyses.cfg.indirect_jump_resolvers.mips_elf_fast | Failed to determine value of register gp for function 0x58e8.
WARNING  | 2024-10-19 01:09:13,108 | angr.analyses.cfg.indirect_jump_resolvers.mips_elf_fast | Failed to determine value of register gp for function 0x12488.

In [6]: list(cfg.kb.functions['usb_release_dev'].blocks)
Out[6]: [<Block for 0x11c, 28 bytes>] # This is the problem :(

Environment

Linux 5.10.16.3-microsoft-standard-WSL2 https://github.com/angr/angr/issues/1 SMP Fri Apr 2 22:23:49 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux Python 3.10.6 latest angr dev.

Additional context

No response

DanielBotnik commented 1 month ago

After researching for a bit, I found the problem is not with the CFG normalizing algorithm, but with ConstantResolver.resolve

For some reason the jump at 0xd6f4 should return the address of memcpy but instead it returns 0x138 Which results in smaller block created inside usb_release_dev therefor the CFG messes up.

I would assume the calculation for $v0 is wrong.

DanielBotnik commented 1 week ago

Some of the bugs happened because R_MIPS_26 wasn't implemented, that lead to creation of wrong blocks.

Should be fixed by https://github.com/angr/cle/pull/525

Still investingating other failiures.