search

angr / tracer

Utilities for generating dynamic traces
BSD 2-Clause "Simplified" License
88 stars 28 forks source link

angr.exploration_techniques.tracer.TracerDesyncError: BUG! Please investigate the claim in the comment above me #76

Closed Phasip closed 2 years ago

Phasip commented 4 years ago

Installed angr from angr-dev, added tracer & driller from their git repositories.

python3 /home/phasip/.virtualenvs/angr/lib/python3.6/site-packages/driller/local_callback.py ./a.out sync/ sync/fuzz_bitmap sync/master/queue/id\:000079\,src\:000072+000077\,op\:splice\,rep\:2

Output:

WARNING | 2019-11-13 16:57:42,004 | angr.state_plugins.heap.heap_base | Allocation request of 1184 bytes exceeded maximum of 128 bytes; allocating 1184 bytes
Traceback (most recent call last):
  File "/home/phasip/.virtualenvs/angr/lib/python3.6/site-packages/driller/local_callback.py", line 122, in <module>
    for new_input in d.drill_generator():
  File "/home/phasip/.virtualenvs/angr/lib/python3.6/site-packages/driller/driller_main.py", line 101, in drill_generator
    for i in self._drill_input():
  File "/home/phasip/.virtualenvs/angr/lib/python3.6/site-packages/driller/driller_main.py", line 141, in _drill_input
    simgr.step()
  File "/home/phasip/angr-dev/angr/angr/misc/hookset.py", line 75, in __call__
    result = current_hook(self.func.__self__, *args, **kwargs)
  File "/home/phasip/angr-dev/angr/angr/exploration_techniques/driller_core.py", line 39, in step
    simgr.step(stash=stash, **kwargs)
  File "/home/phasip/angr-dev/angr/angr/misc/hookset.py", line 75, in __call__
    result = current_hook(self.func.__self__, *args, **kwargs)
  File "/home/phasip/angr-dev/angr/angr/exploration_techniques/tracer.py", line 225, in step
    return simgr.step(stash=stash, **kwargs)
  File "/home/phasip/angr-dev/angr/angr/misc/hookset.py", line 80, in __call__
    return self.func(*args, **kwargs)
  File "/home/phasip/angr-dev/angr/angr/sim_manager.py", line 344, in step
    successors = self.step_state(state, successor_func=successor_func, **run_args)
  File "/home/phasip/angr-dev/angr/angr/misc/hookset.py", line 75, in __call__
    result = current_hook(self.func.__self__, *args, **kwargs)
  File "/home/phasip/angr-dev/angr/angr/exploration_techniques/tracer.py", line 275, in step_state
    self._update_state_tracking(succs[0])
  File "/home/phasip/angr-dev/angr/angr/exploration_techniques/tracer.py", line 386, in _update_state_tracking
    deviating_trace_idx=idx)
angr.exploration_techniques.tracer.TracerDesyncError: BUG! Please investigate the claim in the comment above me

Attched is binary, input and fuzz_bitmap angr_bugreport.tar.gz

Phasip commented 4 years ago

This is probably a duplicate of https://github.com/shellphish/driller/issues/80 however this report contains the binary that causes the issue.

github-actions[bot] commented 2 years ago

This issue has been marked as stale because it has no recent activity. Please comment or add the pinned tag to prevent this issue from being closed.

github-actions[bot] commented 2 years ago

This issue has been closed due to inactivity.