search

angr / vex

A patched version of VEX to work with PyVEX.
GNU General Public License v2.0
104 stars 44 forks source link

vex: the `impossible' happened: #1

Closed ghost closed 8 years ago

ghost commented 8 years ago

Have you run across this one before? I got it with a CFGFast of a large binary (I'd include it if it weren't so large). The analysis appears to continue. 

vex: the `impossible' happened:
   segmentGuestRegOffset(x86)
Traceback:
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(+0xd9040) [0x7f474540e040]
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(+0xd9509) [0x7f474540e509]
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(+0xefdca) [0x7f4745424dca]
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(disInstr_X86+0xd9) [0x7f47454340c9]
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(bb_to_IR+0x2f0) [0x7f47453fc150]
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(LibVEX_Translate+0x44f) [0x7f47453a9ddf]
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(+0x686f4) [0x7f474539d6f4]
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(vex_count_instructions+0xe8) [0x7f474539d835]
/home/w/proj/hoff/angr-dev/pyvex/pyvex/../pyvex_c/pyvex_static.so(vex_block_bytes+0x108) [0x7f474539db1a]
rhelmot commented 8 years ago

the problem at its base is that libvex was not designed to be a static analysis tool, it was designed to be an instrumentation tool, so it will freak out very badly (like so) if you feed it any bad instruction. CFGFast uses a technique where it guesses the addresses of functions, and if it gets it wrong and hits a bad address, this will happen.

However, part of our patches to VEX are making it so that when this happens, instead of just exiting (and taking the python interpreter with it!), it raises a flag that turns into a python exception which can be caught by analysis. Long story short, this printout shouldn't be fatal to any angr analysis, it should just catch the exception and keep chugging along until it finishes.

ghost commented 8 years ago

Yeah, it's pretty minor, not a show stopper by any means. Just thought I'd let you guys know. Thanks for the quick response!

hanchaoqiang commented 8 years ago

@haxmeadroom i want to kown you how to deal with this problem ,beacause when i annlyses some large binaries,it will print this wrong like yours .thanks

zardus commented 8 years ago

@hanchaoqiang, check out this FAQ entry: https://github.com/angr/angr-doc/blob/master/docs/faq.md#why-am-i-getting-terrifying-error-messages-from-libvex-printed-to-stderr

As rhelmot said above, this is not an error; it's an expected situation during CFG generation.