Don't truncate 64-bit segment base in 32-bit addressing mode.

[edmcman]

Fixes #41

[rhelmot]

It seems we don't have CI set up for the vex repo. Can you run this against all the angr/angr tests to make sure nothing broke?

[edmcman]

Yep will do

On Tue, Aug 17, 2021, 6:57 AM Audrey Dutcher - @. @.> wrote:

It seems we don't have CI set up for the vex repo. Can you run this against all the angr/angr tests to make sure nothing broke?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/angr/vex/pull/42#issuecomment-900196319, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHYKZNEYDXKHSJGBNYSI4DT5I6CJANCNFSM5CHWZHZA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email .

[edmcman]

I don't think any of these are related to the change but I am not sure...

====================================================================== ERROR: test_decompiler.transplant_class..C (test_decompiling_all_i386) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_decompiler.py", line 66, in test_decompiling_all_i386 dec = p.analyses.Decompiler(f, cfg=cfg.model) File "/home/ed/Documents/angr-dev/angr/angr/analyses/analysis.py", line 115, in __call__ oself.__init__(*args, **kwargs) File "/home/ed/Documents/angr-dev/angr/angr/analyses/decompiler/decompiler.py", line 34, in __init__ self._decompile() File "/home/ed/Documents/angr-dev/angr/angr/analyses/decompiler/decompiler.py", line 66, in _decompile **self.options_to_params(options_by_class['clinic']) File "/home/ed/Documents/angr-dev/angr/angr/analyses/analysis.py", line 115, in __call__ oself.__init__(*args, **kwargs) File "/home/ed/Documents/angr-dev/angr/angr/analyses/decompiler/clinic.py", line 76, in __init__ self._analyze() File "/home/ed/Documents/angr-dev/angr/angr/analyses/decompiler/clinic.py", line 185, in _analyze variable_kb = self._recover_and_link_variables(ail_graph, arg_list) File "/home/ed/Documents/angr-dev/angr/angr/utils/timing.py", line 28, in timed_func return func(*args, **kwargs) File "/home/ed/Documents/angr-dev/angr/angr/analyses/decompiler/clinic.py", line 553, in _recover_and_link_variables func_args=arg_list) File "/home/ed/Documents/angr-dev/angr/angr/analyses/analysis.py", line 115, in __call__ oself.__init__(*args, **kwargs) File "/home/ed/Documents/angr-dev/angr/angr/analyses/variable_recovery/variable_recovery_fast.py", line 204, in __init__ self._analyze() File "/home/ed/Documents/angr-dev/angr/angr/analyses/forward_analysis/forward_analysis.py", line 224, in _analyze self._analysis_core_graph() File "/home/ed/Documents/angr-dev/angr/angr/analyses/forward_analysis/forward_analysis.py", line 243, in _analysis_core_graph changed, output_state = self._run_on_node(n, job_state) File "/home/ed/Documents/angr-dev/angr/angr/analyses/variable_recovery/variable_recovery_fast.py", line 316, in _run_on_node self._process_block(state, block) File "/home/ed/Documents/angr-dev/angr/angr/analyses/variable_recovery/variable_recovery_fast.py", line 412, in _process_block processor.process(state, block=block, fail_fast=self._fail_fast) File "/home/ed/Documents/angr-dev/angr/angr/analyses/variable_recovery/engine_base.py", line 74, in process self._process(state, None, block=kwargs.pop('block', None)) File "/home/ed/Documents/angr-dev/angr/angr/engines/light/engine.py", line 691, in _process self._process_Stmt(whitelist=whitelist) File "/home/ed/Documents/angr-dev/angr/angr/engines/light/engine.py", line 708, in _process_Stmt self._handle_Stmt(stmt) File "/home/ed/Documents/angr-dev/angr/angr/engines/light/engine.py", line 754, in _handle_Stmt getattr(self, old_handler)(stmt) File "/home/ed/Documents/angr-dev/angr/angr/analyses/variable_recovery/engine_ail.py", line 76, in _ail_handle_Call richr = self._expr(arg) File "/home/ed/Documents/angr-dev/angr/angr/analyses/variable_recovery/engine_ail.py", line 148, in _expr r = super()._expr(expr) File "/home/ed/Documents/angr-dev/angr/angr/engines/light/engine.py", line 729, in _expr return h(expr) File "/home/ed/Documents/angr-dev/angr/angr/analyses/variable_recovery/engine_ail.py", line 166, in _ail_handle_Load return self._load(addr_r, size, expr=expr) File "/home/ed/Documents/angr-dev/angr/angr/analyses/variable_recovery/engine_base.py", line 457, in _load atom=expr, File "/home/ed/Documents/angr-dev/angr/angr/knowledge_plugins/variables/variable_manager.py", line 133, in read_from self._record_variable_access('read', variable, offset, location, overwrite=overwrite, atom=atom) File "/home/ed/Documents/angr-dev/angr/angr/knowledge_plugins/variables/variable_manager.py", line 154, in _record_variable_access self._atom_to_variable[(location.block_addr, location.stmt_idx)][atom].add(var_and_offset) File "/home/ed/Documents/angr-dev/ailment/ailment/tagged_object.py", line 29, in __hash__ self._hash = self._hash_core() File "/home/ed/Documents/angr-dev/ailment/ailment/expression.py", line 550, in _hash_core return stable_hash(('Load', self.addr, self.size, self.endness)) File "/home/ed/Documents/angr-dev/ailment/ailment/utils.py", line 33, in stable_hash cnt = _dump_tuple(t) File "/home/ed/Documents/angr-dev/ailment/ailment/utils.py", line 49, in _dump_tuple cnt += struct.pack(" import sqlalchemy ModuleNotFoundError: No module named 'sqlalchemy' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/home/ed/.virtualenvs/angr/lib/python3.6/site-packages/nose2/plugins/loader/discovery.py", line 201, in _find_tests_in_file module = util.module_from_name(module_name) File "/home/ed/.virtualenvs/angr/lib/python3.6/site-packages/nose2/util.py", line 77, in module_from_name __import__(name) File "/home/ed/Documents/angr-dev/angr/tests/test_db.py", line 6, in from angr.angrdb import AngrDB File "/home/ed/Documents/angr-dev/angr/angr/angrdb/__init__.py", line 6, in raise ImportError("AngrDB relies on SQLAlchemy. Please install SQLAlchemy first by running:\n" ImportError: AngrDB relies on SQLAlchemy. Please install SQLAlchemy first by running: pip install sqlalchemy ====================================================================== ERROR: test_kb_plugins_dwarf.transplant_class..C (test_kb_plugins_dwarf) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_kb_plugins_dwarf.py", line 14, in test_kb_plugins_dwarf p.kb.variables.load_from_dwarf() File "/home/ed/Documents/angr-dev/angr/angr/knowledge_plugins/variables/variable_manager.py", line 671, in load_from_dwarf manager = self.get_function_manager(low_pc) File "/home/ed/Documents/angr-dev/angr/angr/knowledge_plugins/variables/variable_manager.py", line 610, in get_function_manager raise TypeError('Argument "func_addr" must be an int.') TypeError: Argument "func_addr" must be an int. ====================================================================== ERROR: test_java.transplant_class..C (test_fauxware) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_java.py", line 28, in test_fauxware state = simgr.found[0] IndexError: list index out of range ====================================================================== FAIL: test_xrefs.transplant_class..C (test_lwip_udpecho_bm) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_xrefs.py", line 27, in test_lwip_udpecho_bm XRef(ins_addr=0x23c9, dst=0x23d4, xref_type=XRefType.Read) AssertionError: 9172> != 9172> ====================================================================== FAIL: test_xrefs.transplant_class..C (test_lwip_udpecho_bm_the_better_way) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_xrefs.py", line 52, in test_lwip_udpecho_bm_the_better_way XRef(ins_addr=0x23c9, dst=0x23d4, xref_type=XRefType.Read) AssertionError: 9172> != 9172> ====================================================================== FAIL: test_xrefs.transplant_class..C (test_p2im_drone_with_inits) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_xrefs.py", line 73, in test_p2im_drone_with_inits nose.tools.assert_equal(len(h12c1_inst_xrefs), 5) AssertionError: 0 != 5 ====================================================================== FAIL: test_constantpropagation.transplant_class..C (test_lwip_udpecho_bm) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_constantpropagation.py", line 42, in test_lwip_udpecho_bm nose.tools.assert_greater(len(prop.replacements), 0) AssertionError: 0 not greater than 0 ====================================================================== FAIL: test_tracer.transplant_class..C (test_floating_point_memory_reads) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_tracer.py", line 207, in test_floating_point_memory_reads trace_cgc_with_pov_file(binary, "tracer_floating_point_memory_reads", pov_file, output) File "/home/ed/Documents/angr-dev/angr/tests/test_tracer.py", line 36, in trace_cgc_with_pov_file nose.tools.assert_true(stdout_dump.startswith(output_initial_bytes)) AssertionError: False is not true ====================================================================== FAIL: test_tracer.transplant_class..C (test_rollback_on_symbolic_conditional_exit) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_tracer.py", line 198, in test_rollback_on_symbolic_conditional_exit trace_cgc_with_pov_file(binary, "tracer_rollback_on_symbolic_conditional_exit", pov_file, b'\n'.join(output_initial_bytes)) File "/home/ed/Documents/angr-dev/angr/tests/test_tracer.py", line 36, in trace_cgc_with_pov_file nose.tools.assert_true(stdout_dump.startswith(output_initial_bytes)) AssertionError: False is not true ====================================================================== FAIL: test_jumptables.transplant_class..C (test_armel_lwip_tcpecho_bm) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_jumptables.py", line 204, in test_armel_lwip_tcpecho_bm compare(cfg.jump_tables, all_jumptables) File "/home/ed/Documents/angr-dev/angr/tests/test_jumptables.py", line 32, in compare assert j.block_addr in jump_tables, "Jump table @ block %#x is not found in CFG." % j.block_addr AssertionError: Jump table @ block 0x2e9f is not found in CFG. ====================================================================== FAIL: test_java.transplant_class..C (test_cmd_line_args) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_java.py", line 73, in test_cmd_line_args assert len(simgr.deadended) == 2 AssertionError ====================================================================== FAIL: test_init_finder.transplant_class..C (test_p2im_drone) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/ed/Documents/angr-dev/angr/tests/test_init_finder.py", line 25, in test_p2im_drone nose.tools.assert_equal(state.solver.eval_one(overlay.load(0x20001500, 4, endness='Iend_LE')), 0x40005400) AssertionError: 0 != 1073763328 ---------------------------------------------------------------------- Ran 642 tests in 2355.230s FAILED (failures=9, errors=4, skipped=1) IRSB { t0:Ity_I64 t1:Ity_I64 t2:Ity_I64 t3:Ity_I64 t4:Ity_I64 t5:Ity_I64 t6:Ity_I64 t7:Ity_I64 t8:Ity_I64 00 | ------ IMark(0x4007f5, 5, 0) ------ 01 | PUT(rax) = 0x0000000000000000 02 | PUT(rip) = 0x00000000004007fa 03 | ------ IMark(0x4007fa, 1, 0) ------ 04 | t0 = GET:I64(rbp) 05 | PUT(rsp) = t0 06 | t1 = LDle:I64(t0) 07 | PUT(rbp) = t1 08 | t6 = Add64(t0,0x0000000000000008) 09 | PUT(rsp) = t6 10 | PUT(rip) = 0x00000000004007fb 11 | ------ IMark(0x4007fb, 1, 0) ------ 12 | t3 = LDle:I64(t6) 13 | t4 = Add64(t6,0x0000000000000008) 14 | PUT(rsp) = t4 15 | t7 = Sub64(t4,0x0000000000000080) 16 | ====== AbiHint(0xt7, 128, t3) ====== NEXT: PUT(rip) = t3; Ijk_Ret } None ## Block 4007f5 00 | 0x4007f5 | rax<8> = 0x0<64> 01 | 0x4007fa | rbp<8> = Load(addr=rbp<8>, size=8, endness=Iend_LE) 02 | 0x4007fa | rip<8> = 0x4007fb<64> 03 | 0x4007fb | rsp<8> = ((rbp<8> + 0x8<64>) + 0x8<64>) 04 | 0x4007fb | return; int test_func() { BOT s_d0; // [bp-0xd0] BOT s_d8; // [bp-0xd8] BOT s_dc; // [bp-0xdc] BOT s_dc; // [bp-0xdc] BOT s_dc; // [sp-0xdc] BOT s_e0; // [bp-0xe0] BOT s_e0; // [bp-0xe0] BOT v9; // fs s_dc = 0; read(0x0, &s_d8, 0xc8); for (s_e0 = 0; s_e0 <= 19; s_e0 = s_e0 + 1) { if (s_d0 == 66) { s_dc = s_dc + 1; } } if (s_dc == 10) { puts("There are 10 'B's in your input."); puts("Easter egg triggered!"); } return *(v9:40) ^ *(v9:40); } int main() { BOT tmp_17; // tmp #17 BOT s_10; // [bp-0x10] BOT s_28; // [bp-0x28] BOT s_28; // [bp-0x28] BOT s_48; // [bp-0x48] BOT v4; // rax BOT v9; // rsi s_48 = v9; s_10 = 4196501; if ((int)strcmp(*(v9:8), "stack") != 0) { if ((int)strcmp(*(s_48:8), "got") != 0) { if ((int)strcmp(*(s_48:8), "heap") != 0) { printf("There is no leak if you don't provide a user input (%s)\n"); return 0; } v4 = strlen(s_10); s_28 = malloc(v4); printf("Parial address of string: 0x%lx\n"); free(s_28); return 0; } s_28 = 4195760; tmp_17 = s_28; printf("Partial GOT entry addr: 0x%lx\n"); return 0; } printf("Partial stack ptr: 0x%p\n"); return 0; } int test_func() { BOT s_d0; // [bp-0xd0] BOT s_d8; // [bp-0xd8] BOT s_dc; // [bp-0xdc] BOT s_dc; // [bp-0xdc] BOT s_dc; // [sp-0xdc] BOT s_e0; // [bp-0xe0] BOT s_e0; // [bp-0xe0] BOT v9; // fs s_dc = 0; read(0x0, &s_d8, 0xc8); for (s_e0 = 0; s_e0 <= 19; s_e0 = s_e0 + 1) { if (s_d0 == 66) { s_dc = s_dc + 1; } } if (s_dc == 10) { puts("There are 10 'B's in your input."); puts("Easter egg triggered!"); } return *(v9:40) ^ *(v9:40); } int _while() { BOT s_14; // [bp-0x14] BOT s_14; // [bp-0x14] BOT v5; // fs __isoc99_scanf("%d"); for (; s_14 <= 99; s_14 = s_14 + 1) { puts("lol"); continue; } return *(v5:40) ^ *(v5:40); } int _while_true_break() { BOT v0; // rax while (true) { v0 = printf("%d"); if ((int)v0 == 0) { break; } } return v0; } Deprecation warning: Use self.model.get_all_nodes() instead of get_all_nodes Deprecation warning: Use self.model.get_predecessors() instead of get_predecessors Deprecation warning: Use self.model.get_successors_and_jumpkind instead of get_successors_and_jumpkind Deprecation warning: Use self.model.nodes() instead of nodes {'/dev/stdin': , '/dev/stdout': , '/dev/stderr': } {'/dev/stdin': , '/dev/stdout': , '/dev/stderr': } {'/dev/stdin': , '/dev/stdout': , '/dev/stderr': } {'/dev/stdin': , '/dev/stdout': , '/dev/stderr': } Deprecation warning: Use self.model.get_node() instead of get_node cannot run test_apk_loading since there is no Android SDK folder

[rhelmot]

That's a lot of errors... I can't say for sure that all of them are unrelated. You should run another test against the master branch and see if there's a diff.

[edmcman]

Same errors with vex master