search

hase-project / hase

Timeless debugging with symbolic execution and processor trace
BSD 2-Clause "Simplified" License
74 stars 8 forks source link

Unsupported operation: Iop_MAddF64 #43

Closed Mic92 closed 5 years ago

Mic92 commented 5 years ago 
ERROR   | 2018-11-28 23:40:25,281 | root | Error while finding successor for recordings/libtiff-212-9ec1d40.tar.gz
Traceback (most recent call last):
  File "/local/incoop/hase/hase/symbex/tracer.py", line 378, in execute
    state, num_inst=1  # , force_addr=addr
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/factory.py", line 49, in successors
    return self.project.engines.successors(*args, **kwargs)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/hub.py", line 128, in successors
    r = engine.process(state, **kwargs)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/engine.py", line 135, in process
    opt_level=opt_level)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/engine.py", line 55, in process
    self._process(new_state, successors, *args, **kwargs)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/engine.py", line 185, in _process
    self._handle_irsb(state, successors, irsb, skip_stmts, last_stmt, whitelist)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/engine.py", line 264, in _handle_irsb
    cont = self._handle_statement(state, successors, stmt)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/engine.py", line 372, in _handle_statement
    s_stmt = translate_stmt(stmt, state)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/statements/__init__.py", line 29, in translate_stmt
    s.process()
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/statements/base.py", line 37, in process
    self._execute()
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/statements/wrtmp.py", line 6, in _execute
    data = self._translate_expr(self.stmt.data)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/statements/base.py", line 44, in _translate_expr
    e = translate_expr(expr, self.state)
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/expressions/__init__.py", line 14, in translate_expr
    e.process()
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/expressions/base.py", line 36, in process
    self._execute()
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/expressions/op.py", line 15, in _execute
    self.expr = translate(self.state, self._expr.op, [ e.expr for e in exprs ])
  File "/local/incoop/hase/.direnv/python-3.6.6/lib/python3.6/site-packages/angr/engines/vex/irop.py", line 954, in translate
    raise UnsupportedIROpError("Unsupported operation: %s" % op)
angr.errors.UnsupportedIROpError: Unsupported operation: Iop_MAddF64
Airtnp commented 5 years ago

Again, angr VEX error (especially weak support for floating operations)

Airtnp commented 5 years ago

And again, I cannot replay it due to limited memory. Consider adding so.BYPASS_UNSUPPORTED_IROP to https://github.com/hase-project/hase/blob/master/hase/symbex/tracer.py#L56

Or it would be a large fix involving angr, pyvex I guess.

Airtnp commented 5 years ago

https://github.com/hase-project/hase/commit/ecd849069e4e6f2d9e72259895695e6822e56c03 This can be a fix

Airtnp commented 5 years ago

Fixed in https://github.com/hase-project/hase/commit/4804e6dddc65243cdd071750629ec86023ca2e18