bin2415
commented
2 years ago Hello, we run angr with normalize=True and detect_tail_calls=True.
I understand that angr splits basic blocks at function calls
Yes, we merge the edges when comparing with angr to avoid the difference. And I just upload the script that merges the fall-through edges after the return call sites.
Hi, I have been using the compareCFG script to see the precision and recall for angr compared to the ground truth. The paper mentions that for any optimization, the precision and recall for the edges ranges from ~95% to ~98%. However, I do not get similar results when I run the same locally, and the precision and recall that I get are pretty low. I understand that angr splits basic blocks at function calls which may lead to the difference in results between the ground truth and angr. Is there any setting that I need to enable or another script that I need to run in order to get the results mentioned in the paper?
Thank you for your help!