-
Notifications
You must be signed in to change notification settings - Fork 161
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UnsupportedIROpError: floating point support disabled #55
Comments
Floating point support in angr has been disabled in the CGC analyses for a tight-knit nebula of reasons:
HOWEVER, this is supposed to be mitigated by a technique called the https://github.com/angr/angr/blob/master/angr/exploration_techniques/oppologist.py that is supposed to catch these issues, concretize their inputs, and run the problematic instructions through qemu via uniciorn engine, allowing execution to continue. The intuition is that the specific values of floating point operations don't typically affect the exploitation process. I'm unable to reproduce your issue, but I don't know if I have driller set up correctly. If you're seeing this issue and it's terminating the analysis, it's probably because you don't have unicorn installed or configured correctly. If you're seeing this issue just in a log somewhere, it's just the oppologist kicking in and you have nothing to worry about. |
I appreciate it. Here is another problem when I try to run a linux binary with the same command, then it is stuck there. |
That just means one of the states jumped to 0. I don't know whether this is a bug in driller or a bug in your target binary that's been found. I also don't know enough about driller (yes you are getting support for driller from someone who doesn't understand driller because nobody else cares enough) to tell you why driller might hang after a bug about that. If you can give me more information or a testcase to reproduce it I'll look into it. |
@rhelmot I upload the binary as an attachment for your reproduce to check whether you have the same problem. Thank you anyway. |
The problem is that there's different auxiliary vectors between angr's simulation and the execution environment. In the part of The qemu emulation clearly went down the path going through the jump, so that's where driller is going to drag the simulated state. However, by the time we get to a jump, edx is going to be negative, and we're going to be loading from an address that contains... zero apparently. So the best thing driller can do is just try to execute this one successor state and hope to god that everything works out in the end. It does not, and you get the error above. This is but a drop in the bucket of horrifying, monstrous things that will happen when you try to run driller on linux binaries, especially if they're statically linked. Probably the best fix is to have a huge symbolic auxv, but for arguments that are pointers... lol |
When I run driller to test one of cgc binary named NRFIN_00017 with the command "shellphuzz -c 2 -d 2 -C NRFIN_00017 ", I get the following error, could you tell me what is wrong here? Thank you.
Traceback (most recent call last):
File "/home/administrator/clark/driller/angr-dev/angr/angr/engines/vex/irop.py", line 926, in translate_inner
raise UnsupportedIROpError("floating point support disabled")
UnsupportedIROpError: floating point support disabled
The text was updated successfully, but these errors were encountered: