Question of loading file in Driller using current angr version

[abearcher]

Hi, I am currently trying to feed files instead of stdin into angr. I found the following issue https://github.com/shellphish/driller/issues/48. There is a solution but it seems they were using a previous version of angr that uses the tracer_state function, which does not exist in the new version of angr.

In the code provided by Jakku in the issue I tried replacing

s = p.factory.tracer_state(input_content=self.input, magic_content=r.magic, args=patch_argv_angr(self.argv), fs=files)

with:

if p.loader.main_object.os == 'cgc':
    p.simos.syscall_library.update(angr.SIM_LIBRARIES['cgcabi_tracer'])

    s = p.factory.entry_state(stdin=angr.SimFileStream, flag_page=r.magic, mode='tracing')
else:
    s = p.factory.full_init_state(stdin=angr.SimFileStream, mode='tracing')

s.preconstrainer.preconstrain_file(self.input, s.posix.stdin, True)

However, it seems to be stuck in the s.preconstrainer. Could anyone offer any suggestions? Thank you.

[DexsterityFuzzing]

Hi @abearcher, I've encountered a similar issue with Driller. I've managed to create a trace from QemuRunner by appending the argument from argv to the "cmd_args" variable. I'm struggling with symbolically stepping down a path with the trace I have using Angr.

Have you made any progress in these few weeks?