TestUnicorn::test_similarity_fauxware non-determinism #5796
Description
Description
TestUnicorn.test_similarity_fauxware may randomly fail congruency check. Logic appears consistent, but constraints are slightly out of order causing failure in identity check.
e.g. https://github.com/angr/angr/actions/runs/19439235163/job/55618483241:
<BV8 (if (filesize_file_1_???_174_32 <=s 0x0 || filesize_file_1_???_174_32[31:4] == 0x0) && (if filesize_file_1_???_174_32 <=s 0x0 then 0 else filesize_file_1_???_174_32[3:0]) <= 8 then (if filesize_file_1_???_174_32 <=s 0x0 then 0x0 else filesize_file_1_???_174_32) else 0x8)[7:0]>
<BV8 (if (filesize_file_2_???_177_32[31:4] == 0x0 || filesize_file_2_???_177_32 <=s 0x0) && (if filesize_file_2_???_177_32 <=s 0x0 then 0 else filesize_file_2_???_177_32[3:0]) <= 8 then (if filesize_file_2_???_177_32 <=s 0x0 then 0x0 else filesize_file_2_???_177_32) else 0x8)[7:0]>
Full traceback
=================================== FAILURES ===================================
_____________________ TestUnicorn.test_similarity_fauxware _____________________
[gw0] linux -- Python 3.10.12 /__w/angr/angr/build/virtualenv/bin/python3
self = <tests.engines.test_unicorn.TestUnicorn testMethod=test_similarity_fauxware>
def test_similarity_fauxware(self):
def cooldown(pg):
# gotta skip the initializers because of cpuid and RDTSC
pg.one_left.unicorn.countdown_nonunicorn_blocks = 39
return pg
> self._run_similarity(os.path.join("i386", "fauxware"), 1000, prehook=cooldown)
src/angr/tests/engines/test_unicorn.py:300:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
src/angr/tests/engines/test_unicorn.py:292: in _run_similarity
cc.run(depth=depth)
virtualenv/lib/python3.10/site-packages/angr/analyses/congruency_check.py:242: in run
if not self.compare_path_group(self.simgr) and self._validate_incongruency():
virtualenv/lib/python3.10/site-packages/angr/analyses/congruency_check.py:279: in compare_path_group
if not self.compare_paths(pl, pr):
virtualenv/lib/python3.10/site-packages/angr/analyses/congruency_check.py:362: in compare_paths
if not self.compare_states(pl, pr):
virtualenv/lib/python3.10/site-packages/angr/analyses/congruency_check.py:343: in compare_states
self._report_incongruency("Different memory or registers (index %d, values %r and %r)!", i, bn, bu)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <CongruencyCheck Analysis Result at 0x7f8854482650>
args = ('Different memory or registers (index %d, values %r and %r)!', 8, <BV8 (if (filesize_file_1_???_174_32 <=s 0x0 || fil...77_32[3:0]) <= 8 then (if filesize_file_2_???_177_32 <=s 0x0 then 0x0 else filesize_file_2_???_177_32) else 0x8)[7:0]>)
def _report_incongruency(self, *args):
l.warning(*args)
if self._throw:
> raise AngrIncongruencyError(*args)
E angr.errors.AngrIncongruencyError: ('Different memory or registers (index %d, values %r and %r)!', 8, <BV8 (if (filesize_file_1_???_174_32 <=s 0x0 || filesize_file_1_???_174_32[31:4] == 0x0) && (if filesize_file_1_???_174_32 <=s 0x0 then 0 else filesize_file_1_???_174_32[3:0]) <= 8 then (if filesize_file_1_???_174_32 <=s 0x0 then 0x0 else filesize_file_1_???_174_32) else 0x8)[7:0]>, <BV8 (if (filesize_file_2_???_177_32[31:4] == 0x0 || filesize_file_2_???_177_32 <=s 0x0) && (if filesize_file_2_???_177_32 <=s 0x0 then 0 else filesize_file_2_???_177_32[3:0]) <= 8 then (if filesize_file_2_???_177_32 <=s 0x0 then 0x0 else filesize_file_2_???_177_32) else 0x8)[7:0]>)
Steps to reproduce the bug
Run test
Environment
angr @ a8c22e6
claripy @ 0f02f57ef485d0b654afa220608f43a74bcafb7a
Additional context
No response