Infinity loop when reading complex expression #2

cynecx · 2017-01-20T21:47:59Z

Hi,

I am currently trying to transform this expression into an arybo expression:

(((((((- (((((((((((((((- x) & 0xffffffff) + 0x2C) & 0xffffffff) & ((((((- x) & 0xffffffff) + 0x2C) & 0xffffffff) | 0xC4) & 0xffffffff)) & 0xffffffff) ^ ((x + 0xFFFFFFD4) & 0xffffffff)) & 0xffffffff) + 0x80403064) & 0xffffffff) ^ 0xED) & 0xffffffff) | 0x403053) & 0xffffffff) & 0xff)) & 0xff) + 0x7E) & 0xff) & 0xff) << 0) | ((0x0 & 0xffffff) << 8))

With these instructions:

from arybo.lib import MBA

def transform(x):
    return (((((((- (((((((((((((((- x) & 0xffffffff) + 0x2C) & 0xffffffff) & ((((((- x) & 0xffffffff) + 0x2C) & 0xffffffff) | 0xC4) & 0xffffffff)) & 0xffffffff) ^ ((x + 0xFFFFFFD4) & 0xffffffff)) & 0xffffffff) + 0x80403064) & 0xffffffff) ^ 0xED) & 0xffffffff) | 0x403053) & 0xffffffff) & 0xff)) & 0xff) + 0x7E) & 0xff) & 0xff) << 0) | ((0x0 & 0xffffff) << 8))

mba = MBA(32)
x = mba.var('x')

print transform(x)

But apparently, it somehow runs into an infinity loop as it run on 100% cpu for ~10 minutes until I killed the process.

The text was updated successfully, but these errors were encountered:

cynecx · 2017-01-20T22:16:21Z

I have reduced the testcase to this small expression:

from arybo.lib import MBA

def transform(x):
    a = 1 - x
    b = x + 1
    c = a ^ b
    return c

mba = MBA(32)
x = mba.var('x')

print (transform(x))

aguinet · 2017-01-22T15:34:49Z

Hello!

If you try it on 16 bits this will work in a decent amount of time. I think the expression start to be become too big above 16 bits to handle.
By the way, I am working on a new tree-based storage for boolean expression, that can consume more memory but be really more efficient in some cases!

aguinet · 2017-01-22T15:39:03Z

By the way, for your original expression, you can use "lazy evaluation" using Arybo expressions. This is a less documented feature, I've got to put it in the final documentation.

Here is the example script:

from arybo.lib import MBA
from arybo.lib.mba_exprs import ExprBV, eval_expr

def transform(x):
        return (((((((- (((((((((((((((- x) & 0xffffffff) + 0x2C) & 0xffffffff) & ((((((- x) & 0xffffffff) + 0x2C) & 0xffffffff) | 0xC4) & 0xffffffff)) & 0xffffffff) ^ ((x + 0xFFFFFFD4) & 0xffffffff)) & 0xffffffff) + 0x80403064) & 0xffffffff) ^ 0xED) & 0xffffffff) | 0x403053) & 0xffffffff) & 0xff)) & 0xff) + 0x7E) & 0xff) & 0xff) << 0) | ((0x0 & 0xffffff) << 8))

mba = MBA(32)
x = mba.var('x')
x = ExprBV(x)

f = transform(x)
print(f)
print(eval_expr(f))

This outputs:

Vec([
1,
1,
((x0 * x1) + x0 + x1),
((x0 * x2) + (x1 * x2) + (x0 * x1 * x2) + x2 + 1),
((x0 * x1) + x0 + x1),
((x2 * x3) + (x0 * x2 * x3) + (x1 * x2 * x3) + (x2 * x3 * x4) + (x0 * x1 * x2 * x3) + (x0 * x2 * x3 * x4) + (x1 * x2 * x3 * x4) + (x0 * x1 * x2 * x3 * x4)),
0,
((x2 * x3 * x5 * x6) + (x0 * x2 * x3 * x5 * x6) + (x1 * x2 * x3 * x5 * x6) + (x2 * x3 * x4 * x5 * x6) + (x0 * x1 * x2 * x3 * x5 * x6) + (x0 * x2 * x3 * x4 * x5 * x6) + (x1 * x2 * x3 * x4 * x5 * x6) + (x0 * x1 * x2 * x3 * x4 * x5 * x6) + 1),
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0
])

cynecx · 2017-01-22T16:07:38Z

Thank you :) I guess that will do it for now.

aguinet closed this as completed Jan 22, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Infinity loop when reading complex expression #2

Infinity loop when reading complex expression #2

cynecx commented Jan 20, 2017 •

edited

Loading

cynecx commented Jan 20, 2017

aguinet commented Jan 22, 2017

aguinet commented Jan 22, 2017 •

edited

Loading

cynecx commented Jan 22, 2017

Infinity loop when reading complex expression #2

Infinity loop when reading complex expression #2

Comments

cynecx commented Jan 20, 2017 • edited Loading

cynecx commented Jan 20, 2017

aguinet commented Jan 22, 2017

aguinet commented Jan 22, 2017 • edited Loading

cynecx commented Jan 22, 2017

cynecx commented Jan 20, 2017 •

edited

Loading

aguinet commented Jan 22, 2017 •

edited

Loading