[angr] Data Dependence Graph
hagrawal at appcomsci.com
Tue May 31 12:18:23 PDT 2016
I have a few questions about the VSA_DDG graph produced by Angr.
1. Each node in this graph has fields named ins_addr and stmt_index,
among others. I believe the former specifies the address of the
associated binary instruction. What does the latter specify? Does it
indicate the index of the vex-stmt in the vex-stmt-array for the
associated basic block? If so, are the IMark and AbiHint "statements"
included in that array?
2. Many nodes in the VSA_DDG graph have their ins_addr field set to
None. What does this signify?
3. Does the VSA_DDG graph also capture data flow dependencies resulting
from library calls such as read() and gets()? If not, is there a
programmatic way to infer those dependencies?
More information about the angr