angr.exploration_techniques.loop_seer

class angr.exploration_techniques.loop_seer.LoopSeer

Bases: ExplorationTechnique

This exploration technique monitors exploration and maintains all loop-related data (well, currently it is just the loop trip counts, but feel free to add something else).

__init__(cfg=None, functions=None, loops=None, use_header=False, bound=None, bound_reached=None, discard_stash='spinning', limit_concrete_loops=True)

Parameters:

• cfg – Normalized CFG is required.

• functions – Function(s) containing the loop(s) to be analyzed.

• loops – Specific group of Loop(s) to be analyzed, if this is None we run the LoopFinder analysis.

• use_header – Whether to use header based trip counter to compare with the bound limit.

• bound – Limit the number of iterations a loop may be executed.

• bound_reached – If provided, should be a function that takes the LoopSeer and the succ_state. Will be called when loop execution reach the given bound. Default to moving states that exceed the loop limit to a discard stash.

• discard_stash – Name of the stash containing states exceeding the loop limit.

• limit_concrete_loops – If False, do not limit a loop back-edge if it is the only successor (Defaults to True to maintain the original behavior)