angr 9.2.115__py3-none-macosx_11_0_arm64.whl → 9.2.117__py3-none-macosx_11_0_arm64.whl

angr/procedures/win_user32/messagebox.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -9,7 +11,7 @@ class MessageBoxA(angr.SimProcedure):
         else:
             caption = "Error"
 
-        result = self.state.solver.If(
+        result = claripy.If(
             uType & 0xF == 0, 1, self.state.solver.BVS("messagebox_button", 32, key=("api", "messagebox", "button"))
         )
         self.state.history.add_event("message_box", text=text, caption=caption, result=result)

angr/sim_procedure.py

@@ -412,7 +412,7 @@ class SimProcedure:
         :param sim_kwargs:      Any additional keyword args will be passed as sim_kwargs to the
                                 procedure construtor
         """
-        e_args = [self.state.solver.BVV(a, self.state.arch.bits) if isinstance(a, int) else a for a in arguments]
+        e_args = [claripy.BVV(a, self.state.arch.bits) if isinstance(a, int) else a for a in arguments]
         p = procedure(project=self.project, **kwargs)
         return p.execute(self.state, None, arguments=e_args)
 
@@ -476,7 +476,7 @@ class SimProcedure:
         self._prepare_ret_state()
 
         self._exit_action(self.state, ret_addr)
-        self.successors.add_successor(self.state, ret_addr, self.state.solver.true, "Ijk_Ret")
+        self.successors.add_successor(self.state, ret_addr, claripy.true, "Ijk_Ret")
 
     def call(self, addr, args, continue_at, cc=None, prototype=None, jumpkind="Ijk_Call"):
         """
@@ -519,7 +519,7 @@ class SimProcedure:
             call_state.regs.t9 = addr
 
         self._exit_action(call_state, addr)
-        self.successors.add_successor(call_state, addr, call_state.solver.true, jumpkind)
+        self.successors.add_successor(call_state, addr, claripy.true, jumpkind)
         if jumpkind != "Ijk_Call":
             call_state.callstack.call(
                 self.state.addr, addr, retn_target=ret_addr, stack_pointer=call_state.regs.sp.concrete_value
@@ -530,7 +530,7 @@ class SimProcedure:
             ret_state = self.state.copy()
             cc.setup_callsite(ret_state, ret_addr, args, prototype)
             ret_state.callstack.top.procedure_data = simcallstack_entry
-            guard = ret_state.solver.true if o.TRUE_RET_EMULATION_GUARD in ret_state.options else ret_state.solver.false
+            guard = claripy.true if o.TRUE_RET_EMULATION_GUARD in ret_state.options else claripy.false
             self.successors.add_successor(ret_state, ret_addr, guard, "Ijk_FakeRet")
 
     def jump(self, addr, jumpkind="Ijk_Boring"):
@@ -539,7 +539,7 @@ class SimProcedure:
         """
         self.inhibit_autoret = True
         self._exit_action(self.state, addr)
-        self.successors.add_successor(self.state, addr, self.state.solver.true, jumpkind)
+        self.successors.add_successor(self.state, addr, claripy.true, jumpkind)
 
     def exit(self, exit_code):
         """
@@ -550,9 +550,9 @@ class SimProcedure:
         self.state.options.discard(o.AUTO_REFS)
 
         if isinstance(exit_code, int):
-            exit_code = self.state.solver.BVV(exit_code, self.state.arch.bits)
+            exit_code = claripy.BVV(exit_code, self.state.arch.bits)
         self.state.history.add_event("terminate", exit_code=exit_code)
-        self.successors.add_successor(self.state, self.state.regs.ip, self.state.solver.true, "Ijk_Exit")
+        self.successors.add_successor(self.state, self.state.regs.ip, claripy.true, "Ijk_Exit")
 
     @staticmethod
     def _exit_action(state, addr):

angr/sim_state.py

@@ -538,7 +538,7 @@ class SimState(PluginHub):
                 # We take the argument, extract a list of constrained SIs out of it (if we could, of course), and
                 # then replace each original SI the intersection of original SI and the constrained one.
 
-                _, converted = self.solver.constraint_to_si(arg)
+                _, converted = claripy.constraint_to_si(arg)
 
                 for original_expr, constrained_si in converted:
                     if not original_expr.variables:
@@ -684,11 +684,14 @@ class SimState(PluginHub):
 
         if merge_conditions is None:
             # TODO: maybe make the length of this smaller? Maybe: math.ceil(math.log(len(others)+1, 2))
-            merge_flag = self.solver.BVS("state_merge_%d" % next(merge_counter), 16)
+            merge_flag = claripy.BVS("state_merge_%d" % next(merge_counter), 16)
             merge_values = range(len(others) + 1)
             merge_conditions = [merge_flag == b for b in merge_values]
         else:
-            merge_conditions = [(self.solver.true if len(mc) == 0 else self.solver.And(*mc)) for mc in merge_conditions]
+            merge_conditions = [
+                (claripy.true if len(mc) == 0 else claripy.And(*[c.to_claripy() for c in mc]))
+                for mc in merge_conditions
+            ]
 
         if len({o.arch.name for o in others}) != 1:
             raise SimMergeError("Unable to merge due to different architectures.")
@@ -738,7 +741,7 @@ class SimState(PluginHub):
                 l.debug("Merging occurred in %s", p)
                 merging_occurred = True
 
-        merged.add_constraints(merged.solver.Or(*merge_conditions))
+        merged.add_constraints(claripy.Or(*merge_conditions))
         return merged, merge_conditions, merging_occurred
 
     def widen(self, *others):
@@ -956,7 +959,7 @@ class SimState(PluginHub):
         def ctx(c):
             old_condition = self._global_condition
             try:
-                new_condition = c if old_condition is None else self.solver.And(old_condition, c)
+                new_condition = c if old_condition is None else claripy.And(old_condition, c)
                 self._global_condition = new_condition
                 yield
             finally:
@@ -970,7 +973,7 @@ class SimState(PluginHub):
         elif c is None:
             return self._global_condition
         else:
-            return self.solver.And(self._global_condition, c)
+            return claripy.And(self._global_condition, c)
 
     def _adjust_condition_list(self, conditions):
         if self._global_condition is None:
@@ -978,7 +981,7 @@ class SimState(PluginHub):
         elif len(conditions) == 0:
             return conditions.__class__((self._global_condition,))
         else:
-            return conditions.__class__((self._adjust_condition(self.solver.And(*conditions)),))
+            return conditions.__class__((self._adjust_condition(claripy.And(*conditions)),))
 
 
 default_state_plugin_preset = PluginPreset()

angr/sim_type.py

@@ -335,7 +335,7 @@ class SimTypeReg(SimType):
             if value.size() != self.size:
                 raise ValueError("size of expression is wrong size for type")
         elif isinstance(value, int):
-            value = state.solver.BVV(value, self.size)
+            value = claripy.BVV(value, self.size)
         elif isinstance(value, bytes):
             store_endness = "Iend_BE"
         else:
@@ -527,7 +527,7 @@ class SimTypeChar(SimTypeReg):
             super().store(state, addr, value)
         except TypeError:
             if isinstance(value, bytes) and len(value) == 1:
-                value = state.solver.BVV(value[0], state.arch.byte_width)
+                value = claripy.BVV(value[0], state.arch.byte_width)
                 super().store(state, addr, value)
             else:
                 raise
@@ -580,7 +580,7 @@ class SimTypeWideChar(SimTypeReg):
             super().store(state, addr, value)
         except TypeError:
             if isinstance(value, bytes) and len(value) == 2:
-                value = state.solver.BVV(value[0], state.arch.byte_width)
+                value = claripy.BVV(value[0], state.arch.byte_width)
                 super().store(state, addr, value)
             else:
                 raise

angr/simos/cgc.py

@@ -51,7 +51,7 @@ class SimCGC(SimUserland):
         if flag_page is None:
             flag_page = [s.solver.BVS("cgc-flag-byte-%d" % i, 8, key=("flag", i), eternal=True) for i in range(0x1000)]
         elif type(flag_page) is bytes:
-            flag_page = [s.solver.BVV(c, 8) for c in flag_page]
+            flag_page = [claripy.BVV(c, 8) for c in flag_page]
         elif type(flag_page) is list:
             pass
         else:
@@ -93,7 +93,7 @@ class SimCGC(SimUserland):
             for size in writes_backer:
                 if size == 0:
                     continue
-                str_to_write = state.solver.BVS("file_write", size * 8)
+                str_to_write = claripy.BVS("file_write", size * 8)
                 a = SimActionData(
                     state, "file_1_0", "write", addr=claripy.BVV(pos, state.arch.bits), data=str_to_write, size=size
                 )

angr/simos/simos.py

@@ -1,11 +1,10 @@
 import logging
 import struct
 
-import angr  # for types
-
-import claripy
 from archinfo import ArchMIPS32, ArchS390X
+import claripy
 
+import angr
 from ..errors import (
     AngrCallableError,
     AngrCallableMultistateError,
@@ -179,7 +178,7 @@ class SimOS:
             for reg in state.arch.default_symbolic_registers:
                 state.registers.store(
                     reg,
-                    state.solver.BVS(
+                    claripy.BVS(
                         initial_prefix + "_" + reg, state.arch.bits, explicit_name=True, key=("reg", reg), eternal=True
                     ),
                 )
@@ -437,6 +436,8 @@ class SimOS:
 
 
 class GlobalDescriptorTable:
+    """GlobalDescriptorTable object to store the GDT table and the segment registers values"""
+
     def __init__(self, addr, limit, table, gdt_sel, cs_sel, ds_sel, es_sel, ss_sel, fs_sel, gs_sel):
         self.addr = addr
         self.limit = limit

angr/simos/windows.py

@@ -170,7 +170,7 @@ class SimWindows(SimOS):
             state.mem[state.regs.sp].dword = return_addr
 
             # first argument appears to be PEB
-            tib_addr = state.regs.fs.concat(state.solver.BVV(0, 16))
+            tib_addr = state.regs.fs.concat(claripy.BVV(0, 16))
             peb_addr = state.mem[tib_addr + 0x30].dword.resolved
             state.mem[state.regs.sp + 4].dword = peb_addr
 
@@ -377,7 +377,7 @@ class SimWindows(SimOS):
 
         # first check that we actually have an exception handler
         # we check is_true since if it's symbolic this is exploitable maybe?
-        tib_addr = exc_state.regs._fs.concat(exc_state.solver.BVV(0, 16))
+        tib_addr = exc_state.regs._fs.concat(claripy.BVV(0, 16))
         if exc_state.solver.is_true(exc_state.mem[tib_addr].long.resolved == -1):
             _l.debug("... no handlers registered")
             exception.args = ("Unhandled exception: %r" % exception,)
@@ -419,7 +419,7 @@ class SimWindows(SimOS):
 
         # let's go let's go!
         # we want to use a true guard here. if it's not true, then it's already been added in windup.
-        successors.add_successor(exc_state, self._exception_handler, exc_state.solver.true, "Ijk_Exception")
+        successors.add_successor(exc_state, self._exception_handler, claripy.true, "Ijk_Exception")
         successors.processed = True
 
     # these two methods load and store register state from a struct CONTEXT
@@ -433,8 +433,8 @@ class SimWindows(SimOS):
         state.mem[addr + 0].uint32_t = 0x07  # contextflags = control | integer | segments
         # dr0 - dr7 are at 0x4-0x18
         # fp state is at 0x1c: 8 ulongs plus a char[80] gives it size 0x70
-        state.mem[addr + 0x8C].uint32_t = state.regs.gs.concat(state.solver.BVV(0, 16))
-        state.mem[addr + 0x90].uint32_t = state.regs.fs.concat(state.solver.BVV(0, 16))
+        state.mem[addr + 0x8C].uint32_t = state.regs.gs.concat(claripy.BVV(0, 16))
+        state.mem[addr + 0x90].uint32_t = state.regs.fs.concat(claripy.BVV(0, 16))
         state.mem[addr + 0x94].uint32_t = 0  # es
         state.mem[addr + 0x98].uint32_t = 0  # ds
         state.mem[addr + 0x9C].uint32_t = state.regs.edi

angr/state_plugins/heap/heap_brk.py

@@ -1,9 +1,11 @@
+import logging
+
+import claripy
+
 from angr.errors import SimSolverError
 from ..plugin import SimStatePlugin
 from . import SimHeapBase
 
-import logging
-
 l = logging.getLogger(__name__)
 
 
@@ -92,7 +94,7 @@ class SimHeapBrk(SimHeapBase):
                 final_size = plugin.max_variable_size
 
         addr = self.state.heap.allocate(final_size)
-        v = self.state.solver.BVV(0, final_size * 8)
+        v = claripy.BVV(0, final_size * 8)
         self.state.memory.store(addr, v)
         return addr
 

angr/state_plugins/heap/heap_ptmalloc.py

@@ -1,12 +1,13 @@
+import logging
+
+import claripy
+
 from ..plugin import SimStatePlugin
 from .heap_freelist import SimHeapFreelist, Chunk
 from .utils import concretize
-
 from ...errors import SimHeapError, SimMergeError, SimSolverError
 
 
-import logging
-
 l = logging.getLogger("angr.state_plugins.heap.heap_ptmalloc")
 sml = logging.getLogger("angr.state_plugins.symbolic_memory")
 
@@ -526,7 +527,7 @@ class SimHeapPTMalloc(SimHeapFreelist):
         if addr == 0:
             return 0
         if size != 0:
-            z = self.state.solver.BVV(0, size * 8)
+            z = claripy.BVV(0, size * 8)
             self.state.memory.store(addr, z)
         return addr
 

angr/state_plugins/history.py

@@ -140,17 +140,19 @@ class SimStateHistory(SimStatePlugin):
         self.parent = common_ancestor if common_ancestor is not None else self.parent
 
         # rebuild recent constraints
-        recent_constraints = [h.constraints_since(common_ancestor) for h in itertools.chain([self], others)]
+        recent_constraints = [
+            [c.ast for c in h.constraints_since(common_ancestor)] for h in itertools.chain([self], others)
+        ]
         if sim_options.SIMPLIFY_MERGED_CONSTRAINTS in self.state.options:
-            combined_constraint = self.state.solver.Or(
+            combined_constraint = claripy.Or(
                 *[
-                    self.state.solver.simplify(self.state.solver.And(*history_constraints))
+                    self.state.solver.simplify(claripy.And(*history_constraints))
                     for history_constraints in recent_constraints
                 ]
             )
         else:
-            combined_constraint = self.state.solver.Or(
-                *[self.state.solver.And(*history_constraints) for history_constraints in recent_constraints]
+            combined_constraint = claripy.Or(
+                *[claripy.And(*history_constraints) for history_constraints in recent_constraints]
             )
         self.recent_events = [
             e.recent_events for e in itertools.chain([self], others) if not isinstance(e, SimActionConstraint)

angr/state_plugins/light_registers.py

@@ -118,7 +118,7 @@ class SimLightRegisters(SimStatePlugin):
                 raise SimFastMemoryError("Invalid register store value") from None
 
         if type(value) is int:
-            value = self.state.solver.BVV(value, xsize)
+            value = claripy.BVV(value, xsize)
 
         if endness is not None and endness != self.state.arch.register_endness:
             # ???????
@@ -142,7 +142,7 @@ class SimLightRegisters(SimStatePlugin):
     def _fill(self, name, size):
         size_bits = size * self.state.arch.byte_width
         if options.ZERO_FILL_UNCONSTRAINED_REGISTERS in self.state.options:
-            value = self.state.solver.BVV(0, size_bits)
+            value = claripy.BVV(0, size_bits)
         else:
             if options.SYMBOL_FILL_UNCONSTRAINED_REGISTERS not in self.state.options:
                 if once("mem_fill_warning"):

angr/state_plugins/plugin.py

@@ -98,8 +98,8 @@ class SimStatePlugin:
         ``state.solver.union(values)``.
         TODO: fish please make this less bullshit
 
-        There is a utility ``state.solver.ite_cases`` which will help with constructing arbitrarily large merged ASTs.
-        Use it like ``self.bar = self.state.solver.ite_cases(zip(conditions[1:], [o.bar for o in others]), self.bar)``
+        There is a utility ``claripy.ite_cases`` which will help with constructing arbitrarily large merged ASTs.
+        Use it like ``self.bar = claripy.ite_cases(zip(conditions[1:], [o.bar for o in others]), self.bar)``
 
         :param others: the other state plugins to merge with
         :param merge_conditions: a symbolic condition for each of the plugins

angr/state_plugins/posix.py

@@ -1,5 +1,7 @@
 import logging
 
+import claripy
+
 from .plugin import SimStatePlugin
 from .filesystem import SimMount, Stat
 from ..storage.file import SimFile, SimPacketsStream, Flags, SimFileDescriptor, SimFileDescriptorDuplex
@@ -239,11 +241,11 @@ class SimSystemPosix(SimStatePlugin):
     def set_brk(self, new_brk):
         # arch word size is not available at init for some reason, fix that here
         if isinstance(self.brk, int):
-            self.brk = self.state.solver.BVV(self.brk, self.state.arch.bits)
+            self.brk = claripy.BVV(self.brk, self.state.arch.bits)
 
         if new_brk.symbolic:
             l.warning("Program is requesting a symbolic brk! This cannot be emulated cleanly!")
-            self.brk = self.state.solver.If(new_brk < self.brk, self.brk, new_brk)
+            self.brk = claripy.If(new_brk < self.brk, self.brk, new_brk)
 
         else:
             conc_start = self.state.solver.eval(self.brk)
@@ -342,7 +344,7 @@ class SimSystemPosix(SimStatePlugin):
             if not create_file:
                 if options.ALL_FILES_EXIST not in self.state.options:
                     if options.ANY_FILE_MIGHT_EXIST in self.state.options:
-                        file_exists = self.state.solver.BoolS("file_exists_%s" % ident, explicit_name=True)
+                        file_exists = claripy.BoolS("file_exists_%s" % ident, explicit_name=True)
                     else:
                         return -1
                 else:
@@ -369,8 +371,8 @@ class SimSystemPosix(SimStatePlugin):
         if self.state.solver.is_true(simfd.file_exists):
             return fd
         else:
-            m1 = self.state.solver.BVV(-1, self.state.arch.sizeof["int"])
-            return self.state.solver.If(simfd.file_exists, fd, m1)
+            m1 = claripy.BVV(-1, self.state.arch.sizeof["int"])
+            return claripy.If(simfd.file_exists, fd, m1)
 
     def open_socket(self, ident):
         fd = self._pick_fd()
@@ -513,8 +515,8 @@ class SimSystemPosix(SimStatePlugin):
         else:
             if options.ALL_FILES_EXIST not in self.state.options:
                 if options.ANY_FILE_MIGHT_EXIST in self.state.options:
-                    m1 = self.state.solver.BVV(-1, self.state.arch.bits)
-                    result = self.state.solver.If(self.state.solver.BoolS("file_exists"), 0, m1)
+                    m1 = claripy.BVV(-1, self.state.arch.bits)
+                    result = claripy.If(claripy.BoolS("file_exists"), 0, m1)
                 else:
                     result = -1
             else:
@@ -536,7 +538,7 @@ class SimSystemPosix(SimStatePlugin):
                 mode = (
                     self.state.solver.BVS("st_mode", 32, key=("api", "fstat", "st_mode"))
                     if fd > 2
-                    else self.state.solver.BVV(0, 32)
+                    else claripy.BVV(0, 32)
                 )
             size = self.state.solver.BVS("st_size", 64, key=("api", "fstat", "st_size"))  # st_size
             ino = 0
@@ -544,22 +546,22 @@ class SimSystemPosix(SimStatePlugin):
         # return this weird bogus zero value to keep code paths in libc simple :\
         return (
             Stat(
-                self.state.solver.BVV(0, 64),  # st_dev
-                self.state.solver.BVV(ino, 64),  # st_ino
-                self.state.solver.BVV(0, 64),  # st_nlink
+                claripy.BVV(0, 64),  # st_dev
+                claripy.BVV(ino, 64),  # st_ino
+                claripy.BVV(0, 64),  # st_nlink
                 mode,  # st_mode
-                self.state.solver.BVV(0, 32),  # st_uid (lol root)
-                self.state.solver.BVV(0, 32),  # st_gid
-                self.state.solver.BVV(0, 64),  # st_rdev
+                claripy.BVV(0, 32),  # st_uid (lol root)
+                claripy.BVV(0, 32),  # st_gid
+                claripy.BVV(0, 64),  # st_rdev
                 size,  # st_size
-                self.state.solver.BVV(0x400, 64),  # st_blksize
-                self.state.solver.BVV(0, 64),  # st_blocks
-                self.state.solver.BVV(0, 64),  # st_atime
-                self.state.solver.BVV(0, 64),  # st_atimensec
-                self.state.solver.BVV(0, 64),  # st_mtime
-                self.state.solver.BVV(0, 64),  # st_mtimensec
-                self.state.solver.BVV(0, 64),  # st_ctime
-                self.state.solver.BVV(0, 64),  # st_ctimensec
+                claripy.BVV(0x400, 64),  # st_blksize
+                claripy.BVV(0, 64),  # st_blocks
+                claripy.BVV(0, 64),  # st_atime
+                claripy.BVV(0, 64),  # st_atimensec
+                claripy.BVV(0, 64),  # st_mtime
+                claripy.BVV(0, 64),  # st_mtimensec
+                claripy.BVV(0, 64),  # st_ctime
+                claripy.BVV(0, 64),  # st_ctimensec
             ),
             result,
         )
@@ -594,15 +596,15 @@ class SimSystemPosix(SimStatePlugin):
         :param valid_ptr: is set if the new_mask was not NULL
         """
         oldmask = self.sigmask(sigsetsize)
-        self._sigmask = self.state.solver.If(
+        self._sigmask = claripy.If(
             valid_ptr,
-            self.state.solver.If(
+            claripy.If(
                 how == self.SIG_BLOCK,
                 oldmask | new_mask,
-                self.state.solver.If(
+                claripy.If(
                     how == self.SIG_UNBLOCK,
                     oldmask & (~new_mask),
-                    self.state.solver.If(how == self.SIG_SETMASK, new_mask, oldmask),
+                    claripy.If(how == self.SIG_SETMASK, new_mask, oldmask),
                 ),
             ),
             oldmask,

angr/state_plugins/preconstrainer.py

@@ -1,4 +1,5 @@
 import logging
+
 import claripy
 
 from .plugin import SimStatePlugin
@@ -52,7 +53,7 @@ class SimStatePreconstrainer(SimStatePlugin):
         :param variable:    The BVS to preconstrain.
         """
         if not isinstance(value, claripy.ast.Base):
-            value = self.state.solver.BVV(value, len(variable))
+            value = claripy.BVV(value, len(variable))
         elif value.op != "BVV":
             raise ValueError("Passed a value to preconstrain that was not a BVV or a string")
 

angr/state_plugins/solver.py

@@ -4,11 +4,12 @@ import logging
 import os
 from typing import TypeVar, overload
 
-from angr import sim_options as o
-from angr.errors import SimValueError, SimUnsatError, SimSolverModeError, SimSolverOptionError
 import claripy
 from claripy import backend_manager
 
+from angr import sim_options as o
+from angr.errors import SimValueError, SimUnsatError, SimSolverModeError, SimSolverOptionError
+from angr.sim_state import SimState
 from .plugin import SimStatePlugin
 from .sim_action_object import ast_stripping_decorator, SimActionObject
 
@@ -234,13 +235,16 @@ class SimSolver(SimStatePlugin):
         [(('mem', 0x1000), <BV64 mem_1000_4_64>), (('mem', 0x1008), <BV64 mem_1008_5_64>)]
 
         >>> list(s.solver.get_variables('file'))
-        [(('file', 1, 0), <BV8 file_1_0_6_8>), (('file', 1, 1), <BV8 file_1_1_7_8>), (('file', 2, 0), <BV8 file_2_0_8_8>)]
+        [(('file', 1, 0), <BV8 file_1_0_6_8>), (('file', 1, 1), <BV8 file_1_1_7_8>),
+            (('file', 2, 0), <BV8 file_2_0_8_8>)]
 
         >>> list(s.solver.get_variables('file', 2))
         [(('file', 2, 0), <BV8 file_2_0_8_8>)]
 
         >>> list(s.solver.get_variables())
-        [(('mem', 0x1000), <BV64 mem_1000_4_64>), (('mem', 0x1008), <BV64 mem_1008_5_64>), (('file', 1, 0), <BV8 file_1_0_6_8>), (('file', 1, 1), <BV8 file_1_1_7_8>), (('file', 2, 0), <BV8 file_2_0_8_8>)]
+        [(('mem', 0x1000), <BV64 mem_1000_4_64>), (('mem', 0x1008), <BV64 mem_1008_5_64>),
+            (('file', 1, 0), <BV8 file_1_0_6_8>), (('file', 1, 1), <BV8 file_1_1_7_8>),
+            (('file', 2, 0), <BV8 file_2_0_8_8>)]
         """
         for k, v in self.eternal_tracked_variables.items():
             if len(k) >= len(keys) and all(x == y for x, y in zip(keys, k)):
@@ -464,24 +468,6 @@ class SimSolver(SimStatePlugin):
             self.all_variables.append(r)
         return r
 
-    #
-    # Operation passthroughs to claripy
-    #
-
-    def __getattr__(self, a):
-        f = getattr(claripy._all_operations, a)
-        if hasattr(f, "__call__"):
-            ff = error_converter(ast_stripping_decorator(f))
-            if _timing_enabled:
-                ff = functools.partial(timed_function(ff), the_solver=self)
-            ff.__doc__ = f.__doc__
-            return ff
-        else:
-            return f
-
-    def __dir__(self):
-        return sorted(set(dir(super()) + dir(claripy._all_operations) + dir(self.__class__)))
-
     #
     # Branching stuff
     #
@@ -508,7 +494,7 @@ class SimSolver(SimStatePlugin):
 
     @error_converter
     def widen(self, others):
-        c = self.state.solver.BVS("random_widen_condition", 32)
+        c = claripy.BVS("random_widen_condition", 32)
         merge_conditions = [[c == i] for i in range(len(others) + 1)]
         merging_occurred = self.merge(others, merge_conditions)
         return merging_occurred
@@ -538,7 +524,7 @@ class SimSolver(SimStatePlugin):
             l.critical("PLEASE REPORT THIS MESSAGE, AND WHAT YOU WERE DOING, TO YAN")
             return self.state._global_condition
         else:
-            return self.Or(self.Not(self.state._global_condition), c)
+            return claripy.Or(claripy.Not(self.state._global_condition), c)
 
     def _adjust_constraint_list(self, constraints):
         if self.state._global_condition is None:
@@ -546,7 +532,7 @@ class SimSolver(SimStatePlugin):
         if len(constraints) == 0:
             return constraints.__class__((self.state._global_condition,))
         else:
-            return constraints.__class__((self._adjust_constraint(self.And(*constraints)),))
+            return constraints.__class__((self._adjust_constraint(claripy.And(*constraints)),))
 
     @timed_function
     @ast_stripping_decorator
@@ -1108,8 +1094,6 @@ class SimSolver(SimStatePlugin):
         return e.variables
 
 
-from angr.sim_state import SimState
-
 SimState.register_default("solver", SimSolver)
 
 from .inspect import BP_AFTER

angr/state_plugins/trace_additions.py

@@ -196,7 +196,7 @@ def end_info_hook(state):
     if pending_info.get_type() == "StrToInt":
         # mark the input
         input_val = state.mem[pending_info.input_val].string.resolved
-        result = state.solver.BVV(state.solver.eval(state.regs.eax, cast_to=bytes))
+        result = claripy.BVV(state.solver.eval(state.regs.eax, cast_to=bytes))
         real_len = chall_resp_plugin.get_real_len(
             input_val, pending_info.input_base, result, pending_info.allows_negative
         )
@@ -207,7 +207,7 @@ def end_info_hook(state):
             return
 
         # result constraint
-        new_var = state.solver.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_result", 32)
+        new_var = claripy.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_result", 32)
         constraint = new_var == result
         chall_resp_plugin.replacement_pairs.append((new_var, state.regs.eax))
         state.regs.eax = new_var
@@ -215,7 +215,7 @@ def end_info_hook(state):
         # finish marking the input
         input_val = state.memory.load(pending_info.input_val, real_len)
         l.debug("string len was %d, value was %d", real_len, state.solver.eval(result))
-        input_bvs = state.solver.BVS(
+        input_bvs = claripy.BVS(
             pending_info.get_type() + "_" + str(pending_info.input_base) + "_input", input_val.size()
         )
         chall_resp_plugin.str_to_int_pairs.append((input_bvs, new_var))
@@ -224,23 +224,19 @@ def end_info_hook(state):
         chall_resp_plugin.replacement_pairs.append((input_bvs, input_val))
     elif pending_info.get_type() == "IntToStr":
         # result constraint
-        result = state.solver.BVV(
-            state.solver.eval(state.mem[pending_info.str_dst_addr].string.resolved, cast_to=bytes)
-        )
+        result = claripy.BVV(state.solver.eval(state.mem[pending_info.str_dst_addr].string.resolved, cast_to=bytes))
         if result is None or result.size() == 0:
             l.warning("zero len string")
             chall_resp_plugin.pop_from_backup()
             return
-        new_var = state.solver.BVS(
-            pending_info.get_type() + "_" + str(pending_info.input_base) + "_result", result.size()
-        )
+        new_var = claripy.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_result", result.size())
         chall_resp_plugin.replacement_pairs.append((new_var, state.mem[pending_info.str_dst_addr].string.resolved))
         state.memory.store(pending_info.str_dst_addr, new_var)
         constraint = new_var == result
 
         # mark the input
         input_val = pending_info.input_val
-        input_bvs = state.solver.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_input", 32)
+        input_bvs = claripy.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_input", 32)
         chall_resp_plugin.int_to_str_pairs.append((input_bvs, new_var))
         chall_resp_plugin.replacement_pairs.append((input_bvs, input_val))
         # here we need the constraint that the input was equal to the StrToInt_input
@@ -298,8 +294,8 @@ def syscall_hook(state):
         num_bytes = state.solver.eval(state.regs.ecx)
         buf = state.solver.eval(state.regs.ebx)
         if num_bytes != 0:
-            rand_bytes = state.solver.BVS("random", num_bytes * 8)
-            concrete_val = state.solver.BVV("A" * num_bytes)
+            rand_bytes = claripy.BVS("random", num_bytes * 8)
+            concrete_val = claripy.BVV("A" * num_bytes)
             state.solver._solver.add_replacement(rand_bytes, concrete_val, invalidate_cache=False)
             state.memory.store(buf, rand_bytes)
 
@@ -509,7 +505,7 @@ class ChallRespInfo(angr.state_plugins.SimStatePlugin):
             solns = solns[0]
 
             # now make the real stdin
-            stdin = state.solver.eval(state.solver.BVV(solns[0], pos * 8), cast_to=bytes)
+            stdin = state.solver.eval(claripy.BVV(solns[0], pos * 8), cast_to=bytes)
 
             stdin_replacements = []
             for soln, (_, int_var) in zip(solns[1:], chall_resp_plugin.str_to_int_pairs):