angr 9.2.116__py3-none-manylinux2014_x86_64.whl → 9.2.117__py3-none-manylinux2014_x86_64.whl

angr/sim_type.py

@@ -335,7 +335,7 @@ class SimTypeReg(SimType):
             if value.size() != self.size:
                 raise ValueError("size of expression is wrong size for type")
         elif isinstance(value, int):
-            value = state.solver.BVV(value, self.size)
+            value = claripy.BVV(value, self.size)
         elif isinstance(value, bytes):
             store_endness = "Iend_BE"
         else:
@@ -527,7 +527,7 @@ class SimTypeChar(SimTypeReg):
             super().store(state, addr, value)
         except TypeError:
             if isinstance(value, bytes) and len(value) == 1:
-                value = state.solver.BVV(value[0], state.arch.byte_width)
+                value = claripy.BVV(value[0], state.arch.byte_width)
                 super().store(state, addr, value)
             else:
                 raise
@@ -580,7 +580,7 @@ class SimTypeWideChar(SimTypeReg):
             super().store(state, addr, value)
         except TypeError:
             if isinstance(value, bytes) and len(value) == 2:
-                value = state.solver.BVV(value[0], state.arch.byte_width)
+                value = claripy.BVV(value[0], state.arch.byte_width)
                 super().store(state, addr, value)
             else:
                 raise

angr/simos/cgc.py

@@ -51,7 +51,7 @@ class SimCGC(SimUserland):
         if flag_page is None:
             flag_page = [s.solver.BVS("cgc-flag-byte-%d" % i, 8, key=("flag", i), eternal=True) for i in range(0x1000)]
         elif type(flag_page) is bytes:
-            flag_page = [s.solver.BVV(c, 8) for c in flag_page]
+            flag_page = [claripy.BVV(c, 8) for c in flag_page]
         elif type(flag_page) is list:
             pass
         else:
@@ -93,7 +93,7 @@ class SimCGC(SimUserland):
             for size in writes_backer:
                 if size == 0:
                     continue
-                str_to_write = state.solver.BVS("file_write", size * 8)
+                str_to_write = claripy.BVS("file_write", size * 8)
                 a = SimActionData(
                     state, "file_1_0", "write", addr=claripy.BVV(pos, state.arch.bits), data=str_to_write, size=size
                 )

angr/simos/simos.py

@@ -1,11 +1,10 @@
 import logging
 import struct
 
-import angr  # for types
-
-import claripy
 from archinfo import ArchMIPS32, ArchS390X
+import claripy
 
+import angr
 from ..errors import (
     AngrCallableError,
     AngrCallableMultistateError,
@@ -179,7 +178,7 @@ class SimOS:
             for reg in state.arch.default_symbolic_registers:
                 state.registers.store(
                     reg,
-                    state.solver.BVS(
+                    claripy.BVS(
                         initial_prefix + "_" + reg, state.arch.bits, explicit_name=True, key=("reg", reg), eternal=True
                     ),
                 )
@@ -437,6 +436,8 @@ class SimOS:
 
 
 class GlobalDescriptorTable:
+    """GlobalDescriptorTable object to store the GDT table and the segment registers values"""
+
     def __init__(self, addr, limit, table, gdt_sel, cs_sel, ds_sel, es_sel, ss_sel, fs_sel, gs_sel):
         self.addr = addr
         self.limit = limit

angr/simos/windows.py

@@ -170,7 +170,7 @@ class SimWindows(SimOS):
             state.mem[state.regs.sp].dword = return_addr
 
             # first argument appears to be PEB
-            tib_addr = state.regs.fs.concat(state.solver.BVV(0, 16))
+            tib_addr = state.regs.fs.concat(claripy.BVV(0, 16))
             peb_addr = state.mem[tib_addr + 0x30].dword.resolved
             state.mem[state.regs.sp + 4].dword = peb_addr
 
@@ -377,7 +377,7 @@ class SimWindows(SimOS):
 
         # first check that we actually have an exception handler
         # we check is_true since if it's symbolic this is exploitable maybe?
-        tib_addr = exc_state.regs._fs.concat(exc_state.solver.BVV(0, 16))
+        tib_addr = exc_state.regs._fs.concat(claripy.BVV(0, 16))
         if exc_state.solver.is_true(exc_state.mem[tib_addr].long.resolved == -1):
             _l.debug("... no handlers registered")
             exception.args = ("Unhandled exception: %r" % exception,)
@@ -419,7 +419,7 @@ class SimWindows(SimOS):
 
         # let's go let's go!
         # we want to use a true guard here. if it's not true, then it's already been added in windup.
-        successors.add_successor(exc_state, self._exception_handler, exc_state.solver.true, "Ijk_Exception")
+        successors.add_successor(exc_state, self._exception_handler, claripy.true, "Ijk_Exception")
         successors.processed = True
 
     # these two methods load and store register state from a struct CONTEXT
@@ -433,8 +433,8 @@ class SimWindows(SimOS):
         state.mem[addr + 0].uint32_t = 0x07  # contextflags = control | integer | segments
         # dr0 - dr7 are at 0x4-0x18
         # fp state is at 0x1c: 8 ulongs plus a char[80] gives it size 0x70
-        state.mem[addr + 0x8C].uint32_t = state.regs.gs.concat(state.solver.BVV(0, 16))
-        state.mem[addr + 0x90].uint32_t = state.regs.fs.concat(state.solver.BVV(0, 16))
+        state.mem[addr + 0x8C].uint32_t = state.regs.gs.concat(claripy.BVV(0, 16))
+        state.mem[addr + 0x90].uint32_t = state.regs.fs.concat(claripy.BVV(0, 16))
         state.mem[addr + 0x94].uint32_t = 0  # es
         state.mem[addr + 0x98].uint32_t = 0  # ds
         state.mem[addr + 0x9C].uint32_t = state.regs.edi

angr/state_plugins/heap/heap_brk.py

@@ -1,9 +1,11 @@
+import logging
+
+import claripy
+
 from angr.errors import SimSolverError
 from ..plugin import SimStatePlugin
 from . import SimHeapBase
 
-import logging
-
 l = logging.getLogger(__name__)
 
 
@@ -92,7 +94,7 @@ class SimHeapBrk(SimHeapBase):
                 final_size = plugin.max_variable_size
 
         addr = self.state.heap.allocate(final_size)
-        v = self.state.solver.BVV(0, final_size * 8)
+        v = claripy.BVV(0, final_size * 8)
         self.state.memory.store(addr, v)
         return addr
 

angr/state_plugins/heap/heap_ptmalloc.py

@@ -1,12 +1,13 @@
+import logging
+
+import claripy
+
 from ..plugin import SimStatePlugin
 from .heap_freelist import SimHeapFreelist, Chunk
 from .utils import concretize
-
 from ...errors import SimHeapError, SimMergeError, SimSolverError
 
 
-import logging
-
 l = logging.getLogger("angr.state_plugins.heap.heap_ptmalloc")
 sml = logging.getLogger("angr.state_plugins.symbolic_memory")
 
@@ -526,7 +527,7 @@ class SimHeapPTMalloc(SimHeapFreelist):
         if addr == 0:
             return 0
         if size != 0:
-            z = self.state.solver.BVV(0, size * 8)
+            z = claripy.BVV(0, size * 8)
             self.state.memory.store(addr, z)
         return addr
 

angr/state_plugins/history.py

@@ -140,17 +140,19 @@ class SimStateHistory(SimStatePlugin):
         self.parent = common_ancestor if common_ancestor is not None else self.parent
 
         # rebuild recent constraints
-        recent_constraints = [h.constraints_since(common_ancestor) for h in itertools.chain([self], others)]
+        recent_constraints = [
+            [c.ast for c in h.constraints_since(common_ancestor)] for h in itertools.chain([self], others)
+        ]
         if sim_options.SIMPLIFY_MERGED_CONSTRAINTS in self.state.options:
-            combined_constraint = self.state.solver.Or(
+            combined_constraint = claripy.Or(
                 *[
-                    self.state.solver.simplify(self.state.solver.And(*history_constraints))
+                    self.state.solver.simplify(claripy.And(*history_constraints))
                     for history_constraints in recent_constraints
                 ]
             )
         else:
-            combined_constraint = self.state.solver.Or(
-                *[self.state.solver.And(*history_constraints) for history_constraints in recent_constraints]
+            combined_constraint = claripy.Or(
+                *[claripy.And(*history_constraints) for history_constraints in recent_constraints]
             )
         self.recent_events = [
             e.recent_events for e in itertools.chain([self], others) if not isinstance(e, SimActionConstraint)

angr/state_plugins/light_registers.py

@@ -118,7 +118,7 @@ class SimLightRegisters(SimStatePlugin):
                 raise SimFastMemoryError("Invalid register store value") from None
 
         if type(value) is int:
-            value = self.state.solver.BVV(value, xsize)
+            value = claripy.BVV(value, xsize)
 
         if endness is not None and endness != self.state.arch.register_endness:
             # ???????
@@ -142,7 +142,7 @@ class SimLightRegisters(SimStatePlugin):
     def _fill(self, name, size):
         size_bits = size * self.state.arch.byte_width
         if options.ZERO_FILL_UNCONSTRAINED_REGISTERS in self.state.options:
-            value = self.state.solver.BVV(0, size_bits)
+            value = claripy.BVV(0, size_bits)
         else:
             if options.SYMBOL_FILL_UNCONSTRAINED_REGISTERS not in self.state.options:
                 if once("mem_fill_warning"):

angr/state_plugins/plugin.py

@@ -98,8 +98,8 @@ class SimStatePlugin:
         ``state.solver.union(values)``.
         TODO: fish please make this less bullshit
 
-        There is a utility ``state.solver.ite_cases`` which will help with constructing arbitrarily large merged ASTs.
-        Use it like ``self.bar = self.state.solver.ite_cases(zip(conditions[1:], [o.bar for o in others]), self.bar)``
+        There is a utility ``claripy.ite_cases`` which will help with constructing arbitrarily large merged ASTs.
+        Use it like ``self.bar = claripy.ite_cases(zip(conditions[1:], [o.bar for o in others]), self.bar)``
 
         :param others: the other state plugins to merge with
         :param merge_conditions: a symbolic condition for each of the plugins

angr/state_plugins/posix.py

@@ -1,5 +1,7 @@
 import logging
 
+import claripy
+
 from .plugin import SimStatePlugin
 from .filesystem import SimMount, Stat
 from ..storage.file import SimFile, SimPacketsStream, Flags, SimFileDescriptor, SimFileDescriptorDuplex
@@ -239,11 +241,11 @@ class SimSystemPosix(SimStatePlugin):
     def set_brk(self, new_brk):
         # arch word size is not available at init for some reason, fix that here
         if isinstance(self.brk, int):
-            self.brk = self.state.solver.BVV(self.brk, self.state.arch.bits)
+            self.brk = claripy.BVV(self.brk, self.state.arch.bits)
 
         if new_brk.symbolic:
             l.warning("Program is requesting a symbolic brk! This cannot be emulated cleanly!")
-            self.brk = self.state.solver.If(new_brk < self.brk, self.brk, new_brk)
+            self.brk = claripy.If(new_brk < self.brk, self.brk, new_brk)
 
         else:
             conc_start = self.state.solver.eval(self.brk)
@@ -342,7 +344,7 @@ class SimSystemPosix(SimStatePlugin):
             if not create_file:
                 if options.ALL_FILES_EXIST not in self.state.options:
                     if options.ANY_FILE_MIGHT_EXIST in self.state.options:
-                        file_exists = self.state.solver.BoolS("file_exists_%s" % ident, explicit_name=True)
+                        file_exists = claripy.BoolS("file_exists_%s" % ident, explicit_name=True)
                     else:
                         return -1
                 else:
@@ -369,8 +371,8 @@ class SimSystemPosix(SimStatePlugin):
         if self.state.solver.is_true(simfd.file_exists):
             return fd
         else:
-            m1 = self.state.solver.BVV(-1, self.state.arch.sizeof["int"])
-            return self.state.solver.If(simfd.file_exists, fd, m1)
+            m1 = claripy.BVV(-1, self.state.arch.sizeof["int"])
+            return claripy.If(simfd.file_exists, fd, m1)
 
     def open_socket(self, ident):
         fd = self._pick_fd()
@@ -513,8 +515,8 @@ class SimSystemPosix(SimStatePlugin):
         else:
             if options.ALL_FILES_EXIST not in self.state.options:
                 if options.ANY_FILE_MIGHT_EXIST in self.state.options:
-                    m1 = self.state.solver.BVV(-1, self.state.arch.bits)
-                    result = self.state.solver.If(self.state.solver.BoolS("file_exists"), 0, m1)
+                    m1 = claripy.BVV(-1, self.state.arch.bits)
+                    result = claripy.If(claripy.BoolS("file_exists"), 0, m1)
                 else:
                     result = -1
             else:
@@ -536,7 +538,7 @@ class SimSystemPosix(SimStatePlugin):
                 mode = (
                     self.state.solver.BVS("st_mode", 32, key=("api", "fstat", "st_mode"))
                     if fd > 2
-                    else self.state.solver.BVV(0, 32)
+                    else claripy.BVV(0, 32)
                 )
             size = self.state.solver.BVS("st_size", 64, key=("api", "fstat", "st_size"))  # st_size
             ino = 0
@@ -544,22 +546,22 @@ class SimSystemPosix(SimStatePlugin):
         # return this weird bogus zero value to keep code paths in libc simple :\
         return (
             Stat(
-                self.state.solver.BVV(0, 64),  # st_dev
-                self.state.solver.BVV(ino, 64),  # st_ino
-                self.state.solver.BVV(0, 64),  # st_nlink
+                claripy.BVV(0, 64),  # st_dev
+                claripy.BVV(ino, 64),  # st_ino
+                claripy.BVV(0, 64),  # st_nlink
                 mode,  # st_mode
-                self.state.solver.BVV(0, 32),  # st_uid (lol root)
-                self.state.solver.BVV(0, 32),  # st_gid
-                self.state.solver.BVV(0, 64),  # st_rdev
+                claripy.BVV(0, 32),  # st_uid (lol root)
+                claripy.BVV(0, 32),  # st_gid
+                claripy.BVV(0, 64),  # st_rdev
                 size,  # st_size
-                self.state.solver.BVV(0x400, 64),  # st_blksize
-                self.state.solver.BVV(0, 64),  # st_blocks
-                self.state.solver.BVV(0, 64),  # st_atime
-                self.state.solver.BVV(0, 64),  # st_atimensec
-                self.state.solver.BVV(0, 64),  # st_mtime
-                self.state.solver.BVV(0, 64),  # st_mtimensec
-                self.state.solver.BVV(0, 64),  # st_ctime
-                self.state.solver.BVV(0, 64),  # st_ctimensec
+                claripy.BVV(0x400, 64),  # st_blksize
+                claripy.BVV(0, 64),  # st_blocks
+                claripy.BVV(0, 64),  # st_atime
+                claripy.BVV(0, 64),  # st_atimensec
+                claripy.BVV(0, 64),  # st_mtime
+                claripy.BVV(0, 64),  # st_mtimensec
+                claripy.BVV(0, 64),  # st_ctime
+                claripy.BVV(0, 64),  # st_ctimensec
             ),
             result,
         )
@@ -594,15 +596,15 @@ class SimSystemPosix(SimStatePlugin):
         :param valid_ptr: is set if the new_mask was not NULL
         """
         oldmask = self.sigmask(sigsetsize)
-        self._sigmask = self.state.solver.If(
+        self._sigmask = claripy.If(
             valid_ptr,
-            self.state.solver.If(
+            claripy.If(
                 how == self.SIG_BLOCK,
                 oldmask | new_mask,
-                self.state.solver.If(
+                claripy.If(
                     how == self.SIG_UNBLOCK,
                     oldmask & (~new_mask),
-                    self.state.solver.If(how == self.SIG_SETMASK, new_mask, oldmask),
+                    claripy.If(how == self.SIG_SETMASK, new_mask, oldmask),
                 ),
             ),
             oldmask,

angr/state_plugins/preconstrainer.py

@@ -1,4 +1,5 @@
 import logging
+
 import claripy
 
 from .plugin import SimStatePlugin
@@ -52,7 +53,7 @@ class SimStatePreconstrainer(SimStatePlugin):
         :param variable:    The BVS to preconstrain.
         """
         if not isinstance(value, claripy.ast.Base):
-            value = self.state.solver.BVV(value, len(variable))
+            value = claripy.BVV(value, len(variable))
         elif value.op != "BVV":
             raise ValueError("Passed a value to preconstrain that was not a BVV or a string")
 

angr/state_plugins/solver.py

@@ -4,11 +4,12 @@ import logging
 import os
 from typing import TypeVar, overload
 
-from angr import sim_options as o
-from angr.errors import SimValueError, SimUnsatError, SimSolverModeError, SimSolverOptionError
 import claripy
 from claripy import backend_manager
 
+from angr import sim_options as o
+from angr.errors import SimValueError, SimUnsatError, SimSolverModeError, SimSolverOptionError
+from angr.sim_state import SimState
 from .plugin import SimStatePlugin
 from .sim_action_object import ast_stripping_decorator, SimActionObject
 
@@ -234,13 +235,16 @@ class SimSolver(SimStatePlugin):
         [(('mem', 0x1000), <BV64 mem_1000_4_64>), (('mem', 0x1008), <BV64 mem_1008_5_64>)]
 
         >>> list(s.solver.get_variables('file'))
-        [(('file', 1, 0), <BV8 file_1_0_6_8>), (('file', 1, 1), <BV8 file_1_1_7_8>), (('file', 2, 0), <BV8 file_2_0_8_8>)]
+        [(('file', 1, 0), <BV8 file_1_0_6_8>), (('file', 1, 1), <BV8 file_1_1_7_8>),
+            (('file', 2, 0), <BV8 file_2_0_8_8>)]
 
         >>> list(s.solver.get_variables('file', 2))
         [(('file', 2, 0), <BV8 file_2_0_8_8>)]
 
         >>> list(s.solver.get_variables())
-        [(('mem', 0x1000), <BV64 mem_1000_4_64>), (('mem', 0x1008), <BV64 mem_1008_5_64>), (('file', 1, 0), <BV8 file_1_0_6_8>), (('file', 1, 1), <BV8 file_1_1_7_8>), (('file', 2, 0), <BV8 file_2_0_8_8>)]
+        [(('mem', 0x1000), <BV64 mem_1000_4_64>), (('mem', 0x1008), <BV64 mem_1008_5_64>),
+            (('file', 1, 0), <BV8 file_1_0_6_8>), (('file', 1, 1), <BV8 file_1_1_7_8>),
+            (('file', 2, 0), <BV8 file_2_0_8_8>)]
         """
         for k, v in self.eternal_tracked_variables.items():
             if len(k) >= len(keys) and all(x == y for x, y in zip(keys, k)):
@@ -464,24 +468,6 @@ class SimSolver(SimStatePlugin):
             self.all_variables.append(r)
         return r
 
-    #
-    # Operation passthroughs to claripy
-    #
-
-    def __getattr__(self, a):
-        f = getattr(claripy._all_operations, a)
-        if hasattr(f, "__call__"):
-            ff = error_converter(ast_stripping_decorator(f))
-            if _timing_enabled:
-                ff = functools.partial(timed_function(ff), the_solver=self)
-            ff.__doc__ = f.__doc__
-            return ff
-        else:
-            return f
-
-    def __dir__(self):
-        return sorted(set(dir(super()) + dir(claripy._all_operations) + dir(self.__class__)))
-
     #
     # Branching stuff
     #
@@ -508,7 +494,7 @@ class SimSolver(SimStatePlugin):
 
     @error_converter
     def widen(self, others):
-        c = self.state.solver.BVS("random_widen_condition", 32)
+        c = claripy.BVS("random_widen_condition", 32)
         merge_conditions = [[c == i] for i in range(len(others) + 1)]
         merging_occurred = self.merge(others, merge_conditions)
         return merging_occurred
@@ -538,7 +524,7 @@ class SimSolver(SimStatePlugin):
             l.critical("PLEASE REPORT THIS MESSAGE, AND WHAT YOU WERE DOING, TO YAN")
             return self.state._global_condition
         else:
-            return self.Or(self.Not(self.state._global_condition), c)
+            return claripy.Or(claripy.Not(self.state._global_condition), c)
 
     def _adjust_constraint_list(self, constraints):
         if self.state._global_condition is None:
@@ -546,7 +532,7 @@ class SimSolver(SimStatePlugin):
         if len(constraints) == 0:
             return constraints.__class__((self.state._global_condition,))
         else:
-            return constraints.__class__((self._adjust_constraint(self.And(*constraints)),))
+            return constraints.__class__((self._adjust_constraint(claripy.And(*constraints)),))
 
     @timed_function
     @ast_stripping_decorator
@@ -1108,8 +1094,6 @@ class SimSolver(SimStatePlugin):
         return e.variables
 
 
-from angr.sim_state import SimState
-
 SimState.register_default("solver", SimSolver)
 
 from .inspect import BP_AFTER

angr/state_plugins/trace_additions.py

@@ -196,7 +196,7 @@ def end_info_hook(state):
     if pending_info.get_type() == "StrToInt":
         # mark the input
         input_val = state.mem[pending_info.input_val].string.resolved
-        result = state.solver.BVV(state.solver.eval(state.regs.eax, cast_to=bytes))
+        result = claripy.BVV(state.solver.eval(state.regs.eax, cast_to=bytes))
         real_len = chall_resp_plugin.get_real_len(
             input_val, pending_info.input_base, result, pending_info.allows_negative
         )
@@ -207,7 +207,7 @@ def end_info_hook(state):
             return
 
         # result constraint
-        new_var = state.solver.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_result", 32)
+        new_var = claripy.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_result", 32)
         constraint = new_var == result
         chall_resp_plugin.replacement_pairs.append((new_var, state.regs.eax))
         state.regs.eax = new_var
@@ -215,7 +215,7 @@ def end_info_hook(state):
         # finish marking the input
         input_val = state.memory.load(pending_info.input_val, real_len)
         l.debug("string len was %d, value was %d", real_len, state.solver.eval(result))
-        input_bvs = state.solver.BVS(
+        input_bvs = claripy.BVS(
             pending_info.get_type() + "_" + str(pending_info.input_base) + "_input", input_val.size()
         )
         chall_resp_plugin.str_to_int_pairs.append((input_bvs, new_var))
@@ -224,23 +224,19 @@ def end_info_hook(state):
         chall_resp_plugin.replacement_pairs.append((input_bvs, input_val))
     elif pending_info.get_type() == "IntToStr":
         # result constraint
-        result = state.solver.BVV(
-            state.solver.eval(state.mem[pending_info.str_dst_addr].string.resolved, cast_to=bytes)
-        )
+        result = claripy.BVV(state.solver.eval(state.mem[pending_info.str_dst_addr].string.resolved, cast_to=bytes))
         if result is None or result.size() == 0:
             l.warning("zero len string")
             chall_resp_plugin.pop_from_backup()
             return
-        new_var = state.solver.BVS(
-            pending_info.get_type() + "_" + str(pending_info.input_base) + "_result", result.size()
-        )
+        new_var = claripy.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_result", result.size())
         chall_resp_plugin.replacement_pairs.append((new_var, state.mem[pending_info.str_dst_addr].string.resolved))
         state.memory.store(pending_info.str_dst_addr, new_var)
         constraint = new_var == result
 
         # mark the input
         input_val = pending_info.input_val
-        input_bvs = state.solver.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_input", 32)
+        input_bvs = claripy.BVS(pending_info.get_type() + "_" + str(pending_info.input_base) + "_input", 32)
         chall_resp_plugin.int_to_str_pairs.append((input_bvs, new_var))
         chall_resp_plugin.replacement_pairs.append((input_bvs, input_val))
         # here we need the constraint that the input was equal to the StrToInt_input
@@ -298,8 +294,8 @@ def syscall_hook(state):
         num_bytes = state.solver.eval(state.regs.ecx)
         buf = state.solver.eval(state.regs.ebx)
         if num_bytes != 0:
-            rand_bytes = state.solver.BVS("random", num_bytes * 8)
-            concrete_val = state.solver.BVV("A" * num_bytes)
+            rand_bytes = claripy.BVS("random", num_bytes * 8)
+            concrete_val = claripy.BVV("A" * num_bytes)
             state.solver._solver.add_replacement(rand_bytes, concrete_val, invalidate_cache=False)
             state.memory.store(buf, rand_bytes)
 
@@ -509,7 +505,7 @@ class ChallRespInfo(angr.state_plugins.SimStatePlugin):
             solns = solns[0]
 
             # now make the real stdin
-            stdin = state.solver.eval(state.solver.BVV(solns[0], pos * 8), cast_to=bytes)
+            stdin = state.solver.eval(claripy.BVV(solns[0], pos * 8), cast_to=bytes)
 
             stdin_replacements = []
             for soln, (_, int_var) in zip(solns[1:], chall_resp_plugin.str_to_int_pairs):

angr/state_plugins/uc_manager.py

@@ -1,10 +1,12 @@
 import logging
 
-l = logging.getLogger(name=__name__)
+import claripy
 
 from .plugin import SimStatePlugin
 from ..errors import SimUCManagerAllocationError
 
+l = logging.getLogger(name=__name__)
+
 
 class SimUCManager(SimStatePlugin):
     def __init__(self, man=None):
@@ -45,7 +47,7 @@ class SimUCManager(SimStatePlugin):
             )
 
         abs_addr = self._region_base + self._pos
-        ptr = self.state.solver.BVV(abs_addr, self.state.arch.bits)
+        ptr = claripy.BVV(abs_addr, self.state.arch.bits)
         self._pos += self._region_size
 
         self._alloc_depth_map[(abs_addr - self._region_base) // self._region_size] = dst_addr_ast.uc_alloc_depth

angr/state_plugins/unicorn_engine.py

@@ -1791,7 +1791,7 @@ class Unicorn(SimStatePlugin):
         # some architecture-specific register fixups
         if state.arch.name in {"X86", "AMD64"}:
             # update the eflags
-            state.regs.eflags = state.solver.BVV(self.uc.reg_read(self._uc_const.UC_X86_REG_EFLAGS), state.arch.bits)
+            state.regs.eflags = claripy.BVV(self.uc.reg_read(self._uc_const.UC_X86_REG_EFLAGS), state.arch.bits)
 
             # sync the fp clerical data
             status = self.uc.reg_read(unicorn.x86_const.UC_X86_REG_FPSW)

angr/state_plugins/view.py

@@ -157,7 +157,7 @@ class SimMemView(SimStatePlugin):
 
         # Make sure self._addr is always an AST
         if isinstance(self._addr, int):
-            self._addr = self.state.solver.BVV(self._addr, self.state.arch.bits)
+            self._addr = claripy.BVV(self._addr, self.state.arch.bits)
 
     def _deeper(self, **kwargs) -> "SimMemView":
         if "ty" not in kwargs: