angr 9.2.116__py3-none-win_amd64.whl → 9.2.117__py3-none-win_amd64.whl

angr/procedures/ntdll/exceptions.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -13,7 +15,7 @@ class KiUserExceptionDispatcher(angr.SimProcedure):
         if self.state.arch.name != "X86":
             raise angr.errors.SimUnsupportedError("KiUserDispatchException is only implemented for X86")
 
-        self.tib_ptr = self.state.regs._fs.concat(self.state.solver.BVV(0, 16))
+        self.tib_ptr = self.state.regs._fs.concat(claripy.BVV(0, 16))
         self.top_record = self.state.mem[self.tib_ptr].uint32_t.resolved
         self.cur_ptr = self.top_record
 

angr/procedures/posix/bzero.py

@@ -1,6 +1,8 @@
+import claripy
+
 from ..libc import memset
 
 
 class bzero(memset.memset):
     def run(self, addr, size):
-        return super().run(addr, self.state.solver.BVV(0, self.arch.byte_width), size)
+        return super().run(addr, claripy.BVV(0, self.arch.byte_width), size)

angr/procedures/posix/fdopen.py

@@ -1,6 +1,8 @@
+import claripy
+from cle.backends.externs.simdata.io_file import io_file_data_for_arch
+
 import angr
 
-from cle.backends.externs.simdata.io_file import io_file_data_for_arch
 
 # Reference for implementation: glibc-2.25/libio/iofdopen.c
 
@@ -65,7 +67,7 @@ class fdopen(angr.SimProcedure):
             file_struct_ptr = self.inline_call(malloc, io_file_data["size"]).ret_expr
 
             # Write the fd
-            fd_bvv = self.state.solver.BVV(fd_concr, 4 * 8)  # int
+            fd_bvv = claripy.BVV(fd_concr, 4 * 8)  # int
             self.state.memory.store(
                 file_struct_ptr + io_file_data["fd"], fd_bvv, endness=self.state.arch.memory_endness
             )
@@ -73,5 +75,5 @@ class fdopen(angr.SimProcedure):
             if self.state.solver.is_true(fd_int == fd_concr):
                 return file_struct_ptr
             else:
-                null = self.state.solver.BVV(0, self.state.arch.bits)
-                return self.state.solver.If(fd_int == fd_concr, file_struct_ptr, null)
+                null = claripy.BVV(0, self.state.arch.bits)
+                return claripy.If(fd_int == fd_concr, file_struct_ptr, null)

angr/procedures/posix/fork.py

@@ -1,10 +1,12 @@
+import claripy
+
 import angr
 
 
 class fork(angr.SimProcedure):
     def run(self):
-        return self.state.solver.If(
-            self.state.solver.BoolS("fork_parent"),
-            self.state.solver.BVV(1338, self.arch.sizeof["int"]),
-            self.state.solver.BVV(0, self.arch.sizeof["int"]),
+        return claripy.If(
+            claripy.BoolS("fork_parent"),
+            claripy.BVV(1338, self.arch.sizeof["int"]),
+            claripy.BVV(0, self.arch.sizeof["int"]),
         )

angr/procedures/posix/mmap.py

@@ -1,7 +1,10 @@
+import logging
+
+import claripy
+
 import angr
 from ...storage.file import SimFileDescriptor
 
-import logging
 
 l = logging.getLogger(name=__name__)
 
@@ -89,7 +92,7 @@ class mmap(angr.SimProcedure):
         # Sanity check. All mmap must have exactly one of MAP_SHARED or MAP_PRIVATE
         if (flags & MAP_SHARED and flags & MAP_PRIVATE) or flags & (MAP_SHARED | MAP_PRIVATE) == 0:
             l.debug("... = -1 (bad flags)")
-            return self.state.solver.BVV(-1, self.state.arch.bits)
+            return claripy.BVV(-1, self.state.arch.bits)
 
         # Do region mapping
         while True:
@@ -103,7 +106,7 @@ class mmap(angr.SimProcedure):
 
                 if flags & MAP_FIXED:
                     l.debug("... = -1 (MAP_FIXED failure)")
-                    return self.state.solver.BVV(-1, self.state.arch.bits)
+                    return claripy.BVV(-1, self.state.arch.bits)
 
                 # Can't give you that address. Find a different one and loop back around to try again.
                 addr = self.allocate_memory(size)

angr/procedures/posix/poll.py

@@ -1,6 +1,9 @@
-import angr
 import select
 
+import claripy
+
+import angr
+
 
 class poll(angr.SimProcedure):
     # pylint:disable=arguments-differ
@@ -43,12 +46,10 @@ class poll(angr.SimProcedure):
                 raise angr.errors.SimProcedureArgumentError("Can't handle symbolic pollfd arguments") from e
 
             if events & select.POLLIN and fd >= 0:
-                revents = pollfd["revents"][self.arch.sizeof["short"] - 1 : 1].concat(
-                    self.state.solver.BVS("fd_POLLIN", 1)
-                )
+                revents = pollfd["revents"][self.arch.sizeof["short"] - 1 : 1].concat(claripy.BVS("fd_POLLIN", 1))
                 self.state.memory.store(
                     fds + offset * size_of_pollfd + offset_revents, revents, endness=self.arch.memory_endness
                 )
 
-        retval = self.state.solver.BVV(0, 1).concat(self.state.solver.BVS("poll_ret", self.state.arch.bits - 1))
+        retval = claripy.BVV(0, 1).concat(claripy.BVS("poll_ret", self.state.arch.bits - 1))
         return retval

angr/procedures/posix/readdir.py

@@ -1,7 +1,10 @@
-import angr
+import logging
 from collections import namedtuple
 
-import logging
+import claripy
+
+import angr
+
 
 l = logging.getLogger(name=__name__)
 
@@ -23,7 +26,7 @@ class readdir(angr.SimProcedure):
         malloc = angr.SIM_PROCEDURES["libc"]["malloc"]
         pointer = self.inline_call(malloc, 19 + 256).ret_expr
         self._store_amd64(pointer)
-        return self.state.solver.If(self.condition, pointer, 0)
+        return claripy.If(self.condition, pointer, 0)
 
     def instrument(self):
         """
@@ -36,13 +39,13 @@ class readdir(angr.SimProcedure):
 
     def _build_amd64(self):
         self.struct = Dirent(
-            self.state.solver.BVV(0, 64),  # d_ino
-            self.state.solver.BVV(0, 64),  # d_off
+            claripy.BVV(0, 64),  # d_ino
+            claripy.BVV(0, 64),  # d_off
             self.state.solver.BVS("d_reclen", 16, key=("api", "readdir", "d_reclen")),  # d_reclen
             self.state.solver.BVS("d_type", 8, key=("api", "readdir", "d_type")),  # d_type
             self.state.solver.BVS("d_name", 255 * 8, key=("api", "readdir", "d_name")),
         )  # d_name
-        self.condition = self.state.solver.BoolS("readdir_cond")  # TODO: variable key
+        self.condition = claripy.BoolS("readdir_cond")  # TODO: variable key
 
     def _store_amd64(self, ptr):
         def stores(offset, val):
@@ -56,4 +59,4 @@ class readdir(angr.SimProcedure):
         storei(16, self.struct.d_reclen)
         storei(18, self.struct.d_type)
         stores(19, self.struct.d_name)
-        stores(19 + 255, self.state.solver.BVV(0, 8))
+        stores(19 + 255, claripy.BVV(0, 8))

angr/procedures/posix/select.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -34,7 +36,7 @@ class select(angr.SimProcedure):
                 # set this bit to symbolic
                 long_array[long_pos] = (
                     long_array[long_pos][arch_bits - 1 : bit_offset + 1]
-                    .concat(self.state.solver.BVS("fd_state", 1))
+                    .concat(claripy.BVS("fd_state", 1))
                     .concat(long_array[long_pos][bit_offset - 1 :])
                 )
 
@@ -42,5 +44,5 @@ class select(angr.SimProcedure):
         for offset in range(0, long_array_size):
             self.state.memory.store(readfds + offset * arch_bytes, long_array[offset], endness=self.arch.memory_endness)
 
-        retval = self.state.solver.BVV(0, 1).concat(self.state.solver.BVS("select_ret", 31))
+        retval = claripy.BVV(0, 1).concat(claripy.BVS("select_ret", 31))
         return retval

angr/procedures/posix/send.py

@@ -1,5 +1,6 @@
-import angr
+import claripy
 
+import angr
 from ...sim_options import ALLOW_SEND_FAILURES
 
 
@@ -14,9 +15,9 @@ class send(angr.SimProcedure):
         send_succeeded = simfd.write(src, length)  # if send succeeds
 
         if ALLOW_SEND_FAILURES in self.state.options:
-            retval = self.state.solver.BVS("send_ret", self.arch.bits)
+            retval = claripy.BVS("send_ret", self.arch.bits)
             send_failed = -1
-            self.state.add_constraints(self.state.solver.Or(retval == send_succeeded, retval == send_failed))
+            self.state.add_constraints(claripy.Or(retval == send_succeeded, retval == send_failed))
             return retval
         else:
             return send_succeeded

angr/procedures/posix/sigaction.py

@@ -1,7 +1,9 @@
-import angr
-import archinfo
 import logging
 
+import archinfo
+
+import angr
+
 l = logging.getLogger(name=__name__)
 
 

angr/procedures/posix/sim_time.py

@@ -1,6 +1,8 @@
-import angr
 import time
 
+
+import angr
+
 # pylint: disable=arguments-differ,unused-argument
 
 

angr/procedures/posix/strcasecmp.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -9,7 +11,7 @@ class strcasecmp(angr.SimProcedure):
 
         a_strlen = self.inline_call(strlen, a_addr)
         b_strlen = self.inline_call(strlen, b_addr)
-        maxlen = self.state.solver.BVV(max(a_strlen.max_null_index, b_strlen.max_null_index), self.state.arch.bits)
+        maxlen = claripy.BVV(max(a_strlen.max_null_index, b_strlen.max_null_index), self.state.arch.bits)
 
         strncmp = self.inline_call(
             angr.SIM_PROCEDURES["libc"]["strncmp"],

angr/procedures/posix/strtok_r.py

@@ -1,6 +1,9 @@
+import logging
+
+import claripy
+
 import angr
 
-import logging
 
 l = logging.getLogger(name=__name__)
 
@@ -12,10 +15,10 @@ class strtok_r(angr.SimProcedure):
         if self.state.libc.simple_strtok:
             malloc = angr.SIM_PROCEDURES["libc"]["malloc"]
             token_ptr = self.inline_call(malloc, self.state.libc.strtok_token_size).ret_expr
-            r = self.state.solver.If(
+            r = claripy.If(
                 self.state.solver.Unconstrained("strtok_case", self.state.arch.bits) == 0,
                 token_ptr,
-                self.state.solver.BVV(0, self.state.arch.bits),
+                claripy.BVV(0, self.state.arch.bits),
             )
             self.state.libc.strtok_heap.append(token_ptr)
             return r
@@ -29,7 +32,7 @@ class strtok_r(angr.SimProcedure):
             saved_str_ptr = self.state.memory.load(
                 save_ptr, self.state.arch.bytes, endness=self.state.arch.memory_endness
             )
-            start_ptr = self.state.solver.If(str_ptr == 0, saved_str_ptr, str_ptr)
+            start_ptr = claripy.If(str_ptr == 0, saved_str_ptr, str_ptr)
 
             l.debug("... getting the lengths")
             str_strlen = self.inline_call(strlen, start_ptr) if str_strlen is None else str_strlen
@@ -40,8 +43,8 @@ class strtok_r(angr.SimProcedure):
             where = self.inline_call(
                 strstr, start_ptr, delim_ptr, haystack_strlen=str_strlen, needle_strlen=delim_strlen
             )
-            write_length = self.state.solver.If(where.ret_expr != 0, delim_strlen.ret_expr, 0)
-            write_content = self.state.solver.BVV(0, delim_strlen.max_null_index * 8)
+            write_length = claripy.If(where.ret_expr != 0, delim_strlen.ret_expr, 0)
+            write_content = claripy.BVV(0, delim_strlen.max_null_index * 8)
 
             # do a symbolic write (we increment the limit because of the possibility that the write target is 0,
             # in which case the length will be 0, anyways)
@@ -56,7 +59,7 @@ class strtok_r(angr.SimProcedure):
 
             l.debug("... creating the return address")
             new_start = write_length + where.ret_expr
-            new_state = self.state.solver.If(new_start != 0, new_start, start_ptr)
+            new_state = claripy.If(new_start != 0, new_start, start_ptr)
 
             l.debug("... saving the state")
             self.state.memory.store(save_ptr, new_state, endness=self.state.arch.memory_endness)

angr/procedures/stubs/Redirect.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -12,4 +14,4 @@ class Redirect(angr.SimProcedure):
 
         self._custom_name = "Redirect to 0x%08x" % redirect_to
         # There is definitely no refs
-        self.add_successor(self.state, redirect_to, self.state.solver.true, "Ijk_Boring")
+        self.add_successor(self.state, redirect_to, claripy.true, "Ijk_Boring")

angr/procedures/stubs/ReturnChar.py

@@ -1,10 +1,10 @@
+import claripy
+
 import angr
 
 
 class ReturnChar(angr.SimProcedure):
     def run(self):
         s_var = self.state.solver.Unconstrained("char_ret", self.state.arch.bits, key=("api", "?", self.display_name))
-        self.state.add_constraints(
-            self.state.solver.And(self.state.solver.ULE(s_var, 126), self.state.solver.UGE(s_var, 9))
-        )
+        self.state.add_constraints(claripy.And(claripy.ULE(s_var, 126), claripy.UGE(s_var, 9)))
         return s_var

angr/procedures/stubs/UserHook.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -9,7 +11,7 @@ class UserHook(angr.SimProcedure):
         result = user_func(self.state)
         if result is None:
             jumpkind = "Ijk_NoHook" if length == 0 else "Ijk_Boring"
-            self.successors.add_successor(self.state, self.state.addr + length, self.state.solver.true, jumpkind)
+            self.successors.add_successor(self.state, self.state.addr + length, claripy.true, jumpkind)
         else:
             for state in result:
                 self.successors.add_successor(state, state.addr, state.scratch.guard, state.history.jumpkind)

angr/procedures/stubs/b64_decode.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -8,5 +10,5 @@ class b64_decode(angr.SimProcedure):
         strncpy = angr.SIM_PROCEDURES["libc"]["strncpy"]
 
         cpy = self.inline_call(strncpy, dst, src, length)
-        self.state.memory.store(dst + 16, self.state.solver.BVV(0, 8))
+        self.state.memory.store(dst + 16, claripy.BVV(0, 8))
         return cpy.ret_expr

angr/procedures/stubs/crazy_scanf.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -8,10 +10,10 @@ class crazy_scanf(angr.SimProcedure):
         memcpy = angr.SIM_PROCEDURES["libc"]["memcpy"]
 
         self.inline_call(memcpy, one, src, 5)
-        self.state.memory.store(one + 4, self.state.solver.BVV(0, 8))
+        self.state.memory.store(one + 4, claripy.BVV(0, 8))
         self.inline_call(memcpy, two, src + 6, 8192)
-        self.state.memory.store(two + 8191, self.state.solver.BVV(0, 8))
+        self.state.memory.store(two + 8191, claripy.BVV(0, 8))
         self.inline_call(memcpy, three, src + 6 + 8193, 12)
-        self.state.memory.store(three + 11, self.state.solver.BVV(0, 8))
+        self.state.memory.store(three + 11, claripy.BVV(0, 8))
 
-        return self.state.solver.BVV(3)
+        return claripy.BVV(3)

angr/procedures/stubs/format_parser.py

@@ -4,6 +4,7 @@ import logging
 import math
 import claripy
 
+from angr.errors import SimProcedureArgumentError, SimProcedureError, SimSolverError
 from ... import sim_type
 from ...sim_procedure import SimProcedure
 from ...storage.file import SimPackets
@@ -70,7 +71,7 @@ class FormatString:
         for component in self.components:
             # if this is just concrete data
             if isinstance(component, bytes):
-                string = self._add_to_string(string, self.parser.state.solver.BVV(component))
+                string = self._add_to_string(string, claripy.BVV(component))
             elif isinstance(component, str):
                 raise Exception("this branch should be impossible?")
             elif isinstance(component, claripy.ast.BV):  # pylint:disable=isinstance-second-argument-not-valid-type
@@ -113,7 +114,7 @@ class FormatString:
                     if isinstance(fmt_spec.length_spec, int):
                         s_val = s_val.rjust(fmt_spec.length_spec, fmt_spec.pad_chr)
 
-                    string = self._add_to_string(string, self.parser.state.solver.BVV(s_val.encode()))
+                    string = self._add_to_string(string, claripy.BVV(s_val.encode()))
 
         return string
 
@@ -182,9 +183,9 @@ class FormatString:
                     # constrain target variable range explicitly if it can't take on all possible values
                     if not_enough_bits:
                         self.state.add_constraints(
-                            self.state.solver.And(
-                                self.state.solver.SLE(target_variable, (base**digits) - 1),
-                                self.state.solver.SGE(target_variable, -(base ** (digits - 1) - 1)),
+                            claripy.And(
+                                claripy.SLE(target_variable, (base**digits) - 1),
+                                claripy.SGE(target_variable, -(base ** (digits - 1) - 1)),
                             )
                         )
 
@@ -229,7 +230,7 @@ class FormatString:
             region = self.parser.state.memory
 
         bits = self.parser.state.arch.bits
-        failed = self.parser.state.solver.BVV(0, 32)
+        failed = claripy.BVV(0, 32)
         position = addr
         for component in self.components:
             if isinstance(component, bytes):
@@ -255,10 +256,10 @@ class FormatString:
                     # TODO: look for limits on other characters which scanf is sensitive to, '\x00', '\x20'
                     result, _, _ = region.find(
                         position,
-                        self.parser.state.solver.BVV(b"\n"),
+                        claripy.BVV(b"\n"),
                         max_str_len,
                         max_symbolic_bytes=max_sym_bytes,
-                        default=self.parser.state.solver.BVV(position + max_str_len, 64),
+                        default=claripy.BVV(position + max_str_len, 64),
                     )
 
                     # concretize the length
@@ -268,14 +269,14 @@ class FormatString:
                     # TODO all of these should be delimiters we search for above
                     # add that the contents of the string cannot be any scanf %s string delimiters
                     for delimiter in set(FormatString.SCANF_DELIMITERS):
-                        delim_bvv = self.parser.state.solver.BVV(delimiter)
+                        delim_bvv = claripy.BVV(delimiter)
                         for i in range(length):
                             self.parser.state.add_constraints(region.load(position + i, 1) != delim_bvv)
 
                     # write it out to the pointer
                     self.parser.state.memory.store(dest, src_str)
                     # store the terminating null byte
-                    self.parser.state.memory.store(dest + length, self.parser.state.solver.BVV(0, 8))
+                    self.parser.state.memory.store(dest + length, claripy.BVV(0, 8))
 
                     position += length
 
@@ -287,7 +288,7 @@ class FormatString:
                             position, region, base=base, read_length=fmt_spec.length_spec
                         )
                         # increase failed count if we were unable to parse it
-                        failed = self.parser.state.solver.If(status, failed, failed + 1)
+                        failed = claripy.If(status, failed, failed + 1)
                         position += num_bytes
                     elif fmt_spec.spec_type == b"c":
                         i = region.load(position, 1)
@@ -296,7 +297,7 @@ class FormatString:
                     else:
                         raise SimProcedureError("unsupported format spec '%s' in interpret" % fmt_spec.spec_type)
 
-                    i = self.parser.state.solver.Extract(fmt_spec.size * 8 - 1, 0, i)
+                    i = claripy.Extract(fmt_spec.size * 8 - 1, 0, i)
                     self.parser.state.memory.store(
                         dest, i, size=fmt_spec.size, endness=self.parser.state.arch.memory_endness
                     )
@@ -670,6 +671,3 @@ class ScanfFormatParser(FormatParser):
             FormatParser._MOD_SPEC = mod_spec
 
         return FormatParser._MOD_SPEC
-
-
-from angr.errors import SimProcedureArgumentError, SimProcedureError, SimSolverError

angr/procedures/tracer/receive.py

@@ -1,5 +1,7 @@
 import logging
 
+import claripy
+
 from ..cgc.receive import receive as orig_receive
 
 
@@ -16,6 +18,6 @@ class receive(orig_receive):
         if len(self.state.solver.eval_upto(fd, 2)) < 2:
             if self.state.solver.eval(fd) == 1:
                 l.debug("Fixed receive call's fd.")
-                fd = self.state.solver.BVV(0, self.state.arch.bits)
+                fd = claripy.BVV(0, self.state.arch.bits)
 
         return super().run(fd, buf, count, rx_bytes)

angr/procedures/tracer/transmit.py

@@ -1,5 +1,7 @@
 import logging
 
+import claripy
+
 from ..cgc.transmit import transmit as orig_transmit
 
 
@@ -16,7 +18,7 @@ class transmit(orig_transmit):
         if len(self.state.solver.eval_upto(fd, 2)) < 2:
             if self.state.solver.eval(fd) == 0:
                 l.debug("Fixed transmit's call fd.")
-                fd = self.state.solver.BVV(1, self.state.arch.bits)
+                fd = claripy.BVV(1, self.state.arch.bits)
 
         if self.state.has_plugin("zen_plugin"):
             self.state.get_plugin("zen_plugin").analyze_transmit(self.state, buf)

angr/procedures/win32/GetLastInputInfo.py

@@ -1,5 +1,7 @@
 import logging
 
+import claripy
+
 import angr
 
 
@@ -33,5 +35,5 @@ class GetLastInputInfo(angr.SimProcedure):
         self.dwTime = self.state.solver.BVS("tagLASTINPUTINFO_dwTime", 32, key=("api", "tagLASTINPUTINFO_dwTime"))
 
     def fill_concrete(self):
-        self.cbSize = self.state.solver.BVV(3, 32)
-        self.dwTime = self.state.solver.BVV(3, 32)
+        self.cbSize = claripy.BVV(3, 32)
+        self.dwTime = claripy.BVV(3, 32)

angr/procedures/win32/GetProcessAffinityMask.py

@@ -1,5 +1,7 @@
 import logging
 
+import claripy
+
 import angr
 
 
@@ -30,5 +32,5 @@ class GetProcessAffinityMask(angr.SimProcedure):
         self.saffinity_mask = self.state.solver.BVS("lpSystemAffinityMask", 32, key=("api", "lpSystemAffinityMask"))
 
     def fill_concrete(self):
-        self.paffinity_mask = self.state.solver.BVV(3, 32)
-        self.saffinity_mask = self.state.solver.BVV(3, 32)
+        self.paffinity_mask = claripy.BVV(3, 32)
+        self.saffinity_mask = claripy.BVV(3, 32)

angr/procedures/win32/gethostbyname.py

@@ -1,6 +1,8 @@
-import angr
 import logging
 
+
+import angr
+
 l = logging.getLogger("angr.procedures.win32.gethostbyname")
 
 

angr/procedures/win32/heap.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -22,7 +24,7 @@ class HeapAlloc(angr.SimProcedure):
                 data_size = self.state.solver.eval_one(self.state.heap.chunk_from_mem(addr).get_data_size())
             else:
                 data_size = self.state.heap._conc_alloc_size(Size)
-            data = self.state.solver.BVV(0, data_size * 8)
+            data = claripy.BVV(0, data_size * 8)
             self.state.memory.store(addr, data, size=data_size, condition=Flags & 8 == 8)
         return addr
 

angr/procedures/win32/local_storage.py

@@ -1,3 +1,5 @@
+import claripy
+
 import angr
 
 
@@ -19,7 +21,7 @@ class TlsAlloc(angr.SimProcedure):
     def run(self):
         d = mutate_dict(self.state, self.KEY)
         new_key = len(d) + 1
-        d[new_key] = self.state.solver.BVV(0, self.state.arch.bits)
+        d[new_key] = claripy.BVV(0, self.state.arch.bits)
         return new_key
 
 
@@ -59,7 +61,7 @@ class TlsFree(angr.SimProcedure):
     SETTER = TlsSetValue
 
     def run(self, index):
-        set_val = self.inline_call(self.SETTER, index, self.state.solver.BVV(0, self.state.arch.bits))
+        set_val = self.inline_call(self.SETTER, index, claripy.BVV(0, self.state.arch.bits))
         return set_val.ret_expr
 
 

angr/procedures/win32/sim_time.py

@@ -1,7 +1,10 @@
-import angr
 import datetime
 import time
 
+import claripy
+
+import angr
+
 
 class GetSystemTimeAsFileTime(angr.SimProcedure):
     timestamp = None
@@ -110,7 +113,7 @@ class QueryPerformanceCounter(angr.SimProcedure):
             val = int(time.clock() * 1000000) + 12345678
             self.state.mem[ptr].qword = val
         else:
-            self.state.mem[ptr].qword = self.state.solver.BVS(
+            self.state.mem[ptr].qword = claripy.BVS(
                 "QueryPerformanceCounter_result", 64, key=("api", "QueryPerformanceCounter")
             )
         return 1
@@ -121,7 +124,7 @@ class GetTickCount(angr.SimProcedure):
         if angr.options.USE_SYSTEM_TIMES in self.state.options:
             return int(time.clock() * 1000) + 12345
         else:
-            val = self.state.solver.BVS("GetTickCount_result", 32, key=("api", "GetTickCount"))
+            val = claripy.BVS("GetTickCount_result", 32, key=("api", "GetTickCount"))
             return val
 
 
@@ -132,4 +135,4 @@ class GetTickCount64(angr.SimProcedure):
         if angr.options.USE_SYSTEM_TIMES in self.state.options:
             return int(time.clock() * 1000) + 12345
         else:
-            return self.state.solver.BVS("GetTickCount64_result", 64, key=("api", "GetTickCount64"))
+            return claripy.BVS("GetTickCount64_result", 64, key=("api", "GetTickCount64"))

angr/procedures/win_user32/chars.py

@@ -1,12 +1,14 @@
+import claripy
+
 import angr
 
 
 # these are NOT suitable for multibyte characters
 class CharNextA(angr.SimProcedure):
     def run(self, ptr):
-        return self.state.solver.If(self.state.mem[ptr].uint8_t.resolved == 0, ptr, ptr + 1)
+        return claripy.If(self.state.mem[ptr].uint8_t.resolved == 0, ptr, ptr + 1)
 
 
 class CharPrevA(angr.SimProcedure):
     def run(self, start, ptr):
-        return self.state.solver.If(start == ptr, start, ptr - 1)
+        return claripy.If(start == ptr, start, ptr - 1)