angr 9.2.138__py3-none-manylinux2014_x86_64.whl → 9.2.140__py3-none-manylinux2014_x86_64.whl

angr/engines/failure.py

@@ -3,13 +3,13 @@ from __future__ import annotations
 import logging
 
 from angr.errors import AngrExitError
-from .engine import SuccessorsMixin
+from .successors import SuccessorsEngine
 from .procedure import ProcedureMixin
 
 l = logging.getLogger(name=__name__)
 
 
-class SimEngineFailure(SuccessorsMixin, ProcedureMixin):
+class SimEngineFailure(SuccessorsEngine, ProcedureMixin):
     def process_successors(self, successors, **kwargs):
         state = self.state
         jumpkind = state.history.parent.jumpkind if state.history and state.history.parent else None

angr/engines/hook.py

@@ -1,7 +1,7 @@
 from __future__ import annotations
 import logging
 
-from .engine import SuccessorsMixin
+from .successors import SuccessorsEngine
 from .procedure import ProcedureMixin
 from archinfo.arch_soot import SootAddressDescriptor
 
@@ -9,7 +9,7 @@ l = logging.getLogger(name=__name__)
 
 
 # pylint: disable=abstract-method,unused-argument,arguments-differ
-class HooksMixin(SuccessorsMixin, ProcedureMixin):
+class HooksMixin(SuccessorsEngine, ProcedureMixin):
     """
     A SimEngine mixin which adds a SimSuccessors handler which will look into the project's hooks and run the hook at
     the current address.

angr/engines/light/engine.py

@@ -64,13 +64,8 @@ class SimEngineLight(Generic[StateType, DataType_co, BlockType, ResultType], Sim
         self.l = logger or logging.getLogger(self.__module__ + "." + self.__class__.__name__)
         super().__init__(project)
 
-    # there's two of these to support the mixin pattern - mixins can override process while there must be some base
-    # class that provides _process
-    def process(self, state: StateType, *, block: BlockType | None = None, **kwargs) -> ResultType:
-        return self._process(state, block=block, **kwargs)
-
     @abstractmethod
-    def _process(self, state: StateType, *, block: BlockType | None = None, **kwargs) -> ResultType: ...
+    def process(self, state: StateType, *, block: BlockType | None = None, **kwargs) -> ResultType: ...
 
     def lift(self, state: StateType) -> BlockType:
         raise TypeError(f"{type(self)} requires `block` to be passed to `process`")
@@ -164,7 +159,7 @@ class SimEngineLightVEX(
 
     @staticmethod
     def binopv_handler(
-        f: Callable[[T, int, int, pyvex.expr.Binop], DataType_co]
+        f: Callable[[T, int, int, pyvex.expr.Binop], DataType_co],
     ) -> Callable[[T, int, int, pyvex.expr.Binop], DataType_co]:
         f.binopv_handler = True
         return f
@@ -186,7 +181,7 @@ class SimEngineLightVEX(
 
     @staticmethod
     def dirty_handler(
-        f: Callable[[T, pyvex.stmt.Dirty], StmtDataType]
+        f: Callable[[T, pyvex.stmt.Dirty], StmtDataType],
     ) -> Callable[[T, pyvex.stmt.Dirty], StmtDataType]:
         f.dirty_handler = True
         return f
@@ -267,7 +262,7 @@ class SimEngineLightVEX(
             if name.startswith("_handle_dirty_")
         }
 
-    def _process(
+    def process(
         self, state: StateType, *, block: Block | None = None, whitelist: set[int] | None = None, **kwargs
     ) -> ResultType:
         # initialize local variables
@@ -640,7 +635,7 @@ class SimEngineLightAIL(
         }
         super().__init__(*args, **kwargs)
 
-    def _process(
+    def process(
         self, state: StateType, *, block: ailment.Block | None = None, whitelist: set[int] | None = None, **kwargs
     ) -> ResultType:
         self.tmps = {}

angr/engines/pcode/emulate.py

@@ -4,7 +4,7 @@ import logging
 import claripy
 from claripy.ast.bv import BV
 
-from angr.engines.engine import SimEngineBase
+from angr.engines.engine import SimEngine
 from angr.utils.constants import DEFAULT_STATEMENT
 from .lifter import IRSB
 from .behavior import OpBehavior
@@ -19,7 +19,7 @@ with contextlib.suppress(ImportError):
 l = logging.getLogger(__name__)
 
 
-class PcodeEmulatorMixin(SimEngineBase):
+class PcodeEmulatorMixin(SimEngine):
     """
     Mixin for p-code execution.
     """

angr/engines/pcode/engine.py

@@ -5,7 +5,7 @@ import claripy
 import logging
 
 from angr.calling_conventions import DEFAULT_CC, default_cc, SimRegArg
-from angr.engines.engine import SuccessorsMixin, SimSuccessors
+from angr.engines.successors import SuccessorsEngine, SimSuccessors
 from angr.misc.ux import once
 from angr.utils.constants import DEFAULT_STATEMENT
 from angr import sim_options as o
@@ -19,7 +19,7 @@ l = logging.getLogger(__name__)
 
 
 class HeavyPcodeMixin(
-    SuccessorsMixin,
+    SuccessorsEngine,
     PcodeLifterEngineMixin,
     PcodeEmulatorMixin,
 ):
@@ -52,7 +52,6 @@ class HeavyPcodeMixin(
         self,
         successors: SimSuccessors,
         irsb: IRSB | None = None,
-        insn_text: str | None = None,
         insn_bytes: bytes | None = None,
         thumb: bool = False,
         size: int | None = None,
@@ -67,21 +66,10 @@ class HeavyPcodeMixin(
                 extra_stop_points=extra_stop_points,
                 num_inst=num_inst,
                 size=size,
-                insn_text=insn_text,
                 insn_bytes=insn_bytes,
                 **kwargs,
             )
 
-        if insn_text is not None:
-            if insn_bytes is not None:
-                raise errors.SimEngineError("You cannot provide both 'insn_bytes' and 'insn_text'!")
-
-            insn_bytes = self.project.arch.asm(insn_text, addr=successors.addr, thumb=thumb)
-            if insn_bytes is None:
-                raise errors.AngrAssemblyError(
-                    "Assembling failed. Please make sure keystone is installed, and the assembly string is correct."
-                )
-
         successors.sort = "IRSB"
         successors.description = "IRSB"
         self.state.history.recent_block_count = 1

angr/engines/pcode/lifter.py

@@ -20,7 +20,7 @@ from cachetools import LRUCache
 from pyvex.errors import PyVEXError, SkipStatementsError, LiftingException
 
 from .behavior import BehaviorFactory
-from angr.engines.engine import SimEngineBase
+from angr.engines.engine import SimEngine
 from angr.state_plugins.inspect import BP_AFTER, BP_BEFORE
 from angr.sim_state import SimState
 from angr.misc.ux import once
@@ -981,7 +981,7 @@ class PcodeLifter(Lifter):
             raise LiftingException(f"pypcode: could not decode any instructions @ 0x{self.addr:x}")
 
 
-class PcodeLifterEngineMixin(SimEngineBase):
+class PcodeLifterEngineMixin(SimEngine):
     """
     Lifter mixin to lift from machine code to P-Code.
     """

angr/engines/procedure.py

@@ -4,7 +4,7 @@ import logging
 from angr import sim_options as o
 from angr import errors
 from angr.state_plugins.inspect import BP_BEFORE, BP_AFTER
-from .engine import SuccessorsMixin
+from .successors import SuccessorsEngine
 
 
 l = logging.getLogger(name=__name__)
@@ -58,7 +58,7 @@ class ProcedureMixin:
         successors.processed = True
 
 
-class ProcedureEngine(ProcedureMixin, SuccessorsMixin):
+class ProcedureEngine(ProcedureMixin, SuccessorsEngine):
     """
     A SimEngine that you may use if you only care about processing SimProcedures. *Requires* the procedure
     kwarg to be passed to process.

angr/engines/soot/engine.py

@@ -15,7 +15,7 @@ from angr.errors import SimEngineError, SimTranslationError
 from cle import CLEError
 from angr.state_plugins.inspect import BP_AFTER, BP_BEFORE
 from angr.sim_type import SimTypeFunction, parse_type
-from angr.engines.engine import SuccessorsMixin
+from angr.engines.successors import SuccessorsEngine
 from angr.engines.procedure import ProcedureMixin
 from .exceptions import BlockTerminationNotice, IncorrectLocationException
 from .statements import SimSootStmt_Return, SimSootStmt_ReturnVoid, translate_stmt
@@ -26,7 +26,7 @@ l = logging.getLogger("angr.engines.soot.engine")
 # pylint: disable=arguments-differ
 
 
-class SootMixin(SuccessorsMixin, ProcedureMixin):
+class SootMixin(SuccessorsEngine, ProcedureMixin):
     """
     Execution engine based on Soot.
     """

angr/engines/soot/statements/switch.py

@@ -25,7 +25,7 @@ class SwitchBase(SimSootStmt):
             jmp_condition = lookup_value == key_val
             self._add_jmp_target(jmp_target, jmp_condition)
             # add condition for the default target
-            default_jmp_conditions += [(lookup_value != key_val)]
+            default_jmp_conditions += [lookup_value != key_val]
 
         # add default target
         default_jmp_target = self._get_bb_addr_from_instr(self.stmt.default_target)

angr/engines/successors.py

@@ -1,22 +1,27 @@
 from __future__ import annotations
-from typing import TYPE_CHECKING
+
 import logging
 
 import claripy
-
 from archinfo.arch_soot import ArchSoot, SootAddressDescriptor
 
+import angr
 from angr import sim_options as o
-from angr.errors import SimSolverModeError, AngrUnsupportedSyscallError, AngrSyscallError, SimValueError, SimUnsatError
-from angr.storage import DUMMY_SYMBOLIC_READ_VALUE
-from angr.state_plugins.inspect import BP_BEFORE, BP_AFTER
+from angr.calling_conventions import SYSCALL_CC
+from angr.engines.engine import SimEngine
+from angr.errors import (
+    AngrSyscallError,
+    AngrUnsupportedSyscallError,
+    SimException,
+    SimSolverModeError,
+    SimUnsatError,
+    SimValueError,
+)
+from angr.sim_state import SimState
 from angr.state_plugins.callstack import CallStack
+from angr.state_plugins.inspect import BP_AFTER, BP_BEFORE
 from angr.state_plugins.sim_action_object import _raw_ast
-
-
-if TYPE_CHECKING:
-    from angr import SimState
-    from angr.engines.engine import HeavyState
+from angr.storage import DUMMY_SYMBOLIC_READ_VALUE
 
 
 l = logging.getLogger(name=__name__)
@@ -66,10 +71,6 @@ class SimSuccessors:
         self.sort: str | None = None
         self.artifacts = {}
 
-    @classmethod
-    def failure(cls):
-        return cls(None, None)
-
     def __repr__(self):
         if self.processed:
             successor_strings = []
@@ -303,7 +304,7 @@ class SimSuccessors:
             else:
                 # The architecture doesn't have an ip_at_syscall register.
                 # Nothing to do but hope vigorously.
-                l.warning(f"Handling syscall on arch {state.arch.name:s} without ip_at_syscall register")
+                l.warning("Handling syscall on arch %s without ip_at_syscall register", state.arch.name)
 
             try:
                 symbolic_syscall_num, concrete_syscall_nums = self._resolve_syscall(state)
@@ -544,5 +545,110 @@ class SimSuccessors:
         return [(ip == addr, addr) for addr in addrs]
 
 
-# pylint: disable=wrong-import-position
-from angr.calling_conventions import SYSCALL_CC
+HeavyState = SimState[int | SootAddressDescriptor, claripy.ast.BV | SootAddressDescriptor]
+
+
+class SuccessorsEngine(SimEngine[HeavyState, SimSuccessors]):
+    """
+    A mixin for SimEngine which implements ``process`` to perform common operations related to symbolic execution
+    and dispatches to a ``process_successors`` method to fill a SimSuccessors object with the results.
+    """
+
+    def __init__(self, project: angr.Project):
+        super().__init__(project)
+
+        self.successors: SimSuccessors | None = None
+
+    def process(self, state: HeavyState, **kwargs) -> SimSuccessors:  # pylint:disable=unused-argument
+        """
+        Perform execution with a state.
+
+        You should only override this method in a subclass in order to provide the correct method signature and
+        docstring. You should override the ``_process`` method to do your actual execution.
+
+        :param state:       The state with which to execute. This state will be copied before
+                            modification.
+        :param inline:      This is an inline execution. Do not bother copying the state.
+        :param force_addr:  Force execution to pretend that we're working at this concrete address
+        :returns:           A SimSuccessors object categorizing the execution's successor states
+        """
+        inline = kwargs.pop("inline", False)
+        force_addr = kwargs.pop("force_addr", None)
+
+        ip = state._ip
+        addr = (
+            (ip if isinstance(ip, SootAddressDescriptor) else state.solver.eval(ip))
+            if force_addr is None
+            else force_addr
+        )
+
+        # make a copy of the initial state for actual processing, if needed
+        new_state = state.copy() if not inline and o.COPY_STATES in state.options else state
+        # enforce this distinction
+        old_state = state
+        del state
+        self.state = new_state
+
+        # we have now officially begun the stepping process! now is where we "cycle" a state's
+        # data - move the "present" into the "past" by pushing an entry on the history stack.
+        # nuance: make sure to copy from the PREVIOUS state to the CURRENT one
+        # to avoid creating a dead link in the history, messing up the statehierarchy
+        new_state.register_plugin("history", old_state.history.make_child())
+        new_state.history.recent_bbl_addrs.append(addr)
+        if new_state.arch.unicorn_support:
+            assert isinstance(addr, int)
+            new_state.scratch.executed_pages_set = {addr & ~0xFFF}
+
+        self.successors = SimSuccessors(addr, old_state)
+
+        new_state._inspect(
+            "engine_process", when=BP_BEFORE, sim_engine=self, sim_successors=self.successors, address=addr
+        )
+        self.successors = new_state._inspect_getattr("sim_successors", self.successors)
+        try:
+            self.process_successors(self.successors, **kwargs)
+        except SimException as e:
+            if o.EXCEPTION_HANDLING not in old_state.options:
+                raise
+            assert old_state.project is not None
+            old_state.project.simos.handle_exception(self.successors, self, e)
+
+        new_state._inspect("engine_process", when=BP_AFTER, sim_successors=self.successors, address=addr)
+        self.successors = new_state._inspect_getattr("sim_successors", self.successors)
+        assert self.successors is not None
+
+        # downsizing
+        if new_state.supports_inspect:
+            new_state.inspect.downsize()
+        # if not TRACK, clear actions on OLD state
+        # if o.TRACK_ACTION_HISTORY not in old_state.options:
+        #    old_state.history.recent_events = []
+
+        # fix up the descriptions...
+        description = str(self.successors)
+        l.info("Ticked state: %s", description)
+        for succ in self.successors.all_successors:
+            succ.history.recent_description = description
+        for succ in self.successors.flat_successors:
+            succ.history.recent_description = description
+
+        return self.successors
+
+    def process_successors(self, successors, **kwargs):  # pylint:disable=unused-argument,no-self-use
+        """
+        Implement this function to fill out the SimSuccessors object with the results of stepping state.
+
+        In order to implement a model where multiple mixins can potentially handle a request, a mixin may implement
+        this method and then perform a super() call if it wants to pass on handling to the next mixin.
+
+        Keep in mind python's method resolution order when composing multiple classes implementing this method.
+        In short: left-to-right, depth-first, but deferring any base classes which are shared by multiple subclasses
+        (the merge point of a diamond pattern in the inheritance graph) until the last point where they would be
+        encountered in this depth-first search. For example, if you have classes A, B(A), C(B), D(A), E(C, D), then the
+        method resolution order will be E, C, B, D, A.
+
+        :param state:           The state to manipulate
+        :param successors:      The successors object to fill out
+        :param kwargs:          Any extra arguments. Do not fail if you are passed unexpected arguments.
+        """
+        successors.processed = False  # mark failure

angr/engines/syscall.py

@@ -3,14 +3,14 @@ import logging
 
 import angr
 from angr.errors import AngrUnsupportedSyscallError
-from .engine import SuccessorsMixin
+from .successors import SuccessorsEngine
 from .procedure import ProcedureMixin
 
 l = logging.getLogger(name=__name__)
 
 
 # pylint:disable=abstract-method,arguments-differ
-class SimEngineSyscall(SuccessorsMixin, ProcedureMixin):
+class SimEngineSyscall(SuccessorsEngine, ProcedureMixin):
     """
     A SimEngine mixin which adds a successors handling step that checks if a syscall was just requested and if so
     handles it as a step.

angr/engines/unicorn.py

@@ -8,7 +8,7 @@ import claripy
 
 import angr
 from angr.errors import SimIRSBError, SimIRSBNoDecodeError, SimValueError
-from .engine import SuccessorsMixin
+from .successors import SuccessorsEngine
 from .vex.heavy.heavy import VEXEarlyExit
 from angr import sim_options as o
 from angr.misc.ux import once
@@ -21,7 +21,7 @@ from angr.utils.constants import DEFAULT_STATEMENT
 l = logging.getLogger(name=__name__)
 
 
-class SimEngineUnicorn(SuccessorsMixin):
+class SimEngineUnicorn(SuccessorsEngine):
     """
     Concrete execution in the Unicorn Engine, a fork of qemu.
 
@@ -281,7 +281,7 @@ class SimEngineUnicorn(SuccessorsMixin):
     def _get_vex_block_details(self, block_addr, block_size):
         # Mostly based on the lifting code in HeavyVEXMixin
         # pylint:disable=no-member
-        irsb = super().lift_vex(addr=block_addr, state=self.state, size=block_size)
+        irsb = self.project.factory.block(addr=block_addr, backup_state=self.state, size=block_size).vex
         if irsb.size == 0:
             if irsb.jumpkind == "Ijk_NoDecode":
                 if not self.state.project.is_hooked(irsb.addr):

angr/engines/vex/heavy/heavy.py

@@ -3,7 +3,7 @@ import logging
 import claripy
 import pyvex
 
-from angr.engines.engine import SuccessorsMixin
+from angr.engines.successors import SuccessorsEngine
 from angr.engines.vex.light import VEXMixin
 from angr.engines.vex.lifter import VEXLifter
 from angr.engines.vex.claripy.datalayer import ClaripyDataMixin, symbol
@@ -57,7 +57,7 @@ class SimStateStorageMixin(VEXMixin):
 
 
 # pylint:disable=arguments-differ
-class HeavyVEXMixin(SuccessorsMixin, ClaripyDataMixin, SimStateStorageMixin, VEXMixin, VEXLifter):
+class HeavyVEXMixin(SuccessorsEngine, ClaripyDataMixin, SimStateStorageMixin, VEXMixin, VEXLifter):
     """
     Execution engine based on VEX, Valgrind's IR.
 
@@ -83,7 +83,6 @@ class HeavyVEXMixin(SuccessorsMixin, ClaripyDataMixin, SimStateStorageMixin, VEX
         self,
         successors,
         irsb=None,
-        insn_text=None,
         insn_bytes=None,
         thumb=False,
         size=None,
@@ -99,21 +98,10 @@ class HeavyVEXMixin(SuccessorsMixin, ClaripyDataMixin, SimStateStorageMixin, VEX
                 extra_stop_points=extra_stop_points,
                 num_inst=num_inst,
                 size=size,
-                insn_text=insn_text,
                 insn_bytes=insn_bytes,
                 **kwargs,
             )
 
-        if insn_text is not None:
-            if insn_bytes is not None:
-                raise errors.SimEngineError("You cannot provide both 'insn_bytes' and 'insn_text'!")
-
-            insn_bytes = self.project.arch.asm(insn_text, addr=successors.addr, thumb=thumb)
-            if insn_bytes is None:
-                raise errors.AngrAssemblyError(
-                    "Assembling failed. Please make sure keystone is installed, and the assembly string is correct."
-                )
-
         successors.sort = "IRSB"
         successors.description = "IRSB"
         self.state.history.recent_block_count = 1
@@ -137,9 +125,9 @@ class HeavyVEXMixin(SuccessorsMixin, ClaripyDataMixin, SimStateStorageMixin, VEX
 
             if irsb is None:
                 irsb = self.lift_vex(
+                    insn_bytes=insn_bytes,
                     addr=addr,
                     state=self.state,
-                    insn_bytes=insn_bytes,
                     thumb=thumb,
                     size=size,
                     num_inst=num_inst,

angr/engines/vex/lifter.py

@@ -8,7 +8,7 @@ import cle
 from archinfo import ArchARM
 import claripy
 
-from angr.engines.engine import SimEngineBase
+from angr.engines.engine import SimEngine
 from angr.state_plugins.inspect import BP_AFTER, BP_BEFORE, NO_OVERRIDE
 from angr.misc.ux import once
 from angr.errors import SimEngineError, SimTranslationError, SimError
@@ -20,7 +20,7 @@ VEX_IRSB_MAX_SIZE = 400
 VEX_IRSB_MAX_INST = 99
 
 
-class VEXLifter(SimEngineBase):
+class VEXLifter(SimEngine):
     """
     Implements the VEX lifter engine mixin.
     """

angr/engines/vex/light/light.py

@@ -3,7 +3,7 @@ import logging
 
 import pyvex
 
-from angr.engines.engine import SimEngineBase
+from angr.engines.engine import SimEngine
 from angr.utils.constants import DEFAULT_STATEMENT
 
 l = logging.getLogger(name=__name__)
@@ -11,7 +11,7 @@ l = logging.getLogger(name=__name__)
 # pylint:disable=arguments-differ,unused-argument,no-self-use
 
 
-class VEXMixin(SimEngineBase):
+class VEXMixin(SimEngine):
     def __init__(self, project, **kwargs):
         super().__init__(project, **kwargs)
         self._vex_expr_handlers = []

angr/factory.py

@@ -10,7 +10,7 @@ from archinfo.arch_soot import ArchSoot, SootAddressDescriptor
 from .sim_state import SimState
 from .calling_conventions import default_cc, SimRegArg, SimStackArg, PointerWrapper, SimCCUnknown
 from .callable import Callable
-from .errors import AngrAssemblyError, AngrError
+from .errors import AngrError
 from .engines import UberEngine, ProcedureEngine
 from .sim_type import SimTypeFunction, SimTypeInt
 from .codenode import HookNode, SyscallNode
@@ -245,6 +245,7 @@ class AngrObjectFactory:
         cc=None,
         add_options=None,
         remove_options=None,
+        step_limit: int | None = None,
     ):
         """
         A Callable is a representation of a function in the binary that can be interacted with like a native python
@@ -257,6 +258,7 @@ class AngrObjectFactory:
         :param base_state:      The state from which to do these runs
         :param toc:             The address of the table of contents for ppc64
         :param cc:              The SimCC to use for a calling convention
+        :param step_limit:      The maximum number of blocks that Callable will execute before pruning the path.
         :returns:               A Callable object that can be used as a interface for executing guest code like a
                                 python function.
         :rtype:                 angr.callable.Callable
@@ -272,6 +274,7 @@ class AngrObjectFactory:
             cc=cc,
             add_options=add_options,
             remove_options=remove_options,
+            step_limit=step_limit,
         )
 
     def cc(self):
@@ -300,7 +303,6 @@ class AngrObjectFactory:
         size=None,
         max_size=None,
         byte_string=None,
-        vex=None,
         thumb=False,
         backup_state=None,
         extra_stop_points=None,
@@ -308,7 +310,6 @@ class AngrObjectFactory:
         num_inst=None,
         traceflags=0,
         insn_bytes=None,
-        insn_text=None,  # backward compatibility
         strict_block_end=None,
         collect_data_refs=False,
         cross_insn_opt=True,
@@ -326,7 +327,6 @@ class AngrObjectFactory:
         size=None,
         max_size=None,
         byte_string=None,
-        vex=None,
         thumb=False,
         backup_state=None,
         extra_stop_points=None,
@@ -334,7 +334,6 @@ class AngrObjectFactory:
         num_inst=None,
         traceflags=0,
         insn_bytes=None,
-        insn_text=None,  # backward compatibility
         strict_block_end=None,
         collect_data_refs=False,
         load_from_ro_regions=False,
@@ -349,7 +348,6 @@ class AngrObjectFactory:
         size=None,
         max_size=None,
         byte_string=None,
-        vex=None,
         thumb=False,
         backup_state=None,
         extra_stop_points=None,
@@ -357,7 +355,6 @@ class AngrObjectFactory:
         num_inst=None,
         traceflags=0,
         insn_bytes=None,
-        insn_text=None,  # backward compatibility
         strict_block_end=None,
         collect_data_refs=False,
         cross_insn_opt=True,
@@ -369,27 +366,15 @@ class AngrObjectFactory:
         if isinstance(self.project.arch, ArchSoot) and isinstance(addr, SootAddressDescriptor):
             return SootBlock(addr, arch=self.project.arch, project=self.project)
 
-        if insn_bytes is not None and insn_text is not None:
-            raise AngrError("You cannot provide both 'insn_bytes' and 'insn_text'!")
-
         if insn_bytes is not None:
             byte_string = insn_bytes
 
-        if insn_text is not None:
-            byte_string = self.project.arch.asm(insn_text, addr=addr, as_bytes=True, thumb=thumb)
-            if byte_string is None:
-                # assembly failed
-                raise AngrAssemblyError(
-                    "Assembling failed. Please make sure keystone is installed, and the assembly string is correct."
-                )
-
         return Block(
             addr,
             project=self.project,
             size=size,
             max_size=max_size,
             byte_string=byte_string,
-            vex=vex,
             extra_stop_points=extra_stop_points,
             thumb=thumb,
             backup_state=backup_state,

angr/knowledge_plugins/cfg/cfg_model.py

@@ -631,8 +631,9 @@ class CFGModel(Serializable):
 
                 if boundary is not None:
                     data.max_size = boundary - data_addr
-
-                assert data.max_size is not None
+                else:
+                    # boundary does not exist, which means the data address is not mapped at all
+                    data.max_size = 0
 
         keys = sorted(self.memory_data.keys())