eth-sri/securify

Error while compiling solidity v0.5.x contracts

0x3bfc opened this issue · 0 comments

0x3bfc commented

Securify returns the below error when I upgraded the solidity version from 0.4.25 to 0.5.3.

souffle binary output

    at ch.securify.analysis.AbstractDataflow.runCommand(AbstractDataflow.java:277)
    at ch.securify.analysis.AbstractDataflow.initDataflow(AbstractDataflow.java:169)
    at ch.securify.analysis.MustExplicitDataflow.<init>(MustExplicitDataflow.java:33)
    at ch.securify.analysis.Dataflow.<init>(Dataflow.java:33)
    at ch.securify.analysis.DataflowFactory.getDataflow(DataflowFactory.java:54)
    at ch.securify.Main.checkPatterns(Main.java:392)
    at ch.securify.Main.processHexFile(Main.java:192)
    at ch.securify.Main.processCompilationOutput(Main.java:132)
    at ch.securify.Main.mainFromCompilationOutput(Main.java:108)
    at ch.securify.Main.main(Main.java:259)
Error in Securify
java.lang.RuntimeException
    at ch.securify.analysis.Dataflow.<init>(Dataflow.java:37)
    at ch.securify.analysis.DataflowFactory.getDataflow(DataflowFactory.java:54)
    at ch.securify.Main.checkPatterns(Main.java:392)
    at ch.securify.Main.processHexFile(Main.java:192)
    at ch.securify.Main.processCompilationOutput(Main.java:132)
    at ch.securify.Main.mainFromCompilationOutput(Main.java:108)
    at ch.securify.Main.main(Main.java:259)
Error, skipping: /project/contracts/OceanToken.sol:OceanToken```

Processing contract: /project/contracts/storage/ConditionStoreManager.sol:ConditionStoreManager
  Attempt to decompile the contract with methods...
  Failed to decompile methods. Attempt to decompile the contract without identifying methods...
  Decompilation failed.
Error in Securify
java.lang.IllegalStateException: Dependency resolver reached method head. Should have resolved all dependencies by now (but didn't for 'xz{}{?}'). Possible use of undeclared variable in this scope (would be decompiler bug).
    at ch.securify.decompiler.DecompilerFallback.lambda$null$7(DecompilerFallback.java:183)
    at java.util.stream.MatchOps$1MatchSink.accept(MatchOps.java:90)
    at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175)
    at java.util.Spliterators$ArraySpliterator.tryAdvance(Spliterators.java:958)
    at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126)
    at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:498)
    at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:485)
    at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471)
    at java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:230)
    at java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:196)
    at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
    at java.util.stream.ReferencePipeline.anyMatch(ReferencePipeline.java:449)
    at ch.securify.decompiler.DecompilerFallback.lambda$decompile$8(DecompilerFallback.java:142)
    at java.util.Collection.removeIf(Collection.java:414)
    at ch.securify.decompiler.DecompilerFallback.decompile(DecompilerFallback.java:138)
    at ch.securify.Main.decompileContract(Main.java:313)
    at ch.securify.Main.processHexFile(Main.java:166)
    at ch.securify.Main.processCompilationOutput(Main.java:132)
    at ch.securify.Main.mainFromCompilationOutput(Main.java:108)
    at ch.securify.Main.main(Main.java:259)
Error, skipping: /project/contracts/storage/ConditionStoreManager.sol:ConditionStoreManager

I have checked the following

  • Output of solc --version
solc, the solidity compiler commandline interface
Version: 0.5.2+commit.1df8f40c.Darwin.appleclang

$OUTPUT

  • Output of solc --bin-runtime MyContract.sol

$OUTPUT

  • I can reproduce this issue in a Docker container with the following command
docker run -v $(pwd):/project chainsecurity/securify 2>&1 | tee securifyReport.txt

More info Travis error

Steps to reproduce

Compiling project
Traceback (most recent call last):
  File "/sec/scripts/solc_project.py", line 98, in _compile_solfiles
    stdoutdata, _, _, _ = solc_wrapper(**compiler_kwargs)
  File "/root/.local/lib/python3.6/site-packages/solcx/utils/string.py", line 85, in inner
    return force_obj_to_text(fn(*args, **kwargs))
  File "/root/.local/lib/python3.6/site-packages/solcx/wrapper.py", line 167, in solc_wrapper
    stderr_data=stderrdata,
solcx.exceptions.SolcError: <exception str() failed>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "docker_run_securify.py", line 25, in <module>
    return_code = ctrler.compile_and_report()
  File "/sec/scripts/controller.py", line 77, in compile_and_report
    return self._project.execute()
  File "/sec/scripts/project.py", line 62, in execute
    self.compile_(compilation_output)
  File "/sec/scripts/solc_project.py", line 53, in compile_
    comp_output = self._compile_solfiles(sources)
  File "/sec/scripts/solc_project.py", line 101, in _compile_solfiles
    raise utils.SolidityCompilationException(e, files)