search

trailofbits / manticore

Symbolic execution tool
https://blog.trailofbits.com/2017/04/27/manticore-symbolic-execution-for-humans/
GNU Affero General Public License v3.0
3.68k stars 472 forks source link

Contract with Library + Interface fails to compile with solc 0.5.5 #1381

Open srinjoychakravarty opened 5 years ago

srinjoychakravarty commented 5 years ago

OS / Environment

Distributor ID: Ubuntu Description: Ubuntu Disco Dingo (development branch) Release: 19.04 Codename: disco

manticore_issue

Manticore version

Version: 0.2.4

Python version

Python 3.7.2+

Dependencies

apturl==0.5.2 asn1crypto==0.24.0 blinker==1.4 Brlapi==0.6.7 capstone==4.0.1 certifi==2018.8.24 chardet==3.0.4 command-not-found==0.3 cryptography==2.3 cupshelpers==1.0 cytoolz==0.9.0.1 defer==1.0.6 distro==1.3.0 distro-info===0.21ubuntu2 entrypoints==0.3 eth-hash==0.2.0 eth-typing==2.1.0 eth-utils==1.4.1 future==0.17.1 httplib2==0.11.3 idna==2.6 indicator-cpufreq==0.2.2 keyring==17.1.1 keyrings.alt==3.1.1 language-selector==0.1 launchpadlib==1.10.6 lazr.restfulclient==0.14.2 lazr.uri==1.0.3 louis==3.8.0 macaroonbakery==1.2.1 manticore==0.2.4 netifaces==0.10.4 oauthlib==2.1.0 olefile==0.46 pexpect==4.6.0 Pillow==5.4.1 ply==3.11 prettytable==0.7.2 protobuf==3.6.1 pycairo==1.16.2 pycrypto==2.6.1 pycups==1.9.73 pyelftools==0.25 pyevmasm==0.2.0 PyGObject==3.30.4 PyJWT==1.7.0 pymacaroons==0.13.0 PyNaCl==1.3.0 pyRFC3339==1.1 pysha3==1.0.2 PySocks==1.6.8 python-apt==1.8.3 python-dateutil==2.7.3 python-debian==0.1.34 pytz==2018.9 pyxdg==0.25 PyYAML==3.13 reportlab==3.5.13 requests==2.21.0 requests-unixsocket==0.1.5 rlp==1.1.0 SecretStorage==2.3.1 simplejson==3.16.0 six==1.12.0 slither-analyzer==0.6.0 system-service==0.3 systemd-python==234 toolz==0.9.0 ubuntu-drivers-common==0.0.0 ufw==0.36 unattended-upgrades==0.1 unicorn==1.0.1 urllib3==1.24.1 vboxapi==1.0 wadllib==1.3.3 xkit==0.0.0 z3-solver==4.8.0.0.post1

Summary of the problem

Solidity fails to compile on a contract that inherits from an IERC20 interface of OpenZeppelin's and that that uses the SafeMath Library for all uint256 variables. Both the IERC20 interface and SafeMath library code is contained inside the same solidity file (flattened). Running Manticore with Solidity compiler v0.5.5 gives the error manticore.exceptions.EthereumError: Solidity failed to compile your contract. despite using the flag --contract "contract_name" to specify which contract to analyse inside the .sol file. Please help.

Step to reproduce the behavior

Run <--- sudo manticore TokenDistributor.sol --contract TokenDistributor ---> from the same directory as the attached solidity file in this issue report.

TokenDistributor.zip

Expected behavior

Inputs being tested at various program paths. Ending with Total time: xx (for tests to complete)

Actual behavior

Solidity fails to compile Error.

Any relevant logs

Traceback (most recent call last): File "/usr/local/bin/manticore", line 11, in load_entry_point('manticore==0.2.4', 'console_scripts', 'manticore')() File "/usr/local/lib/python3.7/dist-packages/manticore/main.py", line 41, in main ethereum_main(args, logger) File "/usr/local/lib/python3.7/dist-packages/manticore/ethereum/cli.py", line 68, in ethereum_main tx_account=args.txaccount, tx_preconstrain=args.txpreconstrain) File "/usr/local/lib/python3.7/dist-packages/manticore/ethereum/manticore.py", line 992, in multi_tx_analysis args=args, working_dir=working_dir) File "/usr/local/lib/python3.7/dist-packages/manticore/ethereum/manticore.py", line 611, in solidity_create_contract working_dir=working_dir) File "/usr/local/lib/python3.7/dist-packages/manticore/ethereum/manticore.py", line 331, in _compile raise EthereumError('Solidity failed to compile your contract.') manticore.exceptions.EthereumError: Solidity failed to compile your contract.

srinjoychakravarty commented 5 years ago

Hi Guys,

Is the TrailofBits team still active? Could someone please reach out and help on this issue. I'm sure you guys can easily solve it.

feliam commented 5 years ago

Hi chax93. I'm very sorry about the delay. It won't happen again. Manticore can not analyze contracts that do not have any bytecode (as there is not much to analyze there). You are trying to get the bytecode of an abstract contract. Solc will not generate bytecode if you do not provide an implementation of all the functions declared in the interface.

$ slither TokenDistributor.sol --detect unimplemented-functions 

INFO:Detectors:
TokenDistributor does not implement IERC20.allowance(address,address) (TokenDistributor.sol#13)
TokenDistributor does not implement IERC20.transfer(address,uint256) (TokenDistributor.sol#3)
TokenDistributor does not implement IERC20.approve(address,uint256) (TokenDistributor.sol#5)
TokenDistributor does not implement IERC20.transferFrom(address,address,uint256) (TokenDistributor.sol#7)
TokenDistributor does not implement IERC20.totalSupply() (TokenDistributor.sol#9)
TokenDistributor does not implement IERC20.balanceOf(address) (TokenDistributor.sol#11)
disconnect3d commented 5 years ago

This will be addressed with https://github.com/trailofbits/manticore/pull/1386