angr 9.2.102__py3-none-manylinux2014_x86_64.whl → 9.2.103__py3-none-manylinux2014_x86_64.whl

angr/analyses/decompiler/optimization_passes/lowered_switch_simplifier.py

@@ -1,4 +1,4 @@
-from typing import Optional, Tuple, Union, List, DefaultDict, TYPE_CHECKING
+from typing import DefaultDict, TYPE_CHECKING
 from collections import defaultdict, OrderedDict
 import logging
 
@@ -38,12 +38,12 @@ class Case:
     def __init__(
         self,
         original_node,
-        node_type: Optional[str],
+        node_type: str | None,
         variable_hash,
         expr,
-        value: Union[int, str],
+        value: int | str,
         target,
-        target_idx: Optional[int],
+        target_idx: int | None,
         next_addr,
     ):
         self.original_node = original_node
@@ -104,28 +104,28 @@ class StableVarExprHasher(AILBlockWalkerBase):
         self.walk_expression(expr)
         self.hash = hash(tuple(self._hash_lst))
 
-    def _handle_expr(self, expr_idx: int, expr: Expression, stmt_idx: int, stmt, block: Optional[Block]):
+    def _handle_expr(self, expr_idx: int, expr: Expression, stmt_idx: int, stmt, block: Block | None):
         if hasattr(expr, "variable") and expr.variable is not None:
             self._hash_lst.append(expr.variable)
         else:
             super()._handle_expr(expr_idx, expr, stmt_idx, stmt, block)
 
-    def _handle_Load(self, expr_idx: int, expr: Load, stmt_idx: int, stmt, block: Optional[Block]):
+    def _handle_Load(self, expr_idx: int, expr: Load, stmt_idx: int, stmt, block: Block | None):
         self._hash_lst.append("Load")
         super()._handle_Load(expr_idx, expr, stmt_idx, stmt, block)
 
-    def _handle_BinaryOp(self, expr_idx: int, expr: BinaryOp, stmt_idx: int, stmt, block: Optional[Block]):
+    def _handle_BinaryOp(self, expr_idx: int, expr: BinaryOp, stmt_idx: int, stmt, block: Block | None):
         self._hash_lst.append(expr.op)
         super()._handle_BinaryOp(expr_idx, expr, stmt_idx, stmt, block)
 
-    def _handle_UnaryOp(self, expr_idx: int, expr: "UnaryOp", stmt_idx: int, stmt, block: Optional[Block]):
+    def _handle_UnaryOp(self, expr_idx: int, expr: "UnaryOp", stmt_idx: int, stmt, block: Block | None):
         self._hash_lst.append(expr.op)
         super()._handle_UnaryOp(expr_idx, expr, stmt_idx, stmt, block)
 
-    def _handle_Const(self, expr_idx: int, expr: Const, stmt_idx: int, stmt, block: Optional[Block]):
+    def _handle_Const(self, expr_idx: int, expr: Const, stmt_idx: int, stmt, block: Block | None):
         self._hash_lst.append((expr.value, expr.bits))
 
-    def _handle_Convert(self, expr_idx: int, expr: "Convert", stmt_idx: int, stmt, block: Optional[Block]):
+    def _handle_Convert(self, expr_idx: int, expr: "Convert", stmt_idx: int, stmt, block: Block | None):
         self._hash_lst.append(expr.to_bits)
         super()._handle_Convert(expr_idx, expr, stmt_idx, stmt, block)
 
@@ -174,7 +174,7 @@ class LoweredSwitchSimplifier(OptimizationPass):
                 original_nodes = original_nodes[1:]
                 existing_nodes_by_addr_and_idx = {(nn.addr, nn.idx): nn for nn in graph_copy}
 
-                case_addrs: List[Tuple[Block, Union[int, str], int, Optional[int], int]] = []
+                case_addrs: list[tuple[Block, int | str, int, int | None, int]] = []
                 delayed_edges = []
                 for idx, case in enumerate(cases):
                     if idx == 0 or all(
@@ -184,7 +184,7 @@ class LoweredSwitchSimplifier(OptimizationPass):
                             (case.original_node, case.value, case.target, case.target_idx, case.next_addr)
                         )
                     else:
-                        statements: List = [
+                        statements: list = [
                             stmt for stmt in case.original_node.statements if isinstance(stmt, (Label, Assignment))
                         ]
                         statements.append(
@@ -294,7 +294,7 @@ class LoweredSwitchSimplifier(OptimizationPass):
                 variable_comparisons[node] = ("c",) + r
                 continue
 
-        varhash_to_caselists: DefaultDict[int, List[Tuple[List[Case], List]]] = defaultdict(list)
+        varhash_to_caselists: DefaultDict[int, list[tuple[list[Case], list]]] = defaultdict(list)
         used_nodes = set()
 
         for head in variable_comparisons:
@@ -516,7 +516,7 @@ class LoweredSwitchSimplifier(OptimizationPass):
     @staticmethod
     def _find_switch_variable_comparison_type_a(
         node,
-    ) -> Optional[Tuple[int, str, Expression, int, int, Optional[int], int, Optional[int]]]:
+    ) -> tuple[int, str, Expression, int, int, int | None, int, int | None] | None:
         # the type a is the last statement is a var == constant comparison, but
         # there is more than one non-label statement in the block
 
@@ -561,7 +561,7 @@ class LoweredSwitchSimplifier(OptimizationPass):
     @staticmethod
     def _find_switch_variable_comparison_type_b(
         node,
-    ) -> Optional[Tuple[int, str, Expression, int, int, Optional[int], int, Optional[int]]]:
+    ) -> tuple[int, str, Expression, int, int, int | None, int, int | None] | None:
         # the type b is the last statement is a var == constant comparison, and
         # there is only one non-label statement
 
@@ -606,7 +606,7 @@ class LoweredSwitchSimplifier(OptimizationPass):
     @staticmethod
     def _find_switch_variable_comparison_type_c(
         node,
-    ) -> Optional[Tuple[int, str, Expression, int, int, Optional[int], int, Optional[int]]]:
+    ) -> tuple[int, str, Expression, int, int, int | None, int, int | None] | None:
         # the type c is where the last statement is a var < or > constant comparison, and
         # there is only one non-label statement
 
@@ -744,7 +744,7 @@ class LoweredSwitchSimplifier(OptimizationPass):
         remove_last_statement(node)
 
     @staticmethod
-    def cases_issubset(cases_0: List[Case], cases_1: List[Case]) -> bool:
+    def cases_issubset(cases_0: list[Case], cases_1: list[Case]) -> bool:
         """
         Test if cases_0 is a subset of cases_1.
         """

angr/analyses/decompiler/optimization_passes/optimization_pass.py

@@ -1,5 +1,6 @@
 # pylint:disable=unused-argument
-from typing import Optional, Dict, Set, Tuple, Generator, TYPE_CHECKING
+from typing import TYPE_CHECKING
+from collections.abc import Generator
 from enum import Enum
 
 import networkx  # pylint:disable=unused-import
@@ -53,9 +54,7 @@ class BaseOptimizationPass:
     ARCHES = []  # strings of supported architectures
     PLATFORMS = []  # strings of supported platforms. Can be one of the following: "win32", "linux"
     STAGE: int = None  # Specifies when this optimization pass should be executed
-    STRUCTURING: Optional[str] = (
-        None  # specifies if this optimization pass is specific to a certain structuring algorithm
-    )
+    STRUCTURING: str | None = None  # specifies if this optimization pass is specific to a certain structuring algorithm
     NAME = "N/A"
     DESCRIPTION = "N/A"
 
@@ -133,23 +132,23 @@ class OptimizationPass(BaseOptimizationPass):
     ):
         super().__init__(func)
         # self._blocks is just a cache
-        self._blocks_by_addr: Dict[int, Set[ailment.Block]] = blocks_by_addr
-        self._blocks_by_addr_and_idx: Dict[Tuple[int, Optional[int]], ailment.Block] = blocks_by_addr_and_idx
-        self._graph: Optional[networkx.DiGraph] = graph
+        self._blocks_by_addr: dict[int, set[ailment.Block]] = blocks_by_addr
+        self._blocks_by_addr_and_idx: dict[tuple[int, int | None], ailment.Block] = blocks_by_addr_and_idx
+        self._graph: networkx.DiGraph | None = graph
         self._variable_kb = variable_kb
         self._ri = region_identifier
         self._rd = reaching_definitions
         self._new_block_addrs = set()
 
         # output
-        self.out_graph: Optional[networkx.DiGraph] = None
+        self.out_graph: networkx.DiGraph | None = None
 
     @property
-    def blocks_by_addr(self) -> Dict[int, Set[ailment.Block]]:
+    def blocks_by_addr(self) -> dict[int, set[ailment.Block]]:
         return self._blocks_by_addr
 
     @property
-    def blocks_by_addr_and_idx(self) -> Dict[Tuple[int, Optional[int]], ailment.Block]:
+    def blocks_by_addr_and_idx(self) -> dict[tuple[int, int | None], ailment.Block]:
         return self._blocks_by_addr_and_idx
 
     #
@@ -169,7 +168,7 @@ class OptimizationPass(BaseOptimizationPass):
         self._new_block_addrs.add(new_addr)
         return new_addr
 
-    def _get_block(self, addr, idx=None) -> Optional[ailment.Block]:
+    def _get_block(self, addr, idx=None) -> ailment.Block | None:
         if not self._blocks_by_addr:
             return None
         else:
@@ -288,8 +287,8 @@ class StructuringOptimizationPass(OptimizationPass):
         self._simplify_ail = simplify_ail
         self._require_gotos = require_gotos
 
-        self._goto_manager: Optional[GotoManager] = None
-        self._prev_graph: Optional[networkx.DiGraph] = None
+        self._goto_manager: GotoManager | None = None
+        self._prev_graph: networkx.DiGraph | None = None
 
     def _analyze(self, cache=None) -> bool:
         raise NotImplementedError()

angr/analyses/decompiler/optimization_passes/register_save_area_simplifier.py

@@ -1,4 +1,4 @@
-from typing import List, Tuple, Iterable, Dict
+from collections.abc import Iterable
 import logging
 
 import archinfo
@@ -50,29 +50,33 @@ class RegisterSaveAreaSimplifier(OptimizationPass):
 
         return bool(info), {"info": info}
 
+    @staticmethod
+    def _modify_statement(
+        old_block, stmt_idx_: int, updated_blocks_, stack_offset: int = None
+    ):  # pylint:disable=unused-argument
+        if old_block not in updated_blocks_:
+            block = old_block.copy()
+            updated_blocks_[old_block] = block
+        else:
+            block = updated_blocks_[old_block]
+        block.statements[stmt_idx_] = None
+
     def _analyze(self, cache=None):
-        def _remove_statement(old_block, stmt_idx_: int, updated_blocks_):
-            if old_block not in updated_blocks_:
-                block = old_block.copy()
-                updated_blocks[old_block] = block
-            else:
-                block = updated_blocks[old_block]
-            block.statements[stmt_idx_] = None
 
         if cache is None:
             return
 
-        info: Dict[int, Dict[str, List[Tuple[int, CodeLocation]]]] = cache["info"]
+        info: dict[int, dict[str, list[tuple[int, CodeLocation]]]] = cache["info"]
         updated_blocks = {}
 
         for data in info.values():
             # remove storing statements
-            for _, codeloc in data["stored"]:
+            for stack_offset, codeloc in data["stored"]:
                 old_block = self._get_block(codeloc.block_addr, idx=codeloc.block_idx)
-                _remove_statement(old_block, codeloc.stmt_idx, updated_blocks)
-            for _, codeloc in data["restored"]:
+                self._modify_statement(old_block, codeloc.stmt_idx, updated_blocks, stack_offset=stack_offset)
+            for stack_offset, codeloc in data["restored"]:
                 old_block = self._get_block(codeloc.block_addr, idx=codeloc.block_idx)
-                _remove_statement(old_block, codeloc.stmt_idx, updated_blocks)
+                self._modify_statement(old_block, codeloc.stmt_idx, updated_blocks, stack_offset=stack_offset)
 
         for old_block, new_block in updated_blocks.items():
             # remove all statements that are None
@@ -80,7 +84,7 @@ class RegisterSaveAreaSimplifier(OptimizationPass):
             # update it
             self._update_block(old_block, new_block)
 
-    def _find_registers_stored_on_stack(self) -> List[Tuple[int, int, CodeLocation]]:
+    def _find_registers_stored_on_stack(self) -> list[tuple[int, int, CodeLocation]]:
         first_block = self._get_block(self._func.addr)
         if first_block is None:
             return []
@@ -101,7 +105,7 @@ class RegisterSaveAreaSimplifier(OptimizationPass):
 
         return results
 
-    def _find_registers_restored_from_stack(self) -> List[List[Tuple[int, int, CodeLocation]]]:
+    def _find_registers_restored_from_stack(self) -> list[list[tuple[int, int, CodeLocation]]]:
         all_results = []
         for ret_site in self._func.ret_sites + self._func.jumpout_sites:
             for block in self._get_blocks(ret_site.addr):
@@ -125,10 +129,10 @@ class RegisterSaveAreaSimplifier(OptimizationPass):
 
     def _intersect_register_info(
         self,
-        stored: List[Tuple[int, int, CodeLocation]],
-        restored: Iterable[List[Tuple[int, int, CodeLocation]]],
-    ) -> Dict[int, Dict[str, List[Tuple[int, CodeLocation]]]]:
-        def _collect(info: List[Tuple[int, int, CodeLocation]], output, keystr: str):
+        stored: list[tuple[int, int, CodeLocation]],
+        restored: Iterable[list[tuple[int, int, CodeLocation]]],
+    ) -> dict[int, dict[str, list[tuple[int, CodeLocation]]]]:
+        def _collect(info: list[tuple[int, int, CodeLocation]], output, keystr: str):
             for reg_offset, stack_offset, codeloc in info:
                 if reg_offset not in output:
                     output[reg_offset] = {}
@@ -136,7 +140,7 @@ class RegisterSaveAreaSimplifier(OptimizationPass):
                     output[reg_offset][keystr] = []
                 output[reg_offset][keystr].append((stack_offset, codeloc))
 
-        result: Dict[int, Dict[str, List[Tuple[int, CodeLocation]]]] = {}
+        result: dict[int, dict[str, list[tuple[int, CodeLocation]]]] = {}
         _collect(stored, result, "stored")
         for item in restored:
             _collect(item, result, "restored")
@@ -158,7 +162,7 @@ class RegisterSaveAreaSimplifier(OptimizationPass):
             lr_reg_offset = self.project.arch.registers["lr"][0]
         elif self.project.arch.name in {"MIPS32", "MIPS64"}:
             lr_reg_offset = self.project.arch.registers["ra"][0]
-        elif self.project.arch.name in {"PPC32", "PPC64"}:
+        elif self.project.arch.name in {"PPC32", "PPC64"} or self.project.arch.name.startswith("PowerPC:"):
             lr_reg_offset = self.project.arch.registers["lr"][0]
         else:
             lr_reg_offset = None

angr/analyses/decompiler/optimization_passes/ret_addr_save_simplifier.py

@@ -1,4 +1,4 @@
-from typing import Tuple, Optional, List, Any
+from typing import Any
 import logging
 
 import ailment
@@ -87,7 +87,7 @@ class RetAddrSaveSimplifier(OptimizationPass):
                 block_copy.statements.pop(stmt_idx)
                 self._update_block(block, block_copy)
 
-    def _find_retaddr_save_stmt(self) -> Optional[Tuple[Any, int, ailment.Expr.StackBaseOffset]]:
+    def _find_retaddr_save_stmt(self) -> tuple[Any, int, ailment.Expr.StackBaseOffset] | None:
         """
         Find the AIL statement that saves the return address to a stack slot.
 
@@ -126,7 +126,7 @@ class RetAddrSaveSimplifier(OptimizationPass):
         # Not found
         return None
 
-    def _find_retaddr_restore_stmt(self) -> Optional[List[Tuple[Any, int, ailment.Expr.StackBaseOffset]]]:
+    def _find_retaddr_restore_stmt(self) -> list[tuple[Any, int, ailment.Expr.StackBaseOffset]] | None:
         """
         Find the AIL statement that restores the return address from a stack slot.
 

angr/analyses/decompiler/optimization_passes/ret_deduplicator.py

@@ -1,6 +1,5 @@
 # pylint:disable=unnecessary-pass
 import logging
-from typing import Tuple, List
 
 from ailment import Block
 from ailment.statement import ConditionalJump, Return
@@ -171,7 +170,7 @@ class ReturnDeduplicator(OptimizationPass):
 
         return self._get_original_regions(if_ret_candidates)
 
-    def _get_original_regions(self, if_ret_candidates: List[Tuple[Block, Block, Block]]):
+    def _get_original_regions(self, if_ret_candidates: list[tuple[Block, Block, Block]]):
         """
         Input: [(if_stmt_block, super_true_child, super_false_child), ...]
         Output: [(if_stmt_block, true_child, false_child, super_true_child, super_false_child), ...]

angr/analyses/decompiler/optimization_passes/return_duplicator_base.py

@@ -1,4 +1,4 @@
-from typing import Any, Tuple, Dict, List, Optional
+from typing import Any
 from itertools import count
 import copy
 import logging
@@ -32,7 +32,7 @@ class ReturnDuplicatorBase:
         node_idx_start: int = 0,
         max_calls_in_regions: int = 2,
         minimize_copies_for_regions: bool = True,
-        ri: Optional[RegionIdentifier] = None,
+        ri: RegionIdentifier | None = None,
         **kwargs,
     ):
         self.node_idx = count(start=node_idx_start)
@@ -41,7 +41,7 @@ class ReturnDuplicatorBase:
 
         # this should also be set by the optimization passes initer
         self._func = func
-        self._ri: Optional[RegionIdentifier] = ri
+        self._ri: RegionIdentifier | None = ri
 
     #
     # must implement these methods
@@ -88,7 +88,7 @@ class ReturnDuplicatorBase:
 
         return graph_changed
 
-    def _find_endnode_regions(self, graph) -> Dict[Any, Tuple[List[Tuple[Any, Any]], networkx.DiGraph]]:
+    def _find_endnode_regions(self, graph) -> dict[Any, tuple[list[tuple[Any, Any]], networkx.DiGraph]]:
         """
         Find all the regions that contain a node with no successors. These are the "end nodes" of the graph.
         """
@@ -97,7 +97,7 @@ class ReturnDuplicatorBase:
         # to_update is keyed by the region head.
         # this is because different end nodes may lead to the same region head: consider the case of the typical "fork"
         # region where stack canary is checked in x86-64 binaries.
-        end_node_regions: Dict[Any, Tuple[List[Tuple[Any, Any]], networkx.DiGraph]] = {}
+        end_node_regions: dict[Any, tuple[list[tuple[Any, Any]], networkx.DiGraph]] = {}
 
         for end_node in endnodes:
             in_edges = list(graph.in_edges(end_node))
@@ -175,7 +175,7 @@ class ReturnDuplicatorBase:
             graph.remove_edge(pred_node, region_head)
 
     def _copy_connected_edge_components(
-        self, endnode_regions: Dict[Any, Tuple[List[Tuple[Any, Any]], networkx.DiGraph]], graph: networkx.DiGraph
+        self, endnode_regions: dict[Any, tuple[list[tuple[Any, Any]], networkx.DiGraph]], graph: networkx.DiGraph
     ):
         updated_regions = endnode_regions.copy()
         all_region_block_addrs = list(self._find_block_sets_in_all_regions(self._ri.region).values())
@@ -312,7 +312,7 @@ class ReturnDuplicatorBase:
         return valid_assignment
 
     @staticmethod
-    def _single_entry_region(graph, end_node) -> Tuple[networkx.DiGraph, Any]:
+    def _single_entry_region(graph, end_node) -> tuple[networkx.DiGraph, Any]:
         """
         Back track on the graph from `end_node` and find the longest chain of nodes where each node has only one
         predecessor and one successor (the second-to-last node may have two successors to account for the typical

angr/analyses/decompiler/optimization_passes/spilled_register_finder.py

@@ -0,0 +1,18 @@
+import logging
+
+from .register_save_area_simplifier import RegisterSaveAreaSimplifier
+
+
+_l = logging.getLogger(name=__name__)
+
+
+class SpilledRegisterFinder(RegisterSaveAreaSimplifier):
+    """
+    Finds spilled registers and tags them with pseudoregisters based on their stack offset.
+    """
+
+    @staticmethod
+    def _modify_statement(old_block, stmt_idx_: int, updated_blocks_, stack_offset: int = None):
+        old_stmt = old_block.statements[stmt_idx_]
+        pseudoreg = 0x1000000 - stack_offset
+        old_stmt.tags["pseudoreg"] = pseudoreg

angr/analyses/decompiler/optimization_passes/stack_canary_simplifier.py

@@ -1,4 +1,3 @@
-from typing import Set, Dict
 from collections import defaultdict
 import logging
 
@@ -74,7 +73,7 @@ class StackCanarySimplifier(OptimizationPass):
         # Before node duplication, each pair of canary-check-success and canary-check-failure nodes have a common
         # predecessor.
         # map endpoint addrs to their common predecessors
-        pred_addr_to_endpoint_addrs: Dict[int, Set[int]] = defaultdict(set)
+        pred_addr_to_endpoint_addrs: dict[int, set[int]] = defaultdict(set)
         for node_addr in all_endpoint_addrs:
             preds = self._func.graph.predecessors(self._func.get_node(node_addr))
             for pred in preds:
@@ -183,7 +182,7 @@ class StackCanarySimplifier(OptimizationPass):
 
         while True:
             traversed.add(block_addr)
-            first_block = self._get_block(block_addr)
+            first_block = next(self._get_blocks(block_addr))
             if first_block is None:
                 break
 

angr/analyses/decompiler/optimization_passes/win_stack_canary_simplifier.py

@@ -1,5 +1,4 @@
 # pylint:disable=too-many-boolean-expressions
-from typing import Set, Dict
 from collections import defaultdict
 import logging
 
@@ -90,7 +89,7 @@ class WinStackCanarySimplifier(OptimizationPass):
         # Before node duplication, each pair of canary-check-success and canary-check-failure nodes have a common
         # predecessor.
         # map endpoint addrs to their common predecessors
-        pred_addr_to_endpoint_addrs: Dict[int, Set[int]] = defaultdict(set)
+        pred_addr_to_endpoint_addrs: dict[int, set[int]] = defaultdict(set)
         for node_addr in all_endpoint_addrs:
             preds = self._func.graph.predecessors(self._func.get_node(node_addr))
             for pred in preds:

angr/analyses/decompiler/optimization_passes/x86_gcc_getpc_simplifier.py

@@ -1,4 +1,4 @@
-from typing import Tuple, List, Any
+from typing import Any
 import logging
 
 import ailment
@@ -60,7 +60,7 @@ class X86GccGetPcSimplifier(OptimizationPass):
                 block.statements = block.statements[: stmt_idx - 1] + block.statements[stmt_idx:]
             self._update_block(old_block, block)
 
-    def _find_getpc_calls(self) -> List[Tuple[Any, int, str, int]]:
+    def _find_getpc_calls(self) -> list[tuple[Any, int, str, int]]:
         """
         Find all blocks that are calling __x86.get_pc_thunk functions.
 

angr/analyses/decompiler/peephole_optimizations/__init__.py

@@ -43,12 +43,13 @@ from .rol_ror import RolRorRewriter
 from .inlined_strcpy import InlinedStrcpy
 from .inlined_strcpy_consolidation import InlinedStrcpyConsolidation
 from .inlined_wstrcpy import InlinedWstrcpy
+from .cmpord_rewriter import CmpORDRewriter
 
 from .base import PeepholeOptimizationExprBase, PeepholeOptimizationStmtBase, PeepholeOptimizationMultiStmtBase
 
-MULTI_STMT_OPTS: List[Type[PeepholeOptimizationMultiStmtBase]] = []
-STMT_OPTS: List[Type[PeepholeOptimizationStmtBase]] = []
-EXPR_OPTS: List[Type[PeepholeOptimizationExprBase]] = []
+MULTI_STMT_OPTS: list[type[PeepholeOptimizationMultiStmtBase]] = []
+STMT_OPTS: list[type[PeepholeOptimizationStmtBase]] = []
+EXPR_OPTS: list[type[PeepholeOptimizationExprBase]] = []
 
 _g = globals().copy()
 for v in _g.values():

angr/analyses/decompiler/peephole_optimizations/base.py

@@ -1,5 +1,3 @@
-from typing import List, Optional
-
 from ailment.expression import BinaryOp, UnaryOp, Expression
 from ailment.statement import Statement, Assignment
 from ailment import Block
@@ -17,15 +15,15 @@ class PeepholeOptimizationStmtBase:
         "kb",
         "func_addr",
     )
-    project: Optional[Project]
-    kb: Optional[KnowledgeBase]
-    func_addr: Optional[int]
+    project: Project | None
+    kb: KnowledgeBase | None
+    func_addr: int | None
 
     NAME = "Peephole Optimization - Statement"
     DESCRIPTION = "Peephole Optimization - Statement"
     stmt_classes = None
 
-    def __init__(self, project: Optional[Project], kb: Optional[KnowledgeBase], func_addr: Optional[int] = None):
+    def __init__(self, project: Project | None, kb: KnowledgeBase | None, func_addr: int | None = None):
         self.project = project
         self.kb = kb
         self.func_addr = func_addr
@@ -44,20 +42,20 @@ class PeepholeOptimizationMultiStmtBase:
         "kb",
         "func_addr",
     )
-    project: Optional[Project]
-    kb: Optional[KnowledgeBase]
-    func_addr: Optional[int]
+    project: Project | None
+    kb: KnowledgeBase | None
+    func_addr: int | None
 
     NAME = "Peephole Optimization - Multi-statement"
     DESCRIPTION = "Peephole Optimization - Multi-statement"
     stmt_classes = None
 
-    def __init__(self, project: Optional[Project], kb: Optional[KnowledgeBase], func_addr: Optional[int] = None):
+    def __init__(self, project: Project | None, kb: KnowledgeBase | None, func_addr: int | None = None):
         self.project = project
         self.kb = kb
         self.func_addr = func_addr
 
-    def optimize(self, stmts: List[Statement], stmt_idx: Optional[int] = None, block=None, **kwargs):
+    def optimize(self, stmts: list[Statement], stmt_idx: int | None = None, block=None, **kwargs):
         raise NotImplementedError("_optimize() is not implemented.")
 
 
@@ -71,15 +69,15 @@ class PeepholeOptimizationExprBase:
         "kb",
         "func_addr",
     )
-    project: Optional[Project]
-    kb: Optional[KnowledgeBase]
-    func_addr: Optional[int]
+    project: Project | None
+    kb: KnowledgeBase | None
+    func_addr: int | None
 
     NAME = "Peephole Optimization - Expression"
     DESCRIPTION = "Peephole Optimization - Expression"
     expr_classes = None
 
-    def __init__(self, project: Optional[Project], kb: Optional[KnowledgeBase], func_addr: Optional[int] = None):
+    def __init__(self, project: Project | None, kb: KnowledgeBase | None, func_addr: int | None = None):
         self.project = project
         self.kb = kb
         self.func_addr = func_addr

angr/analyses/decompiler/peephole_optimizations/bswap.py

@@ -1,5 +1,3 @@
-from typing import Tuple, Optional
-
 from ailment.expression import BinaryOp, Const, Expression, Convert
 from ailment.statement import Call
 
@@ -101,7 +99,7 @@ class Bswap(PeepholeOptimizationExprBase):
 
         return None
 
-    def _match_inner(self, or_first: BinaryOp, or_second: BinaryOp) -> Tuple[bool, Optional[Expression]]:
+    def _match_inner(self, or_first: BinaryOp, or_second: BinaryOp) -> tuple[bool, Expression | None]:
         if isinstance(or_first.operands[1], Const) and or_first.operands[1].value == 0xFF00FF00:
             if isinstance(or_second.operands[1], Const) and or_second.operands[1].value == 0x00FF00FF:
                 inner_first = or_first.operands[0]

angr/analyses/decompiler/peephole_optimizations/cmpord_rewriter.py

@@ -0,0 +1,72 @@
+from ailment.statement import ConditionalJump
+from ailment.expression import BinaryOp, Const
+
+from .base import PeepholeOptimizationStmtBase
+
+
+class CmpORDRewriter(PeepholeOptimizationStmtBase):
+    """
+    Rewrites CmpORD expressions (PowerPC and VEX-specific) into common comparison operations.
+    """
+
+    __slots__ = ()
+
+    NAME = "CmpORD rewriter"
+    stmt_classes = (ConditionalJump,)
+
+    def optimize(self, stmt: ConditionalJump, stmt_idx: int = None, block=None, **kwargs):
+        # example:
+        # 05 | 0x4011d4 | if ((((gpr9<4> CmpORD 0x0<32>) & 0x2<32>) != 0x0<32>)) { Goto ... } else { Goto ... }
+        # or
+        # 02 | 0x401260 | if (((((gpr3<4> CmpORD 0x0<32>) & 0x2<32>) ^ 0x2<32>) != 0x0<32>)) { Goto ... } else
+        #                   { Goto ... }
+
+        if not isinstance(stmt.condition, BinaryOp) or stmt.condition.op not in {"CmpNE", "CmpEQ"}:
+            return None
+        cmp_rhs = stmt.condition.operands[1]
+        if not isinstance(cmp_rhs, Const) or cmp_rhs.value != 0:
+            return None
+        negated = stmt.condition.op == "CmpEQ"
+
+        cmp_lhs = stmt.condition.operands[0]
+        xor_value = None
+        if isinstance(cmp_lhs, BinaryOp) and cmp_lhs.op == "Xor" and isinstance(cmp_lhs.operands[1], Const):
+            negated = not negated
+            xor_value = cmp_lhs.operands[1].value
+            # unpack
+            cmp_lhs = cmp_lhs.operands[0]
+
+        if not isinstance(cmp_lhs, BinaryOp) or cmp_lhs.op != "And":
+            return None
+
+        if not isinstance(cmp_lhs.operands[1], Const) or cmp_lhs.operands[1].value not in {2, 4, 8}:
+            return None
+        if xor_value is not None and cmp_lhs.operands[1].value != xor_value:
+            return None
+
+        real_cmp = cmp_lhs.operands[0]
+        if not isinstance(real_cmp, BinaryOp) or real_cmp.op != "CmpORD":
+            return None
+
+        # determine the real comparison operator
+        match cmp_lhs.operands[1].value:
+            case 2:
+                cmp_op = "CmpEQ" if not negated else "CmpNE"
+            case 4:
+                cmp_op = "CmpGE" if not negated else "CmpLT"
+            case _:  # case 8
+                cmp_op = "CmpLT" if not negated else "CmpGE"
+
+        # generate the new comparison
+        new_cond = BinaryOp(stmt.condition.idx, cmp_op, real_cmp.operands[::], real_cmp.signed, **real_cmp.tags)
+        new_stmt = ConditionalJump(
+            stmt.idx,
+            new_cond,
+            stmt.true_target,
+            stmt.false_target,
+            stmt.true_target_idx,
+            stmt.false_target_idx,
+            **stmt.tags,
+        )
+
+        return new_stmt

angr/analyses/decompiler/peephole_optimizations/const_mull_a_shift.py

@@ -1,5 +1,4 @@
 # pylint:disable=too-many-boolean-expressions
-from typing import Union
 
 from ailment.expression import Convert, BinaryOp, Const
 
@@ -16,7 +15,7 @@ class ConstMullAShift(PeepholeOptimizationExprBase):
     NAME = "Conv(64->32, (N * a) >> M) => a / N1"
     expr_classes = (Convert, BinaryOp)
 
-    def optimize(self, expr: Union[Convert, BinaryOp], **kwargs):
+    def optimize(self, expr: Convert | BinaryOp, **kwargs):
         r = None
 
         if isinstance(expr, Convert):