angr 9.2.118__py3-none-manylinux2014_aarch64.whl → 9.2.119__py3-none-manylinux2014_aarch64.whl

angr/procedures/stubs/UserHook.py

@@ -12,7 +12,7 @@ class UserHook(angr.SimProcedure):
         result = user_func(self.state)
         if result is None:
             jumpkind = "Ijk_NoHook" if length == 0 else "Ijk_Boring"
-            self.successors.add_successor(self.state, self.state.addr + length, claripy.true, jumpkind)
+            self.successors.add_successor(self.state, self.state.addr + length, claripy.true(), jumpkind)
         else:
             for state in result:
                 self.successors.add_successor(state, state.addr, state.scratch.guard, state.history.jumpkind)

angr/procedures/stubs/format_parser.py

@@ -130,7 +130,7 @@ class FormatString:
                 if type(component) is bytes:
                     sdata, _ = simfd.read_data(len(component), short_reads=False)
                     self.state.add_constraints(sdata == component)
-                elif isinstance(component, claripy.Bits):
+                elif isinstance(component, claripy.ast.Bits):
                     sdata, _ = simfd.read_data(len(component) // 8, short_reads=False)
                     self.state.add_constraints(sdata == component)
                 elif component.spec_type == b"s":

angr/sim_procedure.py

@@ -477,7 +477,7 @@ class SimProcedure:
         self._prepare_ret_state()
 
         self._exit_action(self.state, ret_addr)
-        self.successors.add_successor(self.state, ret_addr, claripy.true, "Ijk_Ret")
+        self.successors.add_successor(self.state, ret_addr, claripy.true(), "Ijk_Ret")
 
     def call(self, addr, args, continue_at, cc=None, prototype=None, jumpkind="Ijk_Call"):
         """
@@ -520,7 +520,7 @@ class SimProcedure:
             call_state.regs.t9 = addr
 
         self._exit_action(call_state, addr)
-        self.successors.add_successor(call_state, addr, claripy.true, jumpkind)
+        self.successors.add_successor(call_state, addr, claripy.true(), jumpkind)
         if jumpkind != "Ijk_Call":
             call_state.callstack.call(
                 self.state.addr, addr, retn_target=ret_addr, stack_pointer=call_state.regs.sp.concrete_value
@@ -531,7 +531,7 @@ class SimProcedure:
             ret_state = self.state.copy()
             cc.setup_callsite(ret_state, ret_addr, args, prototype)
             ret_state.callstack.top.procedure_data = simcallstack_entry
-            guard = claripy.true if o.TRUE_RET_EMULATION_GUARD in ret_state.options else claripy.false
+            guard = claripy.true() if o.TRUE_RET_EMULATION_GUARD in ret_state.options else claripy.false()
             self.successors.add_successor(ret_state, ret_addr, guard, "Ijk_FakeRet")
 
     def jump(self, addr, jumpkind="Ijk_Boring"):
@@ -540,7 +540,7 @@ class SimProcedure:
         """
         self.inhibit_autoret = True
         self._exit_action(self.state, addr)
-        self.successors.add_successor(self.state, addr, claripy.true, jumpkind)
+        self.successors.add_successor(self.state, addr, claripy.true(), jumpkind)
 
     def exit(self, exit_code):
         """
@@ -553,7 +553,7 @@ class SimProcedure:
         if isinstance(exit_code, int):
             exit_code = claripy.BVV(exit_code, self.state.arch.bits)
         self.state.history.add_event("terminate", exit_code=exit_code)
-        self.successors.add_successor(self.state, self.state.regs.ip, claripy.true, "Ijk_Exit")
+        self.successors.add_successor(self.state, self.state.regs.ip, claripy.true(), "Ijk_Exit")
 
     @staticmethod
     def _exit_action(state, addr):

angr/sim_state.py

@@ -1,25 +1,36 @@
 from __future__ import annotations
+
+import contextlib
 import functools
 import itertools
-import contextlib
-import weakref
-
 import logging
-
+import weakref
 from typing import TypeVar, TYPE_CHECKING
 
-from archinfo import Arch
-
-l = logging.getLogger(name=__name__)
-
-import claripy
 import archinfo
+import claripy
+from archinfo import Arch
 from archinfo.arch_soot import SootAddressDescriptor
 
+from . import sim_options as o
+from .errors import SimMergeError, SimValueError, SimStateError, SimSolverModeError
 from .misc.plugins import PluginHub, PluginPreset
 from .sim_state_options import SimStateOptions
 from .state_plugins import SimStatePlugin
 
+if TYPE_CHECKING:
+    from .storage import DefaultMemory
+    from .state_plugins.solver import SimSolver
+    from .state_plugins.posix import SimSystemPosix
+    from .state_plugins.view import SimRegNameView, SimMemView
+    from .state_plugins.callstack import CallStack
+    from .state_plugins.inspect import SimInspector
+    from .state_plugins.jni_references import SimStateJNIReferences
+    from .state_plugins.scratch import SimStateScratch
+
+
+l = logging.getLogger(name=__name__)
+
 
 def arch_overridable(f):
     @functools.wraps(f)
@@ -513,16 +524,6 @@ class SimState(PluginHub):
                 if self.solver.is_true(arg):
                     continue
 
-                # `is_true` and `is_false` does not use VSABackend currently (see commits 97a75366 and 2dfba73e in
-                # claripy). There is a chance that VSA backend can in fact handle it.
-                # Therefore we try to resolve it with VSABackend again
-                if claripy.backends.vsa.is_false(arg):
-                    self._satisfiable = False
-                    return
-
-                if claripy.backends.vsa.is_true(arg):
-                    continue
-
                 # It's neither True or False. Let's try to apply the condition
 
                 # We take the argument, extract a list of constrained SIs out of it (if we could, of course), and
@@ -678,7 +679,7 @@ class SimState(PluginHub):
             merge_conditions = [merge_flag == b for b in merge_values]
         else:
             merge_conditions = [
-                (claripy.true if len(mc) == 0 else claripy.And(*[c.to_claripy() for c in mc]))
+                (claripy.true() if len(mc) == 0 else claripy.And(*[c.to_claripy() for c in mc]))
                 for mc in merge_conditions
             ]
 
@@ -976,17 +977,3 @@ SimState.register_preset("default", default_state_plugin_preset)
 from .state_plugins.history import SimStateHistory
 from .state_plugins.inspect import BP_AFTER, BP_BEFORE
 from .state_plugins.sim_action import SimActionConstraint
-
-from . import sim_options as o
-from .errors import SimMergeError, SimValueError, SimStateError, SimSolverModeError
-
-# Type imports for annotations
-if TYPE_CHECKING:
-    from .storage import DefaultMemory
-    from .state_plugins.solver import SimSolver
-    from .state_plugins.posix import SimSystemPosix
-    from .state_plugins.view import SimRegNameView, SimMemView
-    from .state_plugins.callstack import CallStack
-    from .state_plugins.inspect import SimInspector
-    from .state_plugins.jni_references import SimStateJNIReferences
-    from .state_plugins.scratch import SimStateScratch

angr/sim_type.py

@@ -495,6 +495,48 @@ class SimTypeLongLong(SimTypeInt):
     _base_name = "long long"
 
 
+class SimTypeFixedSizeInt(SimTypeInt):
+    """
+    The base class for all fixed-size (i.e., the size stays the same on all platforms) integer types. Do not
+    instantiate this class directly.
+    """
+
+    _base_name: str = "int"
+    _fixed_size: int = 32
+
+    def c_repr(self, name=None, full=0, memo=None, indent=0):
+        out = self._base_name
+        if not self.signed:
+            out = "u" + out
+        if name is None:
+            return out
+        return f"{out} {name}"
+
+    def __repr__(self) -> str:
+        name = self._base_name
+        if not self.signed:
+            name = "u" + name
+
+        try:
+            return name + " (%d bits)" % self.size
+        except ValueError:
+            return name
+
+    @property
+    def size(self) -> int:
+        return self._fixed_size
+
+
+class SimTypeInt128(SimTypeFixedSizeInt):
+    _base_name = "int128_t"
+    _fixed_size = 128
+
+
+class SimTypeInt256(SimTypeFixedSizeInt):
+    _base_name = "int256_t"
+    _fixed_size = 256
+
+
 class SimTypeChar(SimTypeReg):
     """
     SimTypeChar is a type that specifies a character;

angr/simos/javavm.py

@@ -1,15 +1,17 @@
 from __future__ import annotations
+
 import logging
 
-from angr import SIM_PROCEDURES, options
 from archinfo.arch_soot import ArchSoot, SootAddressDescriptor, SootAddressTerminator, SootArgument, SootNullConstant
 from claripy import BVS, BVV, StringS, StringV, FSORT_FLOAT, FSORT_DOUBLE, FPV, FPS
 from claripy.ast.fp import FP, fpToIEEEBV
 from claripy.ast.bv import BV
 
+from angr import SIM_PROCEDURES, options
+
 from ..calling_conventions import default_cc, SimCCSoot
 from ..engines.soot import SootMixin
-from ..engines.soot.expressions import SimSootExpr_NewArray  # , SimSootExpr_NewMultiArray
+from ..engines.soot.expressions import SimSootExpr_NewArray
 from ..engines.soot.values import (
     SimSootValue_ArrayRef,
     SimSootValue_StringRef,
@@ -106,10 +108,6 @@ class SimJavaVM(SimOS):
             kwargs["arch"] = self.arch
         if not kwargs.get("os_name", None):
             kwargs["os_name"] = self.name
-        # enable support for string analysis
-        add_options = kwargs.get("add_options", set())
-        add_options.add(options.COMPOSITE_SOLVER)
-        kwargs["add_options"] = add_options
 
         if self.is_javavm_with_jni_support:
             # If the JNI support is enabled (i.e. JNI libs are loaded), the SimState
@@ -194,13 +192,13 @@ class SimJavaVM(SimOS):
         return state
 
     @staticmethod
-    def generate_symbolic_cmd_line_arg(state, max_length=1000):
+    def generate_symbolic_cmd_line_arg(state):
         """
         Generates a new symbolic cmd line argument string.
         :return: The string reference.
         """
         str_ref = SimSootValue_StringRef(state.memory.get_new_uuid())
-        str_sym = StringS("cmd_line_arg", max_length)
+        str_sym = StringS("cmd_line_arg")
         state.solver.add(str_sym != StringV(""))
         state.memory.store(str_ref, str_sym)
         return str_ref
@@ -312,7 +310,7 @@ class SimJavaVM(SimOS):
         if type_ == "double":
             return FPS(f"default_value_{type_}", FSORT_DOUBLE)
         if type_ == "java.lang.String":
-            return SimSootValue_StringRef.new_string(state, StringS(f"default_value_{type_}", 1000))
+            return SimSootValue_StringRef.new_string(state, StringS(f"default_value_{type_}"))
         if type_.endswith("[][]"):
             raise NotImplementedError
         if type_.endswith("[]"):
@@ -435,9 +433,6 @@ class SimJavaVM(SimOS):
         jni_type_size = ArchSoot.sizeof.get(java_type, self.native_simos.arch.bits)
         return SimTypeNum(size=jni_type_size)
 
-    def get_method_native_type(self, method):
-        return SimTypeFunction
-
     @property
     def native_arch(self):
         """

angr/simos/linux.py

@@ -238,7 +238,7 @@ class SimLinux(SimUserland):
                 fs[name] = fs[name].encode("utf-8")
             if type(fs[name]) is bytes:
                 fs[name] = claripy.BVV(fs[name])
-            if isinstance(fs[name], claripy.Bits):
+            if isinstance(fs[name], claripy.ast.Bits):
                 fs[name] = SimFile(name, content=fs[name])
             if not isinstance(fs[name], SimFileBase):
                 raise TypeError(f"Provided fs initializer with unusable type {type(fs[name])!r}")

angr/simos/simos.py

@@ -149,7 +149,7 @@ class SimOS:
             if type(stdin) is type:
                 stdin = stdin(name="stdin", has_end=False)
             else:
-                if isinstance(stdin, claripy.Bits):
+                if isinstance(stdin, claripy.ast.Bits):
                     num_bytes = len(stdin) // self.project.arch.byte_width
                 else:
                     num_bytes = len(stdin)

angr/simos/windows.py

@@ -422,7 +422,7 @@ class SimWindows(SimOS):
 
         # let's go let's go!
         # we want to use a true guard here. if it's not true, then it's already been added in windup.
-        successors.add_successor(exc_state, self._exception_handler, claripy.true, "Ijk_Exception")
+        successors.add_successor(exc_state, self._exception_handler, claripy.true(), "Ijk_Exception")
         successors.processed = True
 
     # these two methods load and store register state from a struct CONTEXT

angr/state_hierarchy.py

@@ -213,7 +213,7 @@ class StateHierarchy:
                 n()._satisfiable = False
                 try:
                     if n().state is not None:
-                        n().state.add_constraints(claripy.false)
+                        n().state.add_constraints(claripy.false())
                 except ReferenceError:
                     pass
             self._graph.remove_nodes_from(all_children)

angr/state_plugins/preconstrainer.py

@@ -147,13 +147,13 @@ class SimStatePreconstrainer(SimStatePlugin):
         precon_cache_keys = set()
 
         for con in self.preconstraints:
-            precon_cache_keys.add(con.cache_key)
+            precon_cache_keys.add(con.hash())
 
         # if we used the replacement solver we didn't add constraints we need to remove so keep all constraints
         if o.REPLACEMENT_SOLVER in self.state.options:
             new_constraints = self.state.solver.constraints
         else:
-            new_constraints = [x for x in self.state.solver.constraints if x.cache_key not in precon_cache_keys]
+            new_constraints = [x for x in self.state.solver.constraints if x.hash() not in precon_cache_keys]
 
         if self.state.has_plugin("zen_plugin"):
             new_constraints = self.state.get_plugin("zen_plugin").filter_constraints(new_constraints)

angr/state_plugins/scratch.py

@@ -30,7 +30,7 @@ class SimStateScratch(SimStatePlugin):
 
         # information on exits *from* this state
         self.jumpkind = None
-        self.guard = claripy.true
+        self.guard = claripy.true()
         self.target = None
         self.source = None
         self.exit_stmt_idx = None

angr/state_plugins/solver.py

@@ -95,7 +95,7 @@ def error_converter(f):
             return f(*args, **kwargs)
         except claripy.UnsatError as e:
             raise SimUnsatError("Got an unsat result") from e
-        except claripy.ClaripyFrontendError as e:
+        except claripy.ClaripyError as e:
             raise SimSolverModeError("Claripy threw an error") from e
 
     return wrapped_f

angr/state_plugins/trace_additions.py

@@ -219,7 +219,7 @@ def end_info_hook(state):
         )
         chall_resp_plugin.str_to_int_pairs.append((input_bvs, new_var))
         if pending_info.allows_negative:
-            chall_resp_plugin.allows_negative_bvs.add(input_bvs.cache_key)
+            chall_resp_plugin.allows_negative_bvs.add(input_bvs.hash())
         chall_resp_plugin.replacement_pairs.append((input_bvs, input_val))
     elif pending_info.get_type() == "IntToStr":
         # result constraint
@@ -459,11 +459,11 @@ class ChallRespInfo(angr.state_plugins.SimStatePlugin):
             base = int(int_var_name.split("_")[1], 10)
             original_len = str_var.size() // 8
             abs_max = (1 << int_var.size()) - 1
-            if str_var.cache_key in self.allows_negative_bvs:
+            if str_var.hash() in self.allows_negative_bvs:
                 abs_max = (1 << (int_var.size() - 1)) - 1
             max_val = base ** (original_len) - 1
             min_val = 0
-            if str_var.cache_key in self.allows_negative_bvs and original_len > 1:
+            if str_var.hash() in self.allows_negative_bvs and original_len > 1:
                 min_val = -(base ** (original_len - 1) - 1)
 
             max_val = min(max_val, abs_max)
@@ -569,10 +569,10 @@ def zen_hook(state, expr):
         if len(flag_args) > 1:
             zen_plugin = state.get_plugin("zen_plugin")
 
-            if expr.cache_key in zen_plugin.replacements:
+            if expr.hash() in zen_plugin.replacements:
                 # we already have the replacement
                 concrete_val = state.solver.eval(expr)
-                replacement = zen_plugin.replacements[expr.cache_key]
+                replacement = zen_plugin.replacements[expr.hash()]
                 state.preconstrainer.preconstrain(concrete_val, replacement)
                 zen_plugin.preconstraints.append(replacement == concrete_val)
             else:
@@ -603,7 +603,7 @@ def zen_hook(state, expr):
                 zen_plugin.state.preconstrainer.preconstraints.append(constraint)
                 zen_plugin.preconstraints.append(replacement == concrete_val)
 
-                zen_plugin.replacements[expr.cache_key] = replacement
+                zen_plugin.replacements[expr.hash()] = replacement
 
             return replacement
     return None
@@ -701,11 +701,11 @@ class ZenPlugin(angr.state_plugins.SimStatePlugin):
         return contained_bytes
 
     def filter_constraints(self, constraints):
-        zen_cache_keys = {x.cache_key for x in self.zen_constraints}
+        zen_cache_keys = {x.hash() for x in self.zen_constraints}
         new_cons = []
         for con in constraints:
             if (
-                con.cache_key in zen_cache_keys
+                con.hash() in zen_cache_keys
                 or not all(v.startswith(("cgc-flag", "random")) for v in con.variables)
                 or len(con.variables) == 0
             ):

angr/storage/file.py

@@ -209,7 +209,7 @@ class SimFile(SimFileBase, DefaultMemory):  # TODO: pick a better base class omg
             content = claripy.BVV(content.encode())
         elif content is None:
             pass
-        elif isinstance(content, claripy.Bits):
+        elif isinstance(content, claripy.ast.Bits):
             if concrete is None and not content.symbolic:
                 concrete = True
         else:
@@ -322,7 +322,7 @@ class SimFile(SimFileBase, DefaultMemory):  # TODO: pick a better base class omg
 
         data = _deps_unpack(data)[0]
         if size is None:
-            size = len(data) // self.state.arch.byte_width if isinstance(data, claripy.Bits) else len(data)
+            size = len(data) // self.state.arch.byte_width if isinstance(data, claripy.ast.Bits) else len(data)
         # \(_^^)/
         self.store(pos, data, size=size)
         new_end = _deps_unpack(pos + size)[0]  # decline to store SAO
@@ -442,7 +442,7 @@ class SimPackets(SimFileBase):
                     if type(x) is tuple
                     else (
                         (x, len(x) // 8)
-                        if isinstance(x, claripy.Bits)
+                        if isinstance(x, claripy.ast.Bits)
                         else (
                             (x.ast, len(x) // 8)
                             if isinstance(x, SimActionObject)
@@ -593,7 +593,7 @@ class SimPackets(SimFileBase):
         if type(data) is bytes:
             data = claripy.BVV(data)
         if size is None:
-            size = len(data) // self.state.arch.byte_width if isinstance(data, claripy.Bits) else len(data)
+            size = len(data) // self.state.arch.byte_width if isinstance(data, claripy.ast.Bits) else len(data)
         if type(size) is int:
             size = claripy.BVV(size, self.state.arch.bits)
 
@@ -903,7 +903,7 @@ class SimFileDescriptor(SimFileDescriptorBase):
 
         data = _deps_unpack(data)[0]
         if size is None:
-            size = len(data) // self.state.arch.byte_width if isinstance(data, claripy.Bits) else len(data)
+            size = len(data) // self.state.arch.byte_width if isinstance(data, claripy.ast.Bits) else len(data)
 
         size = self._prep_write(size)
         self._pos = self.file.write(self._pos, data, size)
@@ -911,7 +911,7 @@ class SimFileDescriptor(SimFileDescriptorBase):
 
     def seek(self, offset, whence="start"):
         if not self.file.seekable:
-            return claripy.false
+            return claripy.false()
 
         if type(offset) is int:
             offset = claripy.BVV(offset, self.state.arch.bits)
@@ -929,9 +929,9 @@ class SimFileDescriptor(SimFileDescriptorBase):
 
     def eof(self):
         if not self.file.seekable:
-            return claripy.false
+            return claripy.false()
         if not getattr(self.file, "has_end", True):
-            return claripy.false
+            return claripy.false()
         return self._pos == self.file.size
 
     def tell(self):
@@ -1034,7 +1034,7 @@ class SimFileDescriptorDuplex(SimFileDescriptorBase):
     def write_data(self, data, size=None, **kwargs):
         data = _deps_unpack(data)[0]
         if size is None:
-            size = len(data) // self.state.arch.byte_width if isinstance(data, claripy.Bits) else len(data)
+            size = len(data) // self.state.arch.byte_width if isinstance(data, claripy.ast.Bits) else len(data)
 
         size = self._prep_write(size)
         self._write_pos = self._write_file.write(self._write_pos, data, size)
@@ -1048,16 +1048,16 @@ class SimFileDescriptorDuplex(SimFileDescriptorBase):
     def eof(self):
         # the thing that makes the most sense is for this to refer to the read eof status...
         if not self._read_file.seekable:
-            return claripy.false
+            return claripy.false()
         if not getattr(self._read_file, "has_end", True):
-            return claripy.false
+            return claripy.false()
         return self._read_pos == self._read_file.size
 
     def tell(self):
         return None
 
     def seek(self, offset, whence="start"):
-        return claripy.false
+        return claripy.false()
 
     def size(self):
         return None

angr/storage/memory_mixins/actions_mixin.py

@@ -46,7 +46,7 @@ class ActionsMixinHigh(MemoryMixin):
             self.state, region_type, kind, addr=addr, data=data, size=ref_size, condition=condition, fallback=fallback
         )
 
-        action.added_constraints = claripy.true
+        action.added_constraints = claripy.true()
         return action
 
     def _add_constraints(self, c, action=None, **kwargs):

angr/storage/memory_mixins/convenient_mappings_mixin.py

@@ -63,7 +63,7 @@ class ConvenientMappingsMixin(MemoryMixin):
                         self._updated_mappings.remove((v, id(self._name_mapping)))
 
                 if options.REVERSE_MEMORY_HASH_MAP in self.state.options:
-                    h = old_obj.cache_key
+                    h = old_obj.hash()
                     self._mark_updated_mapping(self._hash_mapping, h)
                     self._hash_mapping[h].difference_update(range(addr, addr + size))
                     if len(self._hash_mapping[h]) == 0:
@@ -82,7 +82,7 @@ class ConvenientMappingsMixin(MemoryMixin):
 
         if options.REVERSE_MEMORY_HASH_MAP in self.state.options:
             # add the new variables to the hash->addrs mapping
-            h = data.cache_key
+            h = data.hash()
             self._mark_updated_mapping(self._hash_mapping, h)
             if h not in self._hash_mapping:
                 self._hash_mapping[h] = set()
@@ -148,7 +148,7 @@ class ConvenientMappingsMixin(MemoryMixin):
                         self._name_mapping.pop(v, None)
 
             if options.REVERSE_MEMORY_HASH_MAP in self.state.options:
-                h = hash(old_obj)
+                h = old_obj.hash()
                 self._mark_updated_mapping(self._hash_mapping, h)
                 self._hash_mapping[h].discard(actual_addr)
                 if len(self._hash_mapping[h]) == 0:
@@ -166,7 +166,7 @@ class ConvenientMappingsMixin(MemoryMixin):
 
         if options.REVERSE_MEMORY_HASH_MAP in self.state.options:
             # add the new variables to the hash->addrs mapping
-            h = hash(new_obj)
+            h = new_obj.hash()
             self._mark_updated_mapping(self._hash_mapping, h)
             if h not in self._hash_mapping:
                 self._hash_mapping[h] = set()
@@ -208,10 +208,8 @@ class ConvenientMappingsMixin(MemoryMixin):
         for e in self._hash_mapping[h]:
             try:
                 present = self.load(e, size=1)
-                if h == present.cache_key or (
-                    present.op == "Extract"
-                    and present.args[0] - present.args[1] == 7
-                    and h == present.args[2].cache_key
+                if h == present.hash() or (
+                    present.op == "Extract" and present.args[0] - present.args[1] == 7 and h == present.args[2].hash()
                 ):
                     yield e
                 else:

angr/storage/memory_mixins/multi_value_merger_mixin.py

@@ -41,16 +41,16 @@ class MultiValueMergerMixin(MemoryMixin):
                 ret_val = self._top_func(merged_size * self.state.arch.byte_width)
             else:
                 # strip annotations from each value and see how many raw values there are in total
-                # We have to use cache_key to determine uniqueness here, because if __hash__ collides,
+                # We have to use hash manually to determine uniqueness here, because if __hash__ collides,
                 # python implicitly calls __eq__ to determine if the two objects are actually the same
                 # and that just results in a new AST for a BV. Python then tries to convert that AST to a bool
                 # which fails with the safeguard in claripy.ast.bool.Bool.__bool__.
-                stripped_values_set = {v.clear_annotations().cache_key for v in values_set}
-                if len(stripped_values_set) > 1:
+                stripped_values_dict = {v.hash(): v for v in values_set}
+                if len(stripped_values_dict) > 1:
                     ret_val = self._top_func(merged_size * self.state.arch.byte_width)
                 else:
-                    # Get the AST back from the cache_key
-                    ret_val = next(iter(stripped_values_set)).ast
+                    # Get the AST back from the hash dict
+                    ret_val = stripped_values_dict[next(iter(stripped_values_dict))]
 
             # migrate annotations
             annotations = []

angr/storage/memory_mixins/paged_memory/pages/ultra_page.py

@@ -464,7 +464,7 @@ class UltraPage(MemoryObjectMixin, PageBase):
             if replaced_object is not None:
                 self._replace_memory_object(mo, replaced_object, memory=memory)
 
-    def _replace_memory_object(self, old: SimMemoryObject, new_content: claripy.Bits, memory=None):
+    def _replace_memory_object(self, old: SimMemoryObject, new_content: claripy.ast.Bits, memory=None):
         """
         Replaces the memory object `old` with a new memory object containing `new_content`.
 

angr/storage/memory_mixins/size_resolution_mixin.py

@@ -136,7 +136,7 @@ class SizeConcretizationMixin(MemoryMixin):
             conc_sizes = [min(cs, self._max_symbolic_size) for cs in conc_sizes]
 
         if condition is None:
-            condition = claripy.true
+            condition = claripy.true()
         for conc_size in conc_sizes:
             if conc_size == 0:
                 continue

angr/storage/memory_mixins/smart_find_mixin.py

@@ -99,7 +99,7 @@ class SmartFindMixin(MemoryMixin):
         able to handle wide characters
         """
         if condition is None:
-            condition = claripy.true
+            condition = claripy.true()
         chunk = None
         chunk_progress = chunk_size
 
@@ -139,7 +139,7 @@ class SmartFindMixin(MemoryMixin):
 
     def _find_condition(self, target_addr):  # pylint:disable=unused-argument,no-self-use
         # TODO: fill this in in order to make each load have the correct condition associated with it
-        return claripy.true
+        return claripy.true()
 
     def _find_compare(self, element, target):
         comparison = element == target