angr 9.2.123__py3-none-win_amd64.whl → 9.2.125__py3-none-win_amd64.whl

angr/storage/memory_mixins/paged_memory/pages/mv_list_page.py

@@ -4,6 +4,7 @@ import logging
 from typing import Union, Any
 from collections.abc import Callable
 
+from angr.storage.memory_mixins.memory_mixin import MemoryMixin
 from angr.utils.dynamic_dictlist import DynamicDictList
 from angr.storage.memory_object import SimMemoryObject, SimLabeledMemoryObject
 from . import PageBase
@@ -20,10 +21,9 @@ class MVListPage(
     PageBase,
 ):
     """
-    MVListPage allows storing multiple values at the same location, thus allowing weak updates.
+    MVListPage allows storing multiple values at the same location.
 
-    Each store() may take a value or multiple values, and a "weak" parameter to specify if this store is a weak update
-    or not.
+    Each store() may take a value or multiple values.
     Each load() returns an iterator of all values stored at that location.
     """
 
@@ -104,8 +104,8 @@ class MVListPage(
             self.stored_offset.add(subaddr)
         result[-1] = (global_start_addr, new_item)
 
-    def store(self, addr, data, size=None, endness=None, memory=None, cooperate=False, weak=False, **kwargs):
-        super().store(addr, data, size=size, endness=endness, memory=memory, cooperate=cooperate, weak=weak, **kwargs)
+    def store(self, addr, data, size=None, endness=None, memory=None, cooperate=False, **kwargs):
+        super().store(addr, data, size=size, endness=endness, memory=memory, cooperate=cooperate, **kwargs)
 
         if not cooperate:
             data = self._force_store_cooperation(addr, data, size, endness, memory=memory, **kwargs)
@@ -117,22 +117,12 @@ class MVListPage(
             self.content = DynamicDictList(max_size=len(self.content))
             self.stored_offset = set()
         else:
-            if not weak:
-                if len(data) == 1:
-                    # unpack
-                    data: _MOTYPE = next(iter(data))
-                for subaddr in range(addr, addr + size):
-                    self.content[subaddr] = data
-                    self.stored_offset.add(subaddr)
-            else:
-                for subaddr in range(addr, addr + size):
-                    if self.content[subaddr] is None:
-                        self.content[subaddr] = data
-                    elif type(self.content[subaddr]) is set:
-                        self.content[subaddr] |= data
-                    else:
-                        self.content[subaddr] = {self.content[subaddr]} | data
-                    self.stored_offset.add(subaddr)
+            if len(data) == 1:
+                # unpack
+                data: _MOTYPE = next(iter(data))
+            for subaddr in range(addr, addr + size):
+                self.content[subaddr] = data
+                self.stored_offset.add(subaddr)
 
     def erase(self, addr, size=None, **kwargs) -> None:
         for off in range(size):
@@ -143,8 +133,9 @@ class MVListPage(
         others: list[MVListPage],
         merge_conditions,
         common_ancestor=None,
-        page_addr: int | None = None,
-        memory=None,
+        *,
+        page_addr: int,
+        memory: MemoryMixin,
         changed_offsets: set[int] | None = None,
     ):
         if changed_offsets is None:
@@ -230,7 +221,7 @@ class MVListPage(
                 # new_object = self._replace_memory_object(our_mo, merged_val, page_addr, memory.page_size)
 
                 new_mos = {SimMemoryObject(v, mo_base, endness=the_endness) for v in merged_val}
-                self.store(b, new_mos, size=size, cooperate=True, weak=False)
+                self.store(b, new_mos, size=size, cooperate=True)
 
                 merged_offsets.add(b)
 
@@ -271,7 +262,7 @@ class MVListPage(
                     continue
 
                 new_mos = {SimMemoryObject(v, page_addr + b, endness="Iend_BE") for v in merged_val}
-                self.store(b, new_mos, size=min_size, cooperate=True, weak=False)
+                self.store(b, new_mos, size=min_size, cooperate=True)
                 merged_offsets.add(b)
 
         self.stored_offset |= merged_offsets

angr/storage/memory_mixins/paged_memory/pages/permissions_mixin.py

@@ -6,29 +6,31 @@ from angr.storage.memory_mixins.memory_mixin import MemoryMixin
 
 class PermissionsMixin(MemoryMixin):
     """
-    This mixin adds a permissions field and properties for extracting the read/write/exec permissions. It does NOT add
-    permissions checking.
+    This mixin adds a permissions_bits field and properties for extracting the read/write/exec permissions. It does NOT
+    add permissions checking.
     """
 
-    def __init__(self, permissions=None, **kwargs):
+    def __init__(self, permissions: int | claripy.ast.BV | None = None, **kwargs):
         super().__init__(**kwargs)
-        if type(permissions) is int:
+        if permissions is None:
+            permissions = 7
+        if isinstance(permissions, int):
             permissions = claripy.BVV(permissions, 3)
-        self.permissions = permissions
+        self.permission_bits = permissions
 
     def copy(self, memo):
         o = super().copy(memo)
-        o.permissions = self.permissions
+        o.permission_bits = self.permission_bits
         return o
 
     @property
     def perm_read(self):
-        return self.permissions & 1
+        return self.permission_bits & 1
 
     @property
     def perm_write(self):
-        return self.permissions & 2
+        return self.permission_bits & 2
 
     @property
     def perm_exec(self):
-        return self.permissions & 4
+        return self.permission_bits & 4

angr/storage/memory_mixins/paged_memory/pages/ultra_page.py

@@ -343,13 +343,26 @@ class UltraPage(MemoryObjectMixin, PageBase):
 
         return merged_offsets
 
-    def concrete_load(self, addr, size, **kwargs):  # pylint: disable=arguments-differ
-        if type(self.concrete_data) is bytearray:
-            return (
-                memoryview(self.concrete_data)[addr : addr + size],
-                memoryview(self.symbolic_bitmap)[addr : addr + size],
-            )
-        return self.concrete_data[addr : addr + size], memoryview(self.symbolic_bitmap)[addr : addr + size]
+    def concrete_load(self, addr, size, writing=False, with_bitmap=False, **kwargs):  # pylint: disable=arguments-differ
+        assert self.concrete_data is not None
+        assert self.symbolic_bitmap is not None
+        mv_data = (
+            self.concrete_data
+            if isinstance(self.concrete_data, (memoryview, NotMemoryview))
+            else memoryview(self.concrete_data)
+        )
+        mv_bitm = (
+            self.symbolic_bitmap
+            if isinstance(self.symbolic_bitmap, (memoryview, NotMemoryview))
+            else memoryview(self.symbolic_bitmap)
+        )
+        result = (
+            mv_data[addr : addr + size],
+            mv_bitm[addr : addr + size],
+        )
+        if with_bitmap:
+            return result
+        return result[0]
 
     def changed_bytes(self, other, page_addr=None) -> set[int]:
         changed_candidates = super().changed_bytes(other)
@@ -489,3 +502,6 @@ class UltraPage(MemoryObjectMixin, PageBase):
                 self._update_mappings(b, old.object, new.object, memory=memory)
 
         return new
+
+
+from angr.storage.memory_mixins.paged_memory.page_backer_mixins import NotMemoryview

angr/storage/memory_mixins/paged_memory/privileged_mixin.py

@@ -26,7 +26,7 @@ class PrivilegedPagingMixin(PagedMemoryMixin):
 
         return page
 
-    def _initialize_page(self, pageno: int, priv: bool = False, **kwargs):
+    def _initialize_page(self, pageno: int, *, priv: bool = False, **kwargs):
         if self.category == "mem" and not priv and o.STRICT_PAGE_ACCESS in self.state.options:
             raise SimSegfaultException(pageno * self.page_size, "unmapped")
 

angr/storage/memory_mixins/regioned_memory/region_meta_mixin.py

@@ -148,7 +148,7 @@ class MemoryRegionMetaMixin(MemoryMixin):
 
     @MemoryMixin.memo
     def copy(self, memo):
-        r: MemoryRegionMetaMixin = super().copy(memo)
+        r = super().copy(memo)
         r.alocs = copy.deepcopy(self.alocs)
         r._related_function_addr = self._related_function_addr
         r._is_stack = self._is_stack
@@ -187,7 +187,7 @@ class MemoryRegionMetaMixin(MemoryMixin):
 
         return ret
 
-    def store(self, addr, data, bbl_addr=None, stmt_id=None, ins_addr=None, endness=None, **kwargs):
+    def store(self, addr, data, size=None, *, bbl_addr=None, stmt_id=None, ins_addr=None, endness=None, **kwargs):
         # It comes from a SimProcedure. We'll use bbl_addr as the aloc_id
         aloc_id = ins_addr if ins_addr is not None else bbl_addr
 
@@ -195,13 +195,13 @@ class MemoryRegionMetaMixin(MemoryMixin):
             self.alocs[aloc_id] = AbstractLocation(
                 bbl_addr, stmt_id, self.id, region_offset=addr, size=len(data) // self.state.arch.byte_width
             )
-            return super().store(addr, data, endness=endness, **kwargs)
+            return super().store(addr, data, size=size, endness=endness, **kwargs)
         if self.alocs[aloc_id].update(addr, len(data) // self.state.arch.byte_width):
-            return super().store(addr, data, endness=endness, **kwargs)
-        return super().store(addr, data, endness=endness, **kwargs)
+            return super().store(addr, data, size=size, endness=endness, **kwargs)
+        return super().store(addr, data, size=size, endness=endness, **kwargs)
 
     def load(
-        self, addr, size=None, bbl_addr=None, stmt_idx=None, ins_addr=None, **kwargs
+        self, addr, size=None, *, bbl_addr=None, stmt_idx=None, ins_addr=None, **kwargs
     ):  # pylint:disable=unused-argument
         # if bbl_addr is not None and stmt_id is not None:
         return super().load(addr, size=size, **kwargs)
@@ -228,9 +228,11 @@ class MemoryRegionMetaMixin(MemoryMixin):
         return r
 
     def widen(self, others):
+        result = False
         for other_region in others:
             self._merge_alocs(other_region)
-            super().widen([other_region.memory])
+            result |= super().widen([other_region.memory])
+        return result
 
     def dbg_print(self, indent=0):
         """

angr/storage/memory_mixins/regioned_memory/regioned_memory_mixin.py

@@ -2,7 +2,7 @@ from __future__ import annotations
 import logging
 from itertools import count
 from typing import Optional, TYPE_CHECKING
-from collections.abc import Generator, Iterable
+from collections.abc import Generator
 
 import claripy
 from claripy.annotation import RegionAnnotation
@@ -74,7 +74,7 @@ class RegionedMemoryMixin(MemoryMixin):
 
     @MemoryMixin.memo
     def copy(self, memo):
-        o: RegionedMemoryMixin = super().copy(memo)
+        o = super().copy(memo)
         o._write_targets_limit = self._write_targets_limit
         o._read_targets_limit = self._read_targets_limit
         o._stack_size = self._stack_size
@@ -91,7 +91,7 @@ class RegionedMemoryMixin(MemoryMixin):
 
         return o
 
-    def load(self, addr, size: BV | int | None = None, endness=None, condition: Bool | None = None, **kwargs):
+    def load(self, addr, size: BV | int | None = None, *, endness=None, condition: Bool | None = None, **kwargs):
         if isinstance(size, BV) and size.has_annotation_type(RegionAnnotation):
             _l.critical("load(): size %s is a ValueSet. Something is wrong.", size)
             if self.state.scratch.ins_addr is not None:
@@ -132,7 +132,7 @@ class RegionedMemoryMixin(MemoryMixin):
 
         return val
 
-    def store(self, addr, data, size: int | None = None, endness=None, **kwargs):  # pylint:disable=unused-argument
+    def store(self, addr, data, size: int | None = None, *, endness=None, **kwargs):  # pylint:disable=unused-argument
         regioned_addrs_desc = self._normalize_address(addr)
         if (
             regioned_addrs_desc.cardinality >= self._write_targets_limit
@@ -144,7 +144,7 @@ class RegionedMemoryMixin(MemoryMixin):
         for aw in gen:
             self._region_store(aw.address, data, aw.region, endness, related_function_addr=aw.function_address)
 
-    def merge(self, others: Iterable[RegionedMemoryMixin], merge_conditions, common_ancestor=None) -> bool:
+    def merge(self, others, merge_conditions, common_ancestor=None) -> bool:
         r = False
         for o in others:
             for region_id, region in o._regions.items():
@@ -300,7 +300,7 @@ class RegionedMemoryMixin(MemoryMixin):
                 ),
             )
 
-        return self._regions[key].load(addr, size, bbl_addr, stmt_id, ins_addr, **kwargs)
+        return self._regions[key].load(addr, size, bbl_addr=bbl_addr, stmt_idx=stmt_id, ins_addr=ins_addr, **kwargs)
 
     def _region_store(self, addr, data, key: str, endness, related_function_addr: int | None = None, **kwargs):
         if key not in self._regions:
@@ -320,9 +320,9 @@ class RegionedMemoryMixin(MemoryMixin):
         self._regions[key].store(
             addr,
             data,
-            self.state.scratch.bbl_addr,
-            self.state.scratch.stmt_idx,
-            self.state.scratch.ins_addr,
+            bbl_addr=self.state.scratch.bbl_addr,
+            stmt_id=self.state.scratch.stmt_idx,
+            ins_addr=self.state.scratch.ins_addr,
             endness=endness,
             **kwargs,
         )

angr/storage/memory_mixins/regioned_memory/static_find_mixin.py

@@ -14,6 +14,7 @@ class StaticFindMixin(SmartFindMixin):  # pylint:disable=abstract-method
         addr,
         data,
         max_search,
+        *,
         default=None,
         endness=None,
         chunk_size=None,

angr/storage/memory_mixins/simple_interface_mixin.py

@@ -7,7 +7,7 @@ from angr.storage.memory_mixins.memory_mixin import MemoryMixin
 
 
 class SimpleInterfaceMixin(MemoryMixin):
-    def load(self, addr, size=None, endness=None, condition=None, fallback=None, **kwargs):
+    def load(self, addr, size=None, *, endness=None, condition=None, fallback=None, **kwargs):
         tsize = self._translate_size(size, None)
         return super().load(
             self._translate_addr(addr),
@@ -18,7 +18,7 @@ class SimpleInterfaceMixin(MemoryMixin):
             **kwargs,
         )
 
-    def store(self, addr, data, size=None, endness=None, condition=None, **kwargs):
+    def store(self, addr, data, size=None, *, endness=None, condition=None, **kwargs):
         tsize = self._translate_size(size, data)
         super().store(
             self._translate_addr(addr),

angr/storage/memory_mixins/simplification_mixin.py

@@ -5,11 +5,11 @@ from angr.storage.memory_mixins.memory_mixin import MemoryMixin
 
 
 class SimplificationMixin(MemoryMixin):
-    def store(self, addr, data, **kwargs):
+    def store(self, addr, data, size=None, **kwargs):
         if (self.category == "mem" and options.SIMPLIFY_MEMORY_WRITES in self.state.options) or (
             self.category == "reg" and options.SIMPLIFY_REGISTER_WRITES in self.state.options
         ):
             real_data = self.state.solver.simplify(data)
         else:
             real_data = data
-        super().store(addr, real_data, **kwargs)
+        super().store(addr, real_data, size, **kwargs)

angr/storage/memory_mixins/size_resolution_mixin.py

@@ -96,7 +96,7 @@ class SizeConcretizationMixin(MemoryMixin):
         out_size = self.state.solver.max(size)
         return super().load(addr, size=out_size, **kwargs)
 
-    def store(self, addr, data, size=None, condition=None, **kwargs):
+    def store(self, addr, data, size=None, *, condition=None, **kwargs):
         if getattr(size, "op", "BVV") == "BVV":
             super().store(addr, data, size=size, condition=condition, **kwargs)
             return

angr/storage/memory_mixins/slotted_memory.py

@@ -81,7 +81,7 @@ class SlottedMemoryMixin(MemoryMixin):
         try:
             d = self.contents[addr]
         except KeyError:
-            d = self._default_value(addr, self.width, (*self.variable_key_prefix, addr), **kwargs)
+            d = self._default_value(addr, self.width, key=(*self.variable_key_prefix, addr), **kwargs)
             self.contents[addr] = d
 
         if offset == 0 and size == self.width:
@@ -107,7 +107,7 @@ class SlottedMemoryMixin(MemoryMixin):
             end = cur.get_bytes(offset + size, self.width - offset - size)
             self.contents[addr] = start.concat(data, end)
 
-    def load(self, addr, size=None, endness=None, **kwargs):
+    def load(self, addr, size=None, *, endness=None, **kwargs):
         accesses = self._resolve_access(addr, size)
 
         value = claripy.Concat(*(self._single_load(addr, offset, size) for addr, offset, size in accesses))
@@ -116,7 +116,7 @@ class SlottedMemoryMixin(MemoryMixin):
 
         return value
 
-    def store(self, addr, data, size=None, endness=None, **kwargs):
+    def store(self, addr, data, size=None, *, endness=None, **kwargs):
         if endness != self.endness:
             data = data.reversed
 

angr/storage/memory_mixins/smart_find_mixin.py

@@ -15,6 +15,7 @@ class SmartFindMixin(MemoryMixin):
         addr,
         data,
         max_search,
+        *,
         default=None,
         endness=None,
         chunk_size=None,

angr/storage/memory_mixins/underconstrained_mixin.py

@@ -22,15 +22,15 @@ class UnderconstrainedMixin(MemoryMixin):
         out._unconstrained_range = self._unconstrained_range
         return out
 
-    def load(self, addr, **kwargs):
+    def load(self, addr, size=None, **kwargs):
         self._constrain_underconstrained_index(addr)
-        return super().load(addr, **kwargs)
+        return super().load(addr, size, **kwargs)
 
-    def store(self, addr, data, **kwargs):
+    def store(self, addr, data, size=None, **kwargs):
         self._constrain_underconstrained_index(addr)
-        super().store(addr, data, **kwargs)
+        super().store(addr, data, size, **kwargs)
 
-    def _default_value(self, addr, size, name=None, key=None, inspect=True, events=True, **kwargs):
+    def _default_value(self, addr, size, *, name=None, key=None, inspect=True, events=True, **kwargs):
         if o.UNDER_CONSTRAINED_SYMEXEC in self.state.options and type(addr) is int:
             if self.category == "mem":
                 alloc_depth = self.state.uc_manager.get_alloc_depth(addr)

angr/storage/memory_mixins/unwrapper_mixin.py

@@ -8,18 +8,18 @@ class UnwrapperMixin(MemoryMixin):
     This mixin processes SimActionObjects by passing on their .ast field.
     """
 
-    def store(self, addr, data, size=None, condition=None, **kwargs):
+    def store(self, addr, data, size=None, *, condition=None, **kwargs):
         return super().store(
             _raw_ast(addr), _raw_ast(data), size=_raw_ast(size), condition=_raw_ast(condition), **kwargs
         )
 
-    def load(self, addr, size=None, condition=None, fallback=None, **kwargs):
+    def load(self, addr, size=None, *, condition=None, fallback=None, **kwargs):
         return super().load(
             _raw_ast(addr), size=_raw_ast(size), condition=_raw_ast(condition), fallback=_raw_ast(fallback), **kwargs
         )
 
-    def find(self, addr, what, max_search, default=None, **kwargs):
-        return super().find(_raw_ast(addr), _raw_ast(what), max_search, default=_raw_ast(default), **kwargs)
+    def find(self, addr, data, max_search, *, default=None, **kwargs):
+        return super().find(_raw_ast(addr), _raw_ast(data), max_search, default=_raw_ast(default), **kwargs)
 
     def copy_contents(self, dst, src, size, condition=None, **kwargs):
         return super().copy_contents(_raw_ast(dst), _raw_ast(src), _raw_ast(size), _raw_ast(condition), **kwargs)

angr/storage/memory_object.py

@@ -42,7 +42,7 @@ class SimMemoryObject:
             raise SimMemoryError("bytes can only be stored big-endian")
         self._byte_width = byte_width
         self.base = base
-        self.object = obj
+        self.object: claripy.ast.BV | claripy.ast.FP = obj
         self.length = obj_bit_size(obj) // self._byte_width if length is None else length
         self.endness = endness
         self._concrete_bytes: bytes | None = None
@@ -98,8 +98,9 @@ class SimMemoryObject:
             return o if allow_concrete else claripy.BVV(o)
 
         offset = addr - self.base
+        bv_obj = claripy.fpToIEEEBV(self.object) if isinstance(self.object, claripy.ast.FP) else self.object
         try:
-            thing = bv_slice(self.object, offset, length, self.endness == "Iend_LE", self._byte_width)
+            thing = bv_slice(bv_obj, offset, length, self.endness == "Iend_LE", self._byte_width)
         except claripy.ClaripyOperationError:
             # hacks to handle address space wrapping
             if offset >= 0:
@@ -110,7 +111,7 @@ class SimMemoryObject:
                 offset += 2**64
             else:
                 raise
-            thing = bv_slice(self.object, offset, length, self.endness == "Iend_LE", self._byte_width)
+            thing = bv_slice(bv_obj, offset, length, self.endness == "Iend_LE", self._byte_width)
 
         if self.endness != endness:
             thing = thing.reversed

angr/utils/bits.py

@@ -10,3 +10,7 @@ def truncate_bits(value: int, nbits: int) -> int:
     if nbits < 0:
         raise ValueError("nbits must not be negative")
     return value & (2**nbits - 1)
+
+
+def ffs(x: int) -> int:
+    return (x & -x).bit_length() - 1

angr/utils/constants.py

@@ -6,4 +6,4 @@ MAX_POINTSTO_BITS = -1330 * 8
 
 
 def is_alignment_mask(n):
-    return n in {0xFFFFFFFFFFFFFFE0, 0xFFFFFFFFFFFFFFF0, 0xFFFFFFF0, 0xFFFFFFFC}
+    return n in {0xFFFFFFFFFFFFFFE0, 0xFFFFFFFFFFFFFFF0, 0xFFFFFFF0, 0xFFFFFFFC, 0xFFFFFFF8}

angr/utils/graph.py

@@ -414,6 +414,7 @@ class Dominators:
         container_nodes = {}
 
         traversed_nodes = set()
+        endnode_encountered = False
         while queue:
             node = queue.pop()
 
@@ -433,9 +434,11 @@ class Dominators:
                 # may end with a loop.
                 if self._reverse:
                     # Add an edge between the start node and this node
+                    endnode_encountered = True
                     new_graph.add_edge(start_node, container_node)
                 else:
                     # Add an edge between our this node and end node
+                    endnode_encountered = True
                     new_graph.add_edge(container_node, end_node)
 
             for s in successors:
@@ -451,6 +454,18 @@ class Dominators:
                 if container_s not in traversed_nodes:
                     queue.append(s)
 
+        if not endnode_encountered:
+            # the graph is a circle with no end node. we run it with DFS to identify an end node
+            nn = next((nn for nn in networkx.dfs_postorder_nodes(graph) if nn in container_nodes), None)
+            if nn is not None:
+                if self._reverse:
+                    new_graph.add_edge(start_node, container_nodes[nn])
+                else:
+                    new_graph.add_edge(container_nodes[nn], end_node)
+            else:
+                # the graph must be empty - totally unexpected!
+                raise RuntimeError("Cannot find any end node candidates in the graph. Is the graph empty?")
+
         if self._reverse:
             # Add the end node
             new_graph.add_edge(container_nodes[n], end_node)

angr/utils/tagged_interval_map.py

@@ -0,0 +1,112 @@
+from __future__ import annotations
+from collections.abc import Iterator
+
+from sortedcontainers import SortedDict
+
+
+class TaggedIntervalMap:
+    """
+    Catalogs features of intervals.
+    """
+
+    def __init__(self, nbits: int = 0):
+        """
+        :param nbits: Number of binning bits. Higher values reduce detail. 0 for no binning.
+        """
+        self._nbits: int = nbits
+        self._map: SortedDict = SortedDict()  # SortedDict[int, int]
+
+    @property
+    def nbits(self) -> int:
+        return self._nbits
+
+    def add(self, addr: int, size: int, tags: int) -> None:
+        """
+        Add interval starting at `addr` of `size` bytes.
+
+        When binning, intervals endpoints are aligned to 2^nbits. Gaps between added intervals are populated with
+        implicit intervals having tag value of 0. Overlapping intervals will have tag bits OR'd together.
+
+        Adjacent intervals in the interval map have unique tags. When intervals are added to the map, any adjacent stops
+        with identical tags will be eliminated so the map retains this property.
+
+        For example: if an interval(addr=0, size=100, tags=1) is added, followed by (100, 100, 1), the resulting
+        interval in the map will be (0, 200, 1).
+        """
+        assert addr >= 0
+        assert size >= 0
+        assert tags != 0
+
+        if size == 0:
+            return
+
+        max_bin_offset = (1 << self._nbits) - 1
+        mask = ~max_bin_offset
+
+        start_addr = addr & mask  # Round down to bin alignment
+        end_addr = (addr + size + max_bin_offset) & mask  # Round up to bin alignment
+
+        if self._is_already_covered(start_addr, end_addr, tags):
+            return
+
+        self._insert_stop(start_addr)
+        self._insert_stop(end_addr)
+        for affected_addr in self._map.irange(start_addr, end_addr, inclusive=(True, False)):
+            self._map[affected_addr] |= tags
+        self._eliminate_extraneous_stops(start_addr, end_addr)
+
+    def _insert_stop(self, addr: int) -> None:
+        """
+        Insert a new interval stop point at `addr`, if one is not already present in the map. Tags are copied from
+        nearest stop before `addr`.
+        """
+        if addr not in self._map:
+            idx = self._map.bisect(addr) - 1
+            self._map[addr] = self._map.peekitem(idx)[1] if idx >= 0 else 0
+
+    def _is_already_covered(self, min_addr: int, end_addr: int, tags: int) -> bool:
+        """
+        Determine if interval [min_addr, end_addr) is covered by an existing range with identical tags.
+        """
+        idx = self._map.bisect(min_addr) - 1
+        if idx >= 0 and len(self._map) > idx + 1:
+            e_addr, e_tags = self._map.peekitem(idx)
+            e_addr_next, _ = self._map.peekitem(idx + 1)
+            return (e_addr <= min_addr) and (end_addr <= e_addr_next) and (e_tags == tags)
+        return False
+
+    def _eliminate_extraneous_stops(self, min_addr: int, max_addr: int) -> None:
+        """
+        Canonicalize the map by eliminating adjacent stops with identical tags both inside and directly outside of
+        [min_addr, max_addr].
+        """
+        keys_to_drop = []
+        prev_tags = None
+        for addr, _, tags in self.irange(min_addr, max_addr):
+            if tags == prev_tags:
+                keys_to_drop.append(addr)
+            else:
+                prev_tags = tags
+
+        for addr in keys_to_drop:
+            del self._map[addr]
+
+    def irange(self, min_addr: int | None = None, max_addr: int | None = None) -> Iterator[tuple[int, int, int]]:
+        """
+        Iterate over intervals intersecting [min_addr, max_addr], yielding interval (addr, size, tags) tuples. Implicit
+        gap intervals (with tags=0) are also returned.
+
+        :param min_addr: Minimum address (inclusive) to begin iterating from. If None, iterate from start of map.
+        :param max_addr: Maximum address (inclusive) to iterate to. If None, iterate to end of map.
+        """
+        if not self._map:
+            return
+
+        start_idx = 0 if min_addr is None else max(0, self._map.bisect_left(min_addr) - 1)
+        stop_idx = None if max_addr is None else (self._map.bisect(max_addr) + 1)
+
+        start_addr, tags = self._map.peekitem(start_idx)
+        for addr in self._map.islice(start_idx + 1, stop_idx):
+            yield (start_addr, addr - start_addr, tags)
+            tags = self._map[addr]
+            start_addr = addr

angr/vaults.py

@@ -311,7 +311,7 @@ class VaultShelf(VaultDict):
 
     def __init__(self, path=None):
         self._path = tempfile.mktemp() if path is None else path
-        s = shelve.open(self._path, protocol=-1)
+        s = shelve.open(self._path, protocol=-1)  # noqa: SIM115
         super().__init__(s)
 
     def close(self):
@@ -334,7 +334,7 @@ class VaultDirShelf(VaultDict):
     @contextlib.contextmanager
     def _locked_shelve(self, shelve_path):
         with self._lock:
-            self._dict = shelve.open(shelve_path, protocol=-1)
+            self._dict = shelve.open(shelve_path, protocol=-1)  # noqa: SIM115
             yield
             self._dict.close()
             self._dict = None