angr 9.2.131__py3-none-manylinux2014_aarch64.whl → 9.2.133__py3-none-manylinux2014_aarch64.whl

angr/analyses/decompiler/ssailification/traversal_engine.py

@@ -1,50 +1,53 @@
 from __future__ import annotations
 from collections import OrderedDict
 
-from ailment.statement import Assignment, Call, Store, ConditionalJump
+from ailment.statement import Call, Store, ConditionalJump
 from ailment.expression import Register, BinaryOp, StackBaseOffset, ITE, VEXCCallExpression, Tmp, DirtyExpression
 
-from angr.engines.light import SimEngineLight, SimEngineLightAILMixin
+from angr.engines.light import SimEngineLightAIL
+from angr.project import Project
 from angr.utils.ssa import get_reg_offset_base
 from angr.utils.orderedset import OrderedSet
 from angr.calling_conventions import default_cc
 from .traversal_state import TraversalState
 
 
-class SimEngineSSATraversal(
-    SimEngineLightAILMixin,
-    SimEngineLight,
-):
+class SimEngineSSATraversal(SimEngineLightAIL[TraversalState, None, None, None]):
     """
     This engine collects all register and stack variable locations and links them to the block of their creation.
     """
 
-    state: TraversalState
-
     def __init__(
         self,
-        arch,
+        project: Project,
         simos,
         sp_tracker=None,
         bp_as_gpr: bool = False,
         def_to_loc=None,
         loc_to_defs=None,
         stackvars: bool = False,
-        tmps: bool = False,
+        use_tmps: bool = False,
     ):
-        super().__init__()
-
-        self.arch = arch
+        super().__init__(project)
         self.simos = simos
         self.sp_tracker = sp_tracker
         self.bp_as_gpr = bp_as_gpr
         self.stackvars = stackvars
-        self.tmps = tmps
+        self.use_tmps = use_tmps
 
         self.def_to_loc = def_to_loc if def_to_loc is not None else []
         self.loc_to_defs = loc_to_defs if loc_to_defs is not None else OrderedDict()
 
-    def _handle_Assignment(self, stmt: Assignment):
+    def _is_top(self, expr):
+        return True
+
+    def _top(self, bits):
+        return None
+
+    def _process_block_end(self, block, stmt_data, whitelist):
+        pass
+
+    def _handle_stmt_Assignment(self, stmt):
         if isinstance(stmt.dst, Register):
             codeloc = self._codeloc()
             self.def_to_loc.append((stmt.dst, codeloc))
@@ -57,7 +60,7 @@ class SimEngineSSATraversal(
 
         self._expr(stmt.src)
 
-    def _handle_Store(self, stmt: Store):
+    def _handle_stmt_Store(self, stmt: Store):
         self._expr(stmt.addr)
         self._expr(stmt.data)
         if stmt.guard is not None:
@@ -72,14 +75,14 @@ class SimEngineSSATraversal(
 
             self.state.live_stackvars.add((stmt.addr.offset, stmt.size))
 
-    def _handle_ConditionalJump(self, stmt: ConditionalJump):
+    def _handle_stmt_ConditionalJump(self, stmt: ConditionalJump):
         self._expr(stmt.condition)
         if stmt.true_target is not None:
             self._expr(stmt.true_target)
         if stmt.false_target is not None:
             self._expr(stmt.false_target)
 
-    def _handle_Call(self, stmt: Call):
+    def _handle_stmt_Call(self, stmt: Call):
 
         # kill caller-saved registers
         cc = (
@@ -87,6 +90,7 @@ class SimEngineSSATraversal(
             if stmt.calling_convention is None
             else stmt.calling_convention
         )
+        assert cc is not None
         for reg_name in cc.CALLER_SAVED_REGS:
             reg_offset = self.arch.registers[reg_name][0]
             base_off = get_reg_offset_base(reg_offset, self.arch)
@@ -102,11 +106,22 @@ class SimEngineSSATraversal(
             base_off = get_reg_offset_base(stmt.ret_expr.reg_offset, self.arch)
             self.state.live_registers.add(base_off)
 
-        super()._ail_handle_Call(stmt)
+    def _handle_stmt_Dummy(self, stmt):
+        pass
+
+    def _handle_stmt_DirtyStatement(self, stmt):
+        self._expr(stmt.dirty)
+
+    def _handle_stmt_Jump(self, stmt):
+        self._expr(stmt.target)
 
-    _handle_CallExpr = _handle_Call
+    _handle_stmt_Label = _handle_stmt_Dummy
 
-    def _handle_Register(self, expr: Register):
+    def _handle_stmt_Return(self, stmt):
+        for expr in stmt.ret_exprs:
+            self._expr(expr)
+
+    def _handle_expr_Register(self, expr: Register):
         base_offset = get_reg_offset_base(expr.reg_offset, self.arch)
 
         if base_offset not in self.state.live_registers:
@@ -118,8 +133,8 @@ class SimEngineSSATraversal(
 
             self.state.live_registers.add(base_offset)
 
-    def _handle_Tmp(self, expr: Tmp):
-        if self.tmps:
+    def _handle_expr_Tmp(self, expr: Tmp):
+        if self.use_tmps:
             codeloc = self._codeloc()
             self.def_to_loc.append((expr, codeloc))
             if codeloc not in self.loc_to_defs:
@@ -128,39 +143,99 @@ class SimEngineSSATraversal(
 
             self.state.live_tmps.add(expr.tmp_idx)
 
-    def _handle_Cmp(self, expr: BinaryOp):
+    def _handle_binop_Default(self, expr: BinaryOp):
         self._expr(expr.operands[0])
         self._expr(expr.operands[1])
 
-    _handle_CmpLE = _handle_Cmp
-    _handle_CmpLT = _handle_Cmp
-    _handle_CmpGE = _handle_Cmp
-    _handle_CmpGT = _handle_Cmp
-    _handle_CmpEQ = _handle_Cmp
-    _handle_CmpNE = _handle_Cmp
+    _handle_binop_CmpLE = _handle_binop_Default
+    _handle_binop_CmpLT = _handle_binop_Default
+    _handle_binop_CmpGE = _handle_binop_Default
+    _handle_binop_CmpGT = _handle_binop_Default
+    _handle_binop_CmpEQ = _handle_binop_Default
+    _handle_binop_CmpNE = _handle_binop_Default
+    _handle_binop_Add = _handle_binop_Default
+    _handle_binop_AddF = _handle_binop_Default
+    _handle_binop_AddV = _handle_binop_Default
+    _handle_binop_And = _handle_binop_Default
+    _handle_binop_Carry = _handle_binop_Default
+    _handle_binop_CmpF = _handle_binop_Default
+    _handle_binop_Concat = _handle_binop_Default
+    _handle_binop_Div = _handle_binop_Default
+    _handle_binop_DivF = _handle_binop_Default
+    _handle_binop_DivV = _handle_binop_Default
+    _handle_binop_LogicalAnd = _handle_binop_Default
+    _handle_binop_LogicalOr = _handle_binop_Default
+    _handle_binop_Mod = _handle_binop_Default
+    _handle_binop_Mul = _handle_binop_Default
+    _handle_binop_Mull = _handle_binop_Default
+    _handle_binop_MulF = _handle_binop_Default
+    _handle_binop_MulV = _handle_binop_Default
+    _handle_binop_MulHiV = _handle_binop_Default
+    _handle_binop_Or = _handle_binop_Default
+    _handle_binop_Rol = _handle_binop_Default
+    _handle_binop_Ror = _handle_binop_Default
+    _handle_binop_SBorrow = _handle_binop_Default
+    _handle_binop_SCarry = _handle_binop_Default
+    _handle_binop_Sar = _handle_binop_Default
+    _handle_binop_Shl = _handle_binop_Default
+    _handle_binop_Shr = _handle_binop_Default
+    _handle_binop_Sub = _handle_binop_Default
+    _handle_binop_SubF = _handle_binop_Default
+    _handle_binop_SubV = _handle_binop_Default
+    _handle_binop_Xor = _handle_binop_Default
+    _handle_binop_InterleaveLOV = _handle_binop_Default
+    _handle_binop_InterleaveHIV = _handle_binop_Default
+    _handle_binop_CasCmpEQ = _handle_binop_Default
+    _handle_binop_CasCmpNE = _handle_binop_Default
+    _handle_binop_ExpCmpNE = _handle_binop_Default
+    _handle_binop_SarNV = _handle_binop_Default
+    _handle_binop_ShrNV = _handle_binop_Default
+    _handle_binop_ShlNV = _handle_binop_Default
+    _handle_binop_CmpEQV = _handle_binop_Default
+    _handle_binop_CmpNEV = _handle_binop_Default
+    _handle_binop_CmpGEV = _handle_binop_Default
+    _handle_binop_CmpGTV = _handle_binop_Default
+    _handle_binop_CmpLEV = _handle_binop_Default
+    _handle_binop_CmpLTV = _handle_binop_Default
+    _handle_binop_MinV = _handle_binop_Default
+    _handle_binop_MaxV = _handle_binop_Default
+    _handle_binop_QAddV = _handle_binop_Default
+    _handle_binop_QNarrowBinV = _handle_binop_Default
+    _handle_binop_PermV = _handle_binop_Default
+    _handle_binop_Set = _handle_binop_Default
+
+    def _handle_unop_Default(self, expr):
+        self._expr(expr.operands[0])
 
-    def _handle_UnaryOp(self, expr):
+    _handle_unop_BitwiseNeg = _handle_unop_Default
+    _handle_unop_Dereference = _handle_unop_Default
+    _handle_unop_Neg = _handle_unop_Default
+    _handle_unop_Not = _handle_unop_Default
+    _handle_unop_Reference = _handle_unop_Default
+    _handle_unop_Clz = _handle_unop_Default
+    _handle_unop_Ctz = _handle_unop_Default
+    _handle_unop_GetMSBs = _handle_unop_Default
+    _handle_unop_unpack = _handle_unop_Default
+    _handle_unop_Sqrt = _handle_unop_Default
+    _handle_unop_RSqrtEst = _handle_unop_Default
+
+    def _handle_expr_UnaryOp(self, expr):
         self._expr(expr.operand)
 
-    def _handle_BinaryOp(self, expr):
-        self._expr(expr.operands[0])
-        self._expr(expr.operands[1])
-
-    def _handle_TernaryOp(self, expr):
+    def _handle_expr_BinaryOp(self, expr):
         self._expr(expr.operands[0])
         self._expr(expr.operands[1])
-        self._expr(expr.operands[2])
 
-    def _handle_ITE(self, expr: ITE):
+    def _handle_expr_ITE(self, expr: ITE):
         self._expr(expr.cond)
         self._expr(expr.iftrue)
         self._expr(expr.iffalse)
 
-    def _handle_VEXCCallExpression(self, expr: VEXCCallExpression):
+    def _handle_expr_VEXCCallExpression(self, expr: VEXCCallExpression):
         for operand in expr.operands:
             self._expr(operand)
 
-    def _handle_DirtyExpression(self, expr: DirtyExpression):
+    def _handle_expr_DirtyExpression(self, expr: DirtyExpression):
         for operand in expr.operands:
             self._expr(operand)
         if expr.guard is not None:
@@ -171,5 +246,13 @@ class SimEngineSSATraversal(
     def _handle_Dummy(self, expr):
         pass
 
-    _handle_VirtualVariable = _handle_Dummy
-    _handle_Phi = _handle_Dummy
+    _handle_expr_VirtualVariable = _handle_Dummy
+    _handle_expr_Phi = _handle_Dummy
+    _handle_expr_Load = _handle_Dummy
+    _handle_expr_Convert = _handle_Dummy
+    _handle_expr_Const = _handle_Dummy
+    _handle_expr_MultiStatementExpression = _handle_Dummy
+    _handle_expr_Reinterpret = _handle_Dummy
+    _handle_expr_StackBaseOffset = _handle_Dummy
+    _handle_expr_BasePointerOffset = _handle_Dummy
+    _handle_expr_Call = _handle_Dummy

angr/analyses/decompiler/structured_codegen/__init__.py

@@ -14,12 +14,12 @@ from .dummy import DummyStructuredCodeGenerator
 
 __all__ = (
     "BaseStructuredCodeGenerator",
-    "InstructionMapping",
-    "InstructionMappingElement",
-    "PositionMappingElement",
-    "PositionMapping",
     "CStructuredCodeGenerator",
     "CStructuredCodeWalker",
-    "ImportSourceCode",
     "DummyStructuredCodeGenerator",
+    "ImportSourceCode",
+    "InstructionMapping",
+    "InstructionMappingElement",
+    "PositionMapping",
+    "PositionMappingElement",
 )

angr/analyses/decompiler/structured_codegen/base.py

@@ -9,7 +9,7 @@ from angr.sim_variable import SimVariable
 
 
 class PositionMappingElement:
-    __slots__ = ("start", "length", "obj")
+    __slots__ = ("length", "obj", "start")
 
     def __init__(self, start, length, obj):
         self.start: int = start
@@ -20,7 +20,7 @@ class PositionMappingElement:
         return self.start <= offset < self.start + self.length
 
     def __repr__(self):
-        return "<%d-%d: %s>" % (self.start, self.start + self.length, self.obj)
+        return f"<{self.start}-{self.start + self.length}: {self.obj}>"
 
 
 class PositionMapping:
@@ -79,7 +79,7 @@ class InstructionMappingElement:
         return self.ins_addr == offset
 
     def __repr__(self):
-        return "<%d: %d>" % (self.ins_addr, self.posmap_pos)
+        return f"<{self.ins_addr}: {self.posmap_pos}>"
 
 
 class InstructionMapping:

angr/analyses/decompiler/structured_codegen/c.py

@@ -33,6 +33,7 @@ from angr.sim_type import (
     dereference_simtype,
     SimTypeInt128,
     SimTypeInt256,
+    SimTypeInt512,
 )
 from angr.knowledge_plugins.functions import Function
 from angr.sim_variable import SimVariable, SimTemporaryVariable, SimStackVariable, SimMemoryVariable
@@ -387,16 +388,16 @@ class CFunction(CConstruct):  # pylint:disable=abstract-method
 
     __slots__ = (
         "addr",
-        "name",
-        "functy",
         "arg_list",
-        "statements",
-        "variables_in_use",
-        "variable_manager",
         "demangled_name",
-        "unified_local_vars",
-        "show_demangled_name",
+        "functy",
+        "name",
         "omit_header",
+        "show_demangled_name",
+        "statements",
+        "unified_local_vars",
+        "variable_manager",
+        "variables_in_use",
     )
 
     def __init__(
@@ -491,7 +492,7 @@ class CFunction(CConstruct):  # pylint:disable=abstract-method
             if variable.name:
                 name = variable.name
             elif isinstance(variable, SimTemporaryVariable):
-                name = "tmp_%d" % variable.tmp_id
+                name = f"tmp_{variable.tmp_id}"
             else:
                 name = str(variable)
 
@@ -727,8 +728,8 @@ class CWhileLoop(CLoop):
     """
 
     __slots__ = (
-        "condition",
         "body",
+        "condition",
         "tags",
     )
 
@@ -775,8 +776,8 @@ class CDoWhileLoop(CLoop):
     """
 
     __slots__ = (
-        "condition",
         "body",
+        "condition",
         "tags",
     )
 
@@ -825,7 +826,7 @@ class CForLoop(CStatement):
     Represents a for-loop in C.
     """
 
-    __slots__ = ("initializer", "condition", "iterator", "body", "tags")
+    __slots__ = ("body", "condition", "initializer", "iterator", "tags")
 
     def __init__(self, initializer, condition, iterator, body, tags=None, **kwargs):
         super().__init__(**kwargs)
@@ -877,7 +878,7 @@ class CIfElse(CStatement):
     Represents an if-else construct in C.
     """
 
-    __slots__ = ("condition_and_nodes", "else_node", "simplify_else_scope", "cstyle_ifs", "tags")
+    __slots__ = ("condition_and_nodes", "cstyle_ifs", "else_node", "simplify_else_scope", "tags")
 
     def __init__(
         self,
@@ -1084,7 +1085,7 @@ class CSwitchCase(CStatement):
     Represents a switch-case statement in C.
     """
 
-    __slots__ = ("switch", "cases", "default", "tags")
+    __slots__ = ("cases", "default", "switch", "tags")
 
     def __init__(self, switch, cases, default, tags=None, **kwargs):
         super().__init__(**kwargs)
@@ -1143,7 +1144,7 @@ class CIncompleteSwitchCase(CStatement):
     structuring fails (for whatever reason).
     """
 
-    __slots__ = ("head", "cases", "tags")
+    __slots__ = ("cases", "head", "tags")
 
     def __init__(self, head, cases, tags=None, **kwargs):
         super().__init__(**kwargs)
@@ -1250,15 +1251,15 @@ class CFunctionCall(CStatement, CExpression):
     """
 
     __slots__ = (
-        "callee_target",
-        "callee_func",
         "args",
-        "returning",
-        "ret_expr",
-        "tags",
+        "callee_func",
+        "callee_target",
         "is_expr",
+        "ret_expr",
+        "returning",
         "show_demangled_name",
         "show_disambiguated_name",
+        "tags",
     )
 
     def __init__(
@@ -1396,9 +1397,9 @@ class CReturn(CStatement):
 
 class CGoto(CStatement):
     __slots__ = (
+        "tags",
         "target",
         "target_idx",
-        "tags",
     )
 
     def __init__(self, target, target_idx, tags=None, **kwargs):
@@ -1480,9 +1481,9 @@ class CLabel(CStatement):
     """
 
     __slots__ = (
-        "name",
-        "ins_addr",
         "block_idx",
+        "ins_addr",
+        "name",
         "tags",
     )
 
@@ -1503,9 +1504,9 @@ class CLabel(CStatement):
 
 class CStructField(CExpression):
     __slots__ = (
-        "struct_type",
-        "offset",
         "field",
+        "offset",
+        "struct_type",
         "tags",
     )
 
@@ -1557,10 +1558,10 @@ class CVariable(CExpression):
     """
 
     __slots__ = (
+        "tags",
+        "unified_variable",
         "variable",
         "variable_type",
-        "unified_variable",
-        "tags",
     )
 
     def __init__(self, variable: SimVariable, unified_variable=None, variable_type=None, tags=None, **kwargs):
@@ -1582,7 +1583,7 @@ class CVariable(CExpression):
         if v.name:
             return v.name
         if isinstance(v, SimTemporaryVariable):
-            return "tmp_%d" % v.tmp_id
+            return f"tmp_{v.tmp_id}"
         return str(v)
 
     def c_repr_chunks(self, indent=0, asexpr=False):
@@ -1765,7 +1766,7 @@ class CBinaryOp(CExpression):
     Binary operations.
     """
 
-    __slots__ = ("op", "lhs", "rhs", "tags", "common_type", "_cstyle_null_cmp")
+    __slots__ = ("_cstyle_null_cmp", "common_type", "lhs", "op", "rhs", "tags")
 
     def __init__(self, op, lhs, rhs, tags: dict | None = None, **kwargs):
         super().__init__(**kwargs)
@@ -1869,7 +1870,6 @@ class CBinaryOp(CExpression):
             "Mul": self._c_repr_chunks_mul,
             "Mull": self._c_repr_chunks_mull,
             "Div": self._c_repr_chunks_div,
-            "DivMod": self._c_repr_chunks_divmod,
             "Mod": self._c_repr_chunks_mod,
             "And": self._c_repr_chunks_and,
             "Xor": self._c_repr_chunks_xor,
@@ -2038,9 +2038,9 @@ class CBinaryOp(CExpression):
 
 class CTypeCast(CExpression):
     __slots__ = (
-        "src_type",
         "dst_type",
         "expr",
+        "src_type",
         "tags",
     )
 
@@ -2080,9 +2080,9 @@ class CTypeCast(CExpression):
 
 class CConstant(CExpression):
     __slots__ = (
-        "value",
         "reference_values",
         "tags",
+        "value",
     )
 
     def __init__(self, value, type_: SimType, reference_values=None, tags: dict | None = None, **kwargs):
@@ -2133,11 +2133,8 @@ class CConstant(CExpression):
             result = False
             if isinstance(self.value, int):
                 value_size = self._type.size if self._type is not None else None
-                if (
-                    value_size == 32
-                    and 0xF000_0000 <= self.value <= 0xFFFF_FFFF
-                    or value_size == 64
-                    and 0xF000_0000_0000_0000 <= self.value <= 0xFFFF_FFFF_FFFF_FFFF
+                if (value_size == 32 and 0xF000_0000 <= self.value <= 0xFFFF_FFFF) or (
+                    value_size == 64 and 0xF000_0000_0000_0000 <= self.value <= 0xFFFF_FFFF_FFFF_FFFF
                 ):
                     result = True
 
@@ -2304,8 +2301,8 @@ class CRegister(CExpression):
 class CITE(CExpression):
     __slots__ = (
         "cond",
-        "iftrue",
         "iffalse",
+        "iftrue",
         "tags",
     )
 
@@ -2339,7 +2336,7 @@ class CMultiStatementExpression(CExpression):
     (stmt0, stmt1, stmt2, expr)
     """
 
-    __slots__ = ("stmts", "expr", "tags")
+    __slots__ = ("expr", "stmts", "tags")
 
     def __init__(self, stmts: CStatements, expr: CExpression, tags=None, **kwargs):
         super().__init__(**kwargs)
@@ -3465,7 +3462,7 @@ class CStructuredCodeGenerator(BaseStructuredCodeGenerator, Analysis):
 
     def _handle_Expr_Tmp(self, expr: Tmp, **kwargs):
         l.warning("FIXME: Leftover Tmp expressions are found.")
-        return self._variable(SimTemporaryVariable(expr.tmp_idx), expr.size)
+        return self._variable(SimTemporaryVariable(expr.tmp_idx, expr.bits), expr.size)
 
     def _handle_Expr_Const(self, expr: Expr.Const, type_=None, reference_values=None, variable=None, **kwargs):
         inline_string = False
@@ -3590,7 +3587,9 @@ class CStructuredCodeGenerator(BaseStructuredCodeGenerator, Analysis):
     def _handle_Expr_Convert(self, expr: Expr.Convert, **kwargs):
         # width of converted type is easy
         dst_type: SimTypeInt | SimTypeChar
-        if 258 >= expr.to_bits > 128:
+        if 512 >= expr.to_bits > 256:
+            dst_type = SimTypeInt512()
+        elif 256 >= expr.to_bits > 128:
             dst_type = SimTypeInt256()
         elif 128 >= expr.to_bits > 64:
             dst_type = SimTypeInt128()

angr/analyses/decompiler/structuring/__init__.py

@@ -20,11 +20,11 @@ def structurer_class_from_name(name: str) -> type | None:
 
 
 __all__ = (
+    "DEFAULT_STRUCTURER",
+    "STRUCTURER_CLASSES",
     "DreamStructurer",
     "PhoenixStructurer",
-    "SAILRStructurer",
     "RecursiveStructurer",
-    "STRUCTURER_CLASSES",
-    "DEFAULT_STRUCTURER",
+    "SAILRStructurer",
     "structurer_class_from_name",
 )