angr 9.2.143__py3-none-macosx_11_0_arm64.whl → 9.2.144__py3-none-macosx_11_0_arm64.whl

angr/analyses/variable_recovery/variable_recovery_fast.py

@@ -47,6 +47,7 @@ class VariableRecoveryFastState(VariableRecoveryStateBase):
         analysis,
         arch,
         func,
+        project,
         stack_region=None,
         register_region=None,
         global_region=None,
@@ -55,7 +56,6 @@ class VariableRecoveryFastState(VariableRecoveryStateBase):
         func_typevar=None,
         delayed_type_constraints=None,
         stack_offset_typevars=None,
-        project=None,
         ret_val_size=None,
     ):
         super().__init__(
@@ -63,6 +63,7 @@ class VariableRecoveryFastState(VariableRecoveryStateBase):
             analysis,
             arch,
             func,
+            project,
             stack_region=stack_region,
             register_region=register_region,
             global_region=global_region,
@@ -71,12 +72,11 @@ class VariableRecoveryFastState(VariableRecoveryStateBase):
             func_typevar=func_typevar,
             delayed_type_constraints=delayed_type_constraints,
             stack_offset_typevars=stack_offset_typevars,
-            project=project,
         )
         self.ret_val_size = ret_val_size
 
     def __repr__(self):
-        return f"<VRAbstractState@{self.block_addr:#x}: {len(self.register_region)} register variables, {len(self.stack_region)} stack variables>"
+        return f"<VRAbstractState@{self.block_addr:#x}"
 
     def __eq__(self, other):
         if type(other) is not VariableRecoveryFastState:
@@ -96,12 +96,14 @@ class VariableRecoveryFastState(VariableRecoveryStateBase):
             type_constraints=self.type_constraints,
             func_typevar=self.func_typevar,
             delayed_type_constraints=self.delayed_type_constraints,
-            stack_offset_typevars=dict(self.stack_offset_typevars),
+            stack_offset_typevars=self.stack_offset_typevars,
             project=self.project,
             ret_val_size=self.ret_val_size,
         )
 
-    def merge(self, others: tuple[VariableRecoveryFastState], successor=None) -> tuple[VariableRecoveryFastState, bool]:
+    def merge(
+        self, others: tuple[VariableRecoveryFastState, ...], successor=None
+    ) -> tuple[VariableRecoveryFastState, bool]:
         """
         Merge two abstract states.
 
@@ -135,10 +137,10 @@ class VariableRecoveryFastState(VariableRecoveryStateBase):
         # add subtype constraints for all replacements
         for v0, v1 in self.phi_variables.items():
             # v0 will be replaced by v1
-            if not typevars.has_type_variable_for(v1, None):
-                typevars.add_type_variable(v1, None, TypeVariable())
-            if not typevars.has_type_variable_for(v0, None):
-                typevars.add_type_variable(v0, None, TypeVariable())
+            if not typevars.has_type_variable_for(v1):
+                typevars.add_type_variable(v1, TypeVariable())
+            if not typevars.has_type_variable_for(v0):
+                typevars.add_type_variable(v0, TypeVariable())
             # Assuming v2 = phi(v0, v1), then we know that v0_typevar == v1_typevar == v2_typevar
             # However, it's possible that neither v0 nor v1 will ever be used in future blocks, which not only makes
             # this phi function useless, but also leads to the incorrect assumption that v1_typevar == v2_typevar.
@@ -146,7 +148,7 @@ class VariableRecoveryFastState(VariableRecoveryStateBase):
             # when v1 (the new variable that will end up in the state) is ever used in the future.
 
             # create an equivalence relationship
-            equivalence = Equivalence(typevars.get_type_variable(v1, None), typevars.get_type_variable(v0, None))
+            equivalence = Equivalence(typevars.get_type_variable(v1), typevars.get_type_variable(v0))
             delayed_typeconstraints[v1].add(equivalence)
 
         stack_offset_typevars = {}
@@ -281,6 +283,7 @@ class VariableRecoveryFast(ForwardAnalysis, VariableRecoveryBase):  # pylint:dis
         self.func_typevar = TypeVariable(name=func.name)
         self.delayed_type_constraints = None
         self.ret_val_size = None
+        self.stack_offset_typevars: dict[int, TypeVariable] = {}
 
         self._analyze()
 
@@ -328,6 +331,7 @@ class VariableRecoveryFast(ForwardAnalysis, VariableRecoveryBase):  # pylint:dis
             type_constraints=self.type_constraints,
             func_typevar=self.func_typevar,
             delayed_type_constraints=self.delayed_type_constraints,
+            stack_offset_typevars=self.stack_offset_typevars,
         )
         initial_sp = state.stack_address(self.project.arch.bytes if self.project.arch.call_pushes_ret else 0)
         if self.project.arch.sp_offset is not None:
@@ -439,20 +443,10 @@ class VariableRecoveryFast(ForwardAnalysis, VariableRecoveryBase):  # pylint:dis
             block = self.project.factory.block(node.addr, node.size, opt_level=1, cross_insn_opt=False)
             block_key = node.addr
 
-        # if node.addr in self._instates:
-        #     prev_state: VariableRecoveryFastState = self._instates[node.addr]
-        #     if input_state == prev_state:
-        #         l.debug('Skip node %#x as we have reached a fixed-point', node.addr)
-        #         return False, input_state
-        #     else:
-        #         l.debug('Merging input state of node %#x with the previous state.', node.addr)
-        #         input_state, _ = prev_state.merge((input_state,), successor=node.addr)
-
         state = state.copy()
         state.block_addr = node.addr
         if isinstance(node, ailment.Block):
             state.block_idx = node.idx
-        # self._instates[node.addr] = state
 
         if self._node_iterations[block_key] >= self._max_iterations:
             l.debug("Skip node %#x as we have iterated %d times on it.", node.addr, self._node_iterations[node.addr])
@@ -491,10 +485,12 @@ class VariableRecoveryFast(ForwardAnalysis, VariableRecoveryBase):  # pylint:dis
             self.variable_manager[self.function.addr].unify_variables()
 
         # fill in var_to_typevars
+        assert self.typevars is not None
         for var, typevar_set in self.typevars._typevars.items():
             self.var_to_typevars[var] = typevar_set
 
         # unify type variables for global variables
+        assert self.type_constraints is not None
         for var, typevars in self.var_to_typevars.items():
             if len(typevars) > 1 and isinstance(var, SimMemoryVariable) and not isinstance(var, SimStackVariable):
                 sorted_typevars = sorted(typevars, key=lambda x: str(x))  # pylint:disable=unnecessary-lambda
@@ -600,7 +596,7 @@ class VariableRecoveryFast(ForwardAnalysis, VariableRecoveryBase):  # pylint:dis
             block = self._peephole_optimize(block)
 
         processor = self._ail_engine if isinstance(block, ailment.Block) else self._vex_engine
-        processor.process(state, block=block, fail_fast=self._fail_fast)
+        processor.process(state, block=block, fail_fast=self._fail_fast)  # type: ignore
 
         if self._track_sp and block.addr in self._node_to_cc:
             # readjusting sp at the end for blocks that end in a call

angr/knowledge_plugins/functions/function.py

@@ -237,21 +237,7 @@ class Function(Serializable):
 
             self._returning = self._get_initial_returning()
 
-        # Determine a calling convention
-        # If it is a SimProcedure it might have a CC already defined which can be used
-        if self.is_simprocedure and self.project is not None and self.addr in self.project._sim_procedures:
-            simproc = self.project._sim_procedures[self.addr]
-            cc = simproc.cc
-            if cc is None:
-                arch = self.project.arch
-                if self.project.arch.name in DEFAULT_CC:
-                    cc = default_cc(
-                        arch.name, platform=self.project.simos.name if self.project.simos is not None else None
-                    )(arch)
-
-            self.calling_convention: SimCC | None = cc
-        else:
-            self.calling_convention: SimCC | None = None
+        self._init_prototype_and_calling_convention()
 
     @property
     @deprecated(".is_alignment")
@@ -768,6 +754,34 @@ class Function(Serializable):
         # Cannot determine
         return None
 
+    def _init_prototype_and_calling_convention(self) -> None:
+        """
+        Initialize prototype and calling convention from a SimProcedure, if available.
+        """
+        hooker = None
+        if self.is_syscall and self.project is not None and self.project.simos.is_syscall_addr(self.addr):
+            hooker = self.project.simos.syscall_from_addr(self.addr)
+        elif self.is_simprocedure and self.project is not None:
+            hooker = self.project.hooked_by(self.addr)
+        if hooker is None or hooker.guessed_prototype:
+            return
+
+        if hooker.prototype:
+            self.prototype_libname = hooker.library_name
+            self.prototype = hooker.prototype
+            self.is_prototype_guessed = False
+
+        cc = hooker.cc
+        if cc is None and self.project is not None:
+            arch = self.project.arch
+            if arch.name in DEFAULT_CC:
+                cc_cls = default_cc(
+                    arch.name, platform=self.project.simos.name if self.project.simos is not None else None
+                )
+                if cc_cls is not None:
+                    cc = cc_cls(arch)
+        self.calling_convention = cc
+
     def _clear_transition_graph(self):
         self._block_sizes = {}
         self._addr_to_block_node = {}

angr/knowledge_plugins/key_definitions/constants.py

@@ -1,5 +1,5 @@
 from __future__ import annotations
-from typing import Literal, Union
+from typing import Literal
 import enum
 
 DEBUG = False
@@ -25,5 +25,5 @@ OP_BEFORE = ObservationPointType.OP_BEFORE
 OP_AFTER = ObservationPointType.OP_AFTER
 
 ObservationPoint = tuple[
-    Literal["insn", "node", "stmt", "exit"], Union[int, tuple[int, int], tuple[int, int, int]], ObservationPointType
+    Literal["insn", "node", "stmt", "exit"], int | tuple[int, int] | tuple[int, int, int], ObservationPointType
 ]

angr/knowledge_plugins/key_definitions/liveness.py

@@ -1,5 +1,5 @@
 from __future__ import annotations
-from typing import Optional, TYPE_CHECKING
+from typing import TYPE_CHECKING
 
 from collections import defaultdict
 from itertools import chain
@@ -14,11 +14,11 @@ if TYPE_CHECKING:
     from angr.code_location import CodeLocation
 
 
-LocationType = tuple[int, Optional[int], Optional[int]]  # block addr, block ID, stmt ID
+LocationType = tuple[int, int | None, int | None]  # block addr, block ID, stmt ID
 LocationWithPosType = tuple[
-    int, Optional[int], Optional[int], ObservationPointType
+    int, int | None, int | None, ObservationPointType
 ]  # block addr, block ID, stmt ID, before/after
-BlockAddrType = tuple[int, Optional[int]]  # block addr, block ID
+BlockAddrType = tuple[int, int | None]  # block addr, block ID
 
 
 class Liveness:

angr/state_plugins/unicorn_engine.py

@@ -28,9 +28,11 @@ ffi = cffi.FFI()
 
 try:
     import unicorn
+    from unicorn.unicorn import _uc
 except ImportError:
-    l.warning("Unicorn is not installed. Support disabled.")
-    unicorn = None
+    l.info("Unicorn is not installed. Support disabled.")
+    unicorn = None  # type: ignore
+    _uc = None  # type: ignore
 
 
 class MEM_PATCH(ctypes.Structure):
@@ -418,6 +420,7 @@ def _load_native():
             getattr(handle, func).argtypes = argtypes
 
         # _setup_prototype_explicit(h, 'logSetLogLevel', None, ctypes.c_uint64)
+        _setup_prototype(h, "setup_imports", ctypes.c_bool, ctypes.c_char_p)
         _setup_prototype(
             h,
             "alloc",
@@ -470,7 +473,8 @@ def _load_native():
         _setup_prototype(h, "set_tracking", None, state_t, ctypes.c_bool, ctypes.c_bool)
         _setup_prototype(h, "executed_pages", ctypes.c_uint64, state_t)
         _setup_prototype(h, "in_cache", ctypes.c_bool, state_t, ctypes.c_uint64)
-        _setup_prototype(h, "set_map_callback", None, state_t, unicorn.unicorn.UC_HOOK_MEM_INVALID_CB)
+        if unicorn is not None:
+            _setup_prototype(h, "set_map_callback", None, state_t, unicorn.unicorn.UC_HOOK_MEM_INVALID_CB)
         _setup_prototype(
             h,
             "set_vex_to_unicorn_reg_mappings",
@@ -550,7 +554,7 @@ def _load_native():
 
         return h
     except (OSError, AttributeError) as e:
-        l.warning('failed loading "%s", unicorn support disabled (%s)', libfile, e)
+        l.error('failed loading "%s", unicorn support disabled (%s)', libfile, e)
         raise ImportError("Unable to import native SimUnicorn support") from e
 
 
@@ -560,6 +564,10 @@ try:
 except ImportError:
     _UC_NATIVE = None
 
+if _uc is not None and _UC_NATIVE is not None and not _UC_NATIVE.setup_imports(_uc._name.encode()):
+    l.error("Unicorn engine has an incompatible API. Support disabled.")
+    unicorn = None
+
 
 class Unicorn(SimStatePlugin):
     """
@@ -675,8 +683,12 @@ class Unicorn(SimStatePlugin):
 
         self.time = None
 
-        self._bullshit_cb = ctypes.cast(
-            unicorn.unicorn.UC_HOOK_MEM_INVALID_CB(self._hook_mem_unmapped), unicorn.unicorn.UC_HOOK_MEM_INVALID_CB
+        self._bullshit_cb = (
+            ctypes.cast(
+                unicorn.unicorn.UC_HOOK_MEM_INVALID_CB(self._hook_mem_unmapped), unicorn.unicorn.UC_HOOK_MEM_INVALID_CB
+            )
+            if unicorn is not None
+            else None
         )
 
     @SimStatePlugin.memo
@@ -777,8 +789,12 @@ class Unicorn(SimStatePlugin):
 
     def __setstate__(self, s):
         self.__dict__.update(s)
-        self._bullshit_cb = ctypes.cast(
-            unicorn.unicorn.UC_HOOK_MEM_INVALID_CB(self._hook_mem_unmapped), unicorn.unicorn.UC_HOOK_MEM_INVALID_CB
+        self._bullshit_cb = (
+            ctypes.cast(
+                unicorn.unicorn.UC_HOOK_MEM_INVALID_CB(self._hook_mem_unmapped), unicorn.unicorn.UC_HOOK_MEM_INVALID_CB
+            )
+            if unicorn is not None
+            else None
         )
         self._unicount = next(_unicounter)
         self._uc_state = None

angr/storage/memory_mixins/paged_memory/page_backer_mixins.py

@@ -1,6 +1,5 @@
 from __future__ import annotations
 from mmap import mmap
-from typing import Union
 from collections.abc import Generator
 import logging
 
@@ -9,7 +8,7 @@ import cle
 
 l = logging.getLogger(__name__)
 
-BackerType = Union[bytes, bytearray, list[int]]
+BackerType = bytes | bytearray | list[int]
 BackerIterType = Generator[tuple[int, BackerType], None, None]
 
 

angr/storage/memory_mixins/paged_memory/pages/mv_list_page.py

@@ -1,7 +1,7 @@
 # pylint:disable=abstract-method,arguments-differ,assignment-from-no-return
 from __future__ import annotations
 import logging
-from typing import Union, Any
+from typing import Any
 from collections.abc import Callable
 
 from angr.storage.memory_mixins.memory_mixin import MemoryMixin
@@ -13,7 +13,7 @@ from .cooperation import MemoryObjectSetMixin
 
 l = logging.getLogger(name=__name__)
 
-_MOTYPE = Union[SimMemoryObject, SimLabeledMemoryObject]
+_MOTYPE = SimMemoryObject | SimLabeledMemoryObject
 
 
 class MVListPage(

angr/utils/graph.py

@@ -276,7 +276,7 @@ class ContainerNode:
 
     def __init__(self, obj):
         self._obj = obj
-        self.index = None
+        self.index: int | None = None
 
     @property
     def obj(self):
@@ -308,8 +308,8 @@ class Dominators:
         self._reverse = reverse  # Set it to True to generate a post-dominator tree.
 
         # Temporary variables
-        self._ancestor = None
-        self._semi = None
+        self._ancestor: list[ContainerNode | None] | None = None
+        self._semi: list[ContainerNode] | None = None
         self._label = None
 
         # Output
@@ -351,9 +351,11 @@ class Dominators:
         # parent is a dict storing the mapping from ContainerNode to ContainerNode
         # Each node in prepared_graph is a ContainerNode instance
 
-        bucket = defaultdict(set)
-        dom = [None] * (len(vertices))
-        self._ancestor = [None] * (len(vertices) + 1)
+        assert self._semi is not None
+
+        bucket: dict[int, set[ContainerNode]] = defaultdict(set)
+        dom: list[None | ContainerNode] = [None] * (len(vertices))
+        self._ancestor = [None] * (len(vertices) + 1)  # type: ignore
 
         for i in range(len(vertices) - 1, 0, -1):
             w = vertices[i]
@@ -376,6 +378,7 @@ class Dominators:
             # Step 3
             for v in bucket[parent[w].index]:
                 u = self._pd_eval(v)
+                assert u.index is not None and v.index is not None
                 if self._semi[u.index].index < self._semi[v.index].index:
                     dom[v.index] = u
                 else:
@@ -393,7 +396,7 @@ class Dominators:
         self.dom = networkx.DiGraph()  # The post-dom tree described in a directional graph
         for i in range(1, len(vertices)):
             if dom[i] is not None and vertices[i] is not None:
-                self.dom.add_edge(dom[i].obj, vertices[i].obj)
+                self.dom.add_edge(dom[i].obj, vertices[i].obj)  # type: ignore
 
         # Output
         self.prepared_graph = _prepared_graph
@@ -476,7 +479,7 @@ class Dominators:
         all_nodes_count = new_graph.number_of_nodes()
         self._l.debug("There should be %d nodes in all", all_nodes_count)
         counter = 0
-        vertices = [ContainerNode("placeholder")]
+        vertices: list[Any] = [ContainerNode("placeholder")]
         scanned_nodes = set()
         parent = {}
         while True:
@@ -526,15 +529,23 @@ class Dominators:
         return new_graph, vertices, parent
 
     def _pd_link(self, v, w):
+        assert self._ancestor is not None
         self._ancestor[w.index] = v
 
     def _pd_eval(self, v):
+        assert self._ancestor is not None
+        assert self._label is not None
+
         if self._ancestor[v.index] is None:
             return v
         self._pd_compress(v)
         return self._label[v.index]
 
     def _pd_compress(self, v):
+        assert self._ancestor is not None
+        assert self._semi is not None
+        assert self._label is not None
+
         if self._ancestor[self._ancestor[v.index].index] is not None:
             self._pd_compress(self._ancestor[v.index])
             if (
@@ -604,7 +615,7 @@ class GraphUtils:
             if graph.in_degree(node) > 1:
                 merge_points.add(node)
 
-        ordered_merge_points = GraphUtils.quasi_topological_sort_nodes(graph, merge_points)
+        ordered_merge_points = GraphUtils.quasi_topological_sort_nodes(graph, nodes=list(merge_points))
 
         return [n.addr for n in ordered_merge_points]
 
@@ -732,7 +743,7 @@ class GraphUtils:
             graph_copy.add_edge(src, dst)
 
         # add loners
-        out_degree_zero_nodes = [node for (node, degree) in graph.out_degree() if degree == 0]
+        out_degree_zero_nodes = [node for (node, degree) in graph.out_degree() if degree == 0]  # type:ignore
         for node in out_degree_zero_nodes:
             if graph.in_degree(node) == 0:
                 graph_copy.add_node(node)
@@ -749,9 +760,7 @@ class GraphUtils:
 
         if nodes is None:
             return ordered_nodes
-
-        nodes = set(nodes)
-        return [n for n in ordered_nodes if n in nodes]
+        return [n for n in ordered_nodes if n in set(nodes)]
 
     @staticmethod
     def _components_index_node(components, node):
@@ -820,13 +829,10 @@ class GraphUtils:
         # panic mode that will aggressively remove edges
 
         if len(subgraph) > 3000 and len(subgraph.edges) > len(subgraph) * 1.4:
-            for n in scc:
-                if subgraph.in_degree[n] >= 1 and subgraph.out_degree[n] >= 1:
-                    for src in list(subgraph.predecessors(n)):
-                        if src is not n:
-                            subgraph.remove_edge(src, n)
-                            if len(subgraph.edges) <= len(subgraph) * 1.4:
-                                break
+            for n0, n1 in sorted(dfs_back_edges(subgraph, loop_head), key=lambda x: (x[0].addr, x[0].addr)):
+                subgraph.remove_edge(n0, n1)
+                if len(subgraph.edges) <= len(subgraph) * 1.4:
+                    break
 
         ordered_nodes.extend(GraphUtils.quasi_topological_sort_nodes(subgraph))
 

{angr-9.2.143.dist-info → angr-9.2.144.dist-info}/METADATA

@@ -1,9 +1,10 @@
 Metadata-Version: 2.2
 Name: angr
-Version: 9.2.143
+Version: 9.2.144
 Summary: A multi-architecture binary analysis toolkit, with the ability to perform dynamic symbolic execution and various static analyses on binaries
-Home-page: https://github.com/angr/angr
 License: BSD-2-Clause
+Project-URL: Homepage, https://angr.io/
+Project-URL: Repository, https://github.com/angr/angr
 Classifier: License :: OSI Approved :: BSD License
 Classifier: Programming Language :: Python :: 3
 Classifier: Programming Language :: Python :: 3 :: Only
@@ -16,13 +17,13 @@ Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: CppHeaderParser
 Requires-Dist: GitPython
-Requires-Dist: ailment==9.2.143
-Requires-Dist: archinfo==9.2.143
+Requires-Dist: ailment==9.2.144
+Requires-Dist: archinfo==9.2.144
 Requires-Dist: cachetools
 Requires-Dist: capstone==5.0.3
 Requires-Dist: cffi>=1.14.0
-Requires-Dist: claripy==9.2.143
-Requires-Dist: cle==9.2.143
+Requires-Dist: claripy==9.2.144
+Requires-Dist: cle==9.2.144
 Requires-Dist: mulpyplexer
 Requires-Dist: nampa
 Requires-Dist: networkx!=2.8.1,>=2.0
@@ -31,11 +32,10 @@ Requires-Dist: psutil
 Requires-Dist: pycparser>=2.18
 Requires-Dist: pydemumble
 Requires-Dist: pyformlang
-Requires-Dist: pyvex==9.2.143
+Requires-Dist: pyvex==9.2.144
 Requires-Dist: rich>=13.1.0
 Requires-Dist: sortedcontainers
 Requires-Dist: sympy
-Requires-Dist: unicorn==2.0.1.post1
 Requires-Dist: unique-log-filter
 Requires-Dist: colorama; platform_system == "Windows"
 Provides-Extra: angrdb
@@ -56,6 +56,9 @@ Requires-Dist: pytest; extra == "testing"
 Requires-Dist: pytest-split; extra == "testing"
 Requires-Dist: pytest-xdist; extra == "testing"
 Requires-Dist: sqlalchemy; extra == "testing"
+Requires-Dist: unicorn==2.0.1.post1; extra == "testing"
+Provides-Extra: unicorn
+Requires-Dist: unicorn==2.0.1.post1; extra == "unicorn"
 
 # angr