Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x64 support #513

Merged
merged 159 commits into from
Mar 6, 2019
Merged

x64 support #513

merged 159 commits into from
Mar 6, 2019

Conversation

xkubov
Copy link
Contributor

@xkubov xkubov commented Mar 6, 2019

Provides experimental support for decomilation of architecture Intel x64. This PR
contains mainly reimplementation of parameter analysis which was
essential in order to provide support of x64 architecture.

Peter Kubov added 30 commits March 6, 2019 11:35
decoder: fix condition
eed349c
llvmir_tests: clean abi
47b3b0d 
Test cases share same module so it means that by not cleaning
AbiProvider two test cases maight obtain same abi which
can lead to failure of test.
abi: make method const
1b8559d
abi: value can be parameter
bea9c7c
abi: provide method parameterRegisters()
88b9293
abi: provide return info
3ef6002
abi: provide value of return register
b41862e
abi: provide info about FPU parameter registers
43efa15
abi: provide special info about usage of FP registers
624dcb1
abi: provide info about double registers
fc19d34 
Some architectures (for example MIPS) are
modeled with special double registers
that are created as merge of two
FP registers. ABI must provide information
about possible double register so that
parameter analysis may use this information
to find double parameters.
abi: pic32: new class
2be2dbb 
Provides special ABI for Pic32. This type of Mips
architecture passes parameters differently
than regular Mips and to reflect this we should
have separated Pic32 ABI that would be suitable
for other changes that my emerge by deompilation
of sufficient Pic32 binary files.
abi: provide support for pic32 abi
2d38d79
abi: provide info about FP register for return
2d6632d
param_return: rafacor - use abi instead of config
e08e58d 
Using abi makes code more readable than gaining informations
from configuration. It is clear that abi module contains
abi specific informations.
param_return: get rid of redundant operations
dad21d2 
module param_return contains block counting registers which result
is not used anywhere in code and thus it is unnecessary to do so.
param_return: redundant code
a693d66 
code that searched for register to which store return value
was redundant and should be be done better. For example
if abi can tell to which register store value it can be
searched in module for appropriate store or
perhaps manually create one.
param_return: redundant code
d19f4e9 
There is redundant code in param_return module which purpose
is to cleverly identify parameters on stack. This is probably
not wanted as it may unwillingly take arguments from stack
which were not intended for called function.
param_return_tests: get rid of unused register configuration
4f8a1be 
Old module param_return used informations from configuraton but
with change of usage abi there is no need to include register
configuration in tests.
param_return: remove unnecessary comments
01c246c
param_return_tests: remove misleading test
9468cea 
Test expects that powerpc uses just 7 registers as parameters
for function. The truth is that powerpc uses 8 registers and
test forced module to generate incorrect output.
param_return: rename method filterRegisters
16d7795 
Method filterRegisters() is filtering all values, not just
registers and thus shuld jave appropriate name.
param_return: use remove_if instead of manually searching vector
5148b83
param_return: remove redundant code
a7091ed
param_return: remove code based on bad assumption
324b5ce 
This code assumes that paramter registers will be returned from abi
sorted from lowest to highest. This is not true as values of regsiters
are dependent on their value in capstone.
param_return: refactor generation of params in variadic functions
8337e7b
abi/x64: provide support for Intel x86-64
4043c20 
Provides support for Intel x86-64 architecture. Specifically
represents System V ABI and conventions that are present in
this ABI.
abi: provide support for Intel x64 architecutre
743934e 
Provides integration of class Abi X64 into general class
ABI.
param_return_tests: x64 unit tests
83c8fa8 
This commit proived suport for testing of parameter analysis
of x64 binary files.
retdec-decompiler: make x64 files go through
31696ed
param_return: detect type of parameter
afb1e06
Peter Kubov added 18 commits March 6, 2019 11:35
powerpc: correct cc info
bf2c54c
calling_convention: x64: x86: fix cc info
e16715d
param_return_tests: fix tests
a86918e
watcom fix
200f1ce
abi: provide shortcuts to test if abi is for 64 bit arch
b07272f
calling_convention: refactor repository structure
0bd8d05
collector/pic32: separate special collector
50f2655
param_return: disabling find of arg loads
e42ed24 
At this moment retdec does not use info from
argument loads as this info is not reliable
for parameter and return value analysis.
collector/pic32: update cmakelist
e4aa804
param_return_tests: enable calling convention unit tests
212e94f
calling_convention: fastcall: pascal: fix parameter registers
a19aeee
param_return_tests: fix caling conventions tests
07e1b7e
param_return_tests: enable ms x64 unit tests
e02ae8d
param_return/filter: provide explanaiton
c76d1bd
param_return/collector: provide explanaion
4ba8a37
ms_x64: new filter for x64 ms conention
eb62ec6
param_return/filter: fix condition on special ms filter
8e044b0
parm_return: filter/ms_x64: fix filtering by known type
9cc98e3
@s3rvac s3rvac requested a review from PeterMatula March 6, 2019 10:52
Peter Kubov added 2 commits March 6, 2019 12:03
stacofin: x64: provide application of x64 YARA signatures
3f8db46 
Currently it was unable to apply the x64 YARA signatures because
path to existing sgnatures was incorrect and code in module stacofin
did not expect to get binary of x64 format.
doxygen: fix warnings
b546103
@PeterMatula PeterMatula merged commit 4094b88 into avast:master Mar 6, 2019
@PeterMatula
Copy link
Collaborator

Merged. Doxygen errors were fixed, other CI tests will probably fail, because they are run against the current master and not against avast/retdec-regression-tests#20.

@PeterMatula PeterMatula mentioned this pull request Mar 6, 2019
Closed
s3rvac added a commit that referenced this pull request Mar 6, 2019
@s3rvac
Add a reference to #513 into CHANGELOG.
33e5073 
There was only a reference to the issue (but not to the PR).
@xkubov xkubov deleted the x64-support branch March 6, 2019 15:03
@silverbacknet
Copy link

Holy cow, this is a MASSIVE PR. I hope there's a new TC build or release soon, I'd love to experiment with this (and VB6). Thank you xkubov and everyone who contributed to make this happen, even in this raw state!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PeterMatula PeterMatula Awaiting requested review from PeterMatula

Assignees

@PeterMatula PeterMatula

Labels
new-feature T-arch-x86-64
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@xkubov @PeterMatula @silverbacknet @s3rvac