From fe2d508c1c82a3aea57daedecd8425561964d29b Mon Sep 17 00:00:00 2001 From: caheckman <48068198+caheckman@users.noreply.github.com> Date: Tue, 22 Sep 2020 16:00:21 -0400 Subject: [PATCH] Changes in response to review --- .../Decompiler/certification.manifest | 1 + .../src/main/doc/decompileplugin.xml | 605 +++++++++++++----- .../src/main/help/help/shared/languages.css | 6 +- .../DecompilerAnnotations.html | 163 ++++- .../DecompilePlugin/DecompilerConcepts.html | 121 +++- .../DecompilePlugin/DecompilerIntro.html | 112 ++-- .../DecompilePlugin/DecompilerOptions.html | 118 +++- .../DecompilePlugin/DecompilerWindow.html | 144 ++++- .../DecompilePlugin/images/Undefined.png | Bin 0 -> 16567 bytes .../app/decompiler/DecompileOptions.java | 166 +++-- .../core/decompile/DecompilerProvider.java | 10 +- .../BackwardsSliceToPCodeOpsAction.java | 8 +- .../actions/ForwardSliceToPCodeOpsAction.java | 8 +- .../program/model/lang/BasicCompilerSpec.java | 6 +- 14 files changed, 1089 insertions(+), 379 deletions(-) create mode 100644 Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/images/Undefined.png diff --git a/Ghidra/Features/Decompiler/certification.manifest b/Ghidra/Features/Decompiler/certification.manifest index 115209e2e9..1e59b644ab 100644 --- a/Ghidra/Features/Decompiler/certification.manifest +++ b/Ghidra/Features/Decompiler/certification.manifest @@ -47,6 +47,7 @@ src/main/help/help/topics/DecompilePlugin/images/DecompWindow.png||GHIDRA||||END src/main/help/help/topics/DecompilePlugin/images/Defuse.png||GHIDRA||||END| src/main/help/help/topics/DecompilePlugin/images/EditFunctionSignature.png||GHIDRA||||END| src/main/help/help/topics/DecompilePlugin/images/ForwardSlice.png||GHIDRA||||END| +src/main/help/help/topics/DecompilePlugin/images/Undefined.png||GHIDRA||||END| src/main/help/help/topics/DecompilePlugin/images/camera-photo.png||Tango Icons - Public Domain|||Tango|END| src/main/help/help/topics/DecompilePlugin/images/decompileFunction.gif||GHIDRA||reviewed||END| src/main/help/help/topics/DecompilePlugin/images/page_edit.png||FAMFAMFAM Icons - CC 2.5||||END| diff --git a/Ghidra/Features/Decompiler/src/main/doc/decompileplugin.xml b/Ghidra/Features/Decompiler/src/main/doc/decompileplugin.xml index 72895cc21f..75cafef9b1 100644 --- a/Ghidra/Features/Decompiler/src/main/doc/decompileplugin.xml +++ b/Ghidra/Features/Decompiler/src/main/doc/decompileplugin.xml @@ -50,7 +50,14 @@ - Press the icon + Press the + + + + + + +  icon in the tool bar, or @@ -88,54 +95,79 @@ Some of the primary capabilities of the decompiler include: - - - Recovering Expressions: The - decompiler does full data-flow analysis which allows it to - perform slicing on functions: complicated expressions, which have been split into - distinct operations/instructions and then mixed together with - other instructions by the compiling/optimizing process, are - reconstituted back into a single line. - - - Recovering High-Level Scoped - Variables: The decompiler understands how compilers - use processor stacks and registers to implement variables with - different scopes within a function. Data-flow analysis allows it to - follow what was originally a single variable as it moves from - the stack, into a register, into a different register, etc. Thus - it can effectively recover the original programs concept of a - variable, minimizing the need to introduce artificial variables - in the output. - - - Recovering Function Parameters: - The decompiler understands the parameter passing conventions of - the compiler and can reconstruct the original form of - function calls. - - - Using Data-type, Name, and Signature - Annotations: The decompiler automatically pulls in - all the different data types and variable names that the user - has applied to functions, and the C output is altered to reflect - this. High-level variables are appropriately named, structure - fields and array indices are calculated and displayed with - correct syntax, constant char pointers are replaced with - appropriate quoted strings, etc. - - - Propagating Local Data-types: - The decompiler infers the data-type of unlabeled variables - by propagating information from other sources throughout a function. - - - Recovering Structure Definitions: - The decompiler can be used to create structures that match the usage - pattern of particular functions and variables, automatically discovering - component offsets and data-types. + + + + Recovering Expressions + + + The decompiler does full data-flow analysis which allows it to + perform slicing on functions: complicated expressions, which have been split into + distinct operations/instructions and then mixed together with + other instructions by the compiling/optimizing process, are + reconstituted back into a single line. + - + + + Recovering High-Level Scoped Variables + + + The decompiler understands how compilers + use processor stacks and registers to implement variables with + different scopes within a function. Data-flow analysis allows it to + follow what was originally a single variable as it moves from + the stack, into a register, into a different register, etc. Thus + it can effectively recover the original program's concept of a + variable, minimizing the need to introduce artificial variables + in the output. + + + + + Recovering Function Parameters + + + The decompiler understands the parameter passing conventions of + the compiler and can reconstruct the original form of + function calls. + + + + + Using Data-type, Name, and Signature Annotations + + + The decompiler automatically pulls in + all the different data types and variable names that the user + has applied to functions, and the C output is altered to reflect + this. High-level variables are appropriately named, structure + fields and array indices are calculated and displayed with + correct syntax, constant char pointers are replaced with + appropriate quoted strings, etc. + + + + + Propagating Local Data-types + + + The decompiler infers the data-type of unlabeled variables + by propagating information from other sources throughout a function. + + + + + Recovering Structure Definitions + + + The decompiler can be used to create structures that match the usage + pattern of particular functions and variables, automatically discovering + component offsets and data-types. + + + + @@ -170,7 +202,7 @@ size - the maximum number of bytes that can be addressed - endianess - how groups of bytes are interpreted as integers + endianness - how groups of bytes are interpreted as integers @@ -187,7 +219,7 @@ ram - A space that models memory accessible via the processors's main data bus. Depending on + A space that models memory accessible via the processor's main data bus. Depending on the architecture, different spaces might be substituted for ram, such as separate code and data spaces. @@ -280,7 +312,7 @@ - The integer data-type assumes a twos complement encoding in the endianness of the + The integer data-type assumes a two's complement encoding in the endianness of the address space containing the varnode. Similarly, the floating point data-type assumes an IEEE 754 standard encoding. The precision of the integer or floating point value is determined by the varnode's size. A boolean data-type assumes the varnode has a size @@ -444,12 +476,12 @@ CALL funcname(...) - Branch to a subfunction. + Branch to a function, as a call. CALLIND (*funcptr)(...) - Branch through a pointer to a subfunction. + Branch through a pointer to a function, as a call. RETURN @@ -539,7 +571,7 @@ INT_2COMP - - Twos complement. + Two's complement. INT_NEGATE @@ -761,6 +793,47 @@ + + P-code Control Flow + + P-code has natural control-flow, with the subtlety that flow + happens both within and across machine instructions. Most p-code operators have + fall-through semantics, meaning that flow moves to the + next operator in the sequence associated with the instruction, or, if the operator is the + last in the sequence, flow moves to the first operator in the p-code associated with the next instruction. + The p-code operators with branching semantics, such as + CBRANCH and BRANCH, can jump to a target operator which is internal to the current instruction, or they can + jump to the first p-code operator corresponding to a new instruction at a different address. + + + Ghidra labels a machine instruction with one of the following Flow Types that describe + its overall control-flow. The Flow Type is derived directly from the control-flow of the p-code for the instruction, + with the basic types corresponding directly with a specific branching p-code operator. + + + FALL_THROUGH + UNCONDITIONAL_CALL - CALL + UNCONDITIONAL_JUMP - BRANCH + CONDITIONAL_JUMP - CBRANCH + COMPUTED_JUMP - BRANCHIND + COMPUTED_CALL - CALLIND + TERMINATOR - RETURN + + + Other Flow Types occur due to a combination of multiple p-code branching operators within the same instruction. + + + CONDITIONAL_CALL - CALL with CBRANCH + CONDITIONAL_TERMINATOR - RETURN with CBRANCH + COMPUTED_CALL_TERMINATOR - CALLIND with RETURN + CONDITIONAL_COMPUTED_JUMP - CBRANCH with BRANCHIND + CONDITIONAL_COMPUTED_CALL - CBRANCH with CALLIND + JUMP_TERMINATOR - BRANCH with RETURN + + + + + Internal Decompiler Functions @@ -771,9 +844,11 @@ of p-code operations, displaying them as if they were built-in functions for the language. - + + + + SUB41(x,c) - Truncation operation - SUBPIECE - SUB41(x,c) - Truncation operation - SUBPIECE The digit '4' indicates the size of the input operand 'x' in bytes. The digit '1' indicates the size of the output value in bytes. @@ -804,8 +879,10 @@ + + + CONCAT31(x,y) - Concatenation operator - PIECE - CONCAT31(x,y) - Concatenation operator - PIECE The digit '3' indicates the size of the input operand 'x' in bytes. The digit '1' indicates the size of the input operand 'y' in bytes. @@ -819,8 +896,10 @@ bytes, and 'y' the least significant bytes, in the result. + + + ZEXT14(x) - Zero-extension operator - INT_ZEXT - ZEXT14(x) - Zero-extension operator - INT_ZEXT The digit '1' indicates the size of the input operand 'x' in bytes. The digit '4' indicates the size of the output in bytes. @@ -833,8 +912,10 @@ significant bytes of the result. + + + SEXT14(x) - Sign-extension operator - INT_SEXT - SEXT14(x) - Sign-extension operator - INT_SEXT The digit '1' indicates the size of the input operand 'x' in bytes. The digit '4' indicates the size of the output in bytes. @@ -847,8 +928,10 @@ bit of 'x' into the most significant bytes of the result. + + + SBORROW4(x,y) - Test for signed borrow operator - INT_SBORROW - SBORROW4(x,y) - Test for signed borrow operator - INT_SBORROW The digit '4' indicates the size of both input operands 'x' and 'y' in bytes. @@ -857,8 +940,10 @@ as signed integers. + + + CARRY4(x,y) - Test for unsigned overflow operator - INT_CARRY - CARRY4(x,y) - Test for unsigned overflow operator - INT_CARRY The digit '4' indicates the size of both input operands 'x' and 'y' in bytes. @@ -867,8 +952,10 @@ as unsigned integers. + + + SCARRY4(x,y) - Test for signed overflow operator - INT_SCARRY - SCARRY4(x,y) - Test for signed overflow operator - INT_SCARRY The digit '4' indicates the size of both input operands 'x' and 'y' in bytes. @@ -877,7 +964,8 @@ as signed integers. - + + @@ -1102,14 +1190,14 @@ Unaffected - Prototype models can specify a set of unaffectedmemory locations, + Prototype models can specify a set of unaffected memory locations, whose value must be preserved across the function. I.e. each location must hold the same value at a function's exit that it held coming into the function. These encompass a calling convention's saved registers, where a calling function can store values it doesn't want to change unexpectedly, but also may include other registers that are known not to change, like the stack pointer. The decompiler uses the information to determine which locations can be safely propagated across - a sub-function. + a called function. @@ -1137,8 +1225,12 @@ processor specific form into Ghidra's IR language (see ), which provides both the control-flow behavior of the instruction and the detailed semantics describing how the processor and memory state is affected. The translation is controlled by - the underlying processor model and cannot be directly altered from the tool. Users - can modify the model specification itself, however. + the underlying processor model and, except in limited circumstances, cannot be directly altered + from the tool. Flow Overrides (see below) can change how certain control-flow is translated, + and, depending on the processor, context registers may affect p-code (see ). + + + Outside of the tool, users can modify the model specification itself. See the document "SLEIGH: A Language for Rapid Processor Specification". @@ -1148,7 +1240,7 @@ fall through, conditional jump, and other semantics until an instruction with terminator semantics is reached, which is usually a "return from subroutine" - instruction. Flow is not traced into subfunctions, in this situation. Instructions + instruction. Flow is not traced into called functions, in this situation. Instructions with call semantics are treated only as if they fall through. @@ -1202,11 +1294,17 @@ Flow Overrides - Control-flow behavior for machine instructions is generally determined by the underlying - Processor model. But this flow can be overridden for individual instructions by various - Analyzers or manually by the user. The decompiler incorporates these overrides into its - analysis, and they can have a significant impact on results. Current - flow overrides include: + Control-flow behavior for a machine instruction is generally determined by its underlying + p-code (see ), but this can be changed by applying a Flow Override. + A Flow Override maintains the overall semantics of a branching instruction + but changes how the branch is interpreted. For instance, a JMP instruction, which traditionally + represents a branch within a single function, can be overridden to represent a call to a new function. + Flow Overrides are applied by Analyzers or manually by the user. + + + The decompiler automatically incorporates any relevant Flow Overrides into its + analysis of a function. This can have a significant impact on results. The + types of possible Flow Overrides include: @@ -1492,8 +1590,11 @@ Duplicate Symbols - Ghidra allows duplicate symbols, including duplicate function names, in - any scope higher than a function. + Ghidra allows different functions to have the same name, even within the same + namespace, in order to model languages that support function overloading. + In most languages, such functions would be expected to have distinct prototypes to allow + the symbols to be distinguished in context. Ghidra and the decompiler however do not check + for this, as prototypes may not be known. @@ -1796,21 +1897,20 @@ For annotations that specifically label a function's formal parameters or return value, - the Signature Source-Type also affects how they're treated by the decompiler. - If the Source-Type is set to anything other than DEFAULT, there is a forced + the Signature Source also affects how they're treated by the decompiler. + If the Signature Source is set to anything other than DEFAULT, there is a forced one-to-one correspondence between variable annotations and actual parameters in the decompiler's view of the function. This is stronger than just forcing the data-type; the existence (or not) of - the variable itself is forced by the annotation in this case. If the Source-Type is forcing and + the variable itself is forced by the annotation in this case. If the Signature Source is forcing and there are no parameter annotations, a void prototype is forced on the function. - A forcing Source-Type, with a value other than - DEFAULT, is set typically if debug symbols for the function are read in during + A forcing Signature Source is set typically if debug symbols for the function are read in during Program import (IMPORTED), or if the user manually edits the function prototype directly (USER_DEFINED). - If an annotation and the Signature Source-Type force a parameter to exist, specifying an + If an annotation and the Signature Source force a parameter to exist, specifying an undefined data-type in the annotation still directs the decompiler to fill in the variable's data-type using type propagation. The same holds true for the return value; an undefined annotation fixes the size of the return value, but the decompiler @@ -1886,10 +1986,13 @@ Currently, the entire body of the function is included in the scope of any stack annotation, and the decompiler will allow only a single variable to exist at the stack address. A stack annotation can be a formal parameter to the function, but otherwise the - decompiler does not expect to see a value that exists before the start of the function. Similarly, - because the value is not expected to persist after the function executes, a write to the stack - address may not show up as an explicit assignment to the variable if the value is simply - propagated through to another expression. + decompiler does not expect to see a value that exists before the start of the function. + + + The decompiler will continue to perform copy propagation and other transforms on + stack locations associated with a variable annotation. In particular, within decompiler output, + a specific write operation to a stack address may not show up as an explicit assignment to its variable, + if the value is simply copied to another location. @@ -2024,7 +2127,7 @@ If the boolean property in-line is turned on for a particular function, it directs the decompiler to inline the effects of the function into the decompilation of any of its calling functions. - The function will no longer appear as a direct subfunction call in the decompilation, but all of its data-flow + The function will no longer appear as a direct function call in the decompilation, but all of its data-flow will be incorporated into the calling function. @@ -2040,8 +2143,8 @@ This property is similar in spirit to marking a function as in-line. A call-fixup directs the decompiler to replace any call to the function with a specific - chunk of raw p-code. The decompilation of any calling function no longer shows the subfunction call, but the chunk - of p-code incorporates the subfunction's effects. + chunk of raw p-code. The decompilation of any calling function no longer shows the function call, but the chunk + of p-code incorporates the called function's effects. Call-fixups are more flexible than just inlining a function. The call-fixup chunk can be tailored to incorporate all of, @@ -2056,6 +2159,41 @@ + + Signature Source + + Ghidra records a Signature Source for every function, + indicating the origin of its prototype information. This is + similar to the Symbol Source attached to Ghidra's symbol annotations + (See the documentation for + Filtering + in the Symbol Table). The possible types are: + + + DEFAULT - for basic or no information + ANALYSIS - for information derived by an Analyzer + IMPORTED - for information imported from an external source + USER_DEFINED - for information set by the user + + + + + Upon import of the Program, if there are debugging symbols available, Ghidra will build + annotations of the function's parameters and set the Symbol Source type to IMPORTED. + Otherwise, it will generally be set to DEFAULT. + + + However, Ghidra adjusts the Signature Source for a function if there is any change to the + prototype. In particular, if the user adds, removes, or edits variable annotations + for the function's parameters or return value, Ghidra automatically converts the Signature + Source to be USER_DEFINED. + + + If the Signature Source is set to anything other than DEFAULT, the + function's prototype information is forcing on the decompiler. See the discussion + in + + Discovering Parameters @@ -2066,7 +2204,7 @@ The input parameters and return value are all forced on the decompiler as a unit based on the - Signature Source-Type. They are all forced if the Source-Type is set to anything + Signature Source. They are all forced if the type is set to anything other than DEFAULT; otherwise none of them are forced. @@ -2164,7 +2302,7 @@ Signed or zero extension Bitwise negation - Integer negation - Twos complement + Integer negation - Two's complement Add or subtract 1 @@ -2242,6 +2380,53 @@ If a register value's region starts in the middle of a function, decompilation is not affected at all. + + Context Registers + + There is a special class of registers, called context registers whose + values have a different affect on analysis and decompilation than described above. + + + Context registers are inputs to the disassembly decoding process and directly affect which + machine instructions are created. + + + The value in a context register is examined when Ghidra decodes machine instructions from the underlying + bytes in the Program. A specific value generally corresponds to a specific execution mode + of the processor. The ARM processor T bit for instance, which selects whether the + processor is executing ARM or THUMB instructions, is modeled as a context register in Ghidra. + The same set of bytes in the Program can be decoded to machine instructions in more than one way, + depending on context register values. + + + Bytes are typically decoded once using context register values + established at the time of disassembly. From Ghidra's more static view of execution, a context register holds + only a single value at any point in the code, but the same context register can hold different values for + different regions of code. Setting a new value on a region of the Program will affect any subsequent disassembly + of code within that region. + + + If a context register value is changed for a region that has already been disassembled, in order to see + the affect of the change, the machine instructions in the region need to be cleared, and disassembly needs + to be triggered again. See the documentation on the + Clear Plugin. + + + Values for a context register are set in the same way as any other register, using the + Set Register Values ... command + described above. Within the + Register Manager window, + context registers are generally grouped together under the (pseudo-register) heading, contextreg. + For details about how context registers are used in processor modeling, see + the document "SLEIGH: A Language for Rapid Processor Specification". + + + Because context registers affect machine instructions, they also affect the underlying p-code and + have a substantial impact on decompilation. Although details vary by processor, context register + values are typically established during the initial import and analysis of a Program and aren't changed + frequently. + + @@ -2286,7 +2471,7 @@ - + Cache Size (Functions) @@ -2298,7 +2483,7 @@ - + Decompiler Max-Payload (MBytes) @@ -2311,7 +2496,7 @@ - + Decompiler Timeout (seconds) @@ -2338,13 +2523,13 @@ - + Alias Blocking When deciding if an individual stack location has become dead, the decompiler must consider aliases, pointers onto the stack that could - be used to modify the location within a sub-function. One strong heuristic the decompiler + be used to modify the location within a called function. One strong heuristic the decompiler uses is; if the user has explicitly created a variable on the stack between the base location referenced by the pointer and the individual stack location, then the decompiler can assume that the pointer is not an alias of the stack location. @@ -2371,7 +2556,7 @@ - + Eliminate unreachable code @@ -2384,7 +2569,7 @@ - + Ignore unimplemented instructions @@ -2400,7 +2585,7 @@ - + Infer constant pointers @@ -2413,7 +2598,7 @@ - + Respect read-only flags @@ -2434,7 +2619,7 @@ - + Simplify extended integer operations @@ -2445,7 +2630,7 @@ - + Simplify predication @@ -2458,7 +2643,7 @@ - + Use in-place assignment operators @@ -2481,7 +2666,7 @@ - + Background Color @@ -2489,7 +2674,7 @@ - + Color for <token> @@ -2510,7 +2695,7 @@ - + Color Default @@ -2520,7 +2705,7 @@ - + Color for Current Variable Highlight @@ -2528,7 +2713,7 @@ - + Color for Highlighting Find Matches @@ -2537,7 +2722,7 @@ - + Comment line indent level @@ -2547,7 +2732,7 @@ - + Comment style @@ -2556,7 +2741,7 @@ - + Disable printing of type casts @@ -2593,7 +2778,7 @@ - + Display Header comment @@ -2604,7 +2789,7 @@ - + Display Line Numbers @@ -2616,7 +2801,7 @@ - + Display Namespaces @@ -2647,7 +2832,7 @@ - + Display Warning comments @@ -2657,7 +2842,7 @@ - + Font @@ -2667,7 +2852,7 @@ - + Integer format @@ -2692,7 +2877,7 @@ - + Maximum characters in a code line @@ -2703,7 +2888,7 @@ - + Number of characters per indent level @@ -2714,7 +2899,7 @@ - + Print 'NULL' for null pointers @@ -2725,7 +2910,7 @@ - + Print calling convention name @@ -2774,7 +2959,14 @@ To display the decompiler window, position the cursor on a function in the Code Browser, then select the - icon from the tool bar, or the + + + + + + + +  icon from the tool bar, or the Decompile option from the Window menu in the tool. @@ -2838,14 +3030,22 @@
Main Window - Initially pushing or selecting - Decompile from the Window menu in the tool - brings up the main window. The main window always displays the function - at the current address within the Code Browser and follows as the user navigates - within the Program. Any mouse click, menu option, or other action causing the cursor to move to a new - address in the Listing also causes the main window to display the function containing that address. - Navigation to new functions is also possible from within the window by double-clicking on function - tokens (See ). + Initially pushing + + + + + + + +  or selecting + Decompile from the Window menu in the tool + brings up the main window. The main window always displays the function + at the current address within the Code Browser and follows as the user navigates + within the Program. Any mouse click, menu option, or other action causing the cursor to move to a new + address in the Listing also causes the main window to display the function containing that address. + Navigation to new functions is also possible from within the window by double-clicking on function + tokens (See ). @@ -2868,7 +3068,7 @@ Operator tokens map to the machine instruction which performed that operation. - Function Name tokens, if they represent a call to a sub-function, map to the + Function Name tokens, if they represent a call to another function, map to the machine instruction executing the call. @@ -2887,8 +3087,16 @@
Snapshot Windows - Pressing the - icon in another Decompiler window's toolbar causes a Snapshot window + Pressing the + + + + + + + +  icon + in another Decompiler window's toolbar causes a Snapshot window to be created, which initially shows decompilation of the same function. Multiple Snapshot windows can be brought up to show decompilation of different functions simultaneously. Snapshot @@ -2915,6 +3123,41 @@
+
+ Undefined Functions + + If the current location within the Code Browser is in disassembled code, but that code + is not contained in a Formal Function Body, + then the decompiler window invents a function body on the fly called an + Undefined Function. The background color of the window + is changed to gray to indicate this special state. + + + + + + + + + The entry point address of the Undefined Function is chosen by + backtracking through the code's control-flow from the current location to the start of + a basic block that has no flow coming in except possibly from call instructions. + During decompilation, a function body is computed from the selected entry point (as with any function) + based on control-flow up to instructions with terminator semantics. + + + The current address, as indicated by the cursor in the Listing Window for instance, is + generally not the entry of the invented function, but the current address will be + contained somewhere in the body. + + + For display purposes in the window, the invented function is given a name based on the + computed entry point address with the prefix UndefinedFunction. The function + is assigned the default calling convention, and parameters are discovered as part of + the decompiler's analysis. + +
+
Tool Bar @@ -2926,7 +3169,14 @@ Export to C - - button + + + + + + + +  - button Exports the decompiled result of the current function to a file. A file chooser @@ -2934,12 +3184,27 @@ is not specified, a ".c" is appended to the filename. If the file already exists, a final dialog is presented to confirm that the file should be overwritten. + + This action exports a single function at a time. The user can export all functions + simultaneously from the Code Browser, by selecting the menu + File -> Export Program ... and then choosing + C/C++ + from the drop-down menu. See the full documentation for + the Export dialog. + Snapshot - - button + + + + + + + +  - button Creates a new Snapshot window. The Snapshot window @@ -2952,7 +3217,14 @@ Re-decompile - - button + + + + + + + +  - button Triggers a re-decompilation of the current function displayed in the window. @@ -2970,7 +3242,14 @@ Copy - - button + + + + + + + +  - button Copies the currently selected text in the decompiler window to the clipboard. @@ -3005,7 +3284,7 @@ and render it using the current Graph Service. - If no Graph Service is available then this action will no be present. + If no Graph Service is available then this action will not be present. @@ -3052,10 +3331,10 @@ - Sub-function Symbols + Function Symbols - Double clicking a sub-function name causes the - window itself to navigate away from its current function to the sub-function, triggering + Double clicking a called function name causes the + window itself to navigate away from its current function to the called function, triggering a new decompilation if necessary and changing its display. @@ -3101,7 +3380,7 @@ Control Double Click Opens a new Snapshot window, navigating it to the selected symbol. - This is a convenience for immediately decompiling and displaying a sub-function in a + This is a convenience for immediately decompiling and displaying a called function in a new window, without disturbing the active window. The behavior is similar to the Double Click action, the selected token must represent a function name symbol or possibly a constant address, but the navigation occurs in the new Snapshot window. @@ -3307,7 +3586,7 @@ The action is available from any token in the decompiler window. Most tokens trigger editing - of the current function itself, but a subfunction can be edited by putting the cursor on + of the current function itself, but a called function can be edited by putting the cursor on its name specifically. @@ -3394,7 +3673,8 @@ Highlight all variable tokens where the value at that point in the function is directly affected by the value at the selected variable token. A token is highlighted if there is a direct data-flow path - starting from the selected point and ending at the token. + starting from the selected point and ending at the token. A call operation is not + considered a direct data-flow path from its input parameters to its output value. In the following example, the token b, the output of @@ -3414,26 +3694,32 @@ directly affects the value at the selected variable token. A token is highlighted if there is a direct data-flow path starting from the token and ending at the selected point. + A call operation is not considered a direct data-flow path from its input parameters + to its output value. - Forward Inst Slice + Forward Operator Slice Highlight every operator token that manipulates a value directly affected by the value at the selected variable token. Along each direct data-flow path that starts at the selected point, each token representing an operation is highlighted, along with - any explicit variable it writes to. + any explicit variable read or written by the operation. A call operation is not + considered a direct data-flow path from its input parameters to its output value. + This is an alternate presentation of the slice displayed by the Forward Slice action. - Backward Inst Slice + Backward Operator Slice Highlight every operator token that manipulates a value that directly affects the value at the selected variable token. Along each direct data-flow path that ends at the selected point, each token representing an operation is highlighted, along with - any explicit variable it writes to. + any explicit variable read or written by the operation. A call operation is not + considered a direct data-flow path from its input parameters to its output value. + This is an alternate presentation of the slice displayed by the Backward Slice action. @@ -3491,19 +3777,19 @@ Override Signature - Override the function prototype corresponding to the sub-function under the cursor. + Override the function prototype corresponding to the function under the cursor. This action can be triggered at call sites, where the function - being decompiled is calling into another sub-function. Users must select either the token representing - the sub-function's name or the tokens representing the function pointer at the call site. + being decompiled is calling into another function. Users must select either the token representing + the called function's name or the tokens representing the function pointer at the call site. A dialog is brought up where the a complete function declaration, specifying the return data-type along with the name and data-type for each input parameter. Additionally, the "Calling Convention", "In Line", and "No Return" properties of the function prototype can be set (See ). - Confirming the dialog forces the new function prototype on the decompiler's view of the sub-function, + Confirming the dialog forces the new function prototype on the decompiler's view of the called function, but only for the single selected call site. @@ -3566,12 +3852,12 @@ Remove Signature Override - Remove the overriding function prototype applied previously to the sub-function under the cursor. + Remove the overriding function prototype applied previously to the called function under the cursor. This action can only be triggered at call sites, where an overriding prototype was previously placed by the command. As with - this command, users must select either the token representing the sub-function's name or the + this command, users must select either the token representing the called function's name or the tokens representing the function pointer at the call site. The action causes the override to be removed immediately. Parameter information will be drawn from the decompiler's normal analysis. @@ -3585,7 +3871,7 @@ The current function can be renamed by selecting the name token within the function's - declaration at the top of the decompiler window, or individual subfunctions + declaration at the top of the decompiler window, or individual called functions can be renamed by selecting their name token within a call expression. This action brings up a dialog containing a text field prepopulated with the name to be changed. The current namespace (and any parent namespaces) is @@ -3758,6 +4044,12 @@ input parameters to be created as well. In this situation, the action is equivalent to , and a confirmation dialog comes up to notify the user. + + Setting a data-type on the return value using this action affects decompilation for the + function itself and, additionally, any function that calls this function. Within a calling + function, the decompiler propagates the data-type into the variable or expression incorporating + the return value at each call site. + @@ -3791,6 +4083,11 @@ parameter did not exist previously, then its data-type is not forced by this action. + + Data-type information applied to parameters using this action is especially impactful + because it affects decompilation for the function owning the parameter and, additionally, + any function that calls this owning function. + diff --git a/Ghidra/Features/Decompiler/src/main/help/help/shared/languages.css b/Ghidra/Features/Decompiler/src/main/help/help/shared/languages.css index 092cafc875..b113644639 100644 --- a/Ghidra/Features/Decompiler/src/main/help/help/shared/languages.css +++ b/Ghidra/Features/Decompiler/src/main/help/help/shared/languages.css @@ -18,8 +18,10 @@ FrontPage.css. */ -h5 { margin-left: 10px; } -div.informalexample { margin-left: 50px; } +h5 { margin-left: 10px; margin-top: 20px; font-family:times new roman; font-size:12pt; font-style:italic; } +div.informalexample { margin-left: 50px; margin-top: 10px; } +dd { margin-bottom: 20px; } +dd p { margin-top: 5px; margin-left: 10px; } span.term { font-family:times new roman; font-size:14pt; font-weight:bold; } span.code { font-weight: bold; font-family: courier new; font-size: 14pt; color:#000000; } diff --git a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerAnnotations.html b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerAnnotations.html index 04aecdc6c7..dbf4bd5c7e 100644 --- a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerAnnotations.html +++ b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerAnnotations.html @@ -26,8 +26,12 @@ processor specific form into Ghidra's IR language (see “P-code”), which provides both the control-flow behavior of the instruction and the detailed semantics describing how the processor and memory state is affected. The translation is controlled by - the underlying processor model and cannot be directly altered from the tool. Users - can modify the model specification itself, however. + the underlying processor model and, except in limited circumstances, cannot be directly altered + from the tool. Flow Overrides (see below) can change how certain control-flow is translated, + and, depending on the processor, context registers may affect p-code (see “Context Registers”). +

+

+ Outside of the tool, users can modify the model specification itself. See the document "SLEIGH: A Language for Rapid Processor Specification".

@@ -37,7 +41,7 @@ fall through, conditional jump, and other semantics until an instruction with terminator semantics is reached, which is usually a "return from subroutine" - instruction. Flow is not traced into subfunctions, in this situation. Instructions + instruction. Flow is not traced into called functions, in this situation. Instructions with call semantics are treated only as if they fall through.

@@ -103,11 +107,17 @@ Flow Overrides

- Control-flow behavior for machine instructions is generally determined by the underlying - Processor model. But this flow can be overridden for individual instructions by various - Analyzers or manually by the user. The decompiler incorporates these overrides into its - analysis, and they can have a significant impact on results. Current - flow overrides include: + Control-flow behavior for a machine instruction is generally determined by its underlying + p-code (see “P-code Control Flow”), but this can be changed by applying a Flow Override. + A Flow Override maintains the overall semantics of a branching instruction + but changes how the branch is interpreted. For instance, a JMP instruction, which traditionally + represents a branch within a single function, can be overridden to represent a call to a new function. + Flow Overrides are applied by Analyzers or manually by the user. +

+

+ The decompiler automatically incorporates any relevant Flow Overrides into its + analysis of a function. This can have a significant impact on results. The + types of possible Flow Overrides include:

@@ -413,8 +423,11 @@
Duplicate Symbols

- Ghidra allows duplicate symbols, including duplicate function names, in - any scope higher than a function. + Ghidra allows different functions to have the same name, even within the same + namespace, in order to model languages that support function overloading. + In most languages, such functions would be expected to have distinct prototypes to allow + the symbols to be distinguished in context. Ghidra and the decompiler however do not check + for this, as prototypes may not be known.

@@ -763,21 +776,20 @@

For annotations that specifically label a function's formal parameters or return value, - the Signature Source-Type also affects how they're treated by the decompiler. - If the Source-Type is set to anything other than DEFAULT, there is a forced + the Signature Source also affects how they're treated by the decompiler. + If the Signature Source is set to anything other than DEFAULT, there is a forced one-to-one correspondence between variable annotations and actual parameters in the decompiler's view of the function. This is stronger than just forcing the data-type; the existence (or not) of - the variable itself is forced by the annotation in this case. If the Source-Type is forcing and + the variable itself is forced by the annotation in this case. If the Signature Source is forcing and there are no parameter annotations, a void prototype is forced on the function.

- A forcing Source-Type, with a value other than - DEFAULT, is set typically if debug symbols for the function are read in during + A forcing Signature Source is set typically if debug symbols for the function are read in during Program import (IMPORTED), or if the user manually edits the function prototype directly (USER_DEFINED).

- If an annotation and the Signature Source-Type force a parameter to exist, specifying an + If an annotation and the Signature Source force a parameter to exist, specifying an undefined data-type in the annotation still directs the decompiler to fill in the variable's data-type using type propagation. The same holds true for the return value; an undefined annotation fixes the size of the return value, but the decompiler @@ -867,10 +879,13 @@ Currently, the entire body of the function is included in the scope of any stack annotation, and the decompiler will allow only a single variable to exist at the stack address. A stack annotation can be a formal parameter to the function, but otherwise the - decompiler does not expect to see a value that exists before the start of the function. Similarly, - because the value is not expected to persist after the function executes, a write to the stack - address may not show up as an explicit assignment to the variable if the value is simply - propagated through to another expression. + decompiler does not expect to see a value that exists before the start of the function. +

+

+ The decompiler will continue to perform copy propagation and other transforms on + stack locations associated with a variable annotation. In particular, within decompiler output, + a specific write operation to a stack address may not show up as an explicit assignment to its variable, + if the value is simply copied to another location.

@@ -1004,7 +1019,7 @@

If the boolean property in-line is turned on for a particular function, it directs the decompiler to inline the effects of the function into the decompilation of any of its calling functions. - The function will no longer appear as a direct subfunction call in the decompilation, but all of its data-flow + The function will no longer appear as a direct function call in the decompilation, but all of its data-flow will be incorporated into the calling function.

@@ -1018,8 +1033,8 @@

This property is similar in spirit to marking a function as in-line. A call-fixup directs the decompiler to replace any call to the function with a specific - chunk of raw p-code. The decompilation of any calling function no longer shows the subfunction call, but the chunk - of p-code incorporates the subfunction's effects. + chunk of raw p-code. The decompilation of any calling function no longer shows the function call, but the chunk + of p-code incorporates the called function's effects.

Call-fixups are more flexible than just inlining a function. The call-fixup chunk can be tailored to incorporate all of, @@ -1036,6 +1051,49 @@

+Signature Source

+ +

+ Ghidra records a Signature Source for every function, + indicating the origin of its prototype information. This is + similar to the Symbol Source attached to Ghidra's symbol annotations + (See the documentation for + Filtering + in the Symbol Table). The possible types are: +

+
+
    +
  • +DEFAULT - for basic or no information
    • +
  • +ANALYSIS - for information derived by an Analyzer
    • +
  • +IMPORTED - for information imported from an external source
    • +
  • +USER_DEFINED - for information set by the user
    • +
+
+

+

+

+ Upon import of the Program, if there are debugging symbols available, Ghidra will build + annotations of the function's parameters and set the Symbol Source type to IMPORTED. + Otherwise, it will generally be set to DEFAULT. +

+

+ However, Ghidra adjusts the Signature Source for a function if there is any change to the + prototype. In particular, if the user adds, removes, or edits variable annotations + for the function's parameters or return value, Ghidra automatically converts the Signature + Source to be USER_DEFINED. +

+

+ If the Signature Source is set to anything other than DEFAULT, the + function's prototype information is forcing on the decompiler. See the discussion + in “Forcing Data-types” +

+
+
+

Discovering Parameters

@@ -1051,7 +1109,7 @@ The input parameters and return value are all forced on the decompiler as a unit based on the - Signature Source-Type. They are all forced if the Source-Type is set to anything + Signature Source. They are all forced if the type is set to anything other than DEFAULT; otherwise none of them are forced.

@@ -1165,7 +1223,7 @@
  • Signed or zero extension
  • Bitwise negation
    • -
  • Integer negation - Twos complement
    • +
  • Integer negation - Two's complement
  • Add or subtract 1
@@ -1252,6 +1310,61 @@ If a register value's region starts in the middle of a function, decompilation is not affected at all.

+
+

+Context Registers

+ +

+ There is a special class of registers, called context registers whose + values have a different affect on analysis and decompilation than described above. +

+
+ + + + + +
[Tip]
+ Context registers are inputs to the disassembly decoding process and directly affect which + machine instructions are created. +
+

+ The value in a context register is examined when Ghidra decodes machine instructions from the underlying + bytes in the Program. A specific value generally corresponds to a specific execution mode + of the processor. The ARM processor T bit for instance, which selects whether the + processor is executing ARM or THUMB instructions, is modeled as a context register in Ghidra. + The same set of bytes in the Program can be decoded to machine instructions in more than one way, + depending on context register values. +

+

+ Bytes are typically decoded once using context register values + established at the time of disassembly. From Ghidra's more static view of execution, a context register holds + only a single value at any point in the code, but the same context register can hold different values for + different regions of code. Setting a new value on a region of the Program will affect any subsequent disassembly + of code within that region. +

+

+ If a context register value is changed for a region that has already been disassembled, in order to see + the affect of the change, the machine instructions in the region need to be cleared, and disassembly needs + to be triggered again. See the documentation on the + Clear Plugin. +

+

+ Values for a context register are set in the same way as any other register, using the + Set Register Values ... command + described above. Within the + Register Manager window, + context registers are generally grouped together under the (pseudo-register) heading, contextreg. + For details about how context registers are used in processor modeling, see + the document "SLEIGH: A Language for Rapid Processor Specification". +

+

+ Because context registers affect machine instructions, they also affect the underlying p-code and + have a substantial impact on decompilation. Although details vary by processor, context register + values are typically established during the initial import and analysis of a Program and aren't changed + frequently. +

+
diff --git a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerConcepts.html b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerConcepts.html index ebfdf92d5f..e40eb14ec3 100644 --- a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerConcepts.html +++ b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerConcepts.html @@ -45,7 +45,7 @@ size - the maximum number of bytes that can be addressed
  • - endianess - how groups of bytes are interpreted as integers + endianness - how groups of bytes are interpreted as integers
    • @@ -62,7 +62,7 @@
    ram

    - A space that models memory accessible via the processors's main data bus. Depending on + A space that models memory accessible via the processor's main data bus. Depending on the architecture, different spaces might be substituted for ram, such as separate code and data spaces.

    @@ -153,7 +153,7 @@

    - The integer data-type assumes a twos complement encoding in the endianness of the + The integer data-type assumes a two's complement encoding in the endianness of the address space containing the varnode. Similarly, the floating point data-type assumes an IEEE 754 standard encoding. The precision of the integer or floating point value is determined by the varnode's size. A boolean data-type assumes the varnode has a size @@ -332,12 +332,12 @@ CALL funcname(...) - Branch to a subfunction. + Branch to a function, as a call. CALLIND (*funcptr)(...) - Branch through a pointer to a subfunction. + Branch through a pointer to a function, as a call. RETURN @@ -435,7 +435,7 @@ INT_2COMP - - Twos complement. + Two's complement. INT_NEGATE @@ -666,6 +666,65 @@

    +P-code Control Flow

    + +

    + P-code has natural control-flow, with the subtlety that flow + happens both within and across machine instructions. Most p-code operators have + fall-through semantics, meaning that flow moves to the + next operator in the sequence associated with the instruction, or, if the operator is the + last in the sequence, flow moves to the first operator in the p-code associated with the next instruction. + The p-code operators with branching semantics, such as + CBRANCH and BRANCH, can jump to a target operator which is internal to the current instruction, or they can + jump to the first p-code operator corresponding to a new instruction at a different address. +

    +

    + Ghidra labels a machine instruction with one of the following Flow Types that describe + its overall control-flow. The Flow Type is derived directly from the control-flow of the p-code for the instruction, + with the basic types corresponding directly with a specific branching p-code operator. +

    +
    +
      +
    • FALL_THROUGH
      • +
    • +UNCONDITIONAL_CALL - CALL
      • +
    • +UNCONDITIONAL_JUMP - BRANCH
      • +
    • +CONDITIONAL_JUMP - CBRANCH
      • +
    • +COMPUTED_JUMP - BRANCHIND
      • +
    • +COMPUTED_CALL - CALLIND
      • +
    • +TERMINATOR - RETURN
      • +
    +
    +

    + Other Flow Types occur due to a combination of multiple p-code branching operators within the same instruction. +

    +
    +
      +
    • +CONDITIONAL_CALL - CALL with CBRANCH
      • +
    • +CONDITIONAL_TERMINATOR - RETURN with CBRANCH
      • +
    • +COMPUTED_CALL_TERMINATOR - CALLIND with RETURN
      • +
    • +CONDITIONAL_COMPUTED_JUMP - CBRANCH with BRANCHIND
      • +
    • +CONDITIONAL_COMPUTED_CALL - CBRANCH with CALLIND
      • +
    • +JUMP_TERMINATOR - BRANCH with RETURN
      • +
    +
    +

    +

    +
    + +
    +

    Internal Decompiler Functions

    @@ -676,9 +735,9 @@ of p-code operations, displaying them as if they were built-in functions for the language.

    -
      -
    • - SUB41(x,c) - Truncation operation - SUBPIECE +
      +
      SUB41(x,c) - Truncation operation - SUBPIECE
      +
      • The digit '4' indicates the size of the input operand 'x' in bytes.
      • The digit '1' indicates the size of the output value in bytes.
        • @@ -710,9 +769,9 @@

      -
      • -
    • - CONCAT31(x,y) - Concatenation operator - PIECE +
    +
    CONCAT31(x,y) - Concatenation operator - PIECE
    +
    • The digit '3' indicates the size of the input operand 'x' in bytes.
    • The digit '1' indicates the size of the input operand 'y' in bytes.
      • @@ -725,9 +784,9 @@ Concatenate the bytes in 'x' with the bytes in 'y'. 'x' becomes the most significant bytes, and 'y' the least significant bytes, in the result.

      - -
    • - ZEXT14(x) - Zero-extension operator - INT_ZEXT +
    +
    ZEXT14(x) - Zero-extension operator - INT_ZEXT
    +
    • The digit '1' indicates the size of the input operand 'x' in bytes.
    • The digit '4' indicates the size of the output in bytes.
      • @@ -739,9 +798,9 @@ Extend the operand 'x' to a larger size by appending zero bytes, which become the most significant bytes of the result.

      - -
    • - SEXT14(x) - Sign-extension operator - INT_SEXT +
    +
    SEXT14(x) - Sign-extension operator - INT_SEXT
    +
    • The digit '1' indicates the size of the input operand 'x' in bytes.
    • The digit '4' indicates the size of the output in bytes.
      • @@ -753,32 +812,32 @@ Extend the operand 'x' to a larger size by duplicating the sign bit of 'x' into the most significant bytes of the result.

      - -
    • - SBORROW4(x,y) - Test for signed borrow operator - INT_SBORROW +
    +
    SBORROW4(x,y) - Test for signed borrow operator - INT_SBORROW
    +
    • The digit '4' indicates the size of both input operands 'x' and 'y' in bytes.

    Return true if there is an arithmetic overflow when subtracting 'y' from 'x' as signed integers.

    - -
  • - CARRY4(x,y) - Test for unsigned overflow operator - INT_CARRY +
    • +
    CARRY4(x,y) - Test for unsigned overflow operator - INT_CARRY
    +
    • The digit '4' indicates the size of both input operands 'x' and 'y' in bytes.

    Return true if there is an arithmetic overflow when adding 'x' and 'y' as unsigned integers.

    - -
  • - SCARRY4(x,y) - Test for signed overflow operator - INT_SCARRY +
    • +
    SCARRY4(x,y) - Test for signed overflow operator - INT_SCARRY
    +
    • The digit '4' indicates the size of both input operands 'x' and 'y' in bytes.

    Return true if there is an arithmetic overflow when adding 'x' and 'y' as signed integers.

    - - +
    + @@ -1025,14 +1084,14 @@ Unaffected

    - Prototype models can specify a set of unaffectedmemory locations, + Prototype models can specify a set of unaffected memory locations, whose value must be preserved across the function. I.e. each location must hold the same value at a function's exit that it held coming into the function. These encompass a calling convention's saved registers, where a calling function can store values it doesn't want to change unexpectedly, but also may include other registers that are known not to change, like the stack pointer. The decompiler uses the information to determine which locations can be safely propagated across - a sub-function. + a called function.

    diff --git a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerIntro.html b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerIntro.html index 986b28857a..da3e82bc06 100644 --- a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerIntro.html +++ b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerIntro.html @@ -62,7 +62,9 @@
    • - Press the icon + Press the + +  icon in the tool bar, or
    • @@ -110,54 +112,66 @@

      -
        -
      • - Recovering Expressions: The - decompiler does full data-flow analysis which allows it to - perform slicing on functions: complicated expressions, which have been split into - distinct operations/instructions and then mixed together with - other instructions by the compiling/optimizing process, are - reconstituted back into a single line. -
        • -
      • - Recovering High-Level Scoped - Variables: The decompiler understands how compilers - use processor stacks and registers to implement variables with - different scopes within a function. Data-flow analysis allows it to - follow what was originally a single variable as it moves from - the stack, into a register, into a different register, etc. Thus - it can effectively recover the original programs concept of a - variable, minimizing the need to introduce artificial variables - in the output. -
        • -
      • - Recovering Function Parameters: - The decompiler understands the parameter passing conventions of - the compiler and can reconstruct the original form of - function calls. -
        • -
      • - Using Data-type, Name, and Signature - Annotations: The decompiler automatically pulls in - all the different data types and variable names that the user - has applied to functions, and the C output is altered to reflect - this. High-level variables are appropriately named, structure - fields and array indices are calculated and displayed with - correct syntax, constant char pointers are replaced with - appropriate quoted strings, etc. -
        • -
      • - Propagating Local Data-types: - The decompiler infers the data-type of unlabeled variables - by propagating information from other sources throughout a function. -
        • -
      • - Recovering Structure Definitions: - The decompiler can be used to create structures that match the usage - pattern of particular functions and variables, automatically discovering - component offsets and data-types. -
        • -
      +
      +
      Recovering Expressions
      +
      +

      + The decompiler does full data-flow analysis which allows it to + perform slicing on functions: complicated expressions, which have been split into + distinct operations/instructions and then mixed together with + other instructions by the compiling/optimizing process, are + reconstituted back into a single line. +

      +
      +
      Recovering High-Level Scoped Variables
      +
      +

      + The decompiler understands how compilers + use processor stacks and registers to implement variables with + different scopes within a function. Data-flow analysis allows it to + follow what was originally a single variable as it moves from + the stack, into a register, into a different register, etc. Thus + it can effectively recover the original program's concept of a + variable, minimizing the need to introduce artificial variables + in the output. +

      +
      +
      Recovering Function Parameters
      +
      +

      + The decompiler understands the parameter passing conventions of + the compiler and can reconstruct the original form of + function calls. +

      +
      +
      Using Data-type, Name, and Signature Annotations
      +
      +

      + The decompiler automatically pulls in + all the different data types and variable names that the user + has applied to functions, and the C output is altered to reflect + this. High-level variables are appropriately named, structure + fields and array indices are calculated and displayed with + correct syntax, constant char pointers are replaced with + appropriate quoted strings, etc. +

      +
      +
      Propagating Local Data-types
      +
      +

      + The decompiler infers the data-type of unlabeled variables + by propagating information from other sources throughout a function. +

      +
      +
      Recovering Structure Definitions
      +
      +

      + The decompiler can be used to create structures that match the usage + pattern of particular functions and variables, automatically discovering + component offsets and data-types. +

      +
      +

      diff --git a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerOptions.html b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerOptions.html index c819051aeb..655b75f59c 100644 --- a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerOptions.html +++ b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerOptions.html @@ -64,7 +64,9 @@

      -
      Cache Size (Functions)
      +
      +Cache Size (Functions) +

      Decompilation results for a single function can be compute intensive to produce. @@ -74,7 +76,9 @@ a new decompilation is not triggered.

      -
      Decompiler Max-Payload (MBytes)
      +
      +Decompiler Max-Payload (MBytes) +

      This is a limit on the number of bytes that can be produced by the decompiler process as output @@ -85,7 +89,9 @@ "Decompiler results exceeded payload limit ..." is displayed.

      -
      Decompiler Timeout (seconds)
      +
      +Decompiler Timeout (seconds) +

      This option sets an upper limit on the number of seconds the decompiler spends attempting @@ -113,12 +119,14 @@

      -
      Alias Blocking
      +
      +Alias Blocking +

      When deciding if an individual stack location has become dead, the decompiler must consider aliases, pointers onto the stack that could - be used to modify the location within a sub-function. One strong heuristic the decompiler + be used to modify the location within a called function. One strong heuristic the decompiler uses is; if the user has explicitly created a variable on the stack between the base location referenced by the pointer and the individual stack location, then the decompiler can assume that the pointer is not an alias of the stack location. @@ -149,7 +157,9 @@ knowing immediately if the stack location is part of a larger structure or array.

      -
      Eliminate unreachable code
      +
      +Eliminate unreachable code +

      When this is toggled on, the decompiler eliminates code that it @@ -160,7 +170,9 @@ by the control-flow structure -- if (false) { ... }.

      -
      Ignore unimplemented instructions
      +
      +Ignore unimplemented instructions +

      When toggled on, the decompiler treats instructions whose semantics @@ -174,7 +186,9 @@ control-flow does not fall through.

      -
      Infer constant pointers
      +
      +Infer constant pointers +

      When toggled on, the decompiler infers a data-type for constants @@ -185,7 +199,9 @@ the decompiler to other parts of the function.

      -
      Respect read-only flags
      +
      +Respect read-only flags +

      When toggled on, the decompiler treats any values in memory @@ -204,7 +220,9 @@ (See “Data Mutability”).

      -
      Simplify extended integer operations
      +
      +Simplify extended integer operations +

      This toggles whether the decompiler attempts to simplify double precision arithmetic operations, @@ -213,7 +231,9 @@ limited, and only certain constructions are simplified.

      -
      Simplify predication
      +
      +Simplify predication +

      When this option is active, the decompiler simplifies code sequences containing @@ -224,7 +244,9 @@ printed once.

      -
      Use in-place assignment operators
      +
      +Use in-place assignment operators +

      When toggled on, the decompiler employs in-place assignment operators, @@ -248,13 +270,17 @@

      -
      Background Color
      +
      +Background Color +

      Assign the background color for the Decompiler window.

      -
      Color for <token>
      +
      +Color for <token> +

      Assign colors to the different types of language tokens emitted by the decompiler. @@ -281,7 +307,9 @@

      -
      Color Default
      +
      +Color Default +

      Assign the color to any characters emitted by the decompiler that do not fall into one of token types @@ -289,20 +317,26 @@ characters.

      -
      Color for Current Variable Highlight
      +
      +Color for Current Variable Highlight +

      Assign the background color used to highlight the token currently under the cursor in a Decompiler Window.

      -
      Color for Highlighting Find Matches
      +
      +Color for Highlighting Find Matches +

      Assign the background color used to highlight characters matching the current Find pattern. See “Find ...”.

      -
      Comment line indent level
      +
      +Comment line indent level +

      Set the number of characters that comment lines are indented within decompiler output. This applies only @@ -310,14 +344,18 @@ are not indented.

      -
      Comment style
      +
      +Comment style +

      Set the language syntax used to delimit comments emitted as part of decompiler output. For C and Java, the choices are /* C style comments */ and // C++ style comments.

      -
      Disable printing of type casts
      +
      +Disable printing of type casts +

      Set whether the syntax for type casts is emitted in decompiler output. @@ -354,7 +392,9 @@

      -
      Display Header comment
      +
      +Display Header comment +

      Toggle whether the decompiler emits comments at the head (before the beginning) of a function. @@ -363,7 +403,9 @@ The inclusion of other Plate comments is controlled by the Display PLATE comments toggle, described above.

      -
      Display Line Numbers
      +
      +Display Line Numbers +

      Toggle whether line numbers are displayed in any Decompiler Window. If toggled @@ -373,7 +415,9 @@ the decompiler's output.

      -
      Display Namespaces
      +
      +Display Namespaces +

      Control how the decompiler displays namespace information associated @@ -404,7 +448,9 @@ circumstances and may produce output that is ambiguous and doesn't formally parse.

      -
      Display Warning comments
      +
      +Display Warning comments +

      Toggle whether decompiler generated WARNING comments are displayed as part @@ -412,7 +458,9 @@ indicate unusual conditions or possible errors (See “Warning Comments”).

      -
      Font
      +
      +Font +

      Set the typeface used to render characters in any Decompiler Window. Indentation is generally clearer @@ -420,7 +468,9 @@ the font can also be controlled from this option.

      -
      Integer format
      +
      +Integer format +

      Set how integer constants are formatted in the decompiler output. @@ -445,7 +495,9 @@ a round hexadecimal value (0x10, 0x100, 0x1000, etc.)

      -
      Maximum characters in a code line
      +
      +Maximum characters in a code line +

      Set the maximum number of characters in a line of code emitted by the decompiler before a line break @@ -454,7 +506,9 @@ extend the line beyond the maximum.

      -
      Number of characters per indent level
      +
      +Number of characters per indent level +

      Set the amount of indenting used to print statements within a nested scope in the @@ -463,7 +517,9 @@ bodies adds this number characters.

      -
      Print 'NULL' for null pointers
      +
      +Print 'NULL' for null pointers +

      Set how null pointers are displayed in decompiler output. If this is toggled @@ -472,7 +528,9 @@ which is then type cast into a pointer.

      -
      Print calling convention name
      +
      +Print calling convention name +

      Set whether the calling convention is printed as part of the function diff --git a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerWindow.html b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerWindow.html index 05df6c18f1..06989b7a94 100644 --- a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerWindow.html +++ b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/DecompilerWindow.html @@ -16,7 +16,9 @@

      To display the decompiler window, position the cursor on a function in the Code Browser, then select the - icon from the tool bar, or the + + +  icon from the tool bar, or the Decompile option from the Window menu in the tool.

      @@ -86,14 +88,17 @@ Main Window

      - Initially pushing or selecting - Decompile from the Window menu in the tool - brings up the main window. The main window always displays the function - at the current address within the Code Browser and follows as the user navigates - within the Program. Any mouse click, menu option, or other action causing the cursor to move to a new - address in the Listing also causes the main window to display the function containing that address. - Navigation to new functions is also possible from within the window by double-clicking on function - tokens (See “Mouse Actions”). + Initially pushing + + +  or selecting + Decompile from the Window menu in the tool + brings up the main window. The main window always displays the function + at the current address within the Code Browser and follows as the user navigates + within the Program. Any mouse click, menu option, or other action causing the cursor to move to a new + address in the Listing also causes the main window to display the function containing that address. + Navigation to new functions is also possible from within the window by double-clicking on function + tokens (See “Mouse Actions”).

      @@ -118,7 +123,7 @@ Operator tokens map to the machine instruction which performed that operation.

      - Function Name tokens, if they represent a call to a sub-function, map to the + Function Name tokens, if they represent a call to another function, map to the machine instruction executing the call.

      @@ -145,8 +150,11 @@ Snapshot Windows

      - Pressing the - icon in another Decompiler window's toolbar causes a Snapshot window + Pressing the + + +  icon + in another Decompiler window's toolbar causes a Snapshot window to be created, which initially shows decompilation of the same function. Multiple Snapshot windows can be brought up to show decompilation of different functions simultaneously. Snapshot @@ -178,6 +186,40 @@

      +
      +

      +Undefined Functions

      + +

      + If the current location within the Code Browser is in disassembled code, but that code + is not contained in a Formal Function Body, + then the decompiler window invents a function body on the fly called an + Undefined Function. The background color of the window + is changed to gray to indicate this special state. +

      +
      +

      +

      +

      + The entry point address of the Undefined Function is chosen by + backtracking through the code's control-flow from the current location to the start of + a basic block that has no flow coming in except possibly from call instructions. + During decompilation, a function body is computed from the selected entry point (as with any function) + based on control-flow up to instructions with terminator semantics. +

      +

      + The current address, as indicated by the cursor in the Listing Window for instance, is + generally not the entry of the invented function, but the current address will be + contained somewhere in the body. +

      +

      + For display purposes in the window, the invented function is given a name based on the + computed entry point address with the prefix UndefinedFunction. The function + is assigned the default calling convention, and parameters are discovered as part of + the decompiler's analysis. +

      +
      +

      Tool Bar

      @@ -193,7 +235,9 @@ Export to C

    - - button + + +  - button

    Exports the decompiled result of the current function to a file. A file chooser @@ -201,6 +245,14 @@ is not specified, a ".c" is appended to the filename. If the file already exists, a final dialog is presented to confirm that the file should be overwritten.

    +

    + This action exports a single function at a time. The user can export all functions + simultaneously from the Code Browser, by selecting the menu + File -> Export Program ... and then choosing + C/C++ + from the drop-down menu. See the full documentation for + the Export dialog. +

    @@ -208,7 +260,9 @@ Snapshot

    - - button + + +  - button

    Creates a new Snapshot window. The Snapshot window @@ -223,7 +277,9 @@ Re-decompile

    - - button + + +  - button

    Triggers a re-decompilation of the current function displayed in the window. @@ -249,7 +305,9 @@ Copy

    - - button + + +  - button

    Copies the currently selected text in the decompiler window to the clipboard. @@ -293,7 +351,7 @@ - If no Graph Service is available then this action will no be present. + If no Graph Service is available then this action will not be present. @@ -348,10 +406,10 @@

    -
    Sub-function Symbols
    +
    Function Symbols

    - Double clicking a sub-function name causes the - window itself to navigate away from its current function to the sub-function, triggering + Double clicking a called function name causes the + window itself to navigate away from its current function to the called function, triggering a new decompilation if necessary and changing its display.

    Global Variables
    @@ -391,7 +449,7 @@

    Opens a new Snapshot window, navigating it to the selected symbol. - This is a convenience for immediately decompiling and displaying a sub-function in a + This is a convenience for immediately decompiling and displaying a called function in a new window, without disturbing the active window. The behavior is similar to the Double Click action, the selected token must represent a function name symbol or possibly a constant address, but the navigation occurs in the new Snapshot window. @@ -607,7 +665,7 @@

    The action is available from any token in the decompiler window. Most tokens trigger editing - of the current function itself, but a subfunction can be edited by putting the cursor on + of the current function itself, but a called function can be edited by putting the cursor on its name specifically.

    @@ -693,7 +751,8 @@ Highlight all variable tokens where the value at that point in the function is directly affected by the value at the selected variable token. A token is highlighted if there is a direct data-flow path - starting from the selected point and ending at the token. + starting from the selected point and ending at the token. A call operation is not + considered a direct data-flow path from its input parameters to its output value.

    In the following example, the token b, the output of @@ -709,22 +768,28 @@ directly affects the value at the selected variable token. A token is highlighted if there is a direct data-flow path starting from the token and ending at the selected point. + A call operation is not considered a direct data-flow path from its input parameters + to its output value.

    -
    Forward Inst Slice
    +
    Forward Operator Slice

    Highlight every operator token that manipulates a value directly affected by the value at the selected variable token. Along each direct data-flow path that starts at the selected point, each token representing an operation is highlighted, along with - any explicit variable it writes to. + any explicit variable read or written by the operation. A call operation is not + considered a direct data-flow path from its input parameters to its output value. + This is an alternate presentation of the slice displayed by the Forward Slice action.

    -
    Backward Inst Slice
    +
    Backward Operator Slice

    Highlight every operator token that manipulates a value that directly affects the value at the selected variable token. Along each direct data-flow path that ends at the selected point, each token representing an operation is highlighted, along with - any explicit variable it writes to. + any explicit variable read or written by the operation. A call operation is not + considered a direct data-flow path from its input parameters to its output value. + This is an alternate presentation of the slice displayed by the Backward Slice action.

    @@ -776,19 +841,19 @@ Override Signature

    - Override the function prototype corresponding to the sub-function under the cursor. + Override the function prototype corresponding to the function under the cursor.

    This action can be triggered at call sites, where the function - being decompiled is calling into another sub-function. Users must select either the token representing - the sub-function's name or the tokens representing the function pointer at the call site. + being decompiled is calling into another function. Users must select either the token representing + the called function's name or the tokens representing the function pointer at the call site. A dialog is brought up where the a complete function declaration, specifying the return data-type along with the name and data-type for each input parameter. Additionally, the "Calling Convention", "In Line", and "No Return" properties of the function prototype can be set (See “Function Prototypes”).

    - Confirming the dialog forces the new function prototype on the decompiler's view of the sub-function, + Confirming the dialog forces the new function prototype on the decompiler's view of the called function, but only for the single selected call site.

    @@ -861,12 +926,12 @@ Remove Signature Override

    - Remove the overriding function prototype applied previously to the sub-function under the cursor. + Remove the overriding function prototype applied previously to the called function under the cursor.

    This action can only be triggered at call sites, where an overriding prototype was previously placed by the “Override Signature” command. As with - this command, users must select either the token representing the sub-function's name or the + this command, users must select either the token representing the called function's name or the tokens representing the function pointer at the call site. The action causes the override to be removed immediately. Parameter information will be drawn from the decompiler's normal analysis. @@ -882,7 +947,7 @@

    The current function can be renamed by selecting the name token within the function's - declaration at the top of the decompiler window, or individual subfunctions + declaration at the top of the decompiler window, or individual called functions can be renamed by selecting their name token within a call expression. This action brings up a dialog containing a text field prepopulated with the name to be changed. The current namespace (and any parent namespaces) is @@ -1067,6 +1132,12 @@ input parameters to be created as well. In this situation, the action is equivalent to “Commit Params/Return”, and a confirmation dialog comes up to notify the user.

    +

    + Setting a data-type on the return value using this action affects decompilation for the + function itself and, additionally, any function that calls this function. Within a calling + function, the decompiler propagates the data-type into the variable or expression incorporating + the return value at each call site. +

    @@ -1102,6 +1173,11 @@ parameter did not exist previously, then its data-type is not forced by this action.

    +

    + Data-type information applied to parameters using this action is especially impactful + because it affects decompilation for the function owning the parameter and, additionally, + any function that calls this owning function. +

    diff --git a/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/images/Undefined.png b/Ghidra/Features/Decompiler/src/main/help/help/topics/DecompilePlugin/images/Undefined.png new file mode 100644 index 0000000000000000000000000000000000000000..9c82cad0beba8f74cd69ce877d4258053bbb9f68 GIT binary patch literal 16567 zcmaic1yCGe)8-;ULVyGfiw1Xs1lQp1?(XhRAS5BUI|N%Cg1bA5yAwRPyWNoQ`>XEi zuIi?iWp;L6@3*_3r+YR;K~5a?HTX3M1VWXR5K#hwV1FBO^!lJIV99q({5Xf^Xr4qU3SJ;Aj_RhH@bpcDc~KP)3aHVC-O=OK+BPr}zg z<&lB@hDGSDJw#QqAnh|qa2kswpx~wkf|b3HJ)Ke>_qo|}>+;zC@^Qg@>!*rTp-qL9 zRPggf{#$!Hq3O6fHW!9#(dljPw)^b8+LqESs}lWBs^0f2g^v1Dw#QSD-Al8V(`t9x z>;5_%U&Q-tFcs=5uIn7nH1QIA#^AfxX;i{*;XQ-;nB~WyeG0b=UF~|IB>nzjX)ylM|^vNLCt=>XTSZ>%N8eW1NtXjoks)X@j;SM_b*~{6LAW zaM;e4Bm(+Fnq2ItDUH5Q#H(5hgmy)e?33 zk*vK4^Zn_){qw{A=tw%ZvObe;Bd6)0y3mKZXA~(l$zISOhf@_SR(K(Pxhbv7GAiu` zLew`0TusvMy{lp7J76S>ZSXgCW+uah^K!raTXAXQeXm6-$r!o(VinpNtx~mORa)%K z(c@+4wU>m3nwnXa*)YDf@L3!fE%cNe(E=U@K1ypWN~DLVLkdPbc3>LWYXI@`w@CP3q^{)x{MIfwu9xAVmeevy!AS%?K?+Ci< z?dyy8{}Jjvt9tnCSzb?75s$%PuT^Ke4-vcmWH$AqJ0IDVHiiP)ERrT)E6=a$L;Kfb ztUsH1ap6^oU7KOeV=v+16*5~OMV5e7bqa!77zq-0x?KKbAvQlfPO&|48*hk6@pKHi zCe4+Gz#yAo40))W@kD?SC>_BC775luFs_w%QOmDu(6gl9J-cQHOLS;j%<{0ZvT`zC z{_*L4pvwHY5yxd~rR5$RzRgFBBzIK{ylUkAn_^U>Dgqj3%x=%Nlp#K>u6uD@&f6uL zRg|2Z8pYFo9x$n^Brx|@6W#gPXhkTvj3t^aMemB;Z_n~(N*B`}9xr|g1)0laro_cf zX(a57By+j+w`T<*qT%s6^#A!{bXwJ0$!qwKWIl@Fs!t_LpnhuILc^$5rrF{&*50Zg z0rp&bXqerV+S*fXdvox7Yw`SUXH99s@gWjf3iROwzLUHdLvZ%2oF#DG;Da^bELt=P;fQF*ZcbKd{=Rz zy*lG;`(V*P(I;&jrbpK&cWF^lMN7@Xa`(gxzUDjsBk$XZ;Oj#3Pd?Mq%W6IO1 zIPa&`_1%w_8Whx$(&8@qi2Z-`tQRWh`_APUoo|;CpBL#$+LfiI;$xeyw&X`|)UA%B z9xr!&FIa9Z=J*~-V2#D&4R^JPyNQTEBrok>;W9vqkH6?PG6H)0_IDGBfWXOINOd)? zH14yFweiluK{j2D@jVVAV&6|U*sFt~(b4C_n`2AM!cadw3v270g9###TA3CKyv=HD z-UP+Yk?!Jo-UKFvDbn~QLoyA7u7iI^_v?O+f>8)hmn5~LWD(%A*lvqSbQ}+Jxn-2!d&Ff(`>7% z7qL?LoE2j>cba-PzuM+Li~B^TN;^IFp-UnL*fAlvg@tr#58Vb8nljw_2Hf5wB_%^L zU)s~Um^H5Vi&`HMn)msLt}nRqw1G`J#rnmSMeUp{5Wm{3Vswfho=*4rIPFJ>#Lf#5de<16_A30!pZ${TVG$FbHkEij#!<$t-R=B z1QDu?oE$qVD?W?K5A!}b&`0+p0%GD!M06qv@|cnIri-KH`?0K`-Q8U@G&H~lvwi#s z3gB`!yFOapxjNKlNgk>)?sMGeWyO1ACByDLqNBYyd#0zM;c=m1uoO#W!+w7bsM5p5 za=*imwhM7EaEL2NC{QTW+0`|b-o)d(e&31#Z{($Ty8{pEx*Xf!RB5eU7fwL9Wpv1cNKBF11+sS7q9-kJd1;Tx!y* zs@%6Z+|d_>Q067Y=9kD;ilStsr;YSRR6k88|tpDjd zpOyGk&e5dl5WH})oN9_cm#yJ5CWm&gC<;rH*~ zfB#yqub(lG;mFax)e}bi5FQ2xmvt692%)5lhrizDyegBSS0U9N)rn|fQxb4}n zhpA0OgmuE0QS)t8?WIcKa<0DB_-i%9oYI)lr{_X9eFMLM||GC zKEC#=t)=Hpj$K~Ln3IG&ZVXz@n+r9?@7_h?Fleps&O0tt@A{|R7Mns7uo=WfMCkP@ zT^6s>3kwT5>{ou#m+05cbWgd=9tGq<6LedgZpU-JYn8e!ms{&Ba~~}F7nn1(X>-_5 zd1vzb+!*vQ(OttINJ~m0qo8K-0vz2{<@Nq@bWE6)B%oRvP4SS5zEd6GqIJ%~Yj%uc4$w>J_g~Zk3** zG}&=d$?Lzbe!Ix)Z>#U<@Z6eQwcVU7P@J2qQ76{mx<5lR8oNLHXFzft$NuPI&+8y^ zmFW)(y#JH0-QpFW|Kn|6`eI#?*`!qs%JyiDyFd@^q=NNw+ZQhtEYpP!po6!^)E86&hM%IXu&i-P%vn&`iqiL=?}H%flvE z+QB5X;^gPU5=Px7y%rp9m$?&Q)&G{BG;>wK!=9rgmLJc%|Gg-T<*@%&V=?Zu5_pXJ z^!rzCuE#(&F(N8>Z@vOkG6ryhaFbH?8^O)?&uhw5k*m#$ew>T*AuiJec+SFWlx^v? z`G7DpJP_3_wnnjstV39bHcu@lmfO1HIzr=J^%}4HhSF}?SXQTdR z;{bj34BQ`b9O^m1Z_(mDi{LtL|5VO9n^-}@PRK|XLA+9tvhLABs>Jg?ru28wG zQ*{nSAygu%u+UO5nuU*#kB-iIsz6bPadxmsvRuy(otR%jS{gbsLd0R0R#8!*Kuz$; ziVc(tf#BfaydmaaYHx3!pP!$cJYQ{kR)Qd)f^Dp6n2P`+Hct}e9vNWWQPxW7N?qa#LSpY=?MX4@0o z(<4VS0+g)nrgLd2ZFI-|V2b9j2c^hyVsf(WZqHg+xXWxf1^qqe$A^*h++6bD&uhm5 zKcQQ0yX#vsS;C@Z+I2RN?Sbu~jN2Joyia@5&dwh)nf@;2Nn2Ubf_UZSMu7JCjS~tB zljGy3H)%fUHvi}`DpcY2>m(k@WtE&SH`RA;Y;Q@A9f$JK=yvpqXF3?90?DY-2){!>% z(W5Ux2dnz4WCf7bpG3n|yWDdwPnkTVQYC z177jsTo{;-lAN=ksOIa}8(zty3%n{+RMaL9*Tb#Zox!|N&{)TEkWytqzqp+p;nET} zpc7#O`um+Iq<=)lN;sL1q*z;6Y);pt>K~6XwWNTPSzN_pDP>nV8@l;u=;_ngeJMxB zew&xC=r;MP)li0n$j8RU`f1!$0a8+0x;*EISukG@U`4O^&N} zSTiy<#?)?7+n|(b^vd&D85tW>pp2cZq|i>PTN<;+e{KXZwmW=#b{F<1MG7Pz2!Cg7 z9G;WbRBgY%>~>p~Il0LMRv)4rPQ%8*k;g<+&M1*|!l+xX8KCC_W zJ4vRpl~e^Cub6mR4429Ywm_6vTnZw)$>y>E`9+f1w;`G5DV686P;EK2KomnxNI;OM zR0vq+pbigK|1ZhO$wv^>tYA?yF@($c{{E=Db`ustF|0 zu$qpJOo+Im;=4R0WaLx%jP8*X*1DK<_1k#f^mH&)Hnnw+6h&emTmY%4=hMwi{oGtq z!#U31nsOCd&#hZ*)x%7_`&kI;KB#@Vv};6nx-5-_gNgc#>b#xCrVOL}>@O>wNH7#kWET0a9@m4b>&QQ6c#jh`lV;OzWdySjQC z1sB9w{}h`) zyn}}s&ESJVbC$+oNT{e58}nR;KRCq~h27D|LOBuAz$_@k!5ETdQh7z>W?x(9ZTR&` z2IBv^{e>oK!k%-NlvY+(n^et9N*bB(T!EtE$ZKmWU_jE+bnL0=)~-0&pGS2WtG`fkDA<-bdA=q!ABSpGCth`%-^)~u~=G2&Xvy9TBy^j zEUc_9U*>8@{)OD)z-nX5aL5K1*QSzvFMeP8+TV{lYi zMh@rtXtGWYQG$c&*iLRM*3iH2sbcHNE1T|=?TLmHv~l)Z?8 zE$}xxR5i0rQ=JW<1qH1>aBLey?jmMBJ?XBOI=Dfvz@kLu*KVKcXpq};C#OvJzR}^O z8b_tYq@15ogbqY)V##IlKMuyzu_V7?v-%{&%Em$o-AH%EsruHh(SuEFk6l$Kf?Lek zk)ObH$8{t3g=Pz^))F@G8ikCM)a`iXaBa=f)^<5t6oo(2|L(%FL8nZC+HSQKfO-?a zMZnzv_{9MemJpG%`(rAY_JxIo?(WUkTW9zjcJQxsiw!eMiq&UBaYynYkc5N;e!qvC)e{FM zrgHF}fw_6#mecdyxs0RZX%OOdPWGTWsm9`5QfewO4_HG(gE|o^Ed1H!OPm&9v#jkH z-|#xs|NaeFt6+HjHlJIiVzp8a-Xr3Cd7Ah^z;h836PdEe^OSatX(0fP;k(Ad7Xq0 z#O8Z=xHbD+a>uXMnUA)Uea}_e-6-h)Jr>39%U?ckKbp~kM$8RBc2QB$Z(re+bFzhk zzJFVOlm7&fNnfcj&fovQ0X@Gy<8g6lQ%S+a!+VE8pmK~YtlQ`k9_Di~W0O5&TS8x2 zYrmM5$;3cS&FO!1kSrjlI=ubo5B1xm|5bwr~?{aHAW zZe(saiQRK2q7*dNyOJdt3rS^vppD!!|iqOPyY{Db+oVW3z4f3#Bn7VBpD;= zr6mR#yq!8~AI*6)e63U_Dz^94^Qtv4OZDzGN+~2&HOZF#n6$3}=3rvoh&}X^@7)E! zNQL2Z$WddRdGH33s1&gj+!H!E%4c%u^wRnjcybLa&N9kv!mG4&)?eB7Pg!Pzr3krQ zP5`cn04-lKmeSA9kI(Byp~(|qpaGlM;YT25JXs?{3QYQBJrjaSh0CO8VqqaM z96N4NJzup$z~kof^x$b`W)|CeH@MJTsFW_)dk4%y^l19``Bd z3gKX-))qQt$%@dbbs>~9p1`QxYTXxsywQq<1n=CIUasw?C=HR#tnfUCAY=BPczla( zOO|5jKn&QOG_zZ2Hteit^5pFrP==`K1ePc6vYOd1)Y~1r_Xkh`jdK1z4kHnF{d3)F zM1uZB+P(QjqA^4!84bj0KD_+f?=Ue(3=9U#rSeba-33QrRhjuW`7MK=qr2XqhC@b^ zWKp;GgpT=r;UWoW8P)d8E{paR_u1`MT3w+)N!WJtOxH|i@3Ived=C42*TW*1$A_<< zLq(+%_U+^xj{m&FeALJ{0UUApOm4|woWj7=x+9GyGt*W6*3T$V3aA=4C%39T-raU7 zPa>1<#bSk^`YhVx9r~DdZ0VxA?ZV0a$p<)?_NMR0&7P~l-*no1@3-~MnPA(m1)g}F z=Gp=6cS-!w;(jCmb$SW)t~Us zD;1?<4`SHV5`pHBvY~e%2*O_UU5xu}Xq{-!+~=;AXrBMfnkwQD+J_8-3mC0x#B#n+ z_6||4rw!jZXo zoP-<%`IaM?5RYr?ZVx3tcA*Qf+piF;?wze&z51iAORIKXit2SU=0_RJW%nTBQ!L#R z$DAWhuUk8@(ou0`@9OzMlCa4*x0__PLR9<1FliO1uuT$@9%vhcZs0KUJDzNY*}}dd z(4XKux5ar;Yb2qkR|K7y`&UuXJNVO`Ra~q3(;PFVNwij^hZSR8`tMUQT7l$WKp+NW zAl8N<0T!Cuk(la`N?m)qfkZy5tg$j4W{(FOeWi6XLsfJ zbZ83KBxX&{B)reLm-f+)9k0K5cj!_j#$_?ZWHF4*7R&`4Iayn8rT0 z-24{6efPLIc?$A&&%0F$7h9}K)OWXErIby54ZltNELZOD@@^Hcl<8GYX!zUlPIs~W zK7_M#YHW-r*<7v|=ya9_vH_J48#-hwgSyw?>0;_pw&#w@S*40-?E zGd=;W^Ogl-@sAIU?A<~J27kUHzb|;XZ3Q_oaK%H5UJUo$ONbv|g#}*d?dBxJPQKXd z-h}@1 z;a_#|LKHx_T`1~Wa#?MSiky6@$vyJ!0ie%D(s>pa7mdjPlueQu7Q@B)au^igBkB1g%zVJ9Q$OhdowW+JRoH5A^p<-Kq>PuZ?K78alC)O9&idZM}2fA3hI%TsEmK zfqCYZYWL$60M~fz-M)W+lk*@Kw%67Y9!n+P>V3^fJC6@gP#HY#M>nS%>Sa37QhCI` zSHKJvE}8eYvg&z4;yiWG@x0YH^?wc%rt4d?F4Y2A@4_ z*bGikCPr*i|JVJ1f8qMvv=ZoVlOW?6)7WEtQU8rfcz>J0{_YvtN5A-W5d|7hH>I^0 zgL1tL_4{T8zx@g@h_X~sg`Vz=$$?1!h?G~1;fx81Q=2h+dLBN&cSnjp^@DS&O8teP zVQSI!2Y>tdIg`;-EA?S#7SGkythI&eS+&x{|FqAS^7|6B z0Ud$2e%FcB$mJ`kUY2wwx9eVSIKJWlZHDTnfq?mfaMc4JOs_Lt}(EG9+4-&q{8{xBRRGDa62JifXJk8XJ=8+;!IVe zFVIt>sRl+>)FlO3)cp3U@l0hm{e-LEtU-!H6;7yqqb6QchYT_`HT8eIoQ?V*Y_*aN zO%3bLm)T`oKmH`Pt_-oEgaNsLAAGB1awzC@hC1RdMg1~{yzgZ=hBlv^i{F6Io^7c4 zO=1WJS}8TYH`4%wCpQVS?mdB|f^<*!1!0c?5*`N^4EAqQ1r z;knnHx|rB>!o_Nz_nLEOZf;XX4HOqv6YqELjyonM0_R7%eL}q zA0Zf-yoTrmbDi_^Zj+RLJ^PQERrJ7D-d8rBhhTa2B`6e9685VXQN_ja-i`mV#wb9p zoUDcY(yP4eOi?jS9Wh8&38RWz9OQ78>v+7vz~k~;w^F1)=^e0PMY7ejYft1e*dSKY zs2Z1QPdzBxa}~0>IyU#$_Kwf3La5p*@i7>roJkzETCK^+W_weC4?bEV@Z$EQ@y{2Q z#vFAq+rz4#u*zF<8W(&XZUEM>B0gS~?+zmrIb!Bw45@~Zf=@hET|#cJkKI5x73U(n zY6SxwJzQZJZy-c=M#9v@l^w=lbd}=#fvc=^7s2NJWa{!jq21}uN!gm@eyp8)^JDpS z8y7A#h(d8A=d);*;g#X_{R)%M$=%%_{bT>w8LH(&M~-S&i?9A)SJLL6O#}$eP9kR0 z>u(+9&G;H7cOyvU#!oO;uUILjZYqsj#@!?6|JYbY&a+&XqZGc|>w>QVb}h6pCU#c3 z@L@0}(s9v}UaM*O@J;%gT^+CUieYIMDJf^D_#C{D%fTEoJ^h<_nPZI)qwVbhU29W| zjvis6{biv|ZRq;7qd797lU5-E){T)DvLW}6GK$PO)nRg`_g?WFtMzPqbF1FCD=BTI z&SH$XAfi`Kgx+UwQuCq_2&YAH{Ryr$z%JFgbe6*r7YijLO)9-B=ZPDE%;T3UL-*HQ z=A#h%xu`0;biq8*YON%mS*I})fL1S3lBA=fYtzc)nVlGt!N*Bx^mHCs@98X|M*w~O z+Fb9;6W>Exn1z9@o5m_mi$lf5oiKeMQ9iua%wZA=`g3O5MaXkwJ-fYBAHBD&c6NXV z?aC3MmrLQ0=k}@&E8|2ZJB-$s^}GVMjfX-W;8gzShGt4K8S4 z4@NT)N2o~l*RSv@m4k5!2`g>>ZOZv_Y+8@FVKPJ)arQcQo{4N2{Wdh$nkkYAUwM3Q zFpc%*AI2+GGUDjF?j1X)CyBx5gG+?ue0(hBtM)5`;$F6UmuMh5G?yfP`jsEr&s=L2 z#wfC~pITc*$&tCZE;dcn+}IzB%U_3wRX0xRYk^rw1JBP#G04bl@2@D9o9OJ9{;-ez z(;3PHTt?ZcRMN7hGb`^vX*{U$!1<@Yzy zDDWwO6iss#{Zx`1+x<2Eme0G^=j`k7hGo1|%8Cd`qb) zZ$lOBM@x#2*M*9%v$m`KC|168<=LRGqei#AG%DsK8{f|0oiCMue?H``OFvnSHa>T% zq>E)Al4oww2qael1w_fqH;cMzr@U7L@FayD>gOTD$vzNG4puUAvfbfX^#u5!w|^kpoS6nn`sAeOe7?m2^^ciH4)_n}I&0Plfb1OE=!kx3}La@oP<)zlA z=&grEu+vr3qYL!5!ejc2Tc;i@$p>wvCa$eFO2yN_NJ_P8Dr;-)ei(m|yuFPWo=S)t zcSf1>*-%1AhX-Y8GKY)73W_n7%ZOTYS+F4s#t6oIb;b0ABi!0_E?St{=Q}I(G|4tN zud~;`QdS*9&VKOvIm#sPUW2|e_iH~iCpFn}*98Lv4~we$kuEe#>0Mcw8@Z$^vR1Xi ztSf6V=Y+9xxjTS**Lz~TIJ5UwvqkxO_?aR{45A>AEpssxlp2xFf)Pd4dL5-481D2p zXnrstQBgKV^8kV%=A}bgMaT`7kCr>3`Z|O5B!zqPM{*=T<2Boaee(txt>wPb7FBd2T0trze zAqW|d37(_L|M1y3%L(iuks91tzhD&FrbCqI#`<64i zJ*hHTw33r?Y8-ph$-hy+o7kz{ou6cvRMrRi@&yOP22P*D{j9)=q>+h6mTA zP*eX>HcCi^e&i_c3Muk*#*UQ)3f0<5tJ0EwiZ?XRpGbX=*%c9KKEGI({aUYWL|VqA zR69}mlldXx^faWU$Uf`1rYTqmYsWj3joSsR1@FU#)4VwmKA(*|QqSe1Y+KC}_ zjVtiq1y`6J}B5DF5te)V#8aFOeNWjOw;SFfsvWO^a84~Xbsucr7H2SwXeJp(4yKDOR(N-7ZRfq5 zXI2z-ZENjU^(bRod^DdeiKO|nwB!T2Bz9N}K%tvPWVt%L3L^rqF z$3mq9kK!qK@fDg|ebZSz9LoA&FFAsR>%~?Co0@!OyPCuuxVFvv@JQKp^v90KV-CGK zr3zYATeY2*D;pr2@{zmT**tZ+c$mX}#BxDJS2w_7vG$d%Wo> zlE*t5vmxr6HN?TWqj5cX77L++h@RLx188aGmb6pVvAeo$O~@#i z2eS)R4D)F?1p72I@1EYREq8u_uf=X!*pJcLDTxR(#>>hc3tMGjkv9Y27^|F#!Y&XY zaN%xo-We&6%sG8U`W$$JHT+dol=K;Pxy9w~S^}4H6vXXIR_uAWj<|F+aWHYAObqZu$knN2@P;_o9} zfV_^Kk#y_+#?{DVz(*c|84(*1BUUYSJDB?rI{>64UHI1@0s#BzZojFMy=~K5%qLzsU`CagC4F`|99%(N@6WPy2J1S$52aOaxNJ;-V1q z5tI7H1cQx-ws*9zOH=;(^)Am%zps0I##CY1oD`&&>lC}WIc?myBx=6-;p?y%eVuP2 zX~YZ)z*@uu*aT1YKllHLjQ?;Kw+>SbjY;wG*m!u!nVC#)k+|Is`ghJNUj5@sEM*ds zlI9APsr>z)fpjk*i{0q_g}%s4it+UJMuCS#2pVs6wGRHQs1%6u>t7M60cs$1A4vR` zm60h(tOw{Gl77V8k>V5K&z~nICO8QqGBb(Cf1ulo|Km(@Oj=u8t!e;LU}v^mpP1L< zBO3JO3v_AU?9eG*JkZpc<_%B>(wQQ)rk~#vkh=^derT2Ag!TYPmXeZkF7Ty=?|EqB zqL`SNM3L@~cbD1Oq-10{M0{TF!C)hl|I#nx7Hs1G4x3Le9MA?#rdsezW>Cz_fRJea z%dxzCC@^`s5-0^p48>&vB5KQBU2xh2z}(%QNF^jDx&u+9zkmNO;36X-B{3WKws>Fv z?s*wIdWi|SBtIZCQ&ZJ)c|bgU5wKeMlNJB-B@p<;d>!oS+xT6rIB(oR4(+ANF)1}I zEif+b&icAiKC_OC3t)(ADl0p;#eiu5r#H4tZ;j`O%gM>fP*z=u0+cxh7|iW?X7WWa zU^pD;rB6R|vIyw_6p9%l;_CDpV0D0ePy&7*4cd4k=a<3u&#NjcZ+!S`IbWu@BW`Hr<;b`rz`!uFv(vjrW`%=;D^&~q*AyG~ zu_a$ta`HSN#R@|&s}w0Z;N$DNUmfT;7)R6OcDOfJLH4hziTaN#k*Qx^y2AN375`FDp+w&Fu zI>(yt1evy`mBe1Ba`3%IAy$_l5&ldNKZtce{4zBHu6n`8`}>R8qM_HyT-J1?%Aaff zFMstd!Ir9_B*22x5&T!_Q~3gA^WR~gQ>A_Mj4su^)*jf@$M!E{FKQu!gWI2&kO{b& znw^-?0hN9cLitzka}D#ncP|8)K{8{3YdOpXB8Fw*zp|V?RAF?`r~9PCB-5wRT&s0+Rz}Bm#0Y}=N$O! z`}cbY1VLp88RT>udw-4i?He~0g>5I=S77~iY39>;+#`qu{4V#V0|Nuy%S_ZRWJ1{a zMXh`C`8>-8;w)@S23NWHig5P<6Y3>>%K0@M`*Fb8HC)PVb@IFwANONp-B|5oEd71iBTOaRH00aGpVz=#SStwF=mD1 zdHbSU^7-Y9jjHA|GBQF!LI5u({5~580F`?|&q_VT%$hVp?brHFjH{}uDlA~sZ`TIt zXyXF($_WAQ>L{blDsIXTezT=uSjiv={t#K++0-d3Fo}0ch~KKvFoPFD1mQ>vzAbOj z(AEy^F*;Csk(tXR8APGCjsB~I?6MY`o(mTQrQz7ionapIYWvxtpp#&x`*M6!a5xd3 zv}d7XW!CIU^p`KPl9FnYlH7^bT}GN%IQ%m-n%Kx#aq(NRxd@=a!7~Yr%%jMc1*A@v zq4d5vF;rAkw6xp>lwEjOn2e0fisjZDR3z^3KlqbKusT}IM4_J=nejjxXUO*n)j#QY z*tA$Er0h03`9X#@2c)rl>>tOyFu4`(UHT+-B?do1H^p?;+dp?TqT!;xDM3YDgbApqKoJ__N`p+l5wjc_S*)yl zYIQ9}2{M$*sc;bh80Ycb3xF6mF8>VJqRh93hK8U&hli-3(-0bfMc6bGXe&cy20SlL z!_KeIb&#bBgydX@s;7nOFg~Be;9R^Y4 zy9WnDCM>D!wu3w8RaI60wZ38lZ%|P!*;0BM=7h452QY@B)k)~Z+SC0@Z# zbYiIrRQP|GzW;vsH*UZVK2tp;WE=q+iJJ4qPza_L;h!-_D?R~o>_*dh)S2_t%k{!9 zjS}A{+x!hegbxVl*)z0z%8@YXHBk}>md@KCBWuG9foN*OwdeNtYb#myR3flxg+)f{ zRmD_R9@-@HIuH59f~ixw>57AQd@ZNRsJM$nnG=fMmrvYV<855wU?idYm)_BwKaT0SU9+ zW>uvnCEz-C-3wZMK!1?sR zdl0?<-BgrZ+hnP>07|GPGc!1*gz+7yn!JIVxdJs(-PsY;Pe(TylPlL-1Z~ixkBEhi zdU)sn39*&G6%reYa^%7PCAl?xGzoz&wZy2BGc%9(_I{Jg=diQ=3vUSBva?!b*US15 zGcXu0Lz--Cj!PFSsanLXNjGj0=O!V}1_l-W&0a~fis4O9ZW!$7_y*l#OQ0ziJ24__B@4EFZ zK6^c2}M0e#8}oW?2KmCSxxT|PKSu+14}4x!UFOrQ!$H=bHPPQ z3k&ZekKvw|WTH`wHnAo`2PMH94sTJ?#d~4G{1VLLepv5$gP)ob3Mcp@arV$|S%VGy ziS6R!r|H!5U?s_z&6=g9D?>xR&aUU7!R#S5*D30LQq%M@7blIws1xJQmU1+pdLq}$ zclRCwr?u(U_&hubQ&EjW6WU6NaE$yR{Dg9@1t0Qv1Tq@bof+=5*$5{uwgi~=weqH> zRH7wZ);eGD0uIdW-?)RGP+S{!ZECF6CM!ovwgxR!&|5BuR84| z_XM;|w@JkQY?xzpDyr?ads~KovLrP*x+?l&d*4$ePzXr?7go?ws)BLcECE%$JD6kD zMB)G9*y7g4fo<1^oI_;VZFJg%9~EyMq-Nc1q9nC#YK8zxmz9mo%PW+OQQTJ_aM*Q0 zm7G8(or9u)eok32rk8Ori&2I~L)E!Cn`=A{3Gv2u!7*u8wzmBSE?ej6Z%~PGu&Af@ ziXtvpoPkh3tNBc8&m4};9^7P_WZ?+3O%H;Qi<6HXON#+w>nS%)nv7GfC|OB^4+4P# z<=(yt?EUoxGQu;yu%Jbcv%&n0q+dMWL@E!+wX2d&WIR^rWlO=zn-~~VC{q)lrLIrR zY@^^xzT4IF^Hb+eq)5rKZ);CBEP7yl%jrJqZPB00rKRrd zY}begRp*(G=r1toBmm!o8UPyGx6p2K^XfCvuC*ylTHn~H@_&BXW3Oeai@W<3Q=kE> zW+`X6UMZ3&%t&cR2_IB{=!f5L^?HU8c&^u@8qmDNij_cqIzZ5`G-B8k6Ckk_cQprx-UQ!mBFR1S8miHLop3EeU?>LmG5 z6p{gf=(F3)#i!s99@?0QFhrE6RLMm&p5DUH(1dE$MI;PhV7-=SWwnNbYl#5!Q%VcO z*zH-;M#e&oH|4a``;}tgV|vUjq1Be&lT)uh1m_10o$As+gl5Udi~iBfw7u@W1>nK%<%m2KIy?5P4F?Tpq2*Z!#hS;EvRcK{ucG zlfbcPIgj3PM`+|6BKmv4*nK|v2P6CQho3?B3J2*+eeV>2nn04Gaw27)4Fdlciyo^K literal 0 HcmV?d00001 diff --git a/Ghidra/Features/Decompiler/src/main/java/ghidra/app/decompiler/DecompileOptions.java b/Ghidra/Features/Decompiler/src/main/java/ghidra/app/decompiler/DecompileOptions.java index c344f3c0ce..d20d935874 100644 --- a/Ghidra/Features/Decompiler/src/main/java/ghidra/app/decompiler/DecompileOptions.java +++ b/Ghidra/Features/Decompiler/src/main/java/ghidra/app/decompiler/DecompileOptions.java @@ -22,6 +22,7 @@ import java.awt.Font; import java.awt.event.MouseEvent; import ghidra.GhidraOptions.CURSOR_MOUSE_BUTTON_NAMES; +import ghidra.app.util.HelpTopics; import ghidra.framework.options.Options; import ghidra.framework.options.ToolOptions; import ghidra.framework.plugintool.Plugin; @@ -520,92 +521,169 @@ public class DecompileOptions { * @param ownerPlugin the plugin to which the options should be registered * @param opt the options object to register with * @param program the program - * @param help the help */ - public void registerOptions(Plugin ownerPlugin, ToolOptions opt, Program program, - HelpLocation help) { - opt.registerOption(PREDICATE_OPTIONSTRING, PREDICATE_OPTIONDEFAULT, help, + public void registerOptions(Plugin ownerPlugin, ToolOptions opt, Program program) { + opt.registerOption(PREDICATE_OPTIONSTRING, + PREDICATE_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "AnalysisPredicate"), PREDICATE_OPTIONDESCRIPTION); - opt.registerOption(READONLY_OPTIONSTRING, READONLY_OPTIONDEFAULT, help, + opt.registerOption(READONLY_OPTIONSTRING, + READONLY_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "AnalysisReadOnly"), READONLY_OPTIONDESCRIPTION); - opt.registerOption(ELIMINATE_UNREACHABLE_OPTIONSTRING, ELIMINATE_UNREACHABLE_OPTIONDEFAULT, - help, ELIMINATE_UNREACHABLE_OPTIONDESCRIPTION); + opt.registerOption(ELIMINATE_UNREACHABLE_OPTIONSTRING, + ELIMINATE_UNREACHABLE_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "AnalysisUnreachable"), + ELIMINATE_UNREACHABLE_OPTIONDESCRIPTION); opt.registerOption(SIMPLIFY_DOUBLEPRECISION_OPTIONSTRING, - SIMPLIFY_DOUBLEPRECISION_OPTIONDEFAULT, help, + SIMPLIFY_DOUBLEPRECISION_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "AnalysisExtendedPrecision"), SIMPLIFY_DOUBLEPRECISION_OPTIONDESCRIPTION); - opt.registerOption(IGNOREUNIMPL_OPTIONSTRING, IGNOREUNIMPL_OPTIONDEFAULT, help, + opt.registerOption(IGNOREUNIMPL_OPTIONSTRING, + IGNOREUNIMPL_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "AnalysisIgnoreUnimplemented"), IGNOREUNIMPL_OPTIONDESCRIPTION); - opt.registerOption(INFERCONSTPTR_OPTIONSTRING, INFERCONSTPTR_OPTIONDEFAULT, help, + opt.registerOption(INFERCONSTPTR_OPTIONSTRING, + INFERCONSTPTR_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "AnalysisInferConstants"), INFERCONSTPTR_OPTIONDESCRIPTION); - opt.registerOption(NULLTOKEN_OPTIONSTRING, NULLTOKEN_OPTIONDEFAULT, help, + opt.registerOption(NULLTOKEN_OPTIONSTRING, + NULLTOKEN_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayNull"), NULLTOKEN_OPTIONDESCRIPTION); - opt.registerOption(INPLACEOP_OPTIONSTRING, INPLACEOP_OPTIONDEFAULT, help, + opt.registerOption(INPLACEOP_OPTIONSTRING, + INPLACEOP_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "AnalysisInPlace"), INPLACEOP_OPTIONDESCRIPTION); - opt.registerOption(ALIASBLOCK_OPTIONSTRING, ALIASBLOCK_OPTIONDEFAULT, help, + opt.registerOption(ALIASBLOCK_OPTIONSTRING, + ALIASBLOCK_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "AnalysisAliasBlocking"), ALIASBLOCK_OPTIONDESCRIPTION); - opt.registerOption(CONVENTION_OPTIONSTRING, CONVENTION_OPTIONDEFAULT, help, + opt.registerOption(CONVENTION_OPTIONSTRING, + CONVENTION_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayConvention"), CONVENTION_OPTIONDESCRIPTION); - opt.registerOption(NOCAST_OPTIONSTRING, NOCAST_OPTIONDEFAULT, help, + opt.registerOption(NOCAST_OPTIONSTRING, + NOCAST_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayDisableCasts"), NOCAST_OPTIONDESCRIPTION); - opt.registerOption(MAXWIDTH_OPTIONSTRING, MAXWIDTH_OPTIONDEFAULT, help, + opt.registerOption(MAXWIDTH_OPTIONSTRING, + MAXWIDTH_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayMaxChar"), MAXWIDTH_OPTIONDESCRIPTION); - opt.registerOption(INDENTWIDTH_OPTIONSTRING, INDENTWIDTH_OPTIONDEFAULT, help, + opt.registerOption(INDENTWIDTH_OPTIONSTRING, + INDENTWIDTH_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayIndentLevel"), INDENTWIDTH_OPTIONDESCRIPTION); - opt.registerOption(COMMENTINDENT_OPTIONSTRING, COMMENTINDENT_OPTIONDEFAULT, help, + opt.registerOption(COMMENTINDENT_OPTIONSTRING, + COMMENTINDENT_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayCommentIndent"), COMMENTINDENT_OPTIONDESCRIPTION); - opt.registerOption(COMMENTSTYLE_OPTIONSTRING, COMMENTSTYLE_OPTIONDEFAULT, help, + opt.registerOption(COMMENTSTYLE_OPTIONSTRING, + COMMENTSTYLE_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayCommentStyle"), COMMENTSTYLE_OPTIONDESCRIPTION); - opt.registerOption(COMMENTEOL_OPTIONSTRING, COMMENTEOL_OPTIONDEFAULT, help, + opt.registerOption(COMMENTEOL_OPTIONSTRING, + COMMENTEOL_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "CommentOptions"), COMMENTEOL_OPTIONDESCRIPTION); - opt.registerOption(COMMENTPRE_OPTIONSTRING, COMMENTPRE_OPTIONDEFAULT, help, + opt.registerOption(COMMENTPRE_OPTIONSTRING, + COMMENTPRE_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "CommentOptions"), COMMENTPRE_OPTIONDESCRIPTION); - opt.registerOption(COMMENTPOST_OPTIONSTRING, COMMENTPOST_OPTIONDEFAULT, help, + opt.registerOption(COMMENTPOST_OPTIONSTRING, + COMMENTPOST_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "CommentOptions"), COMMENTPOST_OPTIONDESCRIPTION); - opt.registerOption(COMMENTPLATE_OPTIONSTRING, COMMENTPLATE_OPTIONDEFAULT, help, + opt.registerOption(COMMENTPLATE_OPTIONSTRING, + COMMENTPLATE_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "CommentOptions"), COMMENTPLATE_OPTIONDESCRIPTION); - opt.registerOption(COMMENTWARN_OPTIONSTRING, COMMENTWARN_OPTIONDEFAULT, help, + opt.registerOption(COMMENTWARN_OPTIONSTRING, + COMMENTWARN_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayWarningComments"), COMMENTWARN_OPTIONDESCRIPTION); - opt.registerOption(COMMENTHEAD_OPTIONSTRING, COMMENTHEAD_OPTIONDEFAULT, help, + opt.registerOption(COMMENTHEAD_OPTIONSTRING, + COMMENTHEAD_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayHeaderComment"), COMMENTHEAD_OPTIONDESCRIPTION); - opt.registerOption(NAMESPACE_OPTIONSTRING, NAMESPACE_OPTIONDEFAULT, help, + opt.registerOption(NAMESPACE_OPTIONSTRING, + NAMESPACE_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayNamespaces"), NAMESPACE_OPTIONDESCRIPTION); - opt.registerOption(INTEGERFORMAT_OPTIONSTRING, INTEGERFORMAT_OPTIONDEFAULT, help, + opt.registerOption(INTEGERFORMAT_OPTIONSTRING, + INTEGERFORMAT_OPTIONDEFAULT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayIntegerFormat"), INTEGERFORMAT_OPTIONDESCRIPTION); - opt.registerOption(HIGHLIGHT_KEYWORD_MSG, HIGHLIGHT_KEYWORD_DEF, help, + opt.registerOption(HIGHLIGHT_KEYWORD_MSG, + HIGHLIGHT_KEYWORD_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayTokenColor"), "Color used for highlighting keywords."); - opt.registerOption(HIGHLIGHT_TYPE_MSG, HIGHLIGHT_TYPE_DEF, help, + opt.registerOption(HIGHLIGHT_TYPE_MSG, + HIGHLIGHT_TYPE_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayTokenColor"), "Color used for highlighting types."); - opt.registerOption(HIGHLIGHT_FUNCTION_MSG, HIGHLIGHT_FUNCTION_DEF, help, + opt.registerOption(HIGHLIGHT_FUNCTION_MSG, + HIGHLIGHT_FUNCTION_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayTokenColor"), "Color used for highlighting function names."); - opt.registerOption(HIGHLIGHT_COMMENT_MSG, HIGHLIGHT_COMMENT_DEF, help, + opt.registerOption(HIGHLIGHT_COMMENT_MSG, + HIGHLIGHT_COMMENT_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayTokenColor"), "Color used for highlighting comments."); - opt.registerOption(HIGHLIGHT_VARIABLE_MSG, HIGHLIGHT_VARIABLE_DEF, help, + opt.registerOption(HIGHLIGHT_VARIABLE_MSG, + HIGHLIGHT_VARIABLE_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayTokenColor"), "Color used for highlighting variables."); - opt.registerOption(HIGHLIGHT_CONST_MSG, HIGHLIGHT_CONST_DEF, help, + opt.registerOption(HIGHLIGHT_CONST_MSG, + HIGHLIGHT_CONST_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayTokenColor"), "Color used for highlighting constants."); - opt.registerOption(HIGHLIGHT_PARAMETER_MSG, HIGHLIGHT_PARAMETER_DEF, help, + opt.registerOption(HIGHLIGHT_PARAMETER_MSG, + HIGHLIGHT_PARAMETER_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayTokenColor"), "Color used for highlighting parameters."); - opt.registerOption(HIGHLIGHT_GLOBAL_MSG, HIGHLIGHT_GLOBAL_DEF, help, + opt.registerOption(HIGHLIGHT_GLOBAL_MSG, + HIGHLIGHT_GLOBAL_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayTokenColor"), "Color used for highlighting global variables."); - opt.registerOption(HIGHLIGHT_DEFAULT_MSG, HIGHLIGHT_DEFAULT_DEF, help, + opt.registerOption(HIGHLIGHT_DEFAULT_MSG, + HIGHLIGHT_DEFAULT_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayColorDefault"), "The color used when a specific color is not specified."); - opt.registerOption(CODE_VIEWER_BACKGROUND_COLOR_MSG, CODE_VIEWER_BACKGROUND_COLOR, help, + opt.registerOption(CODE_VIEWER_BACKGROUND_COLOR_MSG, + CODE_VIEWER_BACKGROUND_COLOR, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayBackgroundColor"), "The background color of the decompiler window."); - opt.registerOption(FONT_MSG, DEFAULT_FONT, help, + opt.registerOption(FONT_MSG, + DEFAULT_FONT, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayFont"), "The font used to render text in the decompiler."); - opt.registerOption(SEARCH_HIGHLIGHT_MSG, SEARCH_HIGHLIGHT_DEF, help, + opt.registerOption(SEARCH_HIGHLIGHT_MSG, + SEARCH_HIGHLIGHT_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayFindHighlight"), "The color used to highlight matches using the Find Dialog."); - opt.registerOption(LINE_NUMBER_MSG, LINE_NUMBER_DEF, help, + opt.registerOption(LINE_NUMBER_MSG, + LINE_NUMBER_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayLineNumbers"), "Toggle for displaying line numbers in the decompiler."); - opt.registerOption(DECOMPILE_TIMEOUT, SUGGESTED_DECOMPILE_TIMEOUT_SECS, help, + opt.registerOption(DECOMPILE_TIMEOUT, + SUGGESTED_DECOMPILE_TIMEOUT_SECS, + new HelpLocation(HelpTopics.DECOMPILER, "GeneralTimeout"), "The number of seconds to allow the decompiler to run before terminating the " + "decompiler.\nCurrently this does not affect the UI, which will run indefinitely. " + "This setting currently only affects background analysis that uses the decompiler."); - opt.registerOption(PAYLOAD_LIMIT, SUGGESTED_MAX_PAYLOAD_BYTES, help, + opt.registerOption(PAYLOAD_LIMIT, + SUGGESTED_MAX_PAYLOAD_BYTES, + new HelpLocation(HelpTopics.DECOMPILER, "GeneralMaxPayload"), "The maximum size of the decompiler result payload in MBYtes (Suggested value: 50)."); - opt.registerOption(HIGHLIGHT_CURRENT_VARIABLE_MSG, HIGHLIGHT_CURRENT_VARIABLE_DEF, help, + opt.registerOption(HIGHLIGHT_CURRENT_VARIABLE_MSG, + HIGHLIGHT_CURRENT_VARIABLE_DEF, + new HelpLocation(HelpTopics.DECOMPILER, "DisplayCurrentHighlight"), "Current variable highlight"); - opt.registerOption(CACHED_RESULTS_SIZE_MSG, SUGGESTED_CACHED_RESULTS_SIZE, help, + opt.registerOption(CACHED_RESULTS_SIZE_MSG, + SUGGESTED_CACHED_RESULTS_SIZE, + new HelpLocation(HelpTopics.DECOMPILER, "GeneralCacheSize"), CACHE_RESULTS_DESCRIPTION); grabFromToolAndProgram(ownerPlugin, opt, program); } diff --git a/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/DecompilerProvider.java b/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/DecompilerProvider.java index ce18481026..fd2aa59117 100644 --- a/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/DecompilerProvider.java +++ b/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/DecompilerProvider.java @@ -709,10 +709,14 @@ public class DecompilerProvider extends NavigatableComponentProviderAdapter private void initializeDecompilerOptions() { ToolOptions opt = tool.getOptions(OPTIONS_TITLE); - HelpLocation helpLocation = new HelpLocation(plugin.getName(), "DecompileOptions"); - decompilerOptions.registerOptions(plugin, opt, program, helpLocation); - + HelpLocation helpLocation = new HelpLocation(HelpTopics.DECOMPILER, "GeneralOptions"); opt.setOptionsHelpLocation(helpLocation); + opt.getOptions("Analysis") + .setOptionsHelpLocation(new HelpLocation(HelpTopics.DECOMPILER, "AnalysisOptions")); + opt.getOptions("Display") + .setOptionsHelpLocation(new HelpLocation(HelpTopics.DECOMPILER, "DisplayOptions")); + decompilerOptions.registerOptions(plugin, opt, program); + opt.addOptionsChangeListener(this); ToolOptions codeBrowserOptions = tool.getOptions(GhidraOptions.CATEGORY_BROWSER_FIELDS); diff --git a/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/actions/BackwardsSliceToPCodeOpsAction.java b/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/actions/BackwardsSliceToPCodeOpsAction.java index 3d4b8c71cf..970078b26c 100644 --- a/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/actions/BackwardsSliceToPCodeOpsAction.java +++ b/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/actions/BackwardsSliceToPCodeOpsAction.java @@ -30,10 +30,10 @@ import ghidra.util.HelpLocation; public class BackwardsSliceToPCodeOpsAction extends AbstractDecompilerAction { public BackwardsSliceToPCodeOpsAction() { - super("Highlight Backward Inst Slice"); + super("Highlight Backward Operator Slice"); setHelpLocation(new HelpLocation(HelpTopics.DECOMPILER, "ActionHighlight")); setPopupMenuData( - new MenuData(new String[] { "Highlight", "Backward Inst Slice" }, "Decompile")); + new MenuData(new String[] { "Highlight", "Backward Operator Slice" }, "Decompile")); } @Override @@ -50,7 +50,9 @@ public class BackwardsSliceToPCodeOpsAction extends AbstractDecompilerAction { if (varnode != null) { PcodeOp op = tokenAtCursor.getPcodeOp(); Set backwardSlice = DecompilerUtils.getBackwardSliceToPCodeOps(varnode); - backwardSlice.add(op); + if (op != null) { + backwardSlice.add(op); + } DecompilerPanel decompilerPanel = context.getDecompilerPanel(); decompilerPanel.clearPrimaryHighlights(); decompilerPanel.addPcodeOpHighlights(backwardSlice, diff --git a/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/actions/ForwardSliceToPCodeOpsAction.java b/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/actions/ForwardSliceToPCodeOpsAction.java index 5b013145d4..fb3b9ff42a 100644 --- a/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/actions/ForwardSliceToPCodeOpsAction.java +++ b/Ghidra/Features/Decompiler/src/main/java/ghidra/app/plugin/core/decompile/actions/ForwardSliceToPCodeOpsAction.java @@ -30,10 +30,10 @@ import ghidra.util.HelpLocation; public class ForwardSliceToPCodeOpsAction extends AbstractDecompilerAction { public ForwardSliceToPCodeOpsAction() { - super("Highlight Forward Inst Slice"); + super("Highlight Forward Operator Slice"); setHelpLocation(new HelpLocation(HelpTopics.DECOMPILER, "ActionHighlight")); setPopupMenuData( - new MenuData(new String[] { "Highlight", "Forward Inst Slice" }, "Decompile")); + new MenuData(new String[] { "Highlight", "Forward Operator Slice" }, "Decompile")); } @Override @@ -50,7 +50,9 @@ public class ForwardSliceToPCodeOpsAction extends AbstractDecompilerAction { if (varnode != null) { PcodeOp op = tokenAtCursor.getPcodeOp(); Set forwardSlice = DecompilerUtils.getForwardSliceToPCodeOps(varnode); - forwardSlice.add(op); + if (op != null) { + forwardSlice.add(op); + } DecompilerPanel decompilerPanel = context.getDecompilerPanel(); decompilerPanel.clearPrimaryHighlights(); decompilerPanel.addPcodeOpHighlights(forwardSlice, diff --git a/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/model/lang/BasicCompilerSpec.java b/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/model/lang/BasicCompilerSpec.java index 06b5bcd60e..40308e21b4 100644 --- a/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/model/lang/BasicCompilerSpec.java +++ b/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/model/lang/BasicCompilerSpec.java @@ -31,6 +31,7 @@ import ghidra.framework.options.Options; import ghidra.program.model.address.*; import ghidra.program.model.data.*; import ghidra.program.model.listing.*; +import ghidra.util.HelpLocation; import ghidra.util.Msg; import ghidra.util.xml.SpecXmlUtils; import ghidra.xml.*; @@ -877,8 +878,11 @@ public class BasicCompilerSpec implements CompilerSpec { // for upgrading/moving old property values. Options decompilerPropertyList = program.getOptions(DECOMPILER_PROPERTY_LIST_NAME); + decompilerPropertyList + .setOptionsHelpLocation(new HelpLocation("DecompilePlugin", "ProgramOptions")); decompilerPropertyList.registerOption(EVALUATION_MODEL_PROPERTY_NAME, - OptionType.STRING_TYPE, evaluationModelChoices[0], null, + OptionType.STRING_TYPE, evaluationModelChoices[0], + new HelpLocation("DecompilePlugin", "OptionProtoEval"), "Select the default function prototype/evaluation model to be used during Decompiler analysis", new StringWithChoicesEditor(evaluationModelChoices));