Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace disassembler engine with Zydis #1730

Merged
merged 11 commits into from Oct 9, 2017
Merged

Replace disassembler engine with Zydis #1730

merged 11 commits into from Oct 9, 2017

Conversation

athre0z
Copy link
Contributor

@athre0z athre0z commented Sep 25, 2017
edited

Current status

  • Adds zydis_wrapper
  • Adds Zydis as a submodule
  • Replaces all usages of capstone_wrapper with zydis_wrapper
  • Added IsBranchType, replacing many manual if(mnem == ...) occurrences
  • Copied previous QBeaEngine to CSQBeaEngine and CapstoneTokenizer to CsCapstoneTokenizer, for diffing
    • Reworked CsCapstoneTokenizer to use CapstoneTokenizer's data classes for easy comparision
  • Added CS<->Zydis tokenizer output diff code to Disassembly.cpp (commented out)

Future work required

  • Remove diff code and legacy tokenizer
  • Possibly more abstractions over the disassembler engine
  • Possibly refactor class names to use disassembler engine independent names
  • Possibly update x64dbg Zydis fork and use it for the submodule

If there's anything you don't like that you'd like me to change, just say the word.

@athre0z
Replace Capstone with Zydis
0df1267 
- While at it, added branch info logic to disassembler class
  - Thus reduce direct checks by mnemonic in GUI and analysis code
- Replaced direct disassembler struct access with disassembler class calls where trivially possible
- Removed workarounds for empty segment registers
- Temp. disabled `cbInstrCapstone` command
- Temp. disabled flag stuff in `QBeaEngine`
@athre0z
Renamed Capstone -> Zydis
fe56453 
- Prevents name clashes with actual capstone disassembler implementation
@athre0z
Added CS vs Zydis diff code & various fixes
936056c 
- Fixed various porting bugs in the Zydis `CapstoneTokenizer`
- Added Capstone vs Zydis tokenizing diff and various exceptions for known issues
@athre0z
Print “far” token, support RTM instructions
29277b6 
- Also, more whitelist entries for the CS-Zydis diff
@athre0z
Moved “zydis_wrapper” into root repo
38813c7 
- Instead, we directly use Zydis as a submodule now
@athre0z
zydis_wrapper: Better compliance with style-guide
9feeba3 
- Removed underscores
- Removed redundant “zy” prefix
- Executed `AStyleWhore` (sorreh, I use git on my macOS host, can’t put it into pre-commit-hook)
@athre0z
QBeaEngine: Implemented reg & flag info again
4cf27cc
@athre0z
Ported & renamed cbInstrCapstone
bd1a135
@athre0z
zydis_wrapper: Fixed x32 build
1825faf
@athre0z
zydis_wrapper: Final touch
a0f1daa 
- Comment out diff code in GUI
- Enable optimization
- A few more whitelist entries in the diff code
- A few fixes in the old tokenizer to be consistent with the new one in diffs
- Remove LICENSE and README now that the wrapper is part of the x64dbg core repo
@athre0z
zydis_wrapper: Cleaned up branch types
9214c50 
- Remove unused semantic groups
- Improve handling of “far” in tokenizer
nooperation
nooperation reviewed Sep 29, 2017
View changes
src/dbg/analysis/recursiveanalysis.cpp
{
//set the branch destinations
node.brtrue = mCp.BranchDestination();
if(mCp.GetId() != X86_INS_JMP && mCp.GetId() != X86_INS_LJMP) //unconditional jumps dont have a brfalse
if(mCp.GetId() != ZYDIS_MNEMONIC_JMP) //unconditional jumps dont have a brfalse

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

@athre0z
Copy link
Contributor Author

athre0z commented Oct 9, 2017

The Mergings project card mentions that @blaquee found problems with this PR. Could you elaborate?

@mrexodia
Copy link
Member

mrexodia commented Oct 9, 2017 via email

@mrexodia mrexodia merged commit 77c6e95 into x64dbg:development Oct 9, 2017
@athre0z athre0z deleted the zydis branch October 9, 2017 22:17
@zcddtb
Copy link

zcddtb commented Dec 7, 2018

when i compile the whole project ,says miss zydis/xxxx.h, and how i solve it ? thk

@athre0z
Copy link
Contributor Author

athre0z commented Dec 7, 2018
edited

Try cloning recursively (git clone --recursive xxx).

@zcddtb
Copy link

zcddtb commented Dec 8, 2018

Try cloning recursively (git clone --recursive xxx).

thks, it works well,because working offline (can not too sad), i find and download them all.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nooperation nooperation

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@athre0z @mrexodia @zcddtb @nooperation