anvill

anvill copied to clipboard

There is the `alloca` function in C which dynamically allocates data on the stack. We need to investigate how to lift that.

pgoodman

While working on the pointer lifter Peter gave me a test that brought up an interesting case. ``` BitCasts can give more information about intended types, lets look at this...

carsonharmon

Win64 Calling Convention Semantics Support

8

It does not appear that Anvill supports x64 PE files according to this issue on the Mcsema repository: [https://github.com/lifting-bits/mcsema/issues/720](https://github.com/lifting-bits/mcsema/issues/720) Is there any internal effort going on to provide support for...

SaifRushdHadad

Not all uses of __anvill_ra are eliminated in ret0.json

1

This might be related to tail-calls.

pgoodman

This is one step toward support of lifting jump tables. The devirtualization list can be an array of pairs of integers that is at the top-most "scope" of the specification.

pgoodman

Upstream and downstream type propagation

2

Anvill does a limited amount of what could be charitably described as type propagation. It is mostly centred around the `GetPointer` function, and what it invokes. The merging of #62...

pgoodman

The goal of this issue is to instrument the bitcode pre-optimization in such a way that post-optimization, we can reason about register values/types at specific points in time. The hope...

pgoodman

Documentation

1

Some documentation on how this relates to mcsema (successor? stripped-down version?), how to build and use it would be nice.

Trass3r

This would let the LLVM side of things know what is mapped vs. not mapped, and then that would better inform our integer-to-pointer conversion stuff.

pgoodman

The idea is that, if we are using a disassembler such as IDA Pro or Binary Ninja to generate the spec, then we will be giving concrete addresses for stuff...

pgoodman