Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja
https://binary.ninja/
MIT License
927 stars 209 forks source link

Functions have no argument at call site despite having the correct signature #3153

Closed xire- closed 1 year ago

xire- commented 2 years ago

Version and Platform (required):

Bug Description: Functions have no arguments where they are called, even though Binja correctly find all parameters.

I'm making a an architecture plugin for an embedded architecture and found this weird behaviour where Binja find the correct function signature but then fails to apply it at the call site.

Function signature:

func singnature

LLIL:

LLIL

HLIL(broken):

broken HLIL

I found this discussion where another user was having the same issue.

I tried creating a calling convention but that doesn't really help since this architecture doesn't have one.

class DefaultCallingConvention(CallingConvention):
    int_arg_regs = ['R0', 'R1', 'R2', 'R3', 'R4', 'R5', 'R6']

Functions using registers in a different order then the one specified generates wrong function signatures. For example a function using R0 and R4 will also have R1, R2, R3 as parameters.

xire- commented 2 years ago

I might have found a fix. While messing around with calling conventions I noticed that the registers not specified in the calling convenction were getting the correct type in the function signature and were present in the function call site. So I created an empty calling convenction and now all functions are displayed correctly at theis call site.

HLIL(correct):

working HLIL

class DefaultCallingConvention(CallingConvention):
    int_arg_regs = []

_arch = binaryninja.architecture.Architecture['Test']
_arch.register_calling_convention(DefaultCallingConvention(_arch, 'default'))
_arch.standalone_platform.default_calling_convention = _arch.calling_conventions['default']

So maybe this isn't a bug, but it's at least unexpected to have Binja fails to display function arguments without at least a warning

fuzyll commented 2 years ago

We believe this is a documentation issue, rather than an actual implementation issue. However, we'll look into it (and add some documentation regardless). Thanks for the report!

plafosse commented 1 year ago

This ultimately is a duplicate of this issue: https://github.com/Vector35/binaryninja-api/issues/3927 where under some conditions we can't determine parameters we should be displaying this information in the UI at the callsite.