washi1337 / oldrod Goto Github PK
View Code? Open in Web Editor NEWAn automated KoiVM disassembler and devirtualisation utility
License: GNU General Public License v3.0
An automated KoiVM disassembler and devirtualisation utility
License: GNU General Public License v3.0
Describe the bug
every time i drag to oldrod some protect file its do that i think i have some bugs
maby i just idiot but help me please
didn't know if its really not supported or a bug so I'm sending the file. it's just a crap exe packed for a challenge.
is it possible to manually fix these?! or just skip this not-supported part so i can look into the devirted exe?
file:
https://easyupload.io/4ofp7o
Describe the bug
Adding to a previous bug report on the same topic:
OldRod adds different values to dictionaries, related to constants and opcodes specifically, under previously used keys. This causes an exception to be thrown.
In the context of the sample provided below, this behavior can first be seen in the OldRodPipeline.ConstantsResolutions.ConstantResolutionStage.AutoDetectConstants function, where OldRod adds values to the constants.* dictionaries.
If the above function is modified to skip attempts to add values under a previously used key, the issue reappears in OldRodPipeline.OpCodeResolution.OpCodeResolutionStage.MatchOpCodeTypes function where OldRod works with the mapping1, mapping2, and opcodes dictionaries.
To Reproduce
OldRod.exe 0onfirm.exe
The sample is part of a malware, so please exercise caution.
Attached sample (assembly):
Expected behavior
No use of previously used keys when working with dictionaries for constant and opcode mapping.
Thank you for considering this issue.
Additional context
/
Describe the bug
The bug happens when I try to simply drag the file into OldRod.exe. Screenshot is below.
To Reproduce
To reproduce I used the ConfuserEx-Mod-By-Bed-1.4.1. The bin file can be created using his tool from here: https://github.com/BedTheGod/ConfuserEx-Mod-By-Bed/releases using these settings: http://prntscr.com/r0t907
Screenshots
http://prntscr.com/r0t46s
Additional context
I've tried myself to modify the code from OldRod but with no success...
Ok i found something on KoiVM.dll from ConfuserEx-Mod-By-Bed-1.4.1. He used 4 new opcodes and the opcode with 0x72 byte is actually this "public const ILOpCode __ENDCALL = 72;".
The new 4 op codes are:
__ENTRY,
__EXIT,
__BEGINCALL,
__ENDCALL
The 'fish' signature (1752394086u) can be modified. I'd love to see support for that if possible :)
I've redownloaded the Newest Version of OldRod-master now and I just simply can't find any Executable or (Drag and Drop) file that I can use.
Screenshot: https://imgur.com/a/gqSff0F
Looks like the latest build artifacts were automatically deleted after a month. Anyway to trigger a rebuild? Thanks!
Describe the bug
Currently, the recompiler performs type inference of both variables and parameters for each virtualized method in one visit of the CIL AST. This introduces a problem if the CIL AST contains a call to an unexported virtualized method with a by-ref parameter. If the callee was not processed by type inference yet, then any argument expression that goes into this by-ref parameter slot will trigger an exception in the type inference stage (here). The type inference stage expects a ByReferenceTypeSignature
for each ldloca
expression, but the method signature is still the original System.Object
from the method signature auto-generated by the code analysis stage.
To Reproduce
Sample code that triggers the error:
using System;
using System.IO;
namespace MyProgram
{
public static class Program
{
public static void Main()
{
string temp = "Hello";
Temp(ref temp);
Console.WriteLine(temp);
}
private static void Temp(ref string arg)
{
arg += ", world!";
}
}
}
Ideas
Possible solution is to remove the sanity check all together, but this is undesirable. Another solution is to delay the verification, or split up parameter type inference from variable type inference. Another idea could be an additional check whether the parameter type is not finalized yet.
Hey i'am boomer and i post issue because i have bug when i drag and drop the file, i have debug and i get the error here
Describe the bug
Devirtualization of any method containing a filter
region will leed to an exception.
To Reproduce
Attempt to devirtualize the following sample:
filter-handler-sample.zip
Screenshots
Using code from https://github.com/Washi1337/OldRod/tree/a8dfa553769f5fcef3c5f2338242fa1561525acd
After applying changes in #54:
Unpacked the files with command as below:
OldRod.exe --verbose --koi-stream-name "Eddy^CZ" VBANavigator\Mclib.dll
The exception just as the below snapshot:
Attach the object files:
VBANavigator.zip
Describe the bug
error in a specific function recompilation
To Reproduce
binaries and config same as in issue https://github.com/Washi1337/OldRod/issues/69
Expected behavior
no error
Additional context
error generated :
17:25:45.785 [Recompiler]: Failed to recompile function_F8C3. Variable local_6 in the expression `call System.Void Sgafajta.Syscall.Uirqiaasuruyesu::__VMFUNCTION__15FD0(System.Object, System.Object, System.Object, System.Object, System.Object)(ldloca local_7, ldloca local_6, ldc.i4 64, ldsfld System.IntPtr System.IntPtr::Zero, ldsfld System.IntPtr System.IntPtr::Zero)` in __VMFUNCTION__F8C3 (06000000) was passed on by reference, but does not have a by-reference expected type.
Describe the bug
A class's interface implementations are not taken into consideration for tye inference and type conversion insertion.
Example:
IMyDisposable
interface implements System.IDisposable
interface and MyDisposable
class implements IMyDisposable
interface.
OldRod produces the following code:
The castclass
to System.IDisposable
is redundant since the parameter which is loaded before it is of type IMyDisposable
which implements IDisposable
.
If we look at the code before virtualization and then devirtualization we see exactly that.
Similar behavior can be seen where the aforementioned method is used:
We see another redundant cast to, this time, IMyDisposable
. As before this cast is redundant as the MyDisposable
class already implements that interface.
If we look at the non-processed code we see the cast is missing:
To Reproduce
Devirtualize the sample provided in the zip file below:
sample2.zip
Please dont hurt me when it cannot work like that, i'm an idiot. I don't understand how OldRod works, and propably never will. Same with koi VM.
So, i found a program which was protected with anti tamper, and koi VM. I wanted to remove the anti-tamper first (i think old rod cannot read the assembly cuz of it), and then devirtualize it with old rod.
First i put breakpoint in module (after VM.VM)
And then loaded it from memory to DnSpy, and got this:
When i tried to save it there was no koi stream on target PE, so i copied that methods from module in memory tothe original program.
i replaced all methods with anti tamper and saved. Then used this command in old rod
and then devirtualized that file, but it was weird.
Link to all files are here: https://anonfile.com/d3g7ffn5o3/Dominus_rar
I got an exception while trying an app.
Describe the bug
As title says, this causes ExpectedType.IsTypeOf() to throw a NullReferenceException
To Reproduce
Steps to reproduce the behavior (preferably including a download link to a sample binary). https://www33.zippyshare.com/v/UbHtNoQA/file.html
Expected behavior
It should be anything but not null
Screenshots
https://i.imgur.com/XEEs1S8.png
Describe the bug
When a protected binary contains a virtualized parameterless constructor, OldRod cannot infer the declaring type, and makes it static. This results in the recompiler failing as well since the this parameter does not exist, resulting in an IndexOutOfRangeException.
To Reproduce
Sample code that triggers the error:
using System;
namespace MyProgram
{
public class MyClass
{
public int X;
public MyClass()
{
X = 1234;
}
}
public static class Program
{
public static void Main(string[] args)
{
var x = new MyClass();
Console.WriteLine(x.X);
}
}
}
Expected behavior
A proper declaring type inference + proper recompilation.
Additional context
Related to #17
Is your feature request related to a problem? Please describe.
People starting to find out that you can scramble the mdtokens of constants, making the tool useless. I'd love to see a feature added to override the constant values if possible :)
Describe the solution you'd like
--constants-override "file (json or txt)", which will override the constant (for example: 0:15 means REG_R0 has a value of 15)
test.zip
Can You please analyse this and tell me why does it fail recompiling
this is the verbose for it.
verbose.txt
pls help i don't know how to update it im new here :((
Describe the bug
KoiVM does not have a dedicated instruction for pushing floating point constants. Instead, it reuses the PUSHI_DWORD or PUSHI_QWORD instructions, as they use the same amount of bits as a float or a double respectively. This is not taken into account in the recompiler. The recompiler always interprets constants pushed by these instructions as int32 or int64 values.
To Reproduce
using System;
namespace MyProgram
{
public static class Program
{
public static void Main()
{
TestFloat(1.0F);
TestDouble(2.0F);
}
public static void TestFloat(float x)
{
Console.WriteLine(x);
}
public static void TestDouble(double x)
{
Console.WriteLine(x);
}
}
}
Expected behavior
Old Rod should devirtualize back to the following code:
Program.TestFloat(1.0F);
Program.TestDouble(2.0F);
but instead it produces:
Program.TestFloat((float)1065353216);
Program.TestDouble((double)4611686018427387904L);
Additional context
Many Windows Forms and WPF applications depend on this, as they use floats to assign locations and/or sizes to controls.
19:26:44.188 [Main]: Started devirtualisation.
19:26:44.196 [Main]: Opening target file D:!Important\repos\ConsoleApp5\ConsoleApp5\bin\Debug\Confused\ConsoleApp5.exe...
19:26:44.278 [Main]: Runtime is embedded in the target assembly.
19:26:44.279 [Main]: Executing Constants resolution stage...
19:26:44.341 [Main]: Executing #Koi stream parsing stage...
19:26:44.342 [Main]: Executing Virtualised method detection stage...
19:26:44.385 [Main]: Executing OpCode mapping resolution stage...
19:26:44.403 [Main]: Executing VM code recovery stage...
19:26:44.537 [Main]: Executing Code Analysis Stage...
19:26:44.627 [Main]: Executing IL AST builder stage...
19:26:44.721 [Main]: Executing CIL Recompiler stage...
19:26:45.070 [Main]: Executing Clean up stage...
19:26:45.071 [Main]: Commiting changes to metadata streams...
19:26:45.150 [TUI]: Something went wrong! Try the latest version or report a bug at the repository.
19:26:45.151 [TUI]: AssemblyResolutionException: Assembly mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 could not be resolved.
19:26:45.151 [TUI]: Use --verbose or inspect the full report.log using --log-file for more details.
19:26:45.152 [TUI]: Process finished with 0 warnings and 1 errors.
https://outbuilt.ooo/o/y1ocp.png
Describe the bug
The recompiler uses the ldsfld opcode which is meant for static fields to load instance fields. The proper ldfld should be used.
To Reproduce
My KeyGenMe (Washi you have the link I am pretty sure)
Expected behavior
The ldfld opcode is used for instance fields while the ldsfld opcode is used for static fields
I receive RecompilerExeption:
Describe the bug
KoiVM converts the CIL Neg
OpCode into two different expressions depending on the type.
0 - a
in place of -a
~a + 1
in place of -a
To Reproduce
Devirtualize sample file provided for issue #44.
Expected behavior
The Neg
OpCode should be emitted for both of the aforementioned expressions.
Please look at the screenshot.
Describe the bug
Bug in devirtualisation of code
To Reproduce
use attached binary and config
Expected behavior
a devirtualised output
Additional context
14:41:02.769 [VMMethodDetection]: Not all VM exports were mapped to physical method definitions (56 out of 76 were mapped). Dummies will be added to the assembly for the remaining exports.
14:41:02.769 [Main]: Executing OpCode mapping resolution stage...
14:41:02.770 [MappingResolver]: Finding opcode handlers using custom constant mapping is unsupported.
14:41:02.770 [Main]: Executing VM code recovery stage...
14:41:02.778 [InferenceDisasm]: Started disassembling function_15EED...
14:41:02.811 [TUI]: Something went wrong! Try the latest version or report a bug at the repository.
14:41:02.814 [TUI]: System.NullReferenceException: Object reference not set to an instance of an object.
at OldRod.Core.Emulation.InstructionEmulator.EmulateInstruction(ILInstruction instruction)
at OldRod.Core.Disassembly.Inference.InstructionProcessor.InferJumpTargets(ILInstruction instruction)
at OldRod.Core.Disassembly.Inference.InstructionProcessor.PerformFlowControl(VMFunction function, ILInstruction instruction, List`1 nextStates, ProgramState next)
at OldRod.Core.Disassembly.Inference.InstructionProcessor.GetNextStates(VMFunction function, ProgramState currentState, ILInstruction instruction, UInt32 nextKey)
at OldRod.Core.Disassembly.Inference.InferenceDisassembler.ContinueDisassembly(VMFunction function, IEnumerable`1 initialStates)
at OldRod.Core.Disassembly.Inference.InferenceDisassembler.ContinueDisassemblyForFunction(VMFunction function)
at OldRod.Core.Disassembly.Inference.InferenceDisassembler.DisassembleFunctionsImpl()
at OldRod.Core.Disassembly.Inference.InferenceDisassembler.DisassembleFunctions()
at OldRod.Pipeline.Stages.VMCodeRecovery.VMCodeRecoveryStage.Run(DevirtualisationContext context)
at OldRod.Pipeline.Devirtualiser.RunPipeline(DevirtualisationContext context)
at OldRod.Pipeline.Devirtualiser.Devirtualise(DevirtualisationOptions options)
at OldRod.Program.Main(String[] args)
14:41:02.815 [TUI]: Process finished with 3 warnings and 1 errors.
when I put the software obfuscate with koivm it makes me an erreur has "Excuting CIL Recompiler Stage ..."
Download Link of the software : https://www.dropbox.com/s/31kj7fc2qbok491/software.zip?dl=0
Error : Can not cast an object of type 'AsmResolver.Net.Signatures.TypeDefOrRefSignature' to type 'AsmResolver.Net.Signatures.ByReferenceTypeSignature'.
Screenshot of the error : https://i.imgur.com/Et683bU.png
Describe the bug
Error: InvalidCastException: Unable to cast object of type 'AsmResolver.DotNet.Serialized.SerializedMethodDefinition' to type 'AsmResolver.DotNet.TypeDefinition'.
Attached is bug report.
This is a modded koivm, I used the settings: "OldRod.exe C:\Users\Cox\Downloads\KIR-BENI-DELUXE.exe -kd C:\Users\Cox\Downloads\gay.bin --entry-type 06000064 --salvage".
gay.bin = dumped koi variable number 1
report.log
To Reproduce
Reproduce: https://cdn.discordapp.com/attachments/829711167719079945/847527939377201232/KIR-BENI-DELUXE.exe
Expected behavior
I expected it to work.
Screenshots
If applicable, add screenshots to help explain your problem.
Additional context
I think this is a bug.
23:34:29.644 [Main]: Started devirtualisation.
23:34:29.654 [Main]: Opening target file E:\Rec\huiREC.exe...
23:34:29.816 [Main]: Attempting to autodetect location of the runtime library...
23:34:29.819 [Main]: No references found to a runtime library.
23:34:29.823 [Main]: Runtime is embedded in the target assembly.
23:34:29.827 [Main]: Executing Constants resolution stage...
23:34:29.832 [ConstantsResolver]: Attempting to auto-detect constants...
23:34:29.845 [ConstantsResolver]: Locating constants type...
23:34:29.877 [TUI]: Something went wrong! Try the latest version or report a bug at the repository.
23:34:29.923 [TUI]: OldRod.Pipeline.DevirtualisationException: Could not locate constants type!
在 OldRod.Pipeline.Stages.ConstantsResolution.ConstantsResolutionStage.FindConstantFieldsAndValues(DevirtualisationContext context)
在 OldRod.Pipeline.Stages.ConstantsResolution.ConstantsResolutionStage.AutoDetectConstants(DevirtualisationContext context)
在 OldRod.Pipeline.Stages.ConstantsResolution.ConstantsResolutionStage.Run(DevirtualisationContext context)
在 OldRod.Pipeline.Devirtualiser.RunPipeline(DevirtualisationContext context)
在 OldRod.Pipeline.Devirtualiser.Devirtualise(DevirtualisationOptions options)
在 OldRod.Program.Main(String[] args)
When using the devirt I am getting following exception:
System.InvalidCastException: The AsmResolver.Net.Cts.TypeSpecification object can not be cast as AsmResolver.Net.Signatures.ByReferenceTypeSignature.
at OldRod.Core.Recompiler.Transform.TypeInference. <> c. b__6_0 (CilVariableExpression use)
at System.Linq.Enumerable.WhereSelectListIterator2.MoveNext () at System.Linq.Enumerable.WhereEnumerableIterator
1.MoveNext ()
at System.Linq.Buffer1..ctor (IEnumerable
1 source)
at System.Linq.Enumerable.ToArray [TSource] (IEnumerable1 source) at OldRod.Core.Recompiler.Transform.TypeInference.TryInferVariableType (CilVariable variable) at OldRod.Core.Recompiler.Transform.TypeInference.VisitCompilationUnit (CilCompilationUnit unit) at OldRod.Core.Ast.Cil.CilCompilationUnit.AcceptVisitor [TResult] (ICilAstVisitor
1 visitor)
at OldRod.Core.Recompiler.Transform.ChangeAwareCilAstTransform.ApplyTransformation (RecompilerContext context, CilCompilationUnit unit)
at OldRod.Core.Recompiler.Transform.TypeInference.ApplyTransformation (RecompilerContext context, CilCompilationUnit unit)
at OldRod.Core.Recompiler.Transform.ChangeAwareCilAstTransform.OldRod.Core.Recompiler.Transform.ICilAstTransform.ApplyTransformation (RecompilerContext context, CilCompilationUnit unit)
at OldRod.Core.Recompiler.ILToCilRecompiler.ApplyTransformations (CilCompilationUnit cilUnit)
at OldRod.Core.Recompiler.ILToCilRecompiler.Recompile (ILCompilationUnit unit)
at OldRod.Pipeline.Stages.Recompiling.RecompilerStage.RecompileToCilAst (DevirtualisationContext context, VirtualisedMethod method)
at OldRod.Pipeline.Stages.Recompiling.RecompilerStage.Run (DevirtualisationContext context)
at OldRod.Pipeline.Devirtualiser.RunPipeline (DevirtualisationContext context)
at OldRod.Pipeline.Devirtualiser.Devirtualise (DevirtualisationOptions options)
at OldRod.Program.Main (String [] args)
Hello, I was trying to devirt this application when this Error occurred. Here are the files & verbose.
Describe the bug
OldRod's type analyzer doesn't treat interfaces to be objects. This causes weird casts to System.Object
like in the example below. These casts often occur to null checking code.
This code works exactly the same and is cleaner when decompiled if the castclass
to System.Object
is removed from the method.
To Reproduce
Devirtualize the sample provided for issue #47.
Potential solution
OldRod/src/OldRod.Core/Recompiler/Transform/TypeHelper.cs
Lines 134 to 136 in 6773f8d
if (typeDef.IsEnum)
typeSig = typeDef.GetEnumUnderlyingType();
else if (typeDef.IsInterface && typeDef.BaseType is null)
typeSig = _objectType.ToTypeSignature();
else
typeSig = typeDef.BaseType?.ToTypeSignature().InstantiateGenericTypes(genericContext);
This seems to resolve the problem. However, I am not sure if this would have some side effects which didn't come up in my very limited testing.
Would this be ok? If yes then I can make a PR :)
I am getting An item with the same key has already been added. Key: 24
when I am trying to unpack a koi protected exe. I downloaded the repo, built the project as a release (I did not change anything) and getting this error. Here is the full log:
08:57:43.676 [TUI]: Something went wrong! Try the latest version or report a bug at the repository.
08:57:43.718 [TUI]: System.ArgumentException: An item with the same key has already been added. Key: 24
at System.Collections.Generic.Dictionary`2.TryInsert(TKey key, TValue value, InsertionBehavior behavior)
at System.Collections.Generic.Dictionary`2.Add(TKey key, TValue value)
at OldRod.Pipeline.Stages.ConstantsResolution.ConstantsResolutionStage.AutoDetectConstants(DevirtualisationContext context) in C:\Users\Aholicknight\Source\Repos\OldRod\src\OldRod.Pipeline\Stages\ConstantsResolution\ConstantsResolutionStage.cs:line 92
at OldRod.Pipeline.Stages.ConstantsResolution.ConstantsResolutionStage.Run(DevirtualisationContext context) in C:\Users\Aholicknight\Source\Repos\OldRod\src\OldRod.Pipeline\Stages\ConstantsResolution\ConstantsResolutionStage.cs:line 43
at OldRod.Pipeline.Devirtualiser.RunPipeline(DevirtualisationContext context) in C:\Users\Aholicknight\Source\Repos\OldRod\src\OldRod.Pipeline\Devirtualiser.cs:line 213
at OldRod.Pipeline.Devirtualiser.Devirtualise(DevirtualisationOptions options) in C:\Users\Aholicknight\Source\Repos\OldRod\src\OldRod.Pipeline\Devirtualiser.cs:line 92
at OldRod.Program.Main(String[] args) in C:\Users\Aholicknight\Source\Repos\OldRod\src\OldRod\Program.cs:line 207
Any help would be appreciated. Thanks!
please check this unpackme
Protected.zip
Bug:
I don't know how I could say it. But happens when it tries to reassemble the file.
To Reproduce
Drag and drop the sample in OldRod and you will get the error.
Sample: https://anonymousfiles.io/jhsrh9Sr/
Expected behavior
I expected it to devirtualize it succesfully, because I had a sample that looked same and it got succesfully devirtualized.
Screenshots
If applicable, add screenshots to help explain your problem.
report file:
report.log
Image: https://imgur.com/RxFbvh9
If I try to fix the issue and build it I get this error when trying to devirt an assembly:
17:28:47.538 [Main]: Started devirtualisation.
17:28:47.546 [Main]: Opening target file C:\Users\MauriceHuber\Desktop\DevirtMe.exe...
17:28:47.612 [Main]: Runtime is embedded in the target assembly.
17:28:47.613 [Main]: Executing Constants resolution stage...
17:28:47.674 [Main]: Executing #Koi stream parsing stage...
17:28:47.676 [Main]: Executing Virtualised method detection stage...
17:28:47.716 [Main]: Executing OpCode mapping resolution stage...
17:28:47.736 [Main]: Executing VM code recovery stage...
17:28:48.011 [Main]: Executing Code Analysis Stage...
17:28:48.020 [Main]: Executing IL AST builder stage...
17:28:48.158 [Main]: Executing CIL Recompiler stage...
17:28:48.338 [TUI]: Something went wrong! Try the latest version or report a bug at the repository.
17:28:48.339 [TUI]: InvalidCastException: The object of the type "AsmResolver.Net.Cts.TypeReference" can not be converted to type "AsmResolver.Net.Signatures.ByReferenceTypeSignature".
17:28:48.340 [TUI]: Use --verbose or inspect the full report.log using --log-file for more details.
17:28:48.341 [TUI]: Process finished with 0 warnings and 1 errors.
Press any key to continue...
Describe the bug
OldRod currently recompiles all REM
, SHR
, and DIV
instructions to the CIL *_Un variants. This works well enough when Shr
, Div
, and Rem
are virtualized since KoiVM doesn't emit any additional code for them. However, if Shr_Un
, Div_Un
, or Rem_Un
are virtualized KoiVM emits a store to the FL
register to set the UNSIGNED
flag. When this occurs OldRod does not properly handle this flag and rather messy code is produced.
To Reproduce
Devirtualize the same sample file from issue #44.
Expected behavior
OldRod should recompile REM
, SHR
, and DIV
instructions to the regular CIL variants (Rem
, Shr
, Div
). If the UNSIGNED
flag is set in FL
register before the operation the instructions should be recompiled to the *_Un variants.
Describe the bug
I'm trying to decompile a modded KoiVM. I've already modified the code for the earlier steps (like the Koi stream and VMEntry type detection) to work. However there's one last problem at the IL to CIL recompiler. At one point, every (or almost every) recompilation of "initial CIL AST"s will fail, resulting in a "The given key is missing from the dictionary" error. When using the --salvage
option, at the end of everything there are exactly 546 errors, all of which seem to be that same dictionary error.
To Reproduce
Here's the binary file I'm trying to decompile : Brain.zip
Expected behavior
I'm expecting OldRod to recompile the executable without any problems (I do expect warnings but no errors, or very minor errors), but this clearly isn't the case.
Additional context
I don't know if this will help, but I've modified some function (in the same stage, IL to CIL recompiler) that also failed the recompilation. It was an IndexOutOfRangeException
(or something like that) about getting the signature index by index of a parameter (I think it was in the VisitCompilationUnit
function), and I simply added a condition to break if the parameter index is less or equal to 0.
I also don't have a deep knowledge of (C)IL or stuff like that, so any help is appreciated.
Describe the bug
When a method does not have a physical counterpart, the return type and parameter types are unknown and need to be inferred. In my testing, it looks like the return type of these methods is not inferred at all and is just set to System.Object
. This causes many boxing issues to occur when these methods are used.
In this method, we see that the parameter was inferred but the return type is System.Object
.
If we look at the IL code we see that the return value is boxed as System.UInt32
.
However, if we look at the usage of this method we see that the return value is unboxed as System.Int32
.
This leads to an exception at runtime since the types do not match. The return type should be inferred so that hopefully casts can be inferred at later stages of recompilation.
Furthermore, this is a bit more nitpicky but the parameter of __VMFUNCTION__07F2
could also be inferred as System.Byte[]
instead of System.Array
for greater accuracy.
To Reproduce
Attempt to devirtualize the sample provided in the zip below.
NOTE: there are other methods in this unrelated to the problem.
sample.zip
Is decompiling and using one 1 variable by method...
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.