No more invalid basic blocks

• + added possiblity to decompile functions with wrong basic blocks
  (see hexrays.cfg; is partilly wrong output is better than no output?)
• + pushf/popf pairs are eliminated in basic blocks
• + rdtsc instruction is converted to RDTSC() call
• + more tail calls are recognized
• + prefer to preserve type names in type deductions
• + better heuristics to determine the number of tail call arguments
• + do not combine the frame pointer with any other register
• + improved display of arrays of nested structures
• + slightly improved local variable allocation
• + added support for 1-target switch idioms (curiously enough, they do exist)
• bugfix: decompiler could handle functions with the stack of 256kb max (docs states 1mb limit)
• bugfix: some ellipsis functions were losing '...' when decompiled multiple times
• bugfix: "jmp self" used as a case of a switch statement would lead to interr: switch(..) { .. case: while(1); ..}
• bugfix: functions with tail calls to nonreturning functions would cause interr
• bugfix: check that "void *" is 4 bytes; otherwise there will be an interr
• bugfix: using tab to switch to a problematic function that could not be decompiled would leave the existing pseudocode window empty; this could lead to a crash later
• bugfix: decompiler could destroy structure instances or data with user-defined type information
• bugfix: complex nested structure member references could be displayed wrongly

Easy structure types(click for more info)

• +new command: build a new structure type based on the access patterns from pseudocode
• +new command: select an existing struct from the list (convert to struct *)
• +new command: reset a pointer type
• +new command: "Edit, Comment, Delete pseudocode comments" to delete pseudocode comments from the disassembly listing
• +new command: "Edit, Other, Reset decompiler type information" to reset lvar types hindering the decompilation
• +new command: "Edit, Other, Toggle skippable instructions" to handle misidentified prolog/epilog instructions
• + more complex logic to select the better representation from ptr and &ptr->field0; if we can avoid a cast by adding a reference to zero offset field, then we do it
• + Tab key behaviour in the disassembly view is slightly different - if the current location does not belong to a function, it simply switches to the pseudocode window
• bugfix: some references to low part of a variable of a pointer type were represented incorrectly (ok: LOBYTE(v), bad: &v->field0)
• bugfix: decompiler was too aggressively deleting indirectly accessed stkvars
• bugfix: / in the pseudocode window could work as "add comments to disassembly view"
• bugfix: / invoked from the disassembly view could crash if repeated a few times
• bugfix: structure fields could not be manipulated (renamed or changed the type) in the expressions like ptr->field
• bugfix: a random crash could occur in very rare cases
• bugfix: shift left followed by shift right could erroneously converted into a division operation in some cases

Better user interface and improved robustness (click for more info)

• + multiple pseudocode windows can be opened
• + new command: copy c text to disassembly window (available from the right-click menu)
• + new command: the tab key toggles between the disassembly and pseudocode windows
• + new command: hide/unhide statements (if,loops,switch,blocks)
• + new command: jump to xref; since the pseudocode addresses do not map exactly to disassembly addresses, the decompiler jump to the nearest address if an exact match can not be found
• + status line of pseudocode window displays the name of the current function
• + spoiled<> keyword is supported by the decompiler (maybe there are some cases when it is ignored, requires more thourough testing)
• + more intelligent handling of tail calls
• + more intelligent detection of thiscall/fastcall function types
• + improved detection of saved eax/edx pairs: now such functions are correctly detected as returning 'void'
• bugfix: delieberately obfucsated code could cause interrs
• bugfix: wrong sp trace could lead to interr; now it leads to 'lvar allocation failure'
• bugfix: output code for the SF flag was incorrect. the code was "x<y" while it must be "(x-y)<0"
• bugfix: attempt to decompile an uncompletely analyzed function could lead to interr (because of incorrect sp values); now decompiler gracefully fails in the situation
• bugfix: function pointers can not be subtracted or compared but hexrays was doing it; added necessary casts to the output
• bugfix: some linux calls (accepting arrays as parameters) could cause interr
• bugfix: if the decompiled code was accessing undefined registers, the decompiler could interr

• + sdk: added reference manual; new functions; sample plugnis
  See a sample plugin in action
• + added invert sign command
• + added rule: (type)&x[0] => (type)x if x is not a structure field
• + double click on stkvar opens the function frame window
• + linux kernel get_current() macro is recognized
• + more aggressive variable propagation across function calls
• + more intelligent approach to instruction combining: we do not lump together array elements
• + sdk: user settings for any function are available without decompiling the function
• + stkvar types are guessed more accurately
• + the 'space' button jumps to the beginning of the current function if could not determine the exact instruction corresponding to the current item
• + added support for the 'ud2' instruction
• ida v5.1 does not support arrays of in-place structure definitions, the decompiler takes this into account
• removed CHECKMEM bit from interactive operation
• bugfix: '64bit app' flag in 32bit databases could cause an interr
• bugfix: 64bit arithmetic recognizer could divide by zero in some cases
• bugfix: in some cases N could be lost in expressions like "ptr+var+N"
• bugfix: reference to the first element of an array sometimes was not represented correctly
• bugfix: references to external symbols with addends were not handled properly (relevant only to object files)
• bugfix: some compiler helper functions could be missed because of the unexpected number of underscores in the name. now all underscores at the name start are ignored
• bugfix: structure/array reconstruction could cause an interr
• bugfix: unused structure types could be created
• bugfix: wrong function type (with overlapping input arguments) could be created

• + Hex-Rays SDK v1.0 has been released
  The current state and possible uses: click here
  To see a sample plugin: click here
• + added config file hexrays.cfg
  Background colors and various indentations can be configured
• + added support for bitfields
  For example, you can convert this:

    v2 = CreateFileA(lpFileName, 0xC0000000u, 3u, 0, 3u, 0x27u, 0);
          

  into this:

    v2 = CreateFileA(
           lpFileName,
           GENERIC_READ|GENERIC_WRITE,
           FILE_SHARE_WRITE|FILE_SHARE_READ,
           0,
           OPEN_EXISTING,
           FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM
           |FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_READONLY,
           0);
          

• + multiplications by big powers of 2 are replaced by shifts
  Before:

  v12 = 256 * v9->x1 + 65536 * v9->x2 + 16777216 * v9->x3 + v9->x0;
          

  After:

  v12 = (v9->x1 << 8) + (v9->x2 << 16) + (v9->x3 << 24) + v9->x0;
          

• + improved local variable allocation
  Almost all allocation failures have disappeared
• + more aggressive stack variable assignment elimination
  Useless assignments to stack variables (mostly because of push instructions that allocate the stack space) are eliminated from the output
• + use non-trivial label names from the diassembly in the pseudocode window
  Before:

  LABEL_20:
    cleanup(&v16);
    return v18;
          

  After:

  locret:
    cleanup(&v16);
    return v18;
          

• bugfix: fixed a minor and rare memory leak (lvar_ref_t)

• + added support for one yet another type of sparse switches
• + added handling of signed comparisons with a negative number
• + stkvars of structure type were used a byte arrays; now the decompiler knows to use their real type
• + switch case number formats can be specified by the user
• + minor optimization: switch ( x-N ) => switch ( N )
• bugfix: decompiler could produce wrong output if bit test and manipulation instructions were present (bt,btc,btr,bts,bsr,bsf) because it was not taking into account that the processor condition codes were modified
• bugfix: batch decompilation of all functions would crash with an external exception in some rare cases (logic flaw in the preparation of the function list)
• bugfix: the default .c output file name was based on the name of the first function instead of the input file name
• bugfix: it was not possible to create a new database and run decompiler in the batch mode; two step action was required: first create the database and analyze it, then run the decompiler