Merge remote-tracking branch 'origin/Ghidra_11.0'

2026-06-01 07:46:56 +08:00 · 2023-12-20 13:09:57 -05:00
parent 5bc3b5eb78 a1d3a45982
commit 7864905bb6
14 changed files with 251 additions and 65 deletions
@@ -26,7 +26,7 @@
 <blockquote><p><u><B>New Features</B></u></p>
 <ul>
    <li><I>Analysis</I>. Added initial Rust support, including the handling of mangled names and calling conventions. (GP-2412)</li>
-    <li><I>BSim</I>. Introduced BSim support (see docs/GhidraClass/BSim/).  (GP-4009)</li>
+    <li><I>BSim</I>. Introduced BSim support (see <span class="gcode">docs/GhidraClass/BSim/</span>). (GP-4009)</li>
    <li><I>Calling Conventions</I>. Added support for the <span class="gcode">Indirect result location register</span> for ARM64 calling conventions. (GP-3938, Issue #951)</li>
    <li><I>CodeBrowser</I>. Added a right-click <span class="gtitle">Copy</span> action in the CodeBrowser's Listing that copies a <em>Local</em> or <em>Shared</em> <span class="gcode">GhidraURL</span> to the program. The <span class="gcode">GhidraURL</span> points to the specific address at which the cursor is located within the program. (GP-3626)</li>
    <li><I>Data Types</I>. Added <span class="gtitle">Search -> For Encoded Strings...</span> dialog that simplifies finding and creating strings with various charsets and alphabets. (GP-2628, Issue #1582, #2106)</li>
@@ -37,12 +37,12 @@
    <li><I>Debugger:Targets</I>. API: Added <span class="gcode">Target</span> interface to abstract <span class="gcode">TraceRecorder</span> and <span class="gcode">TraceRmi</span>. (GP-2740)</li>
    <li><I>Debugger:Targets</I>. Created <span class="gtitle">Connections</span> panel for Trace RMI. (GP-3836)</li>
    <li><I>FileSystems</I>. Added a <span class="gcode">GFileSystem</span> supporting the CaRT file format. (GP-3748, Issue #5568)</li>
-    <li><I>GhidraGo</I>. Implemented GhidraGo, an experimental feature that, when enabled, causes Ghidra to listen for GhidraURLs. The only supported GhidraURLs for GhidraGo currently link to a Ghidra DomainFile handled by the CodeBrowser. The readme for GhidraGo includes instructions on setting up a protocol handler for GhidraURLs. GhidraGo will open Ghidra if a Ghidra is not already running and listening (i.e., it has the GhidraGo plugin enabled). (GP-2774)</li>
+    <li><I>GhidraGo</I>. Implemented GhidraGo, an experimental feature that, when enabled, causes Ghidra to listen for GhidraURLs. The only supported GhidraURLs for GhidraGo currently link to a Ghidra DomainFile handled by the CodeBrowser. The readme for GhidraGo includes instructions on setting up a protocol handler for GhidraURLs. GhidraGo will open Ghidra if a Ghidra is not already running, but Ghidra must be configured to listen (i.e., it has the GhidraGo plugin enabled). (GP-2774)</li>
    <li><I>GUI</I>. Added <span class="gtitle">Select -> Create Table From Ranges</span> action to create a table based on the address ranges in a selection. (GP-2297)</li>
    <li><I>GUI</I>. Added a new <span class="gcode">GTree</span> filter setting that allows users to filter on the node's path. (GP-2419)</li>
    <li><I>Importer:Mach-O</I>. <span class="gcode">dyld_shared_cache</span> components extracted from Ghidra's <span class="gcode">DyldCacheFileSystem</span> can now be added together on-demand with the <span class="gtitle">Add To Program</span> feature.  Broken references can be automatically resolved by right-clicking on them and clicking <span class="gtitle">References -> Add To Program</span>. (GP-3753, Issue #5023)</li>
    <li><I>Processors</I>. Added support for the Loongson processor architecture. (GP-3211, Issue #5083)</li>
-    <li><I>Version Tracking</I>. Added a new Version Tracking correlator based on BSim function similarity.  (GP-4076)</li>
+    <li><I>Version Tracking</I>. Added a new Version Tracking correlator based on BSim function similarity. (GP-4076)</li>
 </ul>
 </blockquote>
 <blockquote><p><u><B>Improvements</B></u></p>
@@ -51,6 +51,8 @@
    <li><I>Analysis</I>. Made minor fixes to ARM aggressive instruction finder for stack trace and speed improvement. (GP-3855)</li>
    <li><I>API</I>. Added a program caching system for use by clients that want to open programs, do some work, and then close them without them appearing in the tool. Prior to this, all programs that were opened were kept open by the tool until the user manually closed them. (GP-3979)</li>
    <li><I>API</I>. Updated <span class="gcode">ApplyFunctionSignatureCmd</span> and <span class="gcode">FunctionUtility.updateFunction</span> to optionally allow all applied composites to be cleaned (i.e., force to not-yet-defined state) before being applied.  In addition, a datatype conflict handler may now be specified which can control how conflicts of applied datatypes should be handled. (GP-4051)</li>
+    <li><I>Basic Infrastructure</I>. Upgraded to FlatLaf 3.2.1. (GP-3645, Issue #5539)</li>
+    <li><I>Basic Infrastructure</I>. Upgraded Guava to 32.1.3. (GP-4053)</li>
    <li><I>Build</I>. The Ghidra Software Bill of Materials (SBOM) now includes entries for Ghidra's module jars.  Jar descriptions are also now provided when available. (GP-3824, Issue #5513)</li>
    <li><I>CodeCompare</I>. The Decompiler Diff View now supports searching via <span class="gcode">Ctrl-F</span>. (GP-4000)</li>
    <li><I>CodeCompare</I>. Fixed Function Comparison Window to not initially show the same function in both windows. (GP-4005)</li>
@@ -64,6 +66,7 @@
    <li><I>Decompiler</I>. Added toggle buttons to quickly change the <span class="gtitle">Eliminate unreachable code</span> and <span class="gtitle">Respect readonly flags</span> Decompiler settings. These settings are local to the Decompiler view and will not persist in the tool. (GP-3919)</li>
    <li><I>Decompiler</I>. Added formatting options for braces, <span class="gcode">&lbrace;</span> and <span class="gcode">&rbrace;</span>, in Decompiler output. (GP-3965, Issue #1240, #1937, #1938, #4914, #81)</li>
    <li><I>Demangler</I>. Updated the GNU Demangler binary used by Ghidra to version 2.41. (GP-3577)</li>
+    <li><I>Demangler</I>. Revised signature source type applied by GNU demanglers to <span class="gcode">ANALYSIS</span> instead of <span class="gcode">IMPORTED</span>. (GP-4139)</li>
    <li><I>Exporter</I>. The C/C++ exporter now includes equate definitions if data types are being emitted. (GP-3010, Issue #4878)</li>
    <li><I>Extensions</I>. Added a classpath isolation option for Extensions (settable in <span class="gcode">launch.properties</span>). (GP-3623)</li>
    <li><I>FileSystems</I>. The <span class="gcode">dyld_shared_cache</span> filesystem can now extract files for stubs and standalone data. (GP-3860)</li>
@@ -81,17 +84,16 @@
    <li><I>Listing</I>. Added options for disabling various EOL Auto-Comments. (GP-3531)</li>
    <li><I>Listing</I>. Corrected operand markup of offcut instruction references which failed to respect the <span class="gtitle">Display Namespace</span> operand field option. (GP-3985, Issue #5886)</li>
    <li><I>Memory</I>. Updated overlay address space support to allow multiple memory blocks to reside within a single overlay space. (GP-3903)</li>
-    <li><I>None</I>. Upgraded to FlatLaf 3.2.1. (GP-3645, Issue #5539)</li>
    <li><I>PDB</I>. Changed the PDB data types processing to use a resolve-as-you-go model, eliminating the dependency graph and the need for holding onto the PDB types within the processing model.  The benefits of this change are being made available by other improvements.  In addition, changes have been made to improve the accuracy of some data types. (GP-3715)</li>
    <li><I>PDB</I>. In order to reduce memory consumption, modified PdbReader to load certain components and data structures only when needed and provided some iterators to consumers such as PDB Universal Analyzer. (GP-3995)</li>
    <li><I>Processors</I>. Added language module for the Tensilica Xtensa processor. (GP-1062, Issue #1407, #5442)</li>
-    <li><I>Processors</I>. Updated binutils to version 2.41. (GP-3833)</li>
    <li><I>SARIF</I>. Added support for SARIF data export/import. (GP-3832)</li>
    <li><I>Version Tracking</I>. Updated <span class="gcode">AutoVersionTrackingScript</span> to create implied matches if option is chosen by the user. (GP-3765)</li>
    <li><I>Version Tracking</I>. Improved and sped up the <span class="gcode">AutoVersionTracking</span> algorithm to determine and apply good matches from the possible matches returned from the <span class="gcode">DuplicateFunctionMatchCorrelator</span>. (GP-3854, Issue #5857)</li>
    <li><I>Version Tracking</I>. Added numerous options to Auto Version Tracking that can change which correlators are used and control their individual options. (GP-3934)</li>
    <li><I>Version Tracking</I>. Auto Version Tracking now applies implied matches if the minimum number of votes and maximum number of conflicts conditions are met, as determined by the chosen options. (GP-3953)</li>
    <li><I>Version Tracking</I>. Updated Auto Version Tracking to check related associations for already-accepted matches before accepting new matches. (GP-4008, Issue #4875)</li>
+    <li><I>Version Tracking</I>. Improved default Version Tracking session name generated by new session wizard. (GP-4091)</li>
 </ul>
 </blockquote>
 <blockquote><p><u><B>Bugs</B></u></p>
@@ -101,7 +103,8 @@
    <li><I>Analysis</I>. Fixed evaluator check before using it in constant analysis. (GP-3970)</li>
    <li><I>Build</I>. Fixed <span class="gcode">nodepJar</span> task dependencies for Gradle 8. (GP-3977, Issue #5902)</li>
    <li><I>Data Types</I>. Corrected self-referencing data type resolution issue for function definitions which could result in datatype errors. (GP-4078, Issue #5927)</li>
-    <li><I>Debugger</I>. Fixed when "Control Target" can be selected. (GP-4099)</li>
+    <li><I>Debugger</I>. Fixed when <span class="gtitle">Control Target</span> can be selected. (GP-4099)</li>
+    <li><I>Debugger:Agents</I>. Fixed GADP agent launch scripts to pass arguments through. (GP-4132, Issue #6016)</li>
    <li><I>Debugger:dbgeng.dll</I>. Fixed an error that resulted in quotes being stripped from command-line arguments for dbgeng/dbgmodel. (GP-3846, Issue #5789)</li>
    <li><I>Debugger:dbgeng.dll</I>. Created better updating strategy for dbgeng/model memory. (GP-3899, Issue #5817)</li>
    <li><I>Debugger:Emulator</I>. Fixed issue with resuming after performing p-code steps in the Emulator. (GP-3706)</li>
@@ -116,6 +119,8 @@
    <li><I>Decompiler</I>. Fixed bug in the brace-highlighting action for the Decompiler window that could cause it not to be able to find matching braces. (GP-3945, Issue #5643)</li>
    <li><I>Decompiler</I>. Fixed bug in Decompiler that could cause crashes when analyzing NaN operations. (GP-3981)</li>
    <li><I>Decompiler</I>. Fixed a bug that causes the Decompiler to fail on some systems with a <em>"Datatype must have a valid id"</em> exception. (GP-4020)</li>
+    <li><I>Decompiler</I>. Fixed an infinite loop in the Decompiler caused by small parameters getting passed to subfunctions via larger registers containing stale values in their upper bytes. (GP-4102, Issue #5934)</li>
+    <li><I>Decompiler</I>. Fixed a bug that could cause the Decompiler to crash when printing pieces of a dynamic symbol. (GP-4119, Issue #6005)</li>
    <li><I>Demangler</I>. Fixed GNU Demangler analysis live-lock issue. (GP-4071, Issue #5987)</li>
    <li><I>Documentation</I>. Fixed field constraint example in the Sleigh documentation. (GP-4046, Issue #5933)</li>
    <li><I>Eclipse Integration</I>. Ghidra can now launch Eclipse Ubuntu snap installations from the Script Manager. (GP-3473)</li>
@@ -137,8 +142,10 @@
    <li><I>Headless</I>. The Headless Analyzer can now recurse into supported <span class="gcode">GFileSystem</span> container files when a recursion depth of one or more is specified on the command line. (GP-3273, Issue #5167)</li>
    <li><I>Importer</I>. Importing libraries that are referenced by absolute path (such as with Mach-O) now get saved to the project with their folder structure intact.  This fixes a potential <span class="gcode">DuplicateKeyException</span> that could occur when using a <span class="gtitle">Recursive Library Load Depth</span> greater than <span class="gcode">1</span>, and removes any ambiguity that could occur when linking a program to its libraries. (GP-3922)</li>
    <li><I>Importer</I>. Fixed an uncaught <span class="gcode">InvalidPathException</span> that could occur when loading libraries during import. (GP-4050, Issue #5894)</li>
+    <li><I>Importer:ELF</I>. Corrected ELF object module GOT allocation for x86-64 object modules during relocation processing. (GP-4118, Issue #5961)</li>
    <li><I>Importer:Mach-O</I>. The <span class="gcode">MachoLoader</span> now creates thunks on stubs. (GP-3248, Issue #3146)</li>
    <li><I>Importer:PE</I>. Fixed an exception that could sometimes occur when parsing PE files containing debug line number information. (GP-3963, Issue #5899)</li>
+    <li><I>Languages</I>. Corrected MIPS pcode for <span class="gcode">di</span> and <span class="gcode">ei</span> instructions. (GP-3875)</li>
    <li><I>Languages</I>. Corrected stack pointer update in <span class="gcode">alloca_probe</span> x64 windows callfixup. (GP-3915, Issue #5844)</li>
    <li><I>Languages</I>. Updated x86 register addressing for <span class="gcode">ST</span> and <span class="gcode">MM</span> registers to achieve proper overlap.  The upper 16-bits of the <span class="gcode">ST</span> registers still remain unaffected by MMX instructions which write to the <span class="gcode">MM</span> registers. (GP-3956)</li>
    <li><I>Multi-User</I>. Corrected potential <span class="gcode">NullPointerException</span> in Ghidra Server command proceesor. (GP-4056, Issue #5974)</li>
@@ -148,14 +155,19 @@
    <li><I>Processors</I>. Fixed missing ARM <span class="gcode">cbz</span> instruction in the manual index file. (GP-3724)</li>
    <li><I>Processors</I>. Added test-register support back into the x86 processor module. (GP-3784, Issue #5662)</li>
    <li><I>Processors</I>. Fixed issue with 6x09 processor module <span class="gcode">STU</span> instruction storing the <span class="gcode">X</span> register instead of the <span class="gcode">U</span> register. (GP-3786, Issue #5671)</li>
+    <li><I>Processors</I>. Added ELF relocation support to Loongarch processor module (GP-3804)</li>
    <li><I>Processors</I>. Replaced or implemented count-leading-zeroes and count-leading-ones instructions with proper pcode operator in several languages. (GP-3879, Issue #5790)</li>
    <li><I>Processors</I>. Changed MIPS <span class="gcode">TEQ zero, zero</span> into a trap, always-goto flow. (GP-3948)</li>
+    <li><I>Processors</I>. Several fixes for some PowerPC VLE instructions (GP-3999, Issue #2843)</li>
    <li><I>Processors</I>. Added the x86 MMX register <span class="gcode">MXCSR</span> to the compiler global list so that manipulations persist in the decompiled output. (GP-4018)</li>
    <li><I>Processors</I>. Fixed RISC-V custom-0 instruction patterns. (GP-4047, Issue #5932)</li>
+    <li><I>Processors</I>. Fixed PIC24 <span class="gcode">DOEND</span> register offset (GP-4054, Issue #5213)</li>
+    <li><I>Processors</I>. Minor fix for the AVR8 <span class="gcode">DES</span> instruction semantics. (GP-4055, Issue #5235)</li>
    <li><I>Project</I>. Corrected issue with <span class="gcode">ProjectLocator</span> when using projects located in root directory. (GP-3914, Issue #5802)</li>
    <li><I>Scripting</I>. <span class="gcode">FixOldSTVariableStorageScript.java</span> Ghidra script has been made available for users to run against x86 Programs created prior to Ghidra 10.0.3.  This script will fixup <span class="gcode">ST0... ST7</span> variable storage addresses which were not properly migrated during an x86 language revision. (GP-3949, Issue #5640)</li>
    <li><I>Search</I>. Fixed incorrect template implementation of <span class="gcode">GenericByteSequencePattern<span class="gcode">. (GP-4024)</li>
    <li><I>Sleigh</I>. Fixed a bug in the Sleigh compiler preventing the declaration of bit-range symbols when their size was not a multiple of 8 bits. (GP-8, Issue #1144, #660)</li>
+    <li><I>Sleigh</I>. Added pure 32-bit PowerPC e500mc processor variant (GP-3068)</li>
    <li><I>Sleigh</I>. Fixed stacktrace when a pcode pseudoOp has more than eight parameters. (GP-3986)</li>
    <li><I>Version Tracking</I>. Fixed Version Tracking <span class="gtitle">Undo</span> issue where running a correlator and accepting matches then undoing the results and then rerunning the correlator resulted in incorrectly blocked matches. (GP-3827)</li>
    <li><I>Version Tracking</I>. Fixed bug in Version Tracking matches table that prevented saved filters from being applied. (GP-3901)</li>
@@ -23,7 +23,7 @@
  <BODY>

 <H1>Ghidra: NSA Reverse Engineering Software</H2>
-    
+
    <P>
    Ghidra is a software reverse engineering (SRE) framework developed by NSA's Research Directorate.
    This framework includes a suite of full-featured, high-end software analysis tools that enable
@@ -52,35 +52,148 @@
 	<P>Ghidra 11.0 is fully backward compatible with project data from previous releases.
 	However, programs and data type archives which are created or modified in 11.0 will not be useable by an earlier Ghidra version. </P>

-	<P>This release includes new features and capabilities, performance improvements, quite a few bug fixes, and many pull-request
+	<P>This release includes new features, enhancements, performance improvements, quite a few bug fixes, and many pull-request
 	contributions. Thanks to all those who have contributed their time, thoughts, and code. The Ghidra user community thanks you too!</P>
 	
 	<P>IMPORTANT: Ghidra requires Java 17 JDK to run.  A newer version of Java may be acceptable but has not been fully tested.  Please see the
 	<a href="InstallationGuide.html">Ghidra Installation Guide</a> for additional information.</P>
 	
-	<P>NOTE: Please note that any programs imported with a Ghidra beta version or code built directly from source outside of a release tag may not be compatible
+	<P>NOTE: Please note that any programs imported with a Ghidra beta version or code built directly from source code outside of a release tag may not be compatible,
 	and may have flaws that won't be corrected by using this new release.  Any programs analyzed from a beta or other local master source build should be considered
-	experimental and re-imported and analyzed with a release version.  As an example, Ghidra 10.1 beta had an import flaw affecting symbol demangling that was not
-	correctable. Programs imported with previous release versions should upgrade correctly through various automatic upgrade mechanisms.  Any program
-	you will continue to reverse engineer should be imported fresh with a release version or a build you trust with the latest code fixes.</P>
+	experimental and re-imported and analyzed with a release version. Programs imported with previous release versions should upgrade correctly through various
+	automatic upgrade mechanisms.  Any program you will continue to reverse engineer should be imported fresh with a release version or a build you trust with the
+	latest code fixes.</P>

-	<P>NOTE: Ghidra Server: The Ghidra 11.x server is compatible with Ghidra 9.2 and later Ghidra clients.  Ghidra 11.x
+	<P>NOTE: Ghidra Server: The Ghidra 11.0 server is compatible with Ghidra 9.2 and later Ghidra clients.  Ghidra 11.0
 	clients are compatible with all 10.x and 9.x servers.  Although, due to potential Java version differences, it is recommended
 	that Ghidra Server installations older than 10.2 be upgraded.  Those using 10.2 and newer should not need a server upgrade.</P>
 	
 	<P>NOTE: Platform-specific native components can be built directly from a release distribution.
 	The distribution currently provides Linux x86-64, Windows x86-64, and macOS x86-64 native components.  If you have another platform,
-	for example a macOS M1 based system or a Linux ARM variant, the <span class="gcode">support/buildNatives</span> script can build the Decompiler,
-	demangler, and legacy PDB executables for your plaform.  Please see the "Building Ghidra Native Components" section in the
+	for example a macOS aarch64 based system or a Linux ARM variant, the <span class="gcode">support/buildNatives</span> script can build the decompiler,
+	demangler, and legacy PDB executables for your platform.  Please see the "Building Ghidra Native Components" section in the
 	<a href="InstallationGuide.html#Build">Ghidra Installation Guide</a> for additional information.</P>
+
+
+
+	<H2>BSim </H2>
 	
+	<P>A major new feature called BSim has been added.  BSim can find structurally similar functions in (potentially large) collections of binaries or object files.
+    BSim is based on Ghidra's decompiler and can find matches across compilers used, architectures, and/or small changes to source code.</P>
+    <P>As you've reverse engineered software, you've likely asked the following questions:</P>
+
+    <UL style="padding-left:100px">
+    <LI>Which libraries were statically linked into this executable, and possibly what version of the library?</LI>
+    <LI>Does this executable share some code with another executable that I've analyzed?</LI>
+    <LI>What are the differences between version 1 and version 2 of a given executable?</LI>
+    <LI>Does this executable share code with another executable in a large collection of binaries?</LI>
+    <LI>Was this function pulled from an open-source library?</LI>
+    </UL>
+
+    <P>BSim is intended to help with these questions (and others) by providing a way to search collections of binaries for similar, but not necessarily identical, functions.</P>
+    
+    <P>BSim can compare functions within a binary, within a collection of binaries or object files in a project on a local system, or within a large collection of binaries
+    utilizing a PostgreSQL or an Elasticsearch server.  Using BSim locally does not require setting up a PostgreSQL or Elastic server or having administrator access.</P>
+    
+    <P>There is a BSim tutorial that walks through use of BSim locally.  Using BSim locally and the tutorial is the best way to try out BSim before deciding if you need to set up a server.</P>
 	
-	<h2>--- TBD ---</h2>
+	<H2>GhidraGo </H2>
 	
+	<P>GhidraGo is an experimental feature that adds integration support for Ghidra URL's and Ghidra Tools. The main use of GhidraGo is embedding hyperlinks within web pages
+	to pre-ingested programs within a Ghidra multi-user repository.  Clicking on the hyperlink causes Ghidra to display the previously ingested program.
+	No data other than the Ghidra URL is transferred to Ghidra, and no socket is open within Ghidra listening for commands.  GhidraGo must be enabled by
+	installing a plugin in the Ghidra project manager, and must also be configured as a protocol handler in your web browser.  GhidraGo is not setup or enabled by default.
+	Please see the included <span class="gtitle">GhidraGoREADME.html</span>, or search for GhidraGo within help.
+	</P>
+
+	<H2>Version Tracking </H2>
+	
+	<P>Auto Version Tracking has been sped up, made customizable, and improved to find more matches. The mechanism to identify good  matches from duplicate match
+	sets has been improved and sped up. Implied matches are now created and will be applied if the vote minimum and conflict maximum limits are met. In addition,
+	the ability to choose which correlators are run as well as setting the options of most correlators has been added. The Auto Version Tracking script has been
+	updated to prompt for all options in a single dialog. The script now works in headless mode and an example prescript to allow
+	setting of options in headless mode is included.</P>
+	
+	<P>Version Tracking can also use the new BSim function matching capability in a new correlator called the BSim Correlator.  Auto Version Tracking does not use the new BSim Correlator yet.</P>
+
+    <H2>Function Comparison Window</H2>
+     <P>The function comparison window, used by Version Tracking and BSim, has been overhauled a bit:
+     
+     <UL style="padding-left:100px">
+     
+     <LI>A help topic for Function Comparison has been added.</LI>
+     <LI>Token matching, scrolling to matches, and difference highlighting is much improved using
+     an algorithm based on BSim function matching.  The colors used for the token matching highlights are configurable.</LI>
+     
+     <LI>From the comparison window, users can click on called functions that have corresponding matches to bring up a new function comparison window showing those functions.
+     The action is currently not available within version tracking.</LI>
+          
+     <LI>The functions can be displayed side by side vertically or horizontally.</LI>
+     
+     <LI>The function signature from a function in the function comparison window can be applied to include name only, a skeleton signature, or the entire signature
+     including all referenced data types.  Applying only the skeleton function signature can be useful if there is any question of differences in the
+     data structure composition used by the function signature between the two programs.</LI>
+     </UL>
+
+    <H2>Scripting</H2>
+    
+    <P>A new multi-option script dialog has been added to the scripting API that can present and get all user inputs a script needs in one dialog.
+    The <span class="gcode">askValues()</span> scripting method replaces the cumbersome process of prompting the user for each input separately.</P>
+   
+	<H2>Rust</H2>
+	
+	<P>Initial support for Rust compiled binaries, mainly demangling of Rust method names and Rust in DWARF information, has been added.  In addition, Rust strings are marked up so that the
+	decompiler will display Rust strings correctly.  There is more work to do, especially with mapping Rust parameter passing.  Custom storage may be required in some instances.</P>
+    
+    <H2>Golang</H2>
+    <P>Golang reverse engineering within Ghidra is much improved by:
+        <UL style="padding-left:100px">
+    <LI>A new <span class="gtitle">Golang String Analyzer</span> which finds and marks up Golang strings so they display correctly in the decompiler</LI>
+    <LI>Type and interface method markup improvements</LI>
+    <LI>Better function parameter recovery</LI>
+    <LI>Using package information to organize type and symbol elements into namespaces</LI>
+    <LI>Using run time type information to override the types of objects that are created by calls to malloc-like built-in functions</LI>
+    </UL>
+    </P>
+    
+ 	<H2>Search for Encoded Strings</H2>
+ 	
+    <P>A new action in the Search menu, <span class="gtitle">Search -> For Encoded Strings...</span>, can help find and create strings encoded in alternate character sets and alphabets.
+    Valid strings are based on runs of bytes that would be valid in a particular character set and alphabet.  There are currently no additional models for defining valid words within other languages.</P>
+
+    <H2>Import / Export</H2>
+    <P>The <span class="gtitle">CaRT</span> file format is now supported.  The <span class="gtitle">CaRT</span> format is used to store and transfer malware along with metadata about
+    the malware in a neutered form such that it cannot be executed.  It is encrypted so anti-virus software will not flag the file under analysis.</P>
+    
+    <P>Headless importing of binaries from container files, such as .zip files, with multiple embedded files is now possible.  This includes loading referenced .dll and .so files also
+    found within the container file.</P>
+    
+    <P>The Headless Analyzer can now recurse into supported GFileSystem container files when a recursion depth of one or more is specified on the command line.</P>
+    
+    <H2>Mach-O Improvements</H2>
+    
+    <P>Support for the Mach-O binary file format has continued to receive updates.  Improvements have been made to library linking and loading, as well as thunk creation.  Additionally, dyld_shared_cache
+    components extracted from Ghidra's DyldCacheFileSystem can now be added together on-demand with the Add To Program feature.  Broken references can be automatically resolved by right-clicking on them
+    and clicking <span class="gtitle">References -> Add To Program</span>.</P>
+
+	<H2>PDB</H2>
+	
+     <P>The PDB data types processing has been changed to use a resolve-as-you-go model.  The change eliminates the dependency graph and reduces the memory footprint required to load all
+     PDB types.  The change allows larger PDB's to load successfully and improves the accuracy of some data types.</P>
+     
+    <H2>Overlays with Multiple Memory Blocks</H2>
+    
+    <P> Overlay spaces now support multiple memory blocks in the same overlay.  After creating the initial memory
+    block as an overlay, the new overlay memory space will become available when adding new memory blocks. All overlay memory blocks can
+    be manipulated in the same way as normal memory blocks.  The new feature is useful when analyzing binaries
+    meant to run on multiple processors with tasks running on each processor in their own overlapped virtual memory space such as an RTOS.</P>
+
+    <H2>Processors</H2>
+    <P>Support for the Loongson processor architecture has been added.  All known instructions should disassemble. However semantics for a large number of instructions use pseudoOp calls currently.</P>

 	
    <H2>Additional Bug Fixes and Enhancements</H2>
-    <P> Numerous other bug fixes and improvements are fully listed in the <a href="ChangeHistory.html">ChangeHistory</a> file.</P>
+    <P> Numerous other new features, improvements, and bug fixes are fully listed in the <a href="ChangeHistory.html">ChangeHistory</a> file.</P>
    		   
    <BR>
    <P align="center">
@@ -17,6 +17,7 @@ package ghidra.app.plugin.core.analysis;

 import java.io.IOException;

+import ghidra.app.plugin.core.analysis.rust.RustUtilities;
 import ghidra.app.services.*;
 import ghidra.app.util.bin.format.dwarf4.DWARFException;
 import ghidra.app.util.bin.format.dwarf4.DWARFPreconditionException;
@@ -99,6 +100,11 @@ public class DWARFAnalyzer extends AbstractAnalyzer {
 			importOptions.setPreloadAllDIEs(true);
 		}

+		if (RustUtilities.isRustProgram(program)) {
+			Msg.info(this, "DWARF: Enabling DIE preload for Rust binary");
+			importOptions.setPreloadAllDIEs(true);
+		}
+
 		try {
 			try (DWARFProgram prog = new DWARFProgram(program, importOptions, monitor, dsp)) {
 				if (prog.getRegisterMappings() == null && importOptions.isImportFuncs()) {
@@ -58,6 +58,18 @@ public class RustUtilities {
 		return false;
 	}

+	/**
+	 * Returns true if the given program has earlier been tagged as having a Rust compiler by
+	 * the loader.
+	 *  
+	 * @param program {@link Program}
+	 * @return boolean true if program's compiler property includes rust
+	 */
+	public static boolean isRustProgram(Program program) {
+		String name = program.getCompiler();
+		return name != null && name.contains(RustConstants.RUST_COMPILER);
+	}
+
 	public static int addExtensions(Program program, TaskMonitor monitor, String subPath)
 			throws IOException {
 		Processor processor = program.getLanguageCompilerSpecPair().getLanguage().getProcessor();
@@ -15,7 +15,7 @@
 */
 package ghidra.app.plugin.core.analysis.rust.demangler;

-import ghidra.app.plugin.core.analysis.rust.RustConstants;
+import ghidra.app.plugin.core.analysis.rust.RustUtilities;
 import ghidra.app.util.demangler.*;
 import ghidra.program.model.lang.CompilerSpec;
 import ghidra.program.model.listing.Program;
@@ -36,8 +36,7 @@ public class RustDemangler implements Demangler {

 	@Override
 	public boolean canDemangle(Program program) {
-		String name = program.getCompiler();
-		return name != null && name.contains(RustConstants.RUST_COMPILER);
+		return RustUtilities.isRustProgram(program);
 	}

 	@Override
@@ -374,9 +374,11 @@ public class ProgramManagerPlugin extends Plugin implements ProgramManager, Opti
 		for (Program p : openPrograms) {
 			if (ignoreChanges) {
 				toRemove.add(p);
+				continue;
 			}
 			else if (p.isClosed()) {
 				toRemove.add(p);
+				continue;
 			}

 			if (!tool.canCloseDomainObject(p)) {
@@ -15,28 +15,51 @@
 */
 package ghidra.app.util.bin.format.dwarf4.funcfixup;

+import java.io.IOException;
+
 import ghidra.app.util.bin.format.dwarf4.DIEAggregate;
 import ghidra.app.util.bin.format.dwarf4.DWARFException;
 import ghidra.app.util.bin.format.dwarf4.encoding.DWARFSourceLanguage;
 import ghidra.app.util.bin.format.dwarf4.next.DWARFFunction;
+import ghidra.app.util.bin.format.dwarf4.next.DWARFFunction.CommitMode;
+import ghidra.program.database.data.ProgramBasedDataTypeManagerDB;
+import ghidra.program.model.lang.CompilerSpec;
+import ghidra.program.model.listing.Program;
 import ghidra.util.classfinder.ExtensionPointProperties;
+import ghidra.util.exception.InvalidInputException;

 /**
- * Prevent functions in a Rust compile unit from incorrectly being locked down to an empty signature. 
+ * Adjust functions in a Rust compile unit to use Rust calling convention, ignore any information
+ * about parameter storage locations.
 */
@ExtensionPointProperties(priority = DWARFFunctionFixup.PRIORITY_NORMAL_EARLY)
 public class RustDWARFFunctionFixup implements DWARFFunctionFixup {
+	private String rustCC;

 	@Override
 	public void fixupDWARFFunction(DWARFFunction dfunc) throws DWARFException {
 		DIEAggregate diea = dfunc.diea;
 		int cuLang = diea.getCompilationUnit().getCompileUnit().getLanguage();
-		if (cuLang == DWARFSourceLanguage.DW_LANG_Rust && dfunc.params.isEmpty()) {
-			// if there were no defined parameters and the language is Rust, don't force an
-			// empty param signature. Rust language emit dwarf info without types (signatures)
-			// when used without -g.
-			throw new DWARFException("Rust empty param list" /* string doesnt matter */);
+		if (cuLang == DWARFSourceLanguage.DW_LANG_Rust) {
+			dfunc.callingConventionName = getRustCC(dfunc.getProgram().getGhidraProgram());
+			dfunc.signatureCommitMode = CommitMode.FORMAL;
 		}
+
 	}

+	private String getRustCC(Program program) throws DWARFException {
+		if (rustCC == null) {
+			rustCC = CompilerSpec.CALLING_CONVENTION_rustcall;
+			try {
+				// NOTE: this has a side effect of ensuring the rust cc is present in the program
+				ProgramBasedDataTypeManagerDB dtm =
+					(ProgramBasedDataTypeManagerDB) program.getDataTypeManager();
+				dtm.getCallingConventionID(CompilerSpec.CALLING_CONVENTION_rustcall, false);
+			}
+			catch (InvalidInputException | IOException e) {
+				throw new DWARFException("Unable to get Rust calling convention");
+			}
+		}
+		return rustCC;
+	}
 }
@@ -479,6 +479,14 @@ public class DWARFProgram implements Closeable {
 		String workingName = ensureSafeNameLength(name);
 		workingName = GoSymbolName.fixGolangSpecialSymbolnameChars(workingName);

+		if (diea.getCompilationUnit()
+				.getCompileUnit()
+				.getLanguage() == DWARFSourceLanguage.DW_LANG_Rust &&
+			workingName.startsWith("{impl#") && parentDNI != null) {
+			// if matches a Rust {impl#NN} name, skip it and re-use the parent name
+			return parentDNI;
+		}
+
 		DWARFNameInfo result =
 			parentDNI.createChild(origName, workingName, DWARFUtil.getSymbolTypeFromDIE(diea));
 		return result;
@@ -34,6 +34,7 @@ import docking.widgets.fieldpanel.support.FieldLocation;
 import docking.widgets.fieldpanel.support.FieldSelection;
 import ghidra.app.cmd.data.CreateDataCmd;
 import ghidra.app.cmd.data.CreateStructureCmd;
+import ghidra.app.events.OpenProgramPluginEvent;
 import ghidra.app.events.ProgramSelectionPluginEvent;
 import ghidra.app.services.ProgramManager;
 import ghidra.app.util.viewer.field.*;
@@ -382,6 +383,9 @@ public class CodeBrowserScreenMovementTest extends AbstractProgramBasedTest {

 		env.connectTools(tool, tool2);

+		// open same program in second tool - cannot rely on tool connection for this
+		tool2.firePluginEvent(new OpenProgramPluginEvent("Test", program));
+
 		codeBrowser.goToField(addr("0x1006420"), "Address", 0, 0);
 		assertEquals("01006420", cb2.getCurrentFieldText());

@@ -795,8 +799,7 @@ public class CodeBrowserScreenMovementTest extends AbstractProgramBasedTest {
 	private void resetFormatOptions(CodeBrowserPlugin plugin) {
 		Options fieldOptions = plugin.getFormatManager().getFieldOptions();
 		List<String> names = fieldOptions.getOptionNames();
-		for (int i = 0; i < names.size(); i++) {
-			String name = names.get(i);
+		for (String name : names) {
 			if (!name.startsWith("Format Code")) {
 				continue;
 			}
@@ -33,6 +33,7 @@ import docking.widgets.fieldpanel.field.Field;
 import docking.widgets.fieldpanel.support.*;
 import docking.widgets.table.GTable;
 import ghidra.app.cmd.data.CreateDataCmd;
+import ghidra.app.events.OpenProgramPluginEvent;
 import ghidra.app.events.ProgramSelectionPluginEvent;
 import ghidra.app.plugin.core.codebrowser.SelectEndpointsAction.RangeEndpoint;
 import ghidra.app.plugin.core.navigation.NextPrevAddressPlugin;
@@ -382,6 +383,9 @@ public class CodeBrowserTest extends AbstractGhidraHeadedIntegrationTest {

 		env.connectTools(tool, tool2);

+		// open same program in second tool - cannot rely on tool connection for this
+		tool2.firePluginEvent(new OpenProgramPluginEvent("Test", program));
+
 		cb.goToField(addr("0x1003a50"), "Bytes", 0, 4);
 		Point p1 = getCursorPoint();
 		cb.goToField(addr("0x1003a5e"), "Mnemonic", 0, 0, 2, false);
@@ -31,6 +31,7 @@ import docking.widgets.table.threaded.GThreadedTablePanel;
 import generic.test.TestUtils;
 import ghidra.GhidraOptions;
 import ghidra.app.cmd.data.CreateDataCmd;
+import ghidra.app.events.OpenProgramPluginEvent;
 import ghidra.app.events.ProgramLocationPluginEvent;
 import ghidra.app.plugin.core.codebrowser.CodeBrowserPlugin;
 import ghidra.app.plugin.core.navigation.GoToAddressLabelPlugin;
@@ -231,7 +232,10 @@ public class CommentsPluginTest extends AbstractGhidraHeadedIntegrationTest {

 		env.connectTools(tool, tool2);
 		env.connectTools(tool2, tool);
-		env.open(program); // do this again now that the tools are in-sync
+		env.open(program);
+
+		// open same program in second tool - cannot rely on tool connection for this
+		tool2.firePluginEvent(new OpenProgramPluginEvent("Test", program));

 		Address addr = addr(0x01006420);
 		sendProgramLocation(addr, CodeUnit.EOL_COMMENT);
@@ -136,6 +136,13 @@ public class MultiTabPluginTest extends AbstractGhidraHeadedIntegrationTest {
 		assertNotNull(iconLabel);
 		Point p = iconLabel.getLocationOnScreen();
 		clickMouse(iconLabel, MouseEvent.BUTTON1, p.x + 1, p.y + 1, 1, 0);
+
+		JDialog dlg = waitForJDialog("Program Changed");
+		JButton button = findButtonByText(dlg, "Continue");
+		pressButton(button);
+
+		waitForSwing();
+
 		assertEquals(2, panel.getTabCount());
 	}

@@ -160,9 +167,23 @@ public class MultiTabPluginTest extends AbstractGhidraHeadedIntegrationTest {
 			JLabel iconLabel = (JLabel) findComponentByName(tab, "Close");
 			Point p = iconLabel.getLocationOnScreen();
 			clickMouse(iconLabel, MouseEvent.BUTTON1, p.x + 1, p.y + 1, 1, 0);
+
+			JDialog dlg = waitForJDialog("Program Changed");
+			JButton button = findButtonByText(dlg, "Continue");
+			pressButton(button);
 		}

-		runSwing(() -> panel.removeProgram(programs[programs.length - 1]));
+		// Last program does not have a tab
+		ProgramManagerPlugin programMgr = env.getPlugin(ProgramManagerPlugin.class);
+		runSwingLater(() -> programMgr.closeProgram());
+
+		waitForSwing();
+
+		JDialog dlg = waitForJDialog("Program Changed");
+		JButton button = findButtonByText(dlg, "Continue");
+		pressButton(button);
+
+		waitForSwing();

 		assertEquals(0, panel.getTabCount());
 	}
@@ -17,9 +17,8 @@ package ghidra.app.util.bin.format.dwarf4.next;

 import static org.junit.Assert.*;

-import java.util.List;
-
 import java.io.IOException;
+import java.util.List;

 import org.junit.Test;

@@ -31,6 +30,7 @@ import ghidra.app.util.bin.format.dwarf4.expression.DWARFExpressionOpCodes;
 import ghidra.program.database.function.OverlappingFunctionException;
 import ghidra.program.model.address.AddressSet;
 import ghidra.program.model.data.*;
+import ghidra.program.model.lang.CompilerSpec;
 import ghidra.program.model.listing.*;
 import ghidra.program.model.symbol.Namespace;
 import ghidra.program.model.symbol.SourceType;
@@ -72,10 +72,8 @@ public class DWARFFunctionImporterTest extends DWARFTestBase {
 	}

 	@Test
-	public void testRustMethod_NoParamDefs()
+	public void testRustMethod_SetsRustCC()
 			throws CancelledException, IOException, DWARFException {
-		// test that Ghidra functions in a Rust compilation unit don't have their info set
-		// if they look like they are one of the stub DIE entries that Rust creates
 		cu = new MockDWARFCompilationUnit(dwarfProg, 0x1000, 0x2000, 0,
 			DWARFCompilationUnit.DWARF_32, (short) 4, 0, (byte) 8, 0,
 			DWARFSourceLanguage.DW_LANG_Rust);
@@ -91,34 +89,7 @@ public class DWARFFunctionImporterTest extends DWARFTestBase {
 		assertNotNull(fooFunc);

 		assertEquals("foo", fooFunc.getName());
-		DataType returnType = fooFunc.getReturnType();
-		assertNotNull(returnType);
-		assertEquals("undefined", returnType.getName());
-	}
-
-	@Test
-	public void testNotRustMethod_NoParamDefs()
-			throws CancelledException, IOException, DWARFException {
-		// test that Ghidra functions in a non-Rust compilation unit do have their info set
-		// even if their param info is empty.
-		cu = new MockDWARFCompilationUnit(dwarfProg, 0x1000, 0x2000, 0,
-			DWARFCompilationUnit.DWARF_32, (short) 4, 0, (byte) 8, 0,
-			DWARFSourceLanguage.DW_LANG_C);
-		cu2 = null;
-		setMockCompilationUnits(cu);
-
-		DebugInfoEntry intDIE = addInt(cu);
-		newSubprogram("foo", intDIE, 0x410, 10).create(cu);
-
-		importFunctions();
-
-		Function fooFunc = program.getListing().getFunctionAt(addr(0x410));
-		assertNotNull(fooFunc);
-
-		assertEquals("foo", fooFunc.getName());
-		DataType returnType = fooFunc.getReturnType();
-		assertNotNull(returnType);
-		assertEquals("int", returnType.getName());
+		assertEquals(CompilerSpec.CALLING_CONVENTION_rustcall, fooFunc.getCallingConventionName());
 	}

 	@Test
@@ -27,6 +27,7 @@ import org.junit.*;
 import docking.DefaultActionContext;
 import docking.action.ToggleDockingAction;
 import docking.widgets.fieldpanel.support.FieldLocation;
+import ghidra.app.events.OpenProgramPluginEvent;
 import ghidra.app.plugin.core.format.*;
 import ghidra.app.plugin.core.navigation.NavigationHistoryPlugin;
 import ghidra.app.plugin.core.navigation.NextPrevAddressPlugin;
@@ -70,6 +71,13 @@ public class ByteViewerConnectedToolBehaviorTest extends AbstractGhidraHeadedInt
 		env.connectTools(toolOne, tool2);

 		program = buildNotepad();
+
+		// open program in toolOne
+		env.open(program);
+
+		// open same program in second tool - cannot rely on tool connection for this
+		tool2.firePluginEvent(new OpenProgramPluginEvent("Test", program));
+
 		final ProgramManager pm = toolOne.getService(ProgramManager.class);
 		runSwing(() -> pm.openProgram(program.getDomainFile()));
 	}
@@ -223,8 +231,8 @@ public class ByteViewerConnectedToolBehaviorTest extends AbstractGhidraHeadedInt
 	}

 	private Address convertToAddr(ByteViewerPlugin plugin, ByteBlockInfo info) {
-		return ((ProgramByteBlockSet) plugin.getProvider().getByteBlockSet()).getAddress(
-			info.getBlock(), info.getOffset());
+		return ((ProgramByteBlockSet) plugin.getProvider().getByteBlockSet())
+				.getAddress(info.getBlock(), info.getOffset());
 	}

 	private boolean byteBlockSelectionEquals(ByteBlockSelection b1, ByteBlockSelection b2) {