congrats! #1
Comments
|
Thank you! |
|
I would also like to say thank you for this project. I've used it via your website and the output is quite nice. |
|
Any plans to add raw binary decompilation ? I have a simple home-made dissembler with file format parsing and procedure search I'd love to add decompilation just like in IDA. Some standalone retdec tool would be great where user specifies input file and architecture and gets in return "C" code with corresponding asm addresses in the comments. |
|
@don1001 RetDec supports raw binary decompilation. For example, to decompile raw machine code (x86, little endian) into C source code, run e.g. For more details, run |
MatejKastak
added a commit
to MatejKastak/retdec
that referenced
this issue
Sep 22, 2018
- taken from uname -a in qemu arm64 machine Linux debian-aarch64 4.9.0-4-arm64 avast#1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) aarch64 GNU/Linux
PeterMatula
pushed a commit
that referenced
this issue
Mar 28, 2019
* Capstone2llvmirtool default basic modes for architectures Run tool with reasonable Capstone basic modes for specified architecture. Default values are as follows: -a arm : CS_MODE_ARM -a arm64 : CS_MODE_ARM [looks like keystone doesn't like this] -a mips : CS_MODE_MIPS32 -a x86 : CS_MODE_32 -a ppc : CS_MODE_32 -a <rest>: CS_MODE_LITTLE_ENDIAN * Base for the ARM64 translator - register maps(_reg2type) - instructions map(_i2fm) Modified ARM Translator unit, Work in progress. * Fix the cs_reg_name - register name could not be found because of the wrong cs_arch in constructor * Add ARM64 support for capstone dependency - capstone was configured without the ARM64 support, this caused cs_open to fail * Temporary solution to call translate function * Status register and program counter added to environment - flags from status register added to arm64 env - program counter added to arm64 env * Methods store/load registers/operands skeletons + add instruction - basic implementation of functions needed for loading and storing operands - translateAdd is for testing purposes * Store instruction base - started implementation of MEM operand type - Store register instruction translation method e.g. retdec-capstone2llvmir -a arm64 -t 'str x0, [x1]' * Operand shifts ported from ARM and MOV instruction tranlation - MOV, MVN and MOVZ instructions - operand shift functions moved and changed for ARM64 - instructions like 'movz x0, #3 LSL 16' work now * Arm64 - tests ported from Arm - test framework capstone2llvmirtranslator - first INS_ADD test - cmake compilation * Basic MOV tests - MOV, MOVZ * Test for STR instruction and test header comments * STP instruction + tests, pc in new enum, get op addr function - Store pair instruction{pre-index, post-index, signed-offset} - test for all cases except 32bit operands - pc moved to its own enum - generateGetOperandAddr to generate address from instruction operand * LDR + STR, LDR tests from ARM, LDP stub - LDR{pre-index, post-index, signed-offset} instruction implemented - STR{pre-index, post-index, signed-offset} instruction implemented - LDR tests ported from ARM - LDP todo * Implemented parent register handling - Register parent map - Storing registers - Loading registers - Headers - Need more changes to conversions, I think 'mov w0, #3' zeroes out the upper 32bits of x0 register. But need to investigate further. * LLVM data layout modified for ARM64 - taken from uname -a in qemu arm64 machine Linux debian-aarch64 4.9.0-4-arm64 #1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) aarch64 GNU/Linux * Removed useless debug output * getCarryRegister for ARM64 fixed * Store register ZEXT_TRUNC, 32bit tests baseline + tests - when writing value to 32bit reg the 64bit, the value is zero extended to the vhole register - parent register mapping enabled in tests - 32bit version of tests * Zero extension tests for ADD and MOV 32bit variants * Implemented BL instruction - added tests for label and imm branch * Implemented RET instruction - added tests * Implemented LDP instruction - added tests for instruction * Implemeneted ADRP instruction - real binary testing is needed - without tests * enable arm64 in decompiler.py and add arm64 architecture in Architecture::setArch() ARM64 needs to be set before ARM because "arm" from ARM matches the "arm aarch64" from ARM64 * Arm64 ABI implementation * Arm64 decoder ported from Arm * Arm64 imm operand shifts should not update flags by default. - Added the option to switch this behaviour - add one ADD test with shift * Operand register extension generator + 64bit variant extension tests - Arm supports the extension of operand e.g. 'add x0, x1, w2, SXTW' will sign-extend the w2 register to 64 bit and after that add the values - test for 64bit variant implemented - need to check the optional imm(shift VM outputs weird values) * Arm64 Zero/Sign extension 32bit variant tests * Implemented SUB instruction - added tests for instruction * Implemented BR instruction - added tests for instruction * Arm64 syscall id register is X8 * Specified call and return instruction ID for implemented instruction - BL Branch link is hinting the function call - RET is hinting the function return * Fixed compilation after merge - new methods added isOperandRegister, getOperandAccess - loadOpTernaryop1op2 probably changed to loadOpBinaryOrTernaryOp1Op2 - made sure all unit tests passed - TODO: implement new conventions from master * Generate pseudoasm instruction when translation routine is not found - Function to generate condition code * Check preconditions in implemented arm64 instructions * Changed register generation to match other modules. * LDR instruction all 3 formats + tests - register - imm - literal (label) * Binaries can now be decompiled - jumpTargetDryRun updated * Generate condition codes for conditional instructions. * ARM64: strb, strh instructions + tests * Arm64: conditional and unconditional branch instruction + tests - removed the generation of conditional code in translate instruction function, this is not necessary because condition is generated in body of given instruction and arm64 support only specific instruction to be conditional. * Arm64: Instruction ret can have optional register operand + test * Arm64: BLR instruction + test * Arm64: CBNZ, CBZ instruction + test * Arm64: TBNZ, TBZ implementation + tests * Arm64: LDR different size variants, sign/zero extend + tests * Arm64: LDPSW instruction + tests - minor warning fix in STR instruction * Arm64: ADC instruction + tests - including flag setting for ADC and ADD instructions - ADDS tests * Arm64: ADCS 32bit tests for flags * Arm64: ADR, ADRP instruction + tests * Arm64: AND, ANDS instruction + tests * Arm64: ASR instruction + tests - ASRV variant * Arm64: LSL, LSR, ROR instructions + tests - all major shifts implemented * Arm64: SUB, SBC flags + tests - changed asserts to exceptions * Arm64: CMP, CMN instructions + tests * Arm64: CSEL instruction + tests * Arm64: CSET, CSETM instruction + tests * Arm64: MUL instruction + tests * Arm64: MADD instruction + tests - 32bit tests for MUL * Arm64: MSUB instruction + tests * Arm64: MNEG instruction + tests * Arm64: NEG, NEGS instruction + tests * Arm64: NGC, NGCS initial implementation + tests - Check the carry flags + add tests * Arm64: SDIV, UDIV instruction + tests * Arm64: Fix correct semantics for SBC and NEG instructions * Arm64: SMADDL, UMADDL instruction + tests * Arm64: UMSUBL, SMSUBL instruction + tests * Arm64: SMNEG, UMNEG instruction + tests * Arm64: UMULL, SMULL, UMULH, SMULH instruction + tests * Arm64: Conditional select operation instruction + tests * Arm64: CINC, CINV, CNEG tests * Arm64: EON, EOR instruction + tests * Arm64: ORN, ORR instruction + tests * Arm64: TST instruction + tests - fixed the AND instruction to set carry and overflow flags to zero * Arm64: EXTR instruction + tests * Arm64: Extend instructions + tests * Arm64: CCMN, CCMP instruction + tests * Arm64: NOP instruction + tests * Arm64: REV, RBIT, CLZ instructions + tests * Arm64: BIC instruction + tests * Arm64: Unpriviledged loads/stores instructions + tests * Arm64: Load/Store exclusive instructions + tests * ARM64: LDAXR instruction variants + tests * Arm64: LDAR instruction variants + tests * Arm64, llvmir-emul: don't lower bitreverse intrinsic - updated tests to check if the correct intrinsic functions was called * Arm64: FP environment + basic unary and binary operations + tests * Arm64: FMIN, FMINNM, FMAX, FMAXNM instruction + tests * Arm64: FCMP, FCCMP, FCVT, {U, S}CVTF instructions + tests * Arm64: FCVTZS, FCVTZU instructions + tests - let's start testing * Arm64, bin2llvmir: Decoder should not analyse stack. * Arm64: MOVK instruction + tests * Arm64: MOVN instructions + tests * Merge master with arm-prep * Architecture: Change arm architectures to account for arm64 -> isArmOrThumb renamed to isArm32OrThumb -> added isArm32 method -> thumb is now set with a flag _thumbFlag * Architecture: Removed the wrong architecture types Now the enum eArch represents only general architecture and all subtypes of architecture are checked to getBitSize() or _thumbFlag. The function isArm() return true for every type of subarchitecture e.g. {arm32, arm64 or thumb} * Arm64: XZR loads zero and discards result when written - Added some instruction IDs to branch types * Arm64: STR and LDR instructions now determine correct register size - For example 'str w0, [sp]' should store only 4bytes to stack pointer * Arm64: Syscall optimalization and detection Replace svc #0 with corresponding syscall decoded from previous assignments. * Arm64: MOVI instructions + tests, Vector and half register Generate Vector registers so in case the pseudo instructions with them as operands is generated we don't crash. For the similar purpose I changed the f16 in ARM64_REG_H* to i16 since half type in not supported and we wan't to be able to at least generate pseudo instructions. * Arm64: STR and LDR tests Those tests target loading and storing floating point values. * Arm64: Removed zero division semantics from llvmir - Zero division is NOW undefined behaviour - This caused problems in modulo idiom detection - Also removed coresponding tests * Arm64: FMOV instruction with immediate values - Correctly handle imm values as operands of this instruction * Revert "Arm64, bin2llvmir: Decoder should not analyse stack." This reverts commit 7b88475. This change caused other tests to fail. * Arm64: Simplified and documented some code - Removed unused code from decoder/arm64.cpp - Fixed insnWrittesPcArm64 to work better - Fixed Cond branch tests * Arm64: Fixed documentation build
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
congrats on this amazing work! just added your projects to our website at http://www.capstone-engine.org/showcase.html
keep it up, cheers!
The text was updated successfully, but these errors were encountered: