Re: announce: my very first disassembler now available (GPL)

"Willow" <wrschlanger@xxxxxxxxx> wrote in message
news:c18865be-c40e-4e7b-8df9-fcd28f29cfa4@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I just finished my very own disassembler, written from scratch. It
takes a 750-line input script file that specifies the x86 and x86-64
instruction set, and produces a disassembler. Unlike other
disassemblers, mine is enjoyable to work on because it is coherent,
you have a script file that makes sense (to me at least :-) rather
than a bunch of incoherent and often buggy opcode tables copied from
an Intel manual.

You should check it out and let me know what you think!
It's called crudasm, the crude disassembler. Right now it only works
in 16 and 32 bit mode, and only supports raw binary files (e.g. no PE
etc. files).

You can find it here: http://code.google.com/p/vm64dec/downloads/list


Here are just a few differences between NASM's Ndisasm and Crudasm1:


Ndisasm (0.98.39):

00000000 1499 adc al,0x99
00000002 1433 adc al,0x33
00000004 2433 and al,0x33
00000006 660FC8 bswap eax
00000009 6699 cdq
0000000B 3C33 cmp al,0x33
0000000D 0FA606EEBB cmpxchg486 [0xbbee],al

Crudasm1:

00000000 adc dh,0x99
00000002 adc dh,0x33
00000004 and dh,0x33
00000006 o32 bswap
00000009 o32 cdq
0000000b cmp dh,0x33
0000000d db 0x0f
0000000e cmps byte [si],byte [es:di]
0000000f push ss
00000010 out si,dh
abort: cs segment limit exceeded (or internal error)


I noticed from disassembling a larger file (all the instructions in NASM's
insns.dat) that Crudasm is loosing the register on certain instructions
(e.g., the ones with dh...). Also, although cmpxch486 doesn't disassembly
correctly, it still points out the "unique" disassembly of "cmpsb". I can
work through more as time permits, if you'd like.


Rod Pemberton

.

Relevant Pages

  • Re: announce: my very first disassembler now available (GPL)
    ... you have a script file that makes sense ... It's called crudasm, the crude disassembler. ... In the future I will add floating point, MMX, SSE, etc. instructions ... information to later feed a fully automated but static code analyser. ...
    (alt.lang.asm)
  • Re: Theoretical Computer Science and Disassemblers
    ... The number of instructions is irrelevant. ... differentiating code and data will always be present. ... correctly disassembled by a decent, automatic, disassembler. ... belongs to which puzzle. ...
    (alt.lang.asm)
  • Re: Stymie a disassembler
    ... How about using INT 1 and single step? ... I'm collecting little tricks that will stymie a disassembler (that is, ... Burying instructions within the opcodes of other instructions ... Writing interpreters that allow a mixture of 80x86 and interpretive ...
    (alt.lang.asm)
  • Re: Im having trouble finding opcodes
    ... Same with any real Assembler, isn't it, ass-hole? ... I also considered the disit disassembler. ... to handle the remaining instructions would increase its size, ... new instructions easily to a disassembler engine, ...
    (alt.lang.asm)
  • Re: Im having trouble finding opcodes
    ... multiple "irregularities" of the x86 Encoding... ... the instructions mentioned in the latest Intel Pentium ... I've yet to test all these cases to verify that the disassembler engine ... than leaving it up to your users to help locate all the bugs. ...
    (alt.lang.asm)