Reko is a binary decompiler.
This is a minor release, but with a lot of new small features and fixes.
A noteworthy new feature is Reko's ability to automatically place decompiled procedures into different files, based on a OutputFilePolicy
. An OutputFilePolicy decides into which files procedures should go, based on criteria like segment name, address offset within a segment etc. Future work will allow users to customize the placements on a per-procedure basis.
The project has partially completed moving .csproj
files to the new .NET SDK format (issue #748). Most files are now building to the netstandard2.0
target framework. Progress is stalled due to the complex Reko build process. If you're interested in helping us get ready for .NET 5, contact the Reko team at https://gitter.im/uxmal/reko.
Initial support was added for the following CPU instruction set architectures:
Other noteworthy new features include:
AssembleAt
method will allow patching of code with assembler languageThanks to @chostelet, @claunia, @ermshiperete, @gbody, @Piruzzolo, @ptomin, and @smx-smx for their time and contributions to this release.
The main feature of this release is the long-awaited reworking of the analysis phase of the Reko decompiler. The slow and inaccurate interprocedural register liveness analysis was replaced by a novel analysis based on the strongly connected components (SCC's) of the call graph. The SCC's, which most of the time consist of a single procedure, are converted to SSA form earlier now.
In addition the classic Cytron et. al SSA construction algorithm, which requires the eager calculation of the immediate dominator relation of the basic blocks in the procedures, was replaced with a simpler S algorithm described in "Simple and Efficient Construction of Static Single Assignment Form" by Matthias Braun et al. The SSA algorithm has been augmented to perform lazy register / stack variable alias analysis, which turned out to be more efficient than the old register alias analysis phase.
The handling of 'hell nodes' has received focused attention. Hell nodes are indirect calls without associated function type metadata. Previously Reko was pessimistically assuming the worst: that all registers are live in and live out. Several heuristics have been applied to 'tame' the hell nodes to make the resulting output manageable (with many thanks to @ptomin).
Many other improvements to the data flow analysis were incorporated in this release as well. The results are improved source file outputs.
Initial support was added for the following CPU architectures:
Progress is hampered by the lack of good sample binaries with which to train the decompiler. Please contact us if you have any such binaries available.
Changes were also made in the output folder structure, and binary resources (like embedded icons and menus) are now extracted. (with thanks to @Cairn23)
Thanks to @Cairn23 and @gbody for their contributions. Special thanks go again to @ptomin and @smx-smx for their code, time, and dedication.
It's been a long time since the last release, but a lot has been happening in Reko-land. This release contains:
Thanks to @gbody, @wdigger, @wesinator, @wildptr for their contributions. Special thanks to @chostelet, @ptomin and @smx-smx for their code, time, and dedication.
Release notes:
The major feature in this release are the changes to Reko to support the use of native code disassemblers, and potentially any other low-level libraries that may prove beneficial such as symbol parsers and code emulators. The Reko build system was modified to allow the compilation of C++ code that interfaces between low-level libraries and the other, managed parts of Reko. The immediate benefits of these changes are the much improved support for the ARM processor architecture and (finally) the possibility of running Reko in 64-bit mode.
This is the first release where a 64-bit MSI installer is available for Windows users. Non-Windows users can now choose whether to build a 32- or a 64-bit version of Reko. With the expanded address space, the 64-bit version will be able to handle larger binaries than the 32-bit version.
Another area of large improvements is the generation of structured C code. Reko's high-level output is now much improved.
Some other changes of note:
Thanks to @dmakarov, @Lukas-Dresel, @Kalmalyzer, @VladRassokhin, @gbody, @chostelet for their contributions. Special thanks to @ptomin and @smx-smx for their code, time, and devotion.
Another bug release and courtesy build to users unable to build their own binaries.
Thanks to @ptomin , @smx-smx , and @rogersachan for their contributions.
This is mostly a bugfix release and a courtesy builds to users unable to build their own binaries.
Thanks to @ptomin and @smx-smx for their contributions, and @rfalke for reporting issues found in testing.
The big feature of this release is the adaptation and implementation of the shingled disassembler and procedure detection algorithms described in the papers "Shingled Graph Disassembly: Finding the Undecidable Path" by Richard Wartell, Yan Zhou, Kevin W.Hamlen, and Murat Kantarcioglu (https://www.utdallas.edu/~hamlen/wartell13techrep.pdf) and "Compiler-Agnostic Function Detection in Binaries", by Dennis Andriesse, Asia Slowinska, Herbert Bos (https://syssec.mistakenot.net/papers/eurosp-2017.pdf). A clone of the source code from the latter is located here: https://github.com/uxmal/nucleus.
These optional analyses vastly improve Reko's discovery of executable code, at the cost of increased memory and time consumption. Because of the cost, they must be explicitly requested. In the GUI client, this is done by right-clicking on a loaded program node, selecting the Properties
menu item, switching to the Scanning
tab and selecting "Shingled scanning". From the command line, the following incantation will do the job:
decompile --heuristic shingle binary.exe
Some other goodies are also part of this release:
.ll
files and transpile them into Reko IR. Special thanks for @mewmew for his assistanceThanks to @ptomin, @Kalmalyzer, and @smx-smx for their contributions.
Mostly consisting of bugfixes and stability improvements.
[[reko::arg(fpu)]]
C++-style attributeThanks to @ptomin, @a2intl, @Lukas-Dresel, @MeFisto94, @rogersachan, and @smx-smx for their contributions
This minor release focuses on stabilization, but a few major features have made it as well:
printf
and scanf
function families, as well as the Py_BuildValue
function from the Python runtime.Special thanks to @ptomin, @nemerle, @mewmew, @xor2003, @Lukas-Dresel for their contibutions.
At last, a new major release! Большое спасибо to @ptomin, who put in an amazing amount of effort to bring you:
In the eye candy department:
And the nuts and bolts work:
Because of the major changes that have taken place, it's likely that Reko may be unstable after all the major surgery. If you encounter any issues while running Reko, please report them in the issue tracker.
Enjoy!