[NTLK] ARM decompiler

Fri May 22 18:23:06 EDT 2015

> On May 22, 2015, at 11:54 PM, Grant Hutchinson <grant at splorp.com> wrote:
> 
> 
> On 2015-05-21, at 11:06 PM, Andrei Chichak wrote:
> 
>> ARM is listed as having initial support in the “Next version”.
> 
> Specifically, it looks like the developer needs "more descriptions of instructions, description of the calling convention, testing" specific to better ARM support.
> 
> https://github.com/yegord/snowman/blob/master/doc/todo.asciidoc

If I read this right, this code is a plugin for IdaPro. Ida is the de facto standard for reverse engineering. An ARM decompiler exists, originally written for iOS devices. The Newton ROM has a few specifics that Ida does not know about (format of the remaining labels in the debugger image, jump table for patches). I have not deeply investigated into this.

I have written a static analysis disassembler that has generated ARM assembly from the ROM including labels and ode/data separation which is very helpful. Generating a pseudo C code ist not too helpful because the ROM was partially written in ARM directly, which does not translate into C very well, and partially in C++, which can not be decompiled very well (if at all). Those few pure C functions are not worth the trouble.

There is something that is a bit whacky in the current Einstein git version. It's a C recompiler that takes the ARM code in the ROM and converts it into unreadable, yet correct C code. I managed to translate large parts of the ROM, and the resulting code is 2 to 5 times faster than JIT. It could be faster by a magnitude if we didn't have to emulate the Memory Managment Unit and its Virtual Memory and Permissions.

 Matthias