[NTLK] ARM decompiler

Steven Frank stevenf at panic.com
Sat May 23 16:37:51 EDT 2015 

It does say it's available standalone as well as an IDA plug-in. But if you think it won't be particularly helpful then never mind! :)

Steven, via iPhone

> On May 22, 2015, at 3:23 PM, Matthias Melcher <mm at matthiasm.com> wrote:
> 
> 
>> On May 22, 2015, at 11:54 PM, Grant Hutchinson <grant at splorp.com> wrote:
>> 
>> 
>>> On 2015-05-21, at 11:06 PM, Andrei Chichak wrote:
>>> 
>>> ARM is listed as having initial support in the “Next version”.
>> 
>> Specifically, it looks like the developer needs "more descriptions of instructions, description of the calling convention, testing" specific to better ARM support.
>> 
>> https://github.com/yegord/snowman/blob/master/doc/todo.asciidoc
> 
> If I read this right, this code is a plugin for IdaPro. Ida is the de facto standard for reverse engineering. An ARM decompiler exists, originally written for iOS devices. The Newton ROM has a few specifics that Ida does not know about (format of the remaining labels in the debugger image, jump table for patches). I have not deeply investigated into this.
> 
> I have written a static analysis disassembler that has generated ARM assembly from the ROM including labels and ode/data separation which is very helpful. Generating a pseudo C code ist not too helpful because the ROM was partially written in ARM directly, which does not translate into C very well, and partially in C++, which can not be decompiled very well (if at all). Those few pure C functions are not worth the trouble.
> 
> There is something that is a bit whacky in the current Einstein git version. It's a C recompiler that takes the ARM code in the ROM and converts it into unreadable, yet correct C code. I managed to translate large parts of the ROM, and the resulting code is 2 to 5 times faster than JIT. It could be faster by a magnitude if we didn't have to emulate the Memory Managment Unit and its Virtual Memory and Permissions.
> 
> Matthias
> 
> ----------------------------------------------------------------------
> 
> http://newtontalk.net/

More information about the NewtonTalk mailing list