[llvm-dev] Binary to LLVM IR lifter?
Sandeep Dasgupta via llvm-dev
llvm-dev at lists.llvm.org
Sun Aug 14 10:48:11 PDT 2016
Hello Fredi,
This is my experience with a publicly available tool called McSema
(https://github.com/trailofbits/mcsema) which can convert x86 machine
code to functional LLVM IR.McSema support translation of x86 machine
code, including integer, floating point, and SSE instructions.
* Pluses of McSema
o Well documented
o Fully functional LLVM IR, i.e. the recovered LLVM IR can be
re-written to binary and executed.
o Pluggable control flow graph recovery phase: The tool has 2
independent phases: In the first phase, it extracts control flow
graph (cfg) information from the binary (using a tool
bin_descend). Then it will write the recovered cfg into a Google
Protocol Buffer serialized file. There is also an IDAPython
script to recover cfg from within IDA Pro (which is a commercial
solution ). In that sense, we can plug-in any solution to
recover cfg. In the second phase McSema converts this cfg into
LLVM IR.
* Minuses of LLVM IR recovered from Mcsema:
o One of the downside of this recovered LLVM IR is that the
variable (scalar/aggregate) and type information is not
recovered in that LLVM IR. In our group, we are actively working
on recovering the variable and type information.
Thanks and Regards,
Sandeep Dasgupta
PhD Student, University of Illinois Urbana Champaign
> Date: Sat, 13 Aug 2016 15:57:14 +0200
> From: fee via llvm-dev <llvm-dev at lists.llvm.org
> <mailto:llvm-dev at lists.llvm.org>>
> To: llvm-dev at lists.llvm.org <mailto:llvm-dev at lists.llvm.org>
> Subject: [llvm-dev] Binary to LLVM IR lifter?
> Message-ID: <342a05bd-1375-6712-931b-d5afb3736e1b at web.de
> <mailto:342a05bd-1375-6712-931b-d5afb3736e1b at web.de>>
> Content-Type: text/plain; charset=utf-8
>
> Hi all,
>
> I am looking for binary lifter/translater that are able to convert
> architecture specific code like x86, x86_64, ARM etc. to LLVM IR.
>
> Do you know any working tools that can do something like this?
>
> Regards,
>
> Fredi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20160814/8b0d7a48/attachment.html>
More information about the llvm-dev
mailing list