OSDev.org

Posted: **Wed Dec 09, 2009 10:11 pm**

Hi, after searching the google, There not much x86 disassembler written in Java.

But I found this lib is good http://bastard.sourceforge.net/libdisasm.html , It provides many information that ndisasm don't have, but It works in linux only.

Posted: **Wed Dec 09, 2009 11:04 pm**

A java disassembler? Um, why would you want such a thing?

Posted: **Wed Dec 09, 2009 11:25 pm**

earlz wrote:A java disassembler? Um, why would you want such a thing?

Isn't it trivially obvious??? It's like using assembly to write web applications it's just funny.

Posted: **Thu Dec 10, 2009 12:28 am**

because this http://peter-bochs.googlecode.com is written in Java

Posted: **Thu Dec 10, 2009 1:12 am**

Hi Peter,
There is nothing wrong with writing a disassembler in java and you might develop it much quickly as well

.But what's the utility ? What does it accomplish more than dissassemblers available presently ?If its for a pedagogic/didactic purpose , then java is a very good choice .
--Thomas

Posted: **Thu Dec 10, 2009 1:37 am**

Hi Thomas
I am making peter-bochs (a bochs gui debugger) can single step trace on ELF (on c level source). Bochs build-in disassembler can only disassemble on the current location cs:eip. So I need a disassembler that can disasseble at any location.

I can do it in these way
1) capture the output from ndisasm (netwide disassembler)
2) capture the output from http://bastard.sourceforge.net/libdisasm.html

second option would be better, because it has more professional output, it can give me these informations (the following). But this library can only run on Linux

typedef struct {
/* information about the instruction */
unsigned long addr; /* load address */
unsigned long offset; /* offset into file/buffer */
enum x86_insn_group group; /* meta-type, e.g. INS_EXEC */
enum x86_insn_type type; /* type, e.g. INS_BRANCH */
enum x86_insn_note note; /* note, e.g. RING0 */
unsigned char bytes[MAX_INSN_SIZE];
unsigned char size; /* size of insn in bytes */
/* 16/32-bit mode settings */
unsigned char addr_size; /* default address size : 2 or 4 */
unsigned char op_size; /* default operand size : 2 or 4 */
/* CPU/instruction set */
enum x86_insn_cpu cpu;
enum x86_insn_isa isa;
/* flags */
enum x86_flag_status flags_set; /* flags set or tested by insn */
enum x86_flag_status flags_tested;
/* stack */
unsigned char stack_mod; /* 0 or 1 : is the stack modified? */
long stack_mod_val; /* val stack is modified by if known */

/* the instruction proper */
enum x86_insn_prefix prefix; /* prefixes ORed together */
char prefix_string[MAX_PREFIX_STR]; /* prefixes [might be truncated] */
char mnemonic[MAX_MNEM_STR];
x86_oplist_t *operands; /* list of explicit/implicit operands */
size_t operand_count; /* total number of operands */
size_t explicit_count; /* number of explicit operands */
} x86_insn_t;

Posted: **Thu Dec 10, 2009 3:20 am**

Hi Peter ,
I really do not understand why a dissaembler library would be too dependent on operating system ( It can be on the CPU ) . It should'nt be too difficult to port . C# has Platform Invoke which will help you invoke platfrom specific function calls. I am very confident that java also will have something similar . ( Yes it does !JNI ). You can possibly write wrapper calls to the library and use the library as such .

-- Thomas

Posted: **Thu Dec 10, 2009 4:14 am**

Hi, I think I use ndisasm.exe at this stage. don't want to spend too much time to port the library to windows. Hope somebody will do it

Also, I really scare ELF format now.

Posted: **Thu Dec 10, 2009 4:55 am**

mcheung63 wrote:Hi Thomas
I am making peter-bochs (a bochs gui debugger) can single step trace on ELF (on c level source). Bochs build-in disassembler can only disassemble on the current location cs:eip. So I need a disassembler that can disasseble at any location.

You are probably kidding

build-in Bochs disassembler is stateless module and don't know anything about "current" CS or "current" EIP.
The disasm command is:

Code: Select all

  unsigned disasm(bx_bool is_32, bx_bool is_64, bx_address base, bx_address ip, const Bit8u *instr, char *disbuf);

"instr" is the input, "disbuf" is the output, "base" and "ip" are not required, if not supplied - put "-1" into "base" - only no jump target for relative jumps will be printed.

Stanislav

Posted: **Thu Dec 10, 2009 6:03 am**

monkeykoder wrote:Isn't it trivially obvious??? It's like using assembly to write web applications it's just funny.

http://www.viksoe.dk/code/asmil.htm
Need I comment.

Posted: **Thu Dec 10, 2009 7:14 am**

mcheung63 wrote:Hi Thomas
I am making peter-bochs (a bochs gui debugger) can single step trace on ELF (on c level source). Bochs build-in disassembler can only disassemble on the current location cs:eip. So I need a disassembler that can disasseble at any location.

I can do it in these way
1) capture the output from ndisasm (netwide disassembler)
2) capture the output from http://bastard.sourceforge.net/libdisasm.html

second option would be better, because it has more professional output, it can give me these informations (the following). But this library can only run on Linux

typedef struct {
/* information about the instruction */
unsigned long addr; /* load address */
unsigned long offset; /* offset into file/buffer */
enum x86_insn_group group; /* meta-type, e.g. INS_EXEC */
enum x86_insn_type type; /* type, e.g. INS_BRANCH */
enum x86_insn_note note; /* note, e.g. RING0 */
unsigned char bytes[MAX_INSN_SIZE];
unsigned char size; /* size of insn in bytes */
/* 16/32-bit mode settings */
unsigned char addr_size; /* default address size : 2 or 4 */
unsigned char op_size; /* default operand size : 2 or 4 */
/* CPU/instruction set */
enum x86_insn_cpu cpu;
enum x86_insn_isa isa;
/* flags */
enum x86_flag_status flags_set; /* flags set or tested by insn */
enum x86_flag_status flags_tested;
/* stack */
unsigned char stack_mod; /* 0 or 1 : is the stack modified? */
long stack_mod_val; /* val stack is modified by if known */

/* the instruction proper */
enum x86_insn_prefix prefix; /* prefixes ORed together */
char prefix_string[MAX_PREFIX_STR]; /* prefixes [might be truncated] */
char mnemonic[MAX_MNEM_STR];
x86_oplist_t *operands; /* list of explicit/implicit operands */
size_t operand_count; /* total number of operands */
size_t explicit_count; /* number of explicit operands */
} x86_insn_t;

Try libudis86. I ported it for my OS - it has no linux dependencies at all.

Posted: **Thu Dec 10, 2009 8:13 am**

thanks james
hi stlw, yeah , I wasted a day

OSDev.org

disassembler in Java?

disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?

Re: disassembler in Java?