Disassembly

Article on other languages:

• Дизасемблер
• Desassemblador
• Disassembler
• Disassembler
• Disassembler
• Desensamblador
• Désassembleur
• Disassembler
• Disassembler
• Disassembler
• 逆アセンブラ
• Dezasembler
• Desmontador
• Дизассемблер
• Disassemblator
• Дизасемблер

	del.icio.us
	Digg
	Furl
	Reddit
	Rojo
	Add to OnlyWire

A disassembler is a computer program that translates machine language into assembly language—the inverse operation to that of an assembler. A disassembler differs from a decompiler, which targets a high-level language rather than an assembly language. Disassembly, the output of a disassembler, is often formatted for human-readability rather than suitability for input to an assembler, making it principally a reverse-engineering tool.

Assembly language source code generally permits the use of symbolic constants and programmer comments. These are usually removed from the assembled machine code by the assembler. If so, a disassembler operating on the machine code would produce disassembly lacking these constants and comments; the disassembled output becomes more difficult for a human to interpret than the original annotated source code. Some disassemblers can infer useful names and comments,^{[citation needed]} and many can make use of the symbolic debugging information present in object files such as ELF. Some disassemblers, such as the Interactive Disassembler, actually allow the human user to make up mnemonic symbols for values or regions of code in an interactive session: human insight applied to the disassembly process often parallels human creativity in the code writing process.

Disassembly is not an exact science: On CISC platforms with variable-width instructions, or in the presence of self-modifying code, it is possible for a single program to have two or more reasonable disassemblies. Determining which instructions would actually be encountered during a run of the program reduces to the proven-unsolvable halting problem.

Examples of disassemblers

• Any interactive debugger will include some way of viewing the disassembly of the program being debugged. Often, the same disassembly tool will be packaged as a standalone disassembler distributed along with the debugger. For example, objdump, part of GNU Binutils, is related to the interactive debugger gdb.
• OllyDbg is commonly used by crackers
• ChARMeD Disassembler is a disassembler and assembler for CPUs using the ARM instruction set
• IDA
• W32DASM
• ILDASM is a tool contained in the .NET Framework SDK. It can be used to disassemble PE files containing Common Intermediate Language code.
• diStorm64 diStorm is an open source optimized stream disassembler library for 80x86 and x86-64.
• Udis86 Udis86 is a minimalistic disassembler library for the x86 and x86-64
• The Bastard Disassembler Disassembler library for 80x86

See also

• Control flow graph
• Data-flow analysis
• Decompiler

References

• L. Vinciguerra, L. Wills, N. Kejriwal, P. Martino, and R. Vinciguerra, "An Experimentation Framework for Evaluating Disassembly and Decompilation Tools for C++ and Java", Proc. of 10th Working Conference on Reverse Engineering (WCRE) 2003.
• B. Schwarz, S. Debray, and G. Andrews, "Disassembly of Executable Code Revisited", Proc. of 9th Working Conference on Reverse Engineering (WCRE), pp. 45-54, 2002.

External links

Look up disassembler in Wiktionary, the free dictionary.

• transformation Wiki on disassembly
• OpenRCE: Various Disassembler Resources and Plug-ins
• Disassemblers at the Open Directory Project