-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BINARY] clang cannot compile those assembly, neither from gcc nor msvc program #34
Comments
Hello, Please provide as much of the following information as possible:
|
master. It does not work for clang |
You are not able to disassemble clang itself, or you are not able to reassemble a binary with clang? |
reassemble a binary with clang |
PE or ELF, 32-bit or 64-bit? |
Both PE and ELF 64 bit. I did not try 32-bit. |
Currently, for Windows binaries only the MASM assembly syntax is supported by ddisasm/gtirb-pprinter. You will have to use a MASM-compatible assembler such as For example,
|
but why Linux executable does not work with clang? |
It is hard to reproduce the problem if we don't have access to the binary. By the look of those error messages, it could be that clang expects AT&T syntax instead of INTEL syntax, which is the default.
Let us know if that helps |
We use gcc for reassembly. For the few examples I just tried, clang works. I believe there are some subtle differences in the syntax clang supports, but gcc and clang should mostly be compatible. There are changes in the works that will allow gtirb-pprinter to target multiple assemblers, but for now clang support must be reconciled by the user. |
hi The repository contains IR, asm, and original notepad++.exe file. I tried to use the binary downloaded from the official and it fails. I compile notepad++ by myself again and it still fails for the same reason. the linker cannot find __imp_COMCTL32@17 symbol, even the extern function is shown in the assembly. |
You should be able to generate a
This requires that |
I do not see the COMCTL.lib file in the local directory after running ddisasm with flag --generate-import-libs no comctl32.lib |
Oh! This is an actual bug I can fix. I've just checked and the Add |
is that possible to generate .lib directly on Linux instead of on windows? ddisasm runs extremely slow on windows. |
We have code in review that will provide alternatives on Linux. Hopefully that will merge soon, but until then you can use LLVM For example, on Ubuntu:
Then create a simple wrapper script for
Now,
Make sure to use a |
great. i have my lld installed |
npp.zip |
hello. I tried 4 different windows software, none of them works. Can you tell me a windows software that works? So I can use that for my work. |
Assuming |
what if i am using /MD?? |
You can still use
|
how to deal with those syntax errors or conflicts etc?? |
From the screenshot of |
Any guideline on how to compile gtirb, targeting windows. Do you use cross-compilation? |
hi. There are some issues with the assembly for ml64.
I think generating gnu assembly is still useful even for windows (PE) executable since it does not have so many disassembly issues like microsoft's ones. |
I agree. It is on my list.
We actually just merged changes last week to improve this. In short, you can now pass the See
|
Hi kwarrick. I try to disassemble 7zip. It works but the windows does not pop up at all. Why? Here is the IR file, assembly, and executables. What I found is that a lot of windows GUI executables just flash and exit after disassembly. Can you have a look at it?? |
After looking at the assembly output from I am not entirely sure of the motivation, but it appears that a lot PE32 binaries (32-bit) have merged data and code sections.The MSVC compiler provides an option to do this:
When you look at the beginning of the As ddisasm was originally developed against ELF binaries, the only data-in-code analysis required thus far has been for jump tables within the code section. To correctly disassemble binaries with merged data sections, I have been working on a branch that introduces more complex data analysis logics. I will update this issue when we merge that work. |
cons.asm:25375:13: error: unknown use of instruction mnemonic without a size suffix
jmp $L_14001135e
^
cons.asm:25378:13: error: unknown use of instruction mnemonic without a size suffix
mov R8,R15
^
cons.asm:25379:27: error: unexpected token in argument list
lea RCX,QWORD PTR [RSP+72]
^
cons.asm:25380:13: error: unknown use of instruction mnemonic without a size suffix
mov RDX,RDI
^
cons.asm:25383:13: error: unknown use of instruction mnemonic without a size suffix
cmp EAX,-1
^
cons.asm:25384:16: error: invalid operand for instruction
je $L_14001139b
^~~~~~~~~~~~
The text was updated successfully, but these errors were encountered: