this paper is structured in the following way: a thorough description of the structure of a decompiler, followed by the description of our implementation of an # An idiom is a sequence of instruction that forms a logical entity and has a meaning that cannot be derived by considering the primary meanings of the individual instructions # # # # HLL program (language dependent) Back-end (analysis) UDM (machine dependent) Front-end binary program Figure 1. Decompiler modules automatic decompiling system, and conclusions. The paper is followed by the definitions of graph theoretical concepts used throughout the paper (Appendix I), and sample output from different phases of the decompilation of a program (Appendix II)

Traditional compiler data flow analysis techniques are used to transform the intermediate representation of a decompiled program to a higher representation that eliminates low-level concepts such as registers and condition codes, and reintroduces the high-level concept of expression. Summary data flow information is collected on condition codes and registers, and is propagated across basic blocks and subroutine boundaries to find boolean and arithmetic expressions, register arguments, function return registers, actual arguments, and propagate data types whenever required. The elimination of condition codes is performed by an extension of a reach algorithm. The elimination of registers and intermediate instructions is performed by an extended copy propagation algorithm that is based on intra and interprocedural analysis of the program's control flow graph. The methods presented in this paper have been implemented in dcc, a prototype decompiler for the Intel i80286 architecture. Experi...