this paper is structured in the following way: a thorough description of the structure of a decompiler, followed by the description of our implementation of an # An idiom is a sequence of instruction that forms a logical entity and has a meaning that cannot be derived by considering the primary meanings of the individual instructions # # # # HLL program (language dependent) Back-end (analysis) UDM (machine dependent) Front-end binary program Figure 1. Decompiler modules automatic decompiling system, and conclusions. The paper is followed by the definitions of graph theoretical concepts used throughout the paper (Appendix I), and sample output from different phases of the decompilation of a program (Appendix II)

Previously the debugging of optimised code has not been possible without recompiling the executable code and preventing the use of code optimisation techniques. Although current research efforts offer partial solutions to a small set of optimisation techniques, no unified approach has been developed to overcome the barriers imposed by a large range of sophisticated optimisation techniques. The approach taken in the building of the prototype described throughout this paper combines program simulation and interpretation techniques with run-time executable modification techniques to provide an integrated environment for function-level interpretation. This has been achieved without the modification of an existing compiler and also without the enhancement of the compiler-debugger interface (CDI), thereby allowing direct application of the debugger in current operational environments. This paper describes the construction of gpdb, a debugger for the Gardens Point compiler environment. This debugger has proved to be fundamental for the production of an interactive development environment which allows an optimised program to be run, corrected, modified, and even further developed without the need for the recompilation of the executable program, or the resetting of the debugging environment. 1.

Different strategies for binary analysis are widely used in systems dealing with software maintenance and system security. Binary code is self-contained; though it is easy to execute, it is not easy to read and understand. Binary analysis tools are useful in software maintenance because the binary of software has all the information necessary to recover the source code. It is also incredibly important and sensitive in the domain of security. Malicious binary code can infect other applications, hide in their binary code, contaminate the whole system or travel through Internet and attack other systems. This makes it imperative for security personnel to scan and analyze binary codes with the aid of the binary code analysis tools. On the other hand, crackers can reverse engineer the binary code to assembly code in order to break the secrets embedded in the binary code, such as registration number, password or secret algorithms. This motivates researches to prevent malicious monitoring by binary code analysis tools. Evidently, binary analysis tools play an important doublesided role in security. This paper surveys binary code analysis from the most fundamental perspective views: the binary code formats, several of the most basic analysis tools, such as disassembler, debugger and the instrumentation tools based on them. The previous research on binary analysis are investigated and summarized and a new approach of analysis, disasembler-based binary interpreter, is proposed and discussed. 1.

Non-Transparent Debugging of Optimized Code by Caroline Mae Tice Doctor of Philosophy in Computer Science University of California at Berkeley Professor Susan L. Graham, Chair Debugging optimized code is a problem for which a widely accepted solution has yet to be found. Over the years many approaches have been suggested, including limiting the compiler optimizations, restricting the debugger functionality, using recompilation or dynamic de-optimization to undo the optimizations, and having the debugger determine the e#ects of optimizations and mask them from the user. All of these approaches have a common thread: they place a barrier between the user and the optimizations, either altering, undoing, or hiding the e#ects of optimizations.