TITLE:
Subgraph Isomorphism Based Intrinsic Function Reduction in Decompilation
AUTHORS:
Yanzhao Liu, Yinliang Zhao, Lei Zhang, Kai Liu
KEYWORDS:
Program Comprehension, Decompilation, Graph Isomorphism, Intrinsic Function
JOURNAL NAME:
Journal of Software Engineering and Applications,
Vol.9 No.3,
March
23,
2016
ABSTRACT: Program comprehension is one of the most
important applications in decompilation. The more abstract the decompilation
result the better it is understood. Intrinsic function is introduced by a
compiler to reduce the overhead of a function call and is inlined in the code
where it is called. When analyzing the decompiled code with lots of inlined
intrinsic functions, reverse engineers may be confused by these detailed and
repeated operations and lose the goal. In this paper, we propose a method based
graph isomorphism to detect intrinsic function on the CFG (Control Flow Graph)
of the target function first. Then we identify the boundary of the intrinsic
function, determine the parameter and return value and reduce the intrinsic
function to a single function call in the disassembled program. Experimental
results show that our method is more efficient at reducing intrinsic functions
than the state-of-art decompilers such as Hex-Rays, REC and RD (Retargetable
Decompiler).