SourceForge.net Logo
boomerangs
Looking for boomerangs that fly?
Try here or here.


  
Screenshots of the new GUI

Boomerang

A general, open source, retargetable decompiler of machine code programs

Introduction

This project is an attempt to develop a real decompiler for machine code programs through the open source community. A decompiler takes as input an executable file, and attempts to create a high level, compilable, possibly even maintainable source file that does the same thing. It is therefore the opposite of a compiler, which takes a source file and makes an executable. However, a general decompiler does not attempt to reverse every action of the decompiler, rather it transforms the input program repeatedly until the result is high level source code. It therefore won't recreate the original source file; probably nothing like it. It does not matter if the executable file has symbols or not, or was compiled from any particular language. (However, declarative languages like ML are not considered.)

The intent is to create a retargetable decompiler (i.e. one that can decompile different types of machine code files with modest effort, e.g. X86-windows, sparc-solaris, etc). It was also intended to be highly modular, so that different parts of the decompiler can be replaced with experimental modules. It was intended to eventually become interactive, a la IDA Pro, because some things (not just variable names and comments, though these are obviously very important) require expert intervention. Whether the interactivity belongs in the decompiler or in a separate tool remains unclear.

By transforming the semantics of individual instructions, and using powerful techniques such as Static Single Assignment dataflow analysis, Boomerang should be (largely) independent of the exact behaviour of the compiler that happened to be used. Optimisation should not affect the results. Hence, the goal is a general decompiler.

News

28/Oct/2012: The Boomerang source code has been converted from CVS to Subversion back in 2008; I've finally changed the instructions so that users will get the Subversion repository now. If you are working with a CVS copy, please generate diffs now while the CVS repository still exists. To help with this, the CVS instructions are still available here. I intend to delete the CVS repository in about a month, say early December.

3/Nov/2006: Gerard Krol has volunteered to become the new project admin. He hopes he will be able to help people interested in Boomerang using and understanding it, and he will try (with your help) to make Boomerang the finest decompiler available. We still suffer the loss of our main developers, so please contribute!

18/Sep/2006: The two main developers of Boomerang, QuantumG and Mike Van Emmerik, are withdrawing from further development of Boomerang. This is because both have joined a company that owns technology sufficiently similar to that of Boomerang that there is a conflict. Both will be able to answer email queries about how Boomerang works at present, but will not be able to comment on suggestions for changes.

For more details, see this news item.

15/Sep/2006: The making page has a link to qt-4.1.4-vs2005.zip, which saves a lot of time and effort if compiling the Boomerang GUI with Visual Studio 2005.

14/Sep/2006: The Visual Studio 2005 project file is finally sorted out, so both the console and GUI (Qtgui2) versions of Boomerang can be made with Visual Studio 2005.

5/Sep/2006: The Windows-only GUI version of Boomerang is now deprecated. It has some problems with the handling of clusters in threads, which there is no time to fix. If you want to continue using the Windows-only GUI, you can start with boomerang-win32.vcproj and work from there. The boomerang.vcproj file now makes the console version of Boomerang, which is a prerequisite for the qtgi2 version. Also deprecated are the XML loading and saving facilities, and the transformation parser. Removing the xml code has the effect of making the Cygwin version runnable again (no idea why).

13/Jun/2006: A new alpha release (0.3) is now available for download. See the download page. For source code, use the CVS tag alpha-0_3.

7/Jun/2006: QuantumG has started a blog chronicaling his daily activity on a new Qt4 based GUI for Boomerang, along with general Boomerang development and (eventually) other projects he is working on.

12/May/2006: Sourceforge have changed the names of the CVS servers. That means that existing repositories will not work as they stand. You can change the name with a few Unix commands like this:
Create a file called changeit with this contents:

mv $1 $1.old
sed -e s/@cvs\.sourceforge\.net/@boomerang.cvs.sourceforge.net/ $1.old > $1

chmod +x changeit
find . -name Root -exec /absolute/path/to/changeit {} \;
Try to execute this command only once, otherwise the Root.old files will be overwritten.
Of course, if you have made no changes to your checked out source, you can just get a fresh checkout. The changes are listed in the FAQ question 13, but the only change is from cvs.sourceforge.net to boomerang.cvs.sourceforge.net. (Also note that the ":80" as was used on the cvs page doesn't work any more either.) We are sorry for the inconvenience, but this is out of our hands.

10/Apr/2006: Cygwin doesn't seem to be able to compile the loader/MachOBinaryFile.cpp source code, so until some kind soul who knows about such things can fix it, using the MachOBinaryFile loader is now disabled if the host is Cygwin. At least that way, a Cygwin hosted Boomerang will compile, and can decompile programs other than in the MachO binaryfile format.

6/Apr/06: Boomerang has been in a bit of turmoil lately; because of the delays with Sourceforge upgrading the CVS servers, there were two major commits recently and they clashed somewhat. That's mostly fixed now, so we have Trent's robustness changes (to prevent infinite loops), his Range Analysis, several changes suggested by contributors, and Mikes recent changes, which have fixed some long standing problems with type analysis, propagation, removing unused parameters and returns, etc etc. Trent says that he has run Boomerang over c:\Windows\system32\*.exe of a Windows box and not had it segfault or infinitely loop. So that's a vast improvement in robustness. The result will not necessarily be readable or even correct, but that's another situation.

For older news, see old news.

Last modified: 28/Oct/2012: Updated instructions for Subversion.