[TUHS] Re: Unix Reverse Engineering

[TUHS] Re: Unix Reverse Engineering

[Noel Chiappa]

    > From: Thalia Archibald

    > I'm working on building a decompiler from PDP-11 assembly to C to ease
    > studying old pre-C Unix sources. To start, I'm translating V5 `as` to
    > period-idiomatic C

That's going to be a real trick; 'as' was written in PDP-11 assembler:

  https://minnie.tuhs.org/cgi-bin/utree.pl?file=V6/usr/source/as

	Noel

[TUHS] Re: Unix Reverse Engineering

[Thalia Archibald via TUHS]

On May 12, 2025, at 04:04, Noel wrote:
> That's going to be a real trick; 'as' was written in PDP-11 assembler:

It has, indeed, been quite the challenge to translate. I’ve completed 1114/3531
lines or 7/20 files in my translation of `as` to C. It seems that it was never
ported to C by the original authors, so this is probably the most closely
someone’s looked at many parts of it in a long time.

I’ve very steadily been improving my PDP-11 assembly skills and rather efficient
now. It’s quite tedious tracking all the register effects, though good
signatures annotated with in- and out-registers helps a lot. I feel like a
compiler, manually performing control flow structuring like the Relooper or LLVM
Stackifier algorithms. With this completed, my manual effort will bootstrap
reverse engineering the rest with a proper decompiler.

Thalia

[TUHS] Re: Unix Reverse Engineering

[segaloco via TUHS]

On Monday, May 12th, 2025 at 5:49 AM, Thalia Archibald via TUHS <tuhs@tuhs.org> wrote:

> On May 12, 2025, at 04:04, Noel wrote:
> 
> > That's going to be a real trick; 'as' was written in PDP-11 assembler:
> 
> 
> It has, indeed, been quite the challenge to translate. I’ve completed 1114/3531
> lines or 7/20 files in my translation of `as` to C. It seems that it was never
> ported to C by the original authors, so this is probably the most closely
> someone’s looked at many parts of it in a long time.
> 
> I’ve very steadily been improving my PDP-11 assembly skills and rather efficient
> now. It’s quite tedious tracking all the register effects, though good
> signatures annotated with in- and out-registers helps a lot. I feel like a
> compiler, manually performing control flow structuring like the Relooper or LLVM
> Stackifier algorithms. With this completed, my manual effort will bootstrap
> reverse engineering the rest with a proper decompiler.
> 
> Thalia

Not sure how helpful it'd be, but pdp11-dec-aout is a valid target for GNU
binutils as of the current version, so objdump may be another
disassembler/analyzer option.

If it helps, here's some stalled-out work on disassembling V2 commands:

https://gitlab.com/segaloco/v2src

Do you have a particular end-goal in mind or is it just an exercise?

- Matt G.

[TUHS] Re: Unix Reverse Engineering

[Henry Bent]

[-- Attachment #1: Type: text/plain, Size: 236 bytes --]

On Mon, 12 May 2025 at 14:37, segaloco via TUHS <tuhs@tuhs.org> wrote:

>
> Do you have a particular end-goal in mind or is it just an exercise?
>
> - Matt G.


Learning from the past is wonderful.  Reliving it is just cosplay.

-Henry

[-- Attachment #2: Type: text/html, Size: 585 bytes --]

[TUHS] Re: Unix Reverse Engineering

[Angelo Papenhoff]

Check v10's cmd/PDP11/11as source

Cheers, aap

On 12/05/25, Thalia Archibald via TUHS wrote:
> On May 12, 2025, at 04:04, Noel wrote:
> > That's going to be a real trick; 'as' was written in PDP-11 assembler:
> 
> It has, indeed, been quite the challenge to translate. I’ve completed 1114/3531
> lines or 7/20 files in my translation of `as` to C. It seems that it was never
> ported to C by the original authors, so this is probably the most closely
> someone’s looked at many parts of it in a long time.
> 
> I’ve very steadily been improving my PDP-11 assembly skills and rather efficient
> now. It’s quite tedious tracking all the register effects, though good
> signatures annotated with in- and out-registers helps a lot. I feel like a
> compiler, manually performing control flow structuring like the Relooper or LLVM
> Stackifier algorithms. With this completed, my manual effort will bootstrap
> reverse engineering the rest with a proper decompiler.
> 
> Thalia

[TUHS] Re: Unix Reverse Engineering

[Thalia Archibald via TUHS]

aap wrote:
> Check v10's cmd/PDP11/11as source

Thanks for the pointer! I've now surveyed all the distributions in the TUHS Unix
Tree and that's indeed the most interesting one.

The V10 PDP-11 `as` and Jay Jaeger's MXAS[0] port of Mini-Unix `as` to DOS are
the only translations of PDP-11 `as` to C and they both look to be faithful
translations, though I haven't reviewed them in depth yet.

Do you know any more about the background of the V10 PDP-11 `as`?

It's a cross-assembler on VAX and its Makefile indicates it was written by John
F. Reiser. According to Wikipedia, he did much of the work for Unix/32V,
including writing its VAX assembler ported from Interdata 8/32 Unix.
Unfortunately, the Interdata 8/32 port is not in the TUHS tree (though the
unrelated 7/32 port is).

Thalia

[0]: https://www.tuhs.org/Archive/Distributions/USDL/Mini-Unix/mxas.tar.gz