Download the latest Diablo distribution.
Unpack the 'diablo-x.x.tgz' file -> tar xzvf diablo-x.x.tgz.
Change to the diablo directory and look for the INSTALL file.

Diablo manual


Diablo is released under the GNU General Public License v2. As such you are free to use, modify and redistribute it free of charge, as long as you contribute all changes back to the community. We would very much appreciate it if you cited our LCTES paper [bibtex] if you publish something based on work you've done with Diablo.

Lancet, A Nifty Code Editing Tool

Lancet is a graphical user interface built on top of Diablo. This GUI has been presented at the PASTE 2005 workshop. See the publications page for details on the article or download the slides that have been presented at the workshop.


Suggestions to insert links to other relevant projects are welcome. If you are using or planning to use Diablo, it would be kind to link to the Diablo website from your (projects) website.

Related projects

FIT: The Flexible Instrumentation Toolkit. This is a multi-platform static instrumentor (a la ATOM) based on Diablo.

Other link-time optimizers

Publications based on Diablo

Obfuscation papers

Related papers

  1. Compiler Techniques for Code Compaction
    S. Debray, W. Evans, R. Muth and B. De Sutter
    ACM Transactions on Programming Languages and Systems, 22(2), March 2000, pp. 378-415
  2. On the Side-Effects of Code Abstraction
    B. De Sutter, H. Vandierendonck, B. De Bus, and K. De Bosschere
    Proceedings of the 2003 ACM SIGPLAN Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES'03), pp. 244-253
  3. Sifting out the Mud: Low Level C++ Code Reuse
    B. De Sutter, B. De Bus and K. De Bosschere
    Proceedings of the 2002 ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'02), pp. 275-291
  4. Combining Global Code and Data Compaction
    B. De Sutter, B. De Bus, S. Debray and K. De Bosschere
    Proceedings of the 2001 ACM SIGPLAN Workshop on Languages, Compilers, and Tools for Embedded Systems (LCTES'01), pp. 29-38

How do you reconstruct the control flow graph from the object files at link-time?

There have been many publications about control flow reconstruction from binaries/at link-time/from assembly. At link-time the algorithm basically goes something like this:

  1. disassemble the binary
  2. mark all basic block leaders (program entry point, successors of
    control transfer instructions, targets of control transfer
  3. extract basic blocks (for each leader, put the instructions
    starting at that leader, up to but not including the next leader as
    a node in the CFG, the nodes are called basic blocks)
  4. connect basic blocks with the right types of edges in the

Why do I need to patch my toolchain/use a different toolchain?

Reconstruction of an accurate control flow graph from machine code, even at link time, is in fact an undecidable problem. For a quick overview of the difficulties involved, see the FAQ item "How do you reconstruct the control flow graph from the object files at link time?".

To make CFG construction more reliable, we apply some patches to the tool chain:

  1. In order to let Diablo differentiate easily between
    instructions and embedded data in the code section, we emit
    markers that indicate data in the code section.
  2. The GNU assembler uses a technique called symbol relaxing to

Diablo usage FAQ

Syndicate content