v0.1.0

Today, we're shipping our first release, Rizin 0.1.0 🚀.

It has been a long ride and we're thankful to all the developers who contributed to Rizin and decided to stick with us. We couldn't have done it without you all.

We're so excited to bring you the first release of Rizin, which is the opening shot of the project and only the beginning. The release is packed with new and robust features. We now have Projects and a plethora of commands switched to our new unified command parser.
Below, you'll find a complete and comprehensive list of what's new and what has changed.

On this first release of Rizin, we put our efforts in refactoring and discarding parts of the code that are not the focus of Rizin as a reverse engineering framework, and those which were unpurposed, outdated or left as proof of concepts. Along with this refactoring, we improved the building and packaging process (see more in our "Why Meson" blog post). Apart from that, the two biggest changes are new, actually working Projects (see more in our "Introducing new Projects" blog post) and migration of many commands and auto-completion feature to the "newshell" (a tree-sitter-based commands parser) which is now set to default. Some of the unnecessary commands were removed, some commands and configuration variables were changed to pursue a better user experience and to smooth the learning curve.

See the more detailed list of the changes below:

• New features

  • New Projects implementation from scratch - see more at our blog: "Introducing Projects"

• Command changes

  • Commands converted to newshell:
    • uniq
    • uname
    • ls
    • *
    • _
    • sleep
    • . subcommands
    • P subcommands
    • = subcommands
    • s subcommands
    • & subcommands
    • w subcommands (not complete)
    • z subcommands
    • e subcommands
  • Relevant changes to commands
    • @@ and @@@ commands were unified under @@ . See @@? for more info.
    • seek history commands were all moved under sH. In particular: s- (seek undo) becomes sHu; s+ (seek redo) becomes sHr; s*, s, s! are grouped under sH; s= is removed
    • sl (seek line) and prl were removed
    • s accepts only an absolute value. Instead of having different behaviour on s +10+3 vs s 10+3, now s behaves the same. If you want to move relative to the current offset, use sd (seek delta).
    • ss (seek silent) subcommands were removed in favour of the new eval var cfg.seek.silent, that is accepted by all seek commands.
    • e? was removed in favour of el (eval list). Other commands that listed evals in different formats (e*, ej, etc.) were moved under el.
    • e, was removed because e can now accept multiple sets/gets in one shot
    • ev and evj were removed in favour of ell and elJ.
    • ed was removed since there can be multiple configuration files
    • e won't accept spaces when assigning a value to a variable. e asm.bytes = true is not valid anymore, while e asm.bytes=true is. This allows the command to support multiple arguments easily, like e asm.bytes=true asm.arch=x86.
    • The commands converted to newshell do not accept the syntax without a space between the command name and the argument anymore, in favor of a more rigid approach that splits them, similar to what's done by other shells (e.g. s+3 , z-zigname won't work anymore)
  • Misc
    • Commands that provide different output modes are grouped together
    • Commands are defined through a YAML file that describe the command, its arguments, a summary and a longer description.
    • The help tree structure is automatically computed based on the YAML definition. For each command, arguments and sub-options in the help are automatically printed most of the times.

• New commands

  • opr , opn to open next file and opp to open previous file
  • Lp to list parser plugins
  • om.j for JSON output of om. to show the map for the current offset
  • aecb to continue backwards in ESIL emulation mode
  • Add rz-ax -I option to convert from/to LONG and IP address

• Configuration variables' changes

  • cfg.newshell.autocompletion to enable/disable autocompletion based on newshell data. This uses the information provided in cmd_descs.yaml to know the type of each argument. Those info are the same used by the shell to know how many arguments a command accepts. It supports autocompletion of all the arguments of a command, not just the first. However it works only for commands converted to newshell and it is currently disabled by default
  • cfg.seek.silent when true, seek commands do not save seek movements in the seek history
  • cfg.seek.histsize maximum size of the seek history
  • asm.bytes set to false by default
  • Set asm.tabs to 6 and enable asm.tabs.once by default
  • Rename asm.filter to asm.sub.names
  • Add analysis.cc and analysis.syscc to set the current calling convention and syscall convention, remove hardcoded conventions
  • zign.{graph,bytes,offset,refs,hash,types} moved to zign.match.
  • dbg.create_new_console added, to create a new console window for the debugee on debug start
  • Added cfg.json.* variables for JSON encoding settings
  • Added asm.hint.call.indirect to make indirect calls follow the target address
  • Removed http.sync, http.ui, http.sandbox scr.tts , scr.demo, file.desc, file.md5, file.location, dbg.libc.dbglib, cmd.xterm, lines.*, cmd.pdc, cmd.log

• Code cleanup

  • Removed WebUI and HTTP server implementation (except pieces required for the RzPipe http:// to work.
  • Removed the sandbox feature, donut printing, stiv (image preview), 2048 game
  • Removed scr.demo mode
  • Removed cfg.r2wars mode
  • Removed snow from Visual Panels mode
  • Removed function folding feature from Visual mode
  • Removed pdc pseudo decompiler in favor of RzGhidra and JSDec (URL)
  • Removed rz-patch tool (former rapatch2)
  • Removed citem (i. command)
  • Removed incomplete TTS support (cfg.fortunes.tts and scr.tts, also |T command)
  • Removed various outdated and unused scripts from sys/
  • Removed MinGW and Cygwin support from ACR/Makefiles
  • Removed Emscripten support
  • Removed (some of them moved to the book (URL)) various outdated documentation files from doc/
  • Removed the REIL support (aetr command)
  • Removed a2f analysis mode (analysis.a2f configuration variable)
  • Removed io.mmap plugin and rely on io.default implementation instead
  • Removed afc= command (use analysis.cc instead)
  • Removed afil command
  • Removed obsolete Windows debugging files (w32.[ch])
  • Removed unused callback.c
  • Removed filesystems mount support (m commands) and outdated GRUB code
  • Removed T commands (logging feature)
  • Removed u commands and Q alias
  • Removed ' and \ (both are an alias for =!) commands
  • Removed : commands
  • Removed p3 command (3D stereogram)
  • Removed /me command (IRC-like feature)
  • Removed support for the multiline comments (/* */)
  • Removed join, head, and less commands in favor of the ~ subcommands
  • Removed afc=, arS

• Refactoring

  • SDB switched to use submodule instead of embedding into the repository
  • Tree-sitter runtime switched to use submodule instead of embedding into the repository
  • Most of the JSON printing migrated to the PJ API
  • Extract subprocess API used in rz-test to RzUtil, as a preliminary step in re-using those API for all code paths that interact with a child process
  • Reduce coupling between RzCore and Tasks
  • Move seek history processing from RzIO to RzCore
  • Refactoring to reduce code duplication of all binutils-based disassembly and assembly plugins (CRIS, HPPA, Lanai, MIPS, PPC, SPARC plugins)
  • Remove global variables from rz-find tool
  • Set C99 as the minimum required C standard supported. C99 standard has been used to compile SDB for many years, so we are now just taking full advantage of the standard in the whole project.
  • Code style is unified and automated with clang-format tool, see sys/clang-format.py script.
  • License headers updated to use SPDX machine-friendly format
  • Use meson dist to create the source tarball and refactor building release artifacts and corresponding CI logic

• Assembly improvements

  • New PowerPC assembly plugin (asm.ppc)

• Analysis improvements

  The basic blocks module was completely rewritten resulting in speed and analysis quality improvements for all supported architectures.

  Detection of the changes upon write and and refreshing the function graph.

  Improved UTF-16 strings autodetection

  Added ESIL sign extension operator ~=

  The analysis of the following architectures was improved significantly:

  • AVR
  • SPC700
  • V850
  • RISC-V (including new asm.pseudo plugin)
  • ARM32 (mostly pseudocode and ESIL improvements, update arm.winedbg)
  • ARM64 (including the major fix for the variable access analysis and syscall support)
  • SystemZ (added calling convention support)
  • Tricore (added instruction descriptions, see asm.describe)
  • PowerPC (libvle updates)
  • x86 (ESIL updates)

• File formats

  • COFF: add ARMNT and ARM64 support
  • COFF: various small parsing fixes
  • Rewritten *.ar parsing to support multifile archives
  • PE and Windows minidump parsing fixes and performance optimizations
  • PE fixes for delayed imports
  • PE support for the RISC-V target
  • Print additional ELF headers with rz-bin -H option
  • Improvements for DWARF and PDB parsing and information import

• Debugger

  • WinDbg/KD fixes
  • FreeBSD and DragonFlyBSD fixes
  • dts (debug trace session and reversible debugging feature) improvements
  • Add support and autodetection of the RISC-V targets for the GDB remote server connection

• IO

  • Cache performance optimizations

• Tests

  • Add an option to store logs with rz-test (-o option)

• Misc:

  • Static builds are switched to use Alpine/Musl-based builds to not depend on the GLIBC version
  • Show all possible config variable values in the Ve menu